PunchOutAgentDocument CaptureDocsPricingBlogHow-to GuidesUse CasesGlossaryFAQAboutSign inJoin the waitlist

Privacy Policy

Last updated: April 22, 2026

1. Introduction

Zentriq Software (“we”, “us”, “our”) is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use Zentriq Agent for Microsoft Dynamics 365 Business Central, the Zentriq web dashboard, and the Zentriq PunchOut Chrome extension (collectively, the “Services”).

We comply with the Swiss Federal Act on Data Protection (nFADP), the EU General Data Protection Regulation (GDPR), and other applicable data protection laws.

2. Data Controller

The data controller is:

Zentriq Software
Sole proprietorship of Guillaume Fernandes
UID: CHE-228.383.878
Switzerland
Email: privacy@zentriqsoftware.com

3. Data We Collect

3.1 Account Information

When you sign in via Microsoft Entra ID, we receive:

  • Your name and email address
  • Microsoft account identifier
  • Organization/tenant information

3.2 Cart Data (PunchOut Extension)

When you capture a cart, the Chrome extension sends the page content to our AI parsing service. This data is:

  • Processed in real-time by Claude (Anthropic) to extract structured cart items
  • Not permanently stored — data is discarded after processing
  • Never used to train AI models

3.3 Business Central Data (Zentriq Agent)

When you interact with the Zentriq Agent chat embedded in Business Central, the following data flows occur:

Sent to our backend (zentriqsoftware.com):

  • The text of your messages and conversation history
  • Your Business Central tenant ID, environment name, and company name (used to authenticate API calls back to your BC instance)
  • The current record context if you opened the chat from an “Ask Zentriq” button (e.g. vendor number, customer number) — used so the assistant understands what you are looking at
  • Your authenticated email address

Sent to Anthropic (Claude):

  • Your message text and conversation history
  • BC data fetched on your behalf to answer your question (e.g. a list of open purchase orders, an item card) — only what is needed to answer the specific question

What is NOT sent:

  • We do not export your full BC database
  • We do not send credentials, passwords, or API keys
  • We do not use your data to train AI models — Anthropic’s zero data retention policy applies to our API usage

Storage and retention: Conversation history is stored in our PostgreSQL database (EU region) so you can resume past conversations. Conversations are retained until you delete them or close your account. You may request deletion at any time via privacy@zentriqsoftware.com.

3.4 Usage Data

We collect anonymous usage metrics (page views, feature usage, error rates) to improve our services. No personal data is included in analytics.

4. How We Use Your Data

  • Service delivery: To authenticate you, process cart captures, and provide the Zentriq Agent
  • Billing: To manage subscriptions via Stripe (we do not store card details)
  • Communication: To send service-related notifications (no marketing without consent)
  • Improvement: To analyze anonymized usage patterns and improve our services

5. Third-Party Processors

ServicePurposeLocation
Microsoft Entra IDAuthenticationEU/US
Anthropic (Claude)AI processingUS
StripePayment processingUS
VercelApplication hostingEU
NeonPostgreSQL database (conversation history)EU

6. Data Retention

We retain account data for the duration of your account. Cart data is processed in real-time and not retained. Usage logs are retained for 90 days. You can request account deletion at any time.

7. Your Rights

Under GDPR and nFADP, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data
  • Portability — receive your data in a structured format
  • Object — object to data processing
  • Withdraw consent — at any time, without affecting prior processing

To exercise your rights, email privacy@zentriqsoftware.com.

8. Cookies

We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies.

9. Security

We implement industry-standard security measures including TLS encryption in transit, encrypted storage at rest, regular security audits, and access controls.

10. Changes to This Policy

We may update this policy periodically. Significant changes will be communicated via email or in-app notification. Continued use of our Services constitutes acceptance of the updated policy.

11. Contact

For privacy-related inquiries, contact us at privacy@zentriqsoftware.com.