← Back to Home

Privacy Policy

Last updated: February 2026

1. HIPAA Compliance

Zen Director is committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA). We implement administrative, physical, and technical safeguards to protect the privacy and security of Protected Health Information (PHI). This includes:

  • Business Associate Agreements (BAAs) with all third-party service providers
  • Role-based access controls ensuring only authorized users can view PHI
  • Regular security audits and vulnerability assessments
  • Staff training on HIPAA requirements and data handling procedures
  • Incident response procedures for potential data breaches

2. Data Encryption

We use industry-standard encryption to protect your data at every stage:

  • In transit: All data transmitted between your device and our servers is encrypted using TLS 1.3 (Transport Layer Security).
  • At rest: All stored data, including session logs, messages, and personal information, is encrypted using AES-256 encryption.
  • Backups: Database backups are encrypted and stored in geographically redundant, secure facilities.

3. Data Sharing

We do not sell your personal information. We may share data only in the following circumstances:

  • Between client and counselor: Session data and messages are shared between matched client-counselor pairs as part of the Service.
  • Service providers: Trusted third parties that help us operate the platform (e.g., hosting, analytics), bound by confidentiality agreements.
  • Legal requirements: When required by law, subpoena, or to protect the rights and safety of our users.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you request account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., legal compliance, dispute resolution).

5. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your account and associated data.
  • Portability: Request your data in a commonly used, machine-readable format.
  • Restriction: Request that we limit how we process your data.

To exercise any of these rights, contact us at privacy@zendirector.com.

6. Cookies & Tracking

We use essential cookies to maintain your session and authentication state. We do not use third-party advertising cookies. Analytics cookies, if used, collect anonymized usage data to help us improve the platform experience.

7. Children's Privacy

Zen Director is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will promptly delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for material changes, notify you via email or a prominent notice on the platform.

9. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at our contact page or email privacy@zendirector.com.

© 2026 Zen Director. All rights reserved.