Introduction
ZeroBound LLC ("ZeroBound," "we," "us," or "our") operates the ZeroBound mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.
By using ZeroBound, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the App.
This Privacy Policy applies only to users in the United States. ZeroBound is available only to individuals 18 years of age or older.
Information we collect
Information you provide directly
Account information:
- Email address
- Name
- Account credentials (secured via Apple passkeys and biometrics stored locally on your device in Apple's Secure Enclave — we never have access to your biometric data)
Financial information:
- Debt account names
- Account balances
- Annual Percentage Rates (APRs)
- Minimum payment amounts
- Payment due dates
- Payment history you manually log
Information collected automatically
Usage data:
- App launches and session information
- When payments or debts are added or modified
- Feature usage patterns
- De-identified device information (iOS version, device type)
- Crash reports and diagnostic data
Information from third-party services
Plaid integration (Premium users only): When you choose to connect your financial accounts through Plaid, we collect:
- Account balances
- APRs and interest rates
- Minimum payment requirements
- Transaction history (for future feature enhancements)
Important: By connecting your accounts through Plaid, you agree to Plaid's End User Privacy Policy, which can be found at plaid.com/legal/#end-user-privacy-policy.
Plaid independently collects and processes your financial data according to their own privacy policy. We only receive the specific data elements listed above that are necessary for ZeroBound's debt payoff functionality.
How we use your information
We use the information we collect to:
1. Provide core services
- Calculate personalized debt payoff plans
- Track your debt elimination progress
- Generate payment schedules and projections
- Synchronize account balances (premium users)
- Process subscription payments through Apple
2. Improve the App
- Analyze usage patterns to enhance features
- Identify and fix technical issues
- Develop new functionality based on user needs
3. Communicate with you
- Send payment reminders (if enabled)
- Provide customer support
- Send important service announcements
- Share optional marketing communications (only if you opt in)
4. Legal and security
- Comply with legal obligations
- Protect against fraud and abuse
- Enforce our Terms of Service
Third-party services
Plaid
Plaid provides the secure connection between your financial institutions and ZeroBound. When you link accounts:
- You authorize Plaid to access your account information on your behalf
- Plaid shares only the specific data we request (balances, APRs, minimum payments, transactions)
- Account credentials are never shared with ZeroBound — they remain with Plaid
- You can revoke Plaid access at any time through the App or directly with your financial institution
For more information about Plaid's data practices, review their privacy policy at plaid.com/legal/#end-user-privacy-policy.
Apple StoreKit
Subscription payments are processed exclusively through Apple's App Store. We never handle payment card information directly. Apple provides us with only:
- Subscription status (active/expired)
- Subscription tier
- Receipt validation data
Apple's privacy practices are governed by their privacy policy available at apple.com/legal/privacy.
TelemetryDeck
We use TelemetryDeck for privacy-focused analytics. TelemetryDeck receives:
- De-identified usage events (app launches, feature usage)
- Device information (iOS version, device type)
- Crash reports and performance data
Important: All data sent to TelemetryDeck is anonymized and contains no personally identifiable information. TelemetryDeck cannot identify you as an individual user.
Learn more at telemetrydeck.com/privacy.
Mailchimp
We use Mailchimp to manage email communications, including:
- Waitlist notifications (pre-launch)
- Payment reminders (if you opt in)
- Optional product updates and tips (if you opt in)
You can unsubscribe from marketing emails at any time through the unsubscribe link in any email or through your App settings.
Mailchimp's privacy policy: intuit.com/privacy/statement.
Data security
We take the security of your data seriously and implement industry-standard practices:
Technical safeguards
- Encryption at rest: All personally identifiable information (PII) and financial data stored in our PostgreSQL databases is encrypted at rest
- Encryption in transit: All data transmitted between your device and our servers uses TLS 1.3 encryption
- Key management: Encryption keys are stored in HashiCorp Vault and rotated weekly
- Access controls: Strict access controls limit who can access user data
- Secure infrastructure: Our backend services run on DigitalOcean infrastructure in New York, USA with regular security updates and monitoring
Device-level security
- Passkey authentication: Your login credentials use Apple's passkey system with biometric authentication stored locally on your device in the Secure Enclave
- Local data: Sensitive authentication data never leaves your device
Regular backups
- All data is backed up to DigitalOcean's secure PostgreSQL infrastructure
- Backups are encrypted and stored in the same US region as production data
No security system is impenetrable. While we implement reasonable safeguards, we cannot guarantee absolute security. You are responsible for maintaining the security of your device and account credentials.
Data retention and deletion
Active accounts
We retain your data for as long as your account is active and as necessary to provide services, comply with legal obligations, resolve disputes, and enforce our agreements.
Account deletion
Important: Uninstalling the ZeroBound app from your device does NOT delete your account or data. Your account remains active on our servers until you explicitly delete it through the app settings.
To permanently delete your account and data, you must use the "Delete Account" feature in the app under Settings → Account.
When you delete your account:
- Immediate deletion: Your personally identifiable information (name, email) and all financial data (debts, balances, payment history) are immediately and permanently deleted from our systems through cascading database relations
- Plaid disconnection: Any Plaid connections are automatically revoked
- Subscription cancellation: Any active subscriptions through Apple are cancelled (though you may need to confirm cancellation through Apple's subscription management)
Anonymized data
After account deletion, we retain anonymized, aggregated analytics data collected through TelemetryDeck indefinitely. This data:
- Cannot be linked back to you as an individual
- Contains no personally identifiable information
- Is used only for product improvement and analytics
Backup retention
Deleted data may persist in encrypted backups for up to 30 days before being permanently purged from all systems.
Your privacy rights
California residents (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):
- Right to know: Request information about what personal information we collect, use, disclose, and sell
- Right to delete: Request deletion of your personal information (subject to certain exceptions)
- Right to opt-out: We do not sell your personal information
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us at [email protected].
All users
Regardless of location, you may:
- Access your data: View your account information and financial data within the App
- Delete your account: Permanently delete your account and data through the App settings (Settings → Account → Delete Account). Note: Simply uninstalling the app does not delete your data — you must use the in-app deletion feature. If you cannot access the app, email [email protected] for manual deletion.
- Export your data: Data export functionality will be available in a future update (not available at launch)
- Manage communications: Opt out of marketing emails at any time
- Revoke Plaid access: Disconnect your bank accounts at any time
Downgrading subscription
If you downgrade from Premium to Free:
- Your manually entered debt data is preserved
- Plaid connections are disconnected (you can reconnect if you upgrade again)
- You are limited to 3 debts and snowball method only per free tier restrictions
- No data is deleted — only feature access changes
Children's privacy
ZeroBound is intended only for users 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If we discover that we have collected information from someone under 18, we will delete it immediately.
If you believe we have inadvertently collected information from a minor, contact us at [email protected].
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:
- The "Last Updated" date at the top of this policy will be revised
- Material changes will be communicated through the App or via email
- Your continued use of ZeroBound after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
Do Not Track signals
Some browsers support "Do Not Track" (DNT) signals. Currently, there is no industry consensus on how to respond to DNT signals. ZeroBound does not respond to DNT signals, but we limit tracking to essential analytics as described in this policy.
International users
ZeroBound is currently available only to users in the United States. Our servers are located in New York, USA, and all data is processed and stored within the United States. By using ZeroBound, you consent to the transfer and processing of your data in the United States.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [email protected]
Mail: ZeroBound LLC
75 Park Street Suite 200 PMB 70033
Lewiston, ME 04240
United States
We will respond to privacy inquiries within 30 days.
Summary of key points
- We collect: Email, name, debt information, usage data
- We never see: Your banking passwords, biometric data, payment cards
- Premium users: Plaid securely connects your banks — review their privacy policy
- Security: Data encrypted at rest and in transit, keys rotated weekly
- Deletion: Delete your account anytime — data is immediately removed
- Analytics: Privacy-focused analytics via TelemetryDeck (no PII)
- No selling: We never sell your data to third parties
- USA only: Available only in the United States, 18+
Questions? Email [email protected]