ZENTRAIS LEGAL & COMPLIANCE HANDBOOK

Nov 15, 2026

Version 1.0 — Effective 11/15/2026

legal.handbook.scope.desc

  • Users
  • Investors
  • Partners
  • Regulators
  • Internal teams
  • Advisory/legal review

legal.handbook.scope.master

0. INTRODUCTION

legal.handbook.section0.desc

Zentrais is a human-AI ecosystem built on three pillars:

This handbook outlines how we protect users, comply with global laws, secure systems, govern AI, and operate with integrity. It also defines expectations for users, contributors, partners, and internal teams.

legal.handbook.section1.title

1.1 Terms of Service (Summary)

  • Defines user rights and responsibilities.
  • Covers eligibility, account use, prohibited behavior, AI limitations, termination, disclaimers, and liability limits.
  • Controls apply across Dialog, Perspective, and Exchange.

Full text maintained internally as the master reference.

1.2 Privacy Policy (Summary)

  • We collect minimal personal data required to operate safely.
  • No data sale. No behavioral ads. No exploitation.
  • Users retain ownership of their content.
  • Rights include access, deletion, correction, portability, and objection.
  • Global compliance: GDPR, CPRA, LGPD, PIPEDA, APPI.

1.3 Cookie Policy

  • Only essential and performance cookies used.
  • No advertising or cross-site tracking cookies.
  • Users can reject all non-essential cookies.

1.4 End User License Agreement (EULA)

  • Applies to iOS, Android, and progressive web apps.
  • Grants a limited personal license to use the app.
  • Covers updates, restrictions, device permissions, warranties, and termination.

1.5 Data Processing Agreement (DPA)

  • Zentrais = Processor; User = Controller.
  • Supports privacy rights globally.
  • Ensures encryption, sub-processor controls, international transfer safeguards, and breach notification within 72 hours.

2. SECURITY & DATA PROTECTION

2.1 Security Policy

Zentrais uses:

  • Zero Trust architecture
  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Role-based access control
  • Continuous monitoring
  • Regular penetration tests
  • Audits across infrastructure

Data backups are encrypted with geo-redundancy.

2.2 Internal Data Access Policy

  • Access granted strictly by job role.
  • All access is logged and continuously monitored.
  • Access is revoked immediately upon offboarding.

2.3 Responsible Disclosure / Bug Bounty

Security researchers may report vulnerabilities to:

security@zentrais.com

Rewards based on severity.

No extortion, no disruption, no unauthorized data access.

2.4 Data Retention Schedule (Summary)

Data TypeRetention
Account DataUntil account deletion
Messages/PostsUntil deleted or account closure
Logs30-180 days
Backups30-90 days
Support Tickets12-24 months
Verification Tokens24 hours or until confirmation

3. PLATFORM USE & BEHAVIOR

3.1 Acceptable Use Policy

Users must not:

  • Harass, harm, or impersonate others
  • Spread malware or attempt unauthorized access
  • Use bots to manipulate systems
  • Promote illegal activity
  • Intentionally spread misinformation
  • Disrupt platform integrity

Violations lead to warnings, restrictions, or termination.

3.2 Community Guidelines

Core expectations:

  • Respect others
  • Protect privacy
  • No hate, exploitation, or harmful content
  • No graphic violence
  • Participate with Integrity

3.3 Content Moderation Policy

Hybrid moderation system:

  • AI pre-screening
  • Human review for escalations
  • Enforcement ladder: warning → restriction → removal

Content categories include misinformation, hate speech, violence, spam, and fraud.

3.4 DMCA Policy

Copyright claims sent to:

dmca@zentrais.com

Must include:

  • Identification of copyrighted work
  • Identification of content
  • Good-faith statement
  • Authority statement
  • Signature

Counter-notices supported.

4. ARTIFICIAL INTELLIGENCE & ETHICS

4.1 Responsible AI Policy

Principles:

  • Human-first
  • Transparency
  • Fairness
  • Accountability
  • Privacy protection
  • Security

Zentrais AI does not:

  • Manipulate behavior
  • Profile sensitive attributes
  • Train on user identities
  • Sell or export user data

4.2 AI Model Disclosure (EU AI Act-Ready)

Zentrais AI systems are:

  • Transparent
  • Non-biometric
  • Non-surveillance
  • Non-manipulative
  • Audited regularly
  • Human-supervised
  • Explainable upon request

4.3 Safety Systems

Safety systems are in place to detect and prevent harmful AI outputs, with continuous monitoring and human oversight.

5. INTEGRITY ECONOMY & GOVERNANCE

5.1 Governance Charter

Defines how the Integrity Economy operates, including:

  • Verified contributions
  • Transparent scoring logic
  • Tokenized rewards (ZNT)
  • Oversight board
  • User appeal process

5.2 Zenzers Program Terms

States requirements for influencers and ambassadors:

  • Represent Zentrais truthfully
  • Use approved materials
  • Uphold Integrity standards
  • Avoid deceptive practices

Compensation may include tokens, recognition, or platform benefits.

6. COMPLIANCE & RISK MANAGEMENT

6.1 Third-Party Vendor Risk Framework

Lists requirements for all vendors:

  • GDPR and CPRA compliance
  • Security certifications (SOC2 / ISO 27001)
  • No data sale
  • Encrypted transfers
  • Signed DPA

Annual reviews are mandatory.

6.2 Global Privacy & Compliance Matrix

Specifically for the US (CPRA/CCPA):

  • Opt-out rights
  • Right to delete
  • Right to know

7. API & WHITE-LABEL LICENSING

7.1 Device Permissions

App may request:

  • Microphone
  • Notifications
  • Local storage
  • Network access

No background surveillance, no location tracking.

7.2 API & White-Label Licensing

Partners receive:

  • Non-exclusive API license
  • Strict data privacy obligations
  • No model extraction
  • No resale or redistribution

7.3 Contributor License Agreement (CLA)

Contributors grant Zentrais:

  • Rights to use, modify, and distribute submitted work
  • Patent license for contributions

Contributors confirm originality.

8. TRANSPARENCY & ACCOUNTABILITY

8.1 Transparency Report Template (Quarterly)

Reports include:

  • Moderation statistics
  • Security incidents
  • Government requests
  • User privacy requests
  • Integrity improvements
  • System reliability updates

8.2 Human Version of Privacy (Plain Words)

Your data is yours.

We don't sell it.

We don't track you across the web.

We only collect what's needed to run Zentrais safely.

You can delete everything whenever you want.

No secrets. No exploitation. Full transparency.

9. HANDBOOK GOVERNANCE

9.1 Updates

The Handbook may be updated to reflect:

  • Product changes
  • Regulatory changes
  • Security enhancements
  • New features
  • New AI frameworks

Material updates will be communicated.

9.2 Contact

Zentrais Legal & Compliance Office

legal@zentrais.com

privacy@zentrais.com

security@zentrais.com

FINAL NOTE

This Handbook reflects the foundation of Zentrais:

Truth. Trust. Transparency.

It ensures legal protection, ethical operation, user safety, and investor-level governance as we scale into a global ecosystem.