Terms of Use
Including: Platform Terms · AI Autonomous Mode · Data Processing Agreement · Liability Framework
Effective: June 2025 · Issued by: Growthsynth LLP
Important — read before using Zephra
By creating an account or using the platform, you enter a legally binding agreement with Growthsynth LLP covering all sections of this document. A single acceptance at signup binds you to all terms, including the AI Autonomous Mode provisions (Section 8), the Data Processing Agreement (Section 14), and the liability cap (Section 17). If you do not agree, do not use the platform.
1. Definitions+
In this Agreement, the following terms have the meanings given:
- "Agreement" means these Terms of Use in their entirety, including all Schedules, as updated from time to time.
- "Growthsynth LLP", "we", "us", "our" means Growthsynth LLP, a Limited Liability Partnership incorporated in India, operating the Zephra platform.
- "Zephra" means the AI-powered marketing intelligence and automation platform, all associated APIs, tools, services, and documentation provided at zephraai.com.
- "Customer", "you", "your" means the business entity or individual who creates an account. Where you act on behalf of a business, you warrant you have authority to bind it to this Agreement.
- "Authorised User" means an employee, contractor, or agent of the Customer permitted to use the platform under the Customer's account.
- "Customer Data" means all data, content, and information submitted to or processed by the platform by or on behalf of the Customer, including campaign data, business context, and audience data.
- "Connected Platform" means any third-party advertising, analytics, CRM, or email platform connected to Zephra by the Customer (see Schedule A for current list).
- "AI Decision" means any recommendation, automated action, or campaign execution output generated by Zephra's artificial intelligence systems.
- "Reasoning Audit Trail" means the log of every AI Decision, documenting the data signals reviewed, alternatives considered, and action taken or recommended.
- "Tokens" means the unit of consumption measuring AI-driven actions. Tokens are consumed when the AI builds, executes, or optimises on your behalf. Monitoring, audits, and recommendations do not consume tokens.
- "Platform Fees" means subscription fees paid to Growthsynth LLP for access to the Zephra platform. Platform Fees expressly exclude Token fees, advertising spend on Connected Platforms, and any third-party costs.
- "Supervised Mode" means the operational setting in which all significant AI Decisions are presented to the Customer for approval before execution. No action is taken without explicit Customer approval.
- "Autonomous Mode" means the operational setting in which Zephra executes certain pre-approved categories of action on Connected Platforms without requiring per-action approval, within parameters the Customer configures.
- "Hard Spend Cap" means the maximum total budget that Zephra is permitted to allocate or reallocate across all Connected Platform accounts within a Customer-configured 24-hour rolling period. Setting a Hard Spend Cap is a mandatory prerequisite for enabling Autonomous Mode.
- "Verified Technical Failure" has the meaning given in Section 17.4. It is a narrowly defined category of system failure — not campaign underperformance, not unexpected outcomes, and not disagreement with the AI's decisions.
- "Intellectual Property Rights" means all patents, copyrights, trademarks, trade secrets, database rights, and other intellectual property rights worldwide, registered or unregistered.
- "Personal Data" has the meaning given under applicable data protection law. In this Agreement it refers to personal data processed by Zephra on behalf of the Customer in the course of providing the platform services.
- "Sub-Processor" means any third-party engaged by Growthsynth LLP to process Personal Data in connection with providing the platform services (see Schedule C).
2. Acceptance — Single Approval at Signup+
2.1 One Acceptance Binds All Terms
At signup, the following three statements are displayed prominently above the acceptance checkbox, and form part of the acceptance:
(1) If you enable Autonomous Mode, Zephra will take actions on your live advertising accounts using real budget without your approval for each action.
(2) Growthsynth LLP's liability is limited to 3 months of Platform Fees only — it does not extend to advertising spend, token fees, or any third-party costs. See Section 17.
(3) You have a contractual obligation to regularly monitor the platform while Autonomous Mode is enabled. Failure to monitor reduces or eliminates any claim you may have. See Section 8.6.
By ticking the acceptance checkbox and completing account creation, you confirm that you have read, understood, and agree to be legally bound by this Agreement in its entirety. This single act constitutes your binding agreement to:
- All platform terms (Sections 1–13 and 22)
- The AI Autonomous Mode terms (Section 8) — including monitoring obligations and liability allocation
- The Data Processing Agreement (Section 14) — including your obligations as Data Controller
- The limitation of liability (Section 17) — including the Platform Fee cap
- All Schedules including the Connected Platforms page (Schedule A) and Sub-Processor page (Schedule C)
2.2 Acceptance on Behalf of a Business
If you create an account on behalf of a company or other legal entity, you represent and warrant that you have the legal authority to bind that entity to this Agreement. If you do not have such authority, you must not create an account.
2.3 Updates to this Agreement
We may update this Agreement from time to time to reflect changes in our platform, applicable law, or business practices. The following notification approach applies:
- Material changes to core Terms (pricing, liability, your rights): 30 days' prior email notice. You may close your account before the change takes effect without penalty.
- Changes required by applicable law: Effective from the date required by law. We will notify by email as soon as reasonably practicable.
- Updates to the sub-processor list (Schedule C): Per the two-tier system in Section 14.5. Email notification sent when the page is updated; no advance notice required for Tier 2 AI providers.
- Updates to the Connected Platforms list (Schedule A): No advance notice required for additions. Notice of removed integrations provided with reasonable advance where practicable.
- All other changes: Updated at /terms with revised Effective Date. No email notification required.
Continued use of the platform after the effective date of any change constitutes acceptance of the updated Agreement.
2.4 Minimum Age
You must be at least 18 years of age to use Zephra. By accepting this Agreement you confirm you meet this requirement.
3. The Zephra Platform — Description and Scope+
3.1 What Zephra Provides
Zephra is an AI-powered marketing intelligence and automation platform. Current services include, but are not limited to:
- Free campaign audit — analysis of connected ad account performance, identifying budget inefficiencies
- Context Engine — an AI intelligence profile of your business built from connected data sources
- Decision Engine — AI-generated campaign strategies, budget recommendations, and optimisation decisions
- Execution Layer — execution of approved or autonomously authorised actions on Connected Platforms
- Server-side conversion tracking and attribution
- Competitor intelligence monitoring using publicly available data
- The Founder's Brief — automated performance summaries
- Reasoning Audit Trail — a log of autonomous actions taken on your accounts
- Email marketing automation — creation, scheduling, and sending of marketing emails on your behalf to your contact lists, where this feature is enabled on your plan
- Social media management — AI-generated content, scheduled posting, and engagement actions on your connected social media accounts, where this feature is enabled
- Direct messaging — automated or AI-assisted messages sent on your behalf via Connected Platform messaging features, where this feature is enabled
Platform Expansion
Zephra is continuously expanding to cover additional marketing channels. Future services may include without limitation: SEO management, advanced email marketing, social media management, account-based marketing (ABM), CRM integration, content marketing, influencer marketing management, and additional advertising platforms. When new services are launched, they are governed by these Terms unless separate supplementary terms are published. We will notify active customers when significant new services become available.
Feature-Based Access
Not all services are available on all plans. The features available to you depend on your active feature selection. Services not included in your selected plan are not available to you unless you add them. Services listed as anticipated future capabilities create no contractual obligation to deliver by any specific date.
3.2 What Zephra Is Not
Zephra is not a financial advisor, investment advisor, or guarantor of advertising results. AI Decisions are generated based on available data and predictive models. Campaign performance depends on factors outside our control including market conditions, platform algorithm changes, audience behaviour, creative quality, and competitive activity. Nothing in this Agreement constitutes a warranty of specific results.
3.3 Platform Availability
We will use commercially reasonable efforts to maintain 99% platform availability in any calendar month, excluding scheduled maintenance, events of Force Majeure, and free-tier access. Scheduled maintenance will be notified at least 48 hours in advance where practicable. We do not guarantee uninterrupted or error-free operation.
3.4 Changes to the Platform
We may add, modify, or discontinue features at any time. For changes that materially reduce functionality available to paying subscribers, we will give 30 days' notice. Introduction of new features (including new Connected Platform integrations listed in Schedule A) does not require advance notice.
4. Account Registration and Security+
4.1 Registration
You must provide accurate, complete, and current information when creating your account, and maintain its accuracy throughout your use of the platform.
4.2 Account Security
You are solely responsible for the confidentiality of your account credentials and for all activity under your account. You must notify us immediately at hello@zephraai.com if you suspect unauthorised access.
4.3 Authorised Users
The Customer is responsible for ensuring all Authorised Users comply with this Agreement. The Customer is liable for the acts and omissions of its Authorised Users as if they were acts and omissions of the Customer.
5. Connected Platforms and Third-Party APIs+
5.1 Current Connected Platforms
The platforms currently available for connection to Zephra are listed in Schedule A at the end of this Agreement. Schedule A is a living document. We add and update Connected Platforms as integrations are built. The current version of Schedule A is always available at /sub-processors. Adding a new Connected Platform to Schedule A does not require a new Agreement — your acceptance at signup covers all current and future Connected Platforms listed in Schedule A.
5.2 Your Authorisation on Connection
When you connect a third-party platform account to Zephra, you:
- Authorise Growthsynth LLP to access, read, and (where applicable) write to that account on your behalf
- Represent that you own or have authority over that account and have the right to grant such permissions
- Acknowledge that Zephra will access and process data from that account as described in this Agreement
- Accept that the scope of access is defined by the permissions you grant during the OAuth authorisation flow
5.3 Compliance with Third-Party Platform Terms
YOU ARE SOLELY RESPONSIBLE FOR ENSURING YOUR USE OF ZEPHRA — INCLUDING ALL AI DECISIONS AND ALL DATA SHARING WITH CONNECTED PLATFORMS — COMPLIES WITH THE TERMS OF SERVICE, DEVELOPER POLICIES, ADVERTISING POLICIES, AND DATA SHARING POLICIES OF EVERY CONNECTED PLATFORM. We operate as your authorised agent within the permissions you grant. Third-party platforms may suspend or terminate your account for violations of their own policies, including violations caused by actions Zephra takes within permissions you granted. We are not liable for any such suspension, termination, or resulting loss.
5.4 Third-Party Platform Changes
Connected Platform APIs, policies, and permissions are outside our control and change without notice. We will use commercially reasonable efforts to maintain integrations but cannot guarantee uninterrupted integration with any third-party platform. We are not liable for loss caused by third-party platform API changes, outages, or policy changes.
5.5 Revocation of Access
You may revoke Zephra's access to any Connected Platform at any time from your account settings. We recommend disabling Autonomous Mode for that account before revoking access to prevent incomplete action sequences.
5.6 Email Marketing, Social Media, and Messaging Features
Where Zephra provides email marketing, social media management, or direct messaging features on your behalf, the following applies:
- You are the sender of all emails, social media posts, and messages sent through Zephra. Growthsynth LLP is the technical agent acting on your instructions.
- You are solely responsible for compliance with all applicable email marketing, messaging, and social media laws in every jurisdiction where your recipients are located, including but not limited to: CAN-SPAM Act (USA), Canada's Anti-Spam Legislation (CASL), UK PECR, India IT Act 2000 and amendments, and platform-specific messaging policies.
- You warrant that you have obtained all necessary consents from recipients before sending marketing emails, direct messages, or automated communications through Zephra.
- All emails sent through Zephra on your behalf must include a functional unsubscribe mechanism. You are responsible for honouring unsubscribe requests promptly.
- Social media posting: by connecting a social media account and enabling posting features, you authorise Zephra to publish content to that account on your behalf, within the approval settings you configure (manual approval, scheduled, or autonomous). You are responsible for all content posted and for compliance with each platform's terms of service.
- Direct messaging: platform-specific messaging rules apply (including LinkedIn InMail limits, Instagram DM restrictions, and equivalent). You are responsible for compliance with those rules. Zephra is not liable for account restrictions imposed by social platforms due to your messaging activity.
GROWTHSYNTH LLP IS NOT LIABLE FOR: (A) SPAM COMPLAINTS, REGULATORY ACTIONS, OR PLATFORM RESTRICTIONS ARISING FROM YOUR EMAIL MARKETING OR MESSAGING PRACTICES; (B) CLAIMS BY RECIPIENTS THAT THEY DID NOT CONSENT TO RECEIVE MESSAGES; (C) YOUR FAILURE TO INCLUDE REQUIRED DISCLOSURES IN MARKETING EMAILS; OR (D) VIOLATIONS OF PLATFORM MESSAGING POLICIES. ALL OF THE ABOVE ARE YOUR RESPONSIBILITY AS THE SENDER.
5.7 Advertising Data Sharing — Your Warranties as Data Controller
Zephra enables sharing of certain data with Connected Platforms for advertising measurement, targeting, and attribution purposes. These features include conversion event tracking, server-side pixel signals, hashed audience uploads (Customer Match / Custom Audiences), and campaign performance signal sharing. By using these features, you make the following warranties:
- You are the data controller for all personal data relating to your end users (your website visitors, customers, and contacts) that is processed or transmitted by Zephra on your behalf
- You have obtained all necessary consents, established all necessary lawful bases, and complied with all applicable data protection laws required to share your end users' data with Connected Platforms for advertising targeting, measurement, and attribution purposes
- You have provided your end users with appropriate privacy notices disclosing that their data may be shared with third-party advertising platforms for targeting and measurement purposes
- Where applicable, you have implemented a "Do Not Sell or Share My Personal Information" mechanism on your website or application as required by California law (CPRA) and equivalent laws
- You have accepted and comply with the data sharing terms of each Connected Platform, including Google's Customer Match Policy, Meta's Custom Audiences Terms, and equivalent policies of any other Connected Platform
- You have configured consent signals (Google Consent Mode, Meta Data Processing Options, and equivalents) correctly in your Zephra tracking implementation
GROWTHSYNTH LLP IS NOT RESPONSIBLE FOR: (A) ANY CLAIM BY YOUR END USERS THAT THEIR DATA WAS SHARED WITH A CONNECTED PLATFORM WITHOUT APPROPRIATE CONSENT OR LAWFUL BASIS; (B) ANY ENFORCEMENT ACTION BY A DATA PROTECTION AUTHORITY ARISING FROM YOUR FAILURE TO HAVE A LAWFUL BASIS FOR ADVERTISING DATA SHARING; (C) ANY SUSPENSION OR RESTRICTION OF YOUR CONNECTED PLATFORM ACCOUNTS DUE TO NON-COMPLIANCE WITH THOSE PLATFORMS' DATA SHARING POLICIES; OR (D) ANY CONSEQUENCES OF INCORRECTLY CONFIGURED CONSENT SIGNALS. ALL OF THE ABOVE ARE THE SOLE RESPONSIBILITY OF THE CUSTOMER AS DATA CONTROLLER.
5.8 Independent Controller Status
Once data is transmitted to a Connected Platform (Google, Meta, or any other), that platform processes the data under its own privacy policy and as an independent data controller. Growthsynth LLP is not a joint controller with any Connected Platform. Growthsynth LLP has no control over, and accepts no responsibility for, how Connected Platforms use, retain, or further process data they receive. The relevant privacy policies are:
- Google: policies.google.com/privacy
- Meta: facebook.com/privacy/policy
- Other Connected Platforms: as published on their respective websites
6. AI Decisions — Nature, Transparency, and Your Responsibilities+
6.1 How AI Decisions Are Generated
AI Decisions are generated by Zephra's Decision Engine using:
- Campaign performance data from your Connected Platforms
- Business context you have provided
- Historical data patterns and predictive modelling
- AI model inference from one or more of the providers listed in Schedule C
6.1a Human Oversight of AI Operations
Growthsynth LLP staff may periodically review the performance of Autonomous Mode operations and adjust the AI system's operating parameters — including decision thresholds (how confident the AI must be before taking an action), signal weighting (how much weight is given to different data inputs), and action logic (the rules the AI uses to select between options) — as and when needed to improve accuracy, safety, and platform performance. This is system-level maintenance and improvement of the AI. Where you have enabled Autonomous Mode, our Performance Specialists may manually intervene to adjust your account-specific campaign settings as described in Section 8.8.
Your configured parameters — your Hard Spend Cap, Action Type Restrictions, and any other account-level settings you have set — are controlled by you. Growthsynth LLP does not alter your account-specific configuration without your knowledge. If manual intervention occurs, it is logged in the Reasoning Audit Trail.
Growthsynth LLP's right to maintain, update, and improve the AI Decision system, including through human review and specialist intervention, is inherent in its obligation to provide the platform described in Section 3. This oversight activity is disclosed in the Privacy Policy (Section 6.3a).
6.2 AI Model Providers
Zephra's AI capabilities are powered by models from one or more providers, currently including OpenAI, Anthropic, Google AI (Gemini), and Groq. The current list is maintained in real time at /sub-processors (Schedule C). The list may change as the AI landscape evolves; changes are notified by email per Section 14.5.
Under the standard API terms published by each provider, data submitted via their API is not used to train their general-purpose models by default. Growthsynth LLP relies on these published standard terms — we have not entered into separately negotiated data processing agreements with AI model providers. We cannot independently verify each provider's internal data practices beyond what their published terms state, and those terms may change. We monitor for material changes to provider terms and will update Schedule C and notify customers if the training-use position changes for any provider.
6.3 Reasoning Audit Trail
Every AI Decision — whether a recommendation or an autonomous action — is logged in the Reasoning Audit Trail, which records: the data signals that triggered the decision, alternatives considered, and confidence level. The Reasoning Audit Trail is accessible within your account at all times and retained for 12 months. You agree to review it regularly.
6.4 Reasoning Audit Trail — Limitation of Warranty
The Reasoning Audit Trail is provided as a transparency and monitoring tool. Growthsynth LLP will use commercially reasonable efforts to ensure the accuracy, completeness, and availability of the Reasoning Audit Trail but does not warrant that it will be complete, uninterrupted, or free from error at all times.
In particular:
- The unavailability, incompleteness, or inaccuracy of the Reasoning Audit Trail does not by itself establish a Verified Technical Failure or give rise to any liability on the part of Growthsynth LLP
- The Customer's monitoring obligation under Section 8.6 applies regardless of whether the Reasoning Audit Trail is fully operational at any given moment
- Customers are strongly advised to maintain their own independent records of Connected Platform account performance — including regular exports from their ad account dashboards — as a primary and independent source of campaign data
- Growthsynth LLP implements backup systems and integrity checks on Reasoning Audit Trail data, but these do not eliminate the risk of data loss or corruption
6.5 Limitations of AI
You acknowledge that:
- AI systems may make errors, produce unexpected outputs, or fail to account for information not provided
- AI Decision quality depends directly on the quality and completeness of data connected and context provided
- Past AI Decision accuracy is not a guarantee of future performance
- No AI Decision constitutes a guarantee of campaign performance, ROAS improvement, or profitable outcome
- AI model capabilities may change as we update or change AI providers listed in Schedule C
7. Supervised Mode+
7.1 How It Works
In Supervised Mode, all significant AI Decisions are presented to you for review and approval before execution. No action is taken on your Connected Platforms without your explicit approval of that specific action.
7.2 Your Responsibility on Approval
By approving an AI Decision in Supervised Mode, you:
- Confirm you have reviewed the Reasoning Audit Trail entry for that decision
- Accept responsibility for the decision and its consequences
- Authorise Growthsynth LLP to execute that specific action on your behalf
- Acknowledge that your approval constitutes a documented instruction to the Processor under Section 14
7.3 No Liability for Approved Actions
GROWTHSYNTH LLP ACCEPTS NO LIABILITY FOR ANY OUTCOME — INCLUDING AD SPEND, CAMPAIGN UNDERPERFORMANCE, OR ROAS REDUCTION — RESULTING FROM AI DECISIONS YOU HAVE EXPLICITLY APPROVED IN SUPERVISED MODE. APPROVAL TRANSFERS FULL RESPONSIBILITY TO YOU.
8. Autonomous Mode — Full Terms, Activation, and Monitoring Obligations+
THIS SECTION GOVERNS AUTONOMOUS AI EXECUTION ON YOUR LIVE ADVERTISING ACCOUNTS. IT ALLOCATES RISK AND LIABILITY BETWEEN YOU AND GROWTHSYNTH LLP. READ EVERY SUBSECTION CAREFULLY BEFORE ENABLING AUTONOMOUS MODE.
8.1 The Core Principle
Growthsynth LLP provides the tool. You configure and control it. You are responsible for the financial consequences of all actions the tool takes within the parameters you set. Growthsynth LLP is responsible for ensuring the tool operates within those parameters. Where a Verified Technical Failure causes the tool to act outside them, our liability is limited as described in Section 17.4 — capped at 3 months of Platform Fees.
8.2 What Autonomous Mode Does
When enabled, Autonomous Mode allows Zephra to:
- Reallocate budget between ad sets, campaigns, or audiences within your configured Hard Spend Cap
- Adjust bids within percentage limits you configure
- Rotate creatives based on performance signals
- Pause underperforming ad sets within parameters you configure
- Execute any other action categories you explicitly enable in your Autonomous Mode settings
Autonomous Mode does NOT — regardless of configuration — create new campaigns, increase your total Connected Platform account budgets, or spend money held by Growthsynth LLP. All actions occur within budgets that exist in your Connected Platform accounts.
8.3 The Platform Does Not Hold or Spend Your Money
An important protection: Zephra does not hold your advertising budget. It takes actions within your Connected Platforms (Meta Ads, Google Ads, etc.) using budget that exists in those platforms. Your budget is held by the platform provider — not by Growthsynth LLP. The maximum possible financial exposure from any Autonomous Mode malfunction is therefore bounded by the unspent budget in your Connected Platform accounts. Setting sensible campaign budgets in your Connected Platforms directly provides an independent, platform-enforced spending limit that operates regardless of Zephra.
8.4 Mandatory Pre-Activation Requirements
Autonomous Mode CANNOT be enabled until all of the following are configured:
REQUIREMENT 1 — Hard Spend Cap: You must set a Hard Spend Cap for each ad account to be managed autonomously. This is the maximum total budget Zephra may allocate or reallocate within any 24-hour rolling period across all actions on that account. There is no default — you must set this figure explicitly. Zephra will not activate Autonomous Mode for an account without a configured Hard Spend Cap.
REQUIREMENT 2 — Action Type Restrictions: You must select which categories of action Zephra may take autonomously. Any action category not explicitly enabled requires Supervised Mode approval regardless of Autonomous Mode status.
REQUIREMENT 3 — Supervised Mode Review Period (Strongly Recommended): We strongly recommend reviewing at least 7 days of Supervised Mode AI Decisions for the relevant account before enabling Autonomous Mode. This allows you to understand how the system makes decisions for your specific campaigns and strengthens your ability to monitor effectively. This requirement is waivable — if you choose to enable Autonomous Mode without a supervised review period, you must tick the waiver checkbox in the confirmation screen. The waiver increases your personal risk exposure and reduces any claim you may have against Growthsynth LLP in the event of unexpected autonomous actions.
REQUIREMENT 4 — Monitoring Assignment: You must designate a responsible individual who will fulfil the daily and weekly monitoring obligations in Section 8.6. This person's name is logged in your account settings.
8.5 Activation Acknowledgement — Mandatory Confirmations
Before Autonomous Mode is activated, the platform will display a confirmation screen requiring you to tick each of the following confirmations. Autonomous Mode cannot be enabled without completing all confirmations. These confirmations are logged with a timestamp and your user ID.
- ☐ I have set a Hard Spend Cap for each account to be managed autonomously, and I accept sole responsibility for the appropriateness of those cap levels.
- ☐ I have configured Action Type Restrictions and I accept that Zephra will act autonomously only within those categories.
- ☐ I understand that Autonomous Mode will execute actions on my live advertising accounts using real advertising budget, without requiring my approval for each action.
- ☐ I have reviewed at least 7 days of Supervised Mode recommendations for this account and am satisfied with the system's decision-making approach — OR — I am enabling Autonomous Mode without a supervised review period and I accept that this increases my risk exposure and reduces any claim I may have against Growthsynth LLP.
- ☐ I accept that Growthsynth LLP is not responsible for campaign performance outcomes (ROAS, CPL, conversion volume, audience reach) resulting from autonomous actions taken within my configured parameters.
- ☐ I accept the monitoring obligations in Section 8.6 — I must log into the platform and review the Reasoning Audit Trail at minimum every 2 business days while Autonomous Mode is enabled. Failure to monitor as required will reduce or eliminate any claim I may have against Growthsynth LLP.
- ☐ I accept that Growthsynth LLP's entire liability for any Autonomous Mode incident is limited to the amounts described in Section 17.4, and that this liability is capped at 3 months of Platform Fees paid — expressly excluding Token fees and advertising spend.
- ☐ I accept that Growthsynth LLP specialists may manually monitor and modify my campaign parameters at their discretion to optimise performance or mitigate risk, as described in Section 8.8. I understand that the Reasoning Audit Trail is the sole and authoritative record of these changes.
- ☐ I understand that the existence of a software bug does not automatically create liability on the part of Growthsynth LLP — I must demonstrate a Verified Technical Failure as defined in Section 17.4 and comply with the reporting requirements in Section 8.7.
8.6 Mandatory Monitoring Obligations
THE MONITORING OBLIGATIONS IN THIS SECTION ARE CONTRACTUAL REQUIREMENTS. FAILURE TO COMPLY CONSTITUTES A FAILURE TO MITIGATE LOSS. GROWTHSYNTH LLP'S LIABILITY WILL BE REDUCED IN PROPORTION TO — AND MAY BE ELIMINATED BY — THE CUSTOMER'S FAILURE TO MONITOR AS REQUIRED.
In-Platform Monitoring (minimum every 2 business days)
While Autonomous Mode is enabled, the designated monitoring individual must log into the Zephra platform and review the Reasoning Audit Trail at minimum once every 2 business days. The platform provides real-time access to all autonomous actions taken on all connected accounts. This review must be performed by a human being — it cannot be delegated to an automated process.
During each review, the individual must:
- Review all autonomous actions recorded in the Reasoning Audit Trail since the last review
- Review all [Specialist Override] entries in the Reasoning Audit Trail. Any manual intervention not objected to within 2 business days is deemed accepted and approved by the Customer.
- Confirm all actions are consistent with configured parameters and Action Type Restrictions
- Confirm that spend is within expected ranges given the configured Hard Spend Cap
- Review any actions flagged as anomalies within the platform
Upon Detection of Any Anomaly (platform alert or self-identified)
- Immediately review the flagged action in the Reasoning Audit Trail
- If the action appears inconsistent with configured parameters: disable Autonomous Mode for that account immediately
- Contact hello@zephraai.com within 24 hours with details of the suspected issue
- Preserve all available evidence including Reasoning Audit Trail entries and Connected Platform account data
8.7 Duty to Report and Mitigate
If the Customer identifies — or by complying with Section 8.6 should have identified — any of the following:
- An autonomous action that appears to exceed the configured Hard Spend Cap
- An autonomous action of a type not within configured Action Type Restrictions
- A pattern of decisions inconsistent with the Customer's objectives or configured parameters
- Any unexpected, unintended, or anomalous behaviour by the platform
The Customer must immediately:
- Disable Autonomous Mode for the affected account
- Contact hello@zephraai.com within 24 hours per Section 8.6
8.8 Specialist Performance Monitoring and Intervention
By enabling Autonomous Mode, you acknowledge and agree that Growthsynth LLP performance specialists may, at their sole discretion and on a case-by-case basis, monitor your campaigns. Where deemed necessary by Growthsynth LLP to improve campaign performance, mitigate results-reducing changes, or prevent budget waste, our specialists may manually modify your campaign parameters, including those previously configured by you. You acknowledge that such intervention is not guaranteed, is performed only when deemed necessary by us, and is a condition of using Autonomous Mode. Any such manual intervention is performed as an exercise of professional judgement call made in good faith to support Customer objectives. Growthsynth LLP accepts no liability for the financial outcome (positive or negative) of such manual interventions, which are expressly excluded from the definition of a Verified Technical Failure.
- Report the issue to hello@zephraai.com with the subject "Autonomous Mode Report — [Account Name]" within 24 hours of identifying the issue
- Provide all relevant evidence including the Reasoning Audit Trail entries, Connected Platform spend reports, and a description of the unexpected behaviour
FAILURE TO REPORT WITHIN 24 HOURS OF IDENTIFICATION — OR FAILURE TO IDENTIFY AN ISSUE THAT WOULD HAVE BEEN IDENTIFIED BY COMPLIANCE WITH SECTION 8.6 — CONSTITUTES A FAILURE TO MITIGATE. CLAIMS FOR LOSS THAT OCCURRED DURING A PERIOD WHERE THE CUSTOMER FAILED TO MONITOR OR FAILED TO ACT PROMPTLY UPON IDENTIFYING AN ISSUE WILL NOT BE ACCEPTED.
8.9 Switching Modes
You may switch from Autonomous Mode to Supervised Mode at any time from your account dashboard. The switch takes effect immediately. Actions already queued for execution at the time of the switch will be completed; no new autonomous actions will be initiated after the switch.
8.10 Autonomous Mode and Bugs
All software contains bugs. You acknowledge that Zephra may, from time to time, behave unexpectedly due to bugs or system errors. The allocation of risk in this Section and Section 17 reflects this reality:
- Our obligation is to fix reported bugs promptly and take commercially reasonable steps to prevent bugs from causing financial harm
- The monitoring obligations in Section 8.6 are designed to catch any bug-related anomaly within 24 hours before it causes material loss
- A Customer who monitors as required will, in practice, be exposed to at most 24 hours of unexpected autonomous action before they can disable the mode
- The existence of a bug does not automatically establish liability — the Customer must demonstrate a Verified Technical Failure as defined in Section 17.4
The best protection against any bug-related loss is your daily review of the autonomous action summary. A 5-minute daily review is your primary safeguard. The Reasoning Audit Trail, the Founder's Brief, and our Anomaly Alert system are your secondary safeguards. Growthsynth LLP's liability cap is your final safety net.
8.11 Customer Warranties for Autonomous Mode
By enabling Autonomous Mode, the Customer additionally warrants that:
- It has authority to authorise AI systems to take actions on its Connected Platform accounts
- It has configured Hard Spend Caps and Action Type Restrictions that reflect its actual risk tolerance
- It will maintain the monitoring regime in Section 8.6 for as long as Autonomous Mode is enabled
- It has informed all relevant stakeholders that autonomous AI actions are being taken on its advertising accounts, and that those stakeholders understand the platform monitoring obligation in Section 8.6
8.12 AI Service Disclaimer; Duty to Verify
Zephra is powered by artificial intelligence, which is inherently probabilistic and may, from time to time, produce inaccurate, incomplete, or otherwise incorrect outputs ("Mistakes"). While we have implemented multi-layer guardrails to minimize these occurrences, you acknowledge that AI can make mistakes and you agree to double-check all AI Decisions, recommendations, and Reasoning Audit Trail entries. The onus is solely on you to verify the appropriateness of any action before or after it is executed on your Connected Platforms.
9. Fees, Billing, and Payment+
9.1 Pricing Structure
Zephra uses a feature-based pricing model. You select the features you want and pay based on your active feature selection. The following pricing components apply:
- Platform Fees (feature-based subscription): Monthly or annual fees determined by the features you have selected and activated. Your Platform Fee may increase when you add features and decrease when you remove them (effective at next billing cycle). Platform Fees are the only component counted towards the liability cap in Section 17.3.
- Token Packages (usage-based): Tokens are purchased in packages and consumed when the AI takes action on your behalf. Token costs are shown before approval in Supervised Mode. Token packages are non-refundable on purchase — see Section 9.6. Token fees are expressly excluded from the liability cap.
- Free Tier: The free campaign audit and any other free-tier features are provided without charge and may be modified or discontinued with 14 days' notice.
Current pricing for each feature selection is displayed on the platform pricing page and may be updated in accordance with Section 9.5.
9.2 Founding Customer Pricing
Customers who join during the founding customer period receive pricing locked at the rates agreed at sign-up. Locked pricing applies to the Platform Fee and token rate structure in place at sign-up. It does not prevent introduction of new feature tiers or pricing for capabilities not available at sign-up.
9.2a Subscription Auto-Renewal
Subscription plans renew automatically at the end of each billing cycle (monthly or annual, as selected) at the then-current rate applicable to your plan. We will send a renewal reminder email at least 7 days before each renewal date. You may cancel at any time before the renewal date from Settings → Subscription to prevent the next renewal charge. Cancellation takes effect at the end of the current billing period — you retain full access until then.
9.3 Payment Processing
Payments are processed by Stripe Inc. (international customers) and/or Razorpay Software Pvt. Ltd. (Indian customers). By providing payment details, you authorise the relevant processor to charge your payment method per your selected plan. Payment card details are never stored by Growthsynth LLP.
9.4 Taxes
All fees are exclusive of applicable taxes. Indian customers will be charged GST as required. International customers are responsible for applicable taxes in their jurisdiction.
9.5 Price Changes
We may change pricing for new customers at any time. For existing paying subscribers, we provide 30 days' prior notice of increases. If you do not accept a price increase, you may cancel before the new price takes effect.
9.6 Refunds
Platform Fees (subscription/feature fees) are non-refundable except as required by applicable law.
Token packages are non-refundable on purchase, regardless of whether tokens have been consumed. By purchasing a token package, you accept that the purchase is final. Exception: if Growthsynth LLP permanently discontinues the Zephra platform, unconsumed token package value will be refunded on a pro-rata basis within 30 days of the discontinuation date.
Indian customers retain any rights to refunds that cannot be excluded under the Consumer Protection Act 2019. If you believe you are entitled to a refund under applicable consumer law, contact hello@zephraai.com.
9.7 Non-Payment and Suspension
If a scheduled payment fails, we will send a notification to your registered email address. If payment is not received within 24 hours of that notification, we may suspend access to the platform without further notice.
We will attempt to contact you by email before and at the time of suspension. Suspension does not delete your data — all data is retained in accordance with our Privacy Policy during the suspension period.
If payment is received within 30 days of suspension, access will be restored. If payment is not received within 30 days of suspension, we may terminate the account. On termination, data deletion follows our Privacy Policy retention schedule.
10. Intellectual Property+
10.1 Our IP
Growthsynth LLP owns all Intellectual Property Rights in the Zephra platform, its software, architecture, AI models, algorithms, user interface, brand, and documentation. Nothing in this Agreement transfers any platform IP to you.
10.2 Licence to You
Subject to compliance with this Agreement and payment of applicable fees, we grant you a non-exclusive, non-transferable, revocable, limited licence to access and use the platform for your internal business purposes during the term of your account.
10.3 Your Data
You retain ownership of all Customer Data. You grant us a limited, non-exclusive licence to access, process, and use Customer Data solely to provide the Zephra service. We acquire no ownership rights in Customer Data.
10.4 Feedback
Feedback, suggestions, or ideas you provide about the platform may be used by us for any purpose, including product improvement, without obligation or compensation.
10.5 Restrictions
- Do not copy, modify, distribute, sell, or sublicence the platform or any part of it
- Do not reverse engineer or attempt to extract source code
- Do not use the platform to build a competing product
- Do not scrape or systematically extract data from the platform outside authorised APIs
- Do not remove any proprietary notices or branding
10.6 Anonymised Data; AI Training and Benchmarking
11. Acceptable Use+
11.1 Permitted Use
You may use Zephra only for lawful business marketing and advertising purposes in compliance with this Agreement and all applicable laws.
11.2 Prohibited Uses
You must not use Zephra for:
- Any unlawful purpose or in violation of any applicable law or regulation
- Advertising, promoting, or distributing illegal products, services, or content
- Fraudulent advertising, ad click fraud, or impression fraud
- Violating the terms of service of any Connected Platform
- Infringing the Intellectual Property Rights of any third party
- Processing personal data in violation of applicable data protection laws
- Targeting advertising at minors in violation of applicable laws
- Introducing malware, viruses, or harmful code into the platform
- Attempting unauthorised access to the platform or other customers' accounts
- Any use that could damage, disable, or impair platform performance
11.3 Enforcement
We may suspend or terminate your account immediately for material violations of this Section, with notice where legally permissible.
11.4 Fair Use
The platform is designed for genuine marketing management use. You must not use automated scripts, bots, or tools to generate AI Decisions at volumes exceeding normal business use, to scrape or extract data at scale, or to use the platform in any way that disproportionately burdens our infrastructure. We reserve the right to throttle, suspend, or apply additional charges to accounts whose usage materially exceeds normal patterns for their plan tier. We will notify you before applying additional charges and give you the opportunity to adjust usage.
12. Confidentiality+
12.1 Mutual Obligation
Each party will keep confidential all information received from the other party that is marked confidential or that a reasonable person would consider confidential. This does not apply to information that: (i) is or becomes publicly available without breach; (ii) was already known to the receiver; (iii) is independently developed; or (iv) is required by law to be disclosed.
12.2 Customer Data
We treat all Customer Data, campaign performance data, and business context as your Confidential Information and will not disclose it to third parties except as described in this Agreement, our Privacy Policy, or as required by law.
13. Warranties and Representations+
13.1 Mutual Warranties
- Each party has legal power and authority to enter into this Agreement
- Each party will comply with all applicable laws in performing its obligations
13.2 Our Warranties
- The platform will perform materially as described in our documentation under normal use conditions
- We will implement and maintain reasonable security measures appropriate to the data processed
- We will not knowingly include malicious code in the platform
13.3 Your Warranties
- All information you provide is accurate and complete
- You have all necessary rights to Customer Data and to grant us the licences in this Agreement
- Your use of the platform complies with applicable laws and Connected Platform terms
- You are authorised to connect all third-party accounts you connect to Zephra
13.4 Disclaimer
EXCEPT AS STATED IN SECTION 13.2, THE PLATFORM IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT ANY WARRANTY. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, GROWTHSYNTH LLP DISCLAIMS ALL WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE PLATFORM WILL MEET YOUR SPECIFIC REQUIREMENTS, THAT AI DECISIONS WILL BE ACCURATE OR PROFITABLE, OR THAT CAMPAIGN PERFORMANCE WILL IMPROVE AS A RESULT OF USING THE PLATFORM.
14. Data Processing Agreement — Incorporated Herein+
This Section 14 constitutes a Data Processing Agreement (DPA) between Growthsynth LLP (Processor) and the Customer (Controller) within the meaning of GDPR Article 28, UK GDPR Article 28, and equivalent provisions under applicable data protection law. It is effective from the moment of account creation and forms part of this Agreement. No separate signature or acceptance is required.
14.1 Roles
The Customer is the Data Controller — it determines the purposes and means of processing Personal Data. Growthsynth LLP is the Data Processor — it processes Personal Data only on the Controller's documented instructions as set out in this Agreement. Growthsynth LLP is also the Data Controller for its own customer account data (name, email, billing) — this is governed by our Privacy Policy at https://zephraai.com/privacy.
14.2 What Zephra Processes on Your Behalf (as Processor)
Zephra processes the following Personal Data on behalf of the Customer as Processor:
- Website visitor event data collected via server-side tracking deployed by the Customer (pseudonymised)
- Contact and customer data from Connected Platforms authorised by the Customer (email lists, CRM audiences)
- Conversion and attribution data generated by the Customer's advertising campaigns
Zephra does not intentionally process special categories of Personal Data. The Customer must not use Zephra to process such data and must configure tracking to exclude it.
14.3 Processing Only on Instructions
Growthsynth LLP will process Personal Data only on the Customer's documented instructions. The Customer's use of the platform — connecting accounts, enabling features, configuring settings — constitutes documented instructions. If applicable law requires processing that conflicts with those instructions, we will inform the Customer before processing (unless legally prohibited from doing so).
14.4 Controller's Responsibility
THE CUSTOMER IS SOLELY RESPONSIBLE FOR THE LAWFULNESS OF ITS INSTRUCTIONS AND FOR HAVING ALL NECESSARY LAWFUL BASES, CONSENTS, AND RIGHTS TO INSTRUCT GROWTHSYNTH LLP TO PROCESS THE PERSONAL DATA DESCRIBED ABOVE, INCLUDING ALL INSTRUCTIONS TO SHARE DATA WITH CONNECTED PLATFORMS FOR ADVERTISING PURPOSES. GROWTHSYNTH LLP DOES NOT VERIFY WHETHER THE CUSTOMER'S INSTRUCTIONS COMPLY WITH APPLICABLE DATA PROTECTION LAW. THE CUSTOMER INDEMNIFIES GROWTHSYNTH LLP AGAINST ANY CLAIM, FINE, OR PENALTY ARISING FROM THE CUSTOMER'S FAILURE AS DATA CONTROLLER.
For the avoidance of doubt, in relation to advertising data sharing:
- The Customer is the data controller for its end users' personal data shared with Connected Platforms
- Growthsynth LLP is the data processor, acting only on the Customer's documented instructions when transmitting data to Connected Platforms
- Connected Platforms (Google, Meta, and others) are independent data controllers once they receive data — they are not sub-processors of Growthsynth LLP for this purpose
- Growthsynth LLP is not a joint controller with any Connected Platform
- The Customer's obligation to comply with Connected Platform data policies (Section 5.6) is a condition of using Zephra's advertising data sharing features
14.5 Sub-Processors — Notification System
The Customer grants general written authorisation for Growthsynth LLP to engage sub-processors. The following system applies to all sub-processor changes, regardless of type:
- A real-time, publicly accessible sub-processor page is maintained at zephraai.com/sub-processors. This page is the authoritative and always-current list of all sub-processors.
- The page includes a timestamped change log recording every addition, removal, or material change to the sub-processor list with the date and time of each change.
- When the sub-processor page is updated, an email notification is sent to the registered account email address. No fixed advance notice period is required.
- Continued use of the platform after notification constitutes acceptance of the updated sub-processor list.
The sub-processor list changes as technology evolves — particularly AI model providers, which may be updated frequently as better options emerge. Our commitment is that every infrastructure and payment sub-processor is bound by contractual data protection obligations. For AI model providers, we rely on their standard published API terms which, as of the date of this Agreement, state that API data is not used to train general-purpose models by default. If you are uncomfortable with any change, you may close your account at any time without penalty. Termination is the sole remedy for any sub-processor objection.
Infrastructure and payment processors are bound by contractual data protection obligations. AI model providers are engaged under their standard published API terms — see Section 6.2 for details.
14.6 International Transfers and Infrastructure Location
Growthsynth LLP processes data on infrastructure that may be located in India and/or internationally, depending on current hosting providers, server availability, and configuration. Infrastructure locations may change as we adopt new providers or as existing providers change their regional offerings. We do not guarantee that data will always be processed in a specific country.
Where Personal Data is transferred outside the country in which it was collected, we ensure appropriate safeguards are in place:
- For transfers from the EU or UK: Standard Contractual Clauses (SCCs) approved by the European Commission, or the UK International Data Transfer Agreement (IDTA)
- For transfers from India: compliance with applicable provisions of the DPDP Act 2023
- For all transfers: contractual data protection obligations imposed on all sub-processors regardless of location
The Customer's acceptance of this Agreement constitutes acceptance of these transfer mechanisms. A copy of applicable SCCs is available on request at hello@zephraai.com.
14.7 Data Subject Rights
We will forward any data subject rights request received directly by us (concerning data processed on the Customer's behalf) to the Customer within 5 business days. The Customer is responsible for responding. We will provide reasonable technical assistance to support the Customer's compliance.
14.8 Deletion
Upon account termination, we will cease processing, and delete or irreversibly anonymise all Customer-controlled Personal Data within 90 days, except where legally required to retain it. We will confirm deletion in writing upon request.
14.9 Audit Rights
The Customer may audit our DPA compliance once per calendar year on 30 days' written notice. We may satisfy audit requests by providing third-party certifications (ISO 27001, SOC 2) and written questionnaire responses in lieu of on-site audits. Audit costs are borne by the Customer.
14.10 Processor Liability Under the DPA
Our liability under this DPA is subject to the liability cap in Section 17.3. We are not liable for processing carried out in compliance with the Customer's documented instructions.
15. Security and Breach Notification+
15.1 Our Security Measures
We implement and maintain the technical and organisational measures described in Schedule B. We review and update these measures periodically.
15.2 Breach Notification
In the event of a Personal Data breach affecting data processed under Section 14, we will notify the Customer without undue delay and in any event within 72 hours of becoming aware of the breach. Notification will include the nature, scope, and likely consequences of the breach and the measures taken to address it.
15.3 Breach Caused by Customer
WHERE A BREACH IS CAUSED OR CONTRIBUTED TO BY THE CUSTOMER'S FAILURE TO SECURE ITS ACCOUNT CREDENTIALS, FAILURE TO CONFIGURE TRACKING CORRECTLY, OR OTHER FAILURE TO COMPLY WITH ITS OBLIGATIONS UNDER THIS AGREEMENT, THE CUSTOMER IS SOLELY RESPONSIBLE FOR THE CONSEQUENCES OF THAT BREACH AND GROWTHSYNTH LLP'S LIABILITY IS LIMITED TO ITS OWN DIRECT CONTRIBUTION.
16. Force Majeure+
Neither party will be liable for delay or failure to perform (other than payment obligations) caused by circumstances beyond its reasonable control, including natural disasters, government action, telecommunications failures, cyberattacks from outside the party's systems, pandemics, or war. The affected party must notify the other within 5 business days. If a Force Majeure event affecting platform availability continues for more than 30 days, either party may terminate on 14 days' notice without penalty.
17. Limitation of Liability — THE LIABILITY CAP+
THIS SECTION IS CRITICAL. IT MATERIALLY LIMITS GROWTHSYNTH LLP'S LIABILITY TO YOU. READ IT FULLY.
17.1 Exclusion of Indirect and Consequential Loss
To the fullest extent permitted by applicable law, Growthsynth LLP will not be liable — in contract, tort, breach of statutory duty, or otherwise — for any:
- Loss of profits or revenue
- Loss of anticipated savings
- Loss of business, contracts, or opportunities
- Loss of goodwill or reputation
- Wasted advertising expenditure on Connected Platforms
- Campaign underperformance or failure to achieve ROAS targets
- Loss caused by changes to third-party platform algorithms, policies, or APIs
- Any indirect, special, incidental, consequential, or punitive damages
This exclusion applies even if Growthsynth LLP has been advised of the possibility of such losses.
17.2 Exclusion of Token Fees and Ad Spend
GROWTHSYNTH LLP'S LIABILITY DOES NOT EXTEND TO: (A) TOKEN FEES PAID TO GROWTHSYNTH LLP; (B) ADVERTISING SPEND ON CONNECTED PLATFORMS (META, GOOGLE, OR OTHERWISE); (C) ANY THIRD-PARTY COSTS, FEES, OR EXPENSES. THE LIABILITY CAP IN SECTION 17.3 IS CALCULATED ON PLATFORM FEES ONLY AND EXPRESSLY EXCLUDES ALL OF THE ABOVE.
17.3 The Liability Cap — Platform Fees Only
Growthsynth LLP's total aggregate liability to the Customer for all claims arising under or connected with this Agreement in any period is limited to:
THE GREATER OF: (A) THE TOTAL PLATFORM FEES (SUBSCRIPTION FEES ONLY — EXCLUDING TOKENS, AD SPEND, AND ALL THIRD-PARTY COSTS) PAID BY THE CUSTOMER TO GROWTHSYNTH LLP IN THE THREE CALENDAR MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR (B) USD 100 (OR EQUIVALENT IN LOCAL CURRENCY AT THE DATE OF THE CLAIM).
For the avoidance of doubt:
- If a Customer pays a Platform Fee of USD 500/month, the maximum liability cap for any claim is USD 1,500 (3 months)
- If a Customer pays a Platform Fee of USD 100/month, the maximum cap is USD 300
- If a Customer is on the free tier with no Platform Fees paid, the maximum liability is USD 100
- This cap applies regardless of the number of claims, the nature of the claims, or the total loss suffered
17.4 Autonomous Mode — Verified Technical Failure
The only circumstances in which Growthsynth LLP will accept liability in respect of Autonomous Mode operations are where the Customer establishes a Verified Technical Failure, defined as one of the following:
- (A) Hard Spend Cap Breach: Zephra caused actual ad spend on Connected Platforms to exceed the Customer's configured Hard Spend Cap in a 24-hour period by more than 10% (the 10% tolerance accounts for platform-level timing delays in spend reporting), AND the excess was not caused by: (i) the Customer's own changes to Connected Platform budgets; (ii) a Connected Platform outage or reporting delay; or (iii) the Customer having set an inappropriately high cap.
- (B) Out-of-Category Action: Zephra executed an action of a type explicitly excluded by the Customer's configured Action Type Restrictions, AND the Customer reported this to Growthsynth LLP within 24 hours as required by Section 8.7.
- (C) Spurious Execution: Zephra executed an action for which the Reasoning Audit Trail shows no data signal or instruction that could plausibly have triggered that action.
- (D) Specialist Intervention Exclusion: A Verified Technical Failure expressly excludes any manual intervention, adjustment, or parameter modification made by a Growthsynth LLP specialist as an exercise of professional judgement call made in good faith to support Customer objectives. Such interventions are discretionary professional judgement calls and do not constitute a breach of this Agreement.
17.5 No Liability for Campaign Outcomes
For the avoidance of doubt, Growthsynth LLP is not liable for: (i) campaign performance; (ii) unexpected advertising spend that is within your configured caps; or (iii) disagreement with the AI's strategic decisions. AI is inherently probabilistic. You accept this risk by using the platform.
17.6 Remedy for Verified Technical Failure
WHERE THE CUSTOMER ESTABLISHES A VERIFIED TECHNICAL FAILURE, GROWTHSYNTH LLP'S SOLE AND ENTIRE LIABILITY IS:
- An account credit equal to the Platform Fees paid in the 3 calendar months preceding the event, or USD 100, whichever is greater
- No cash refund is available in lieu of account credit unless Growthsynth LLP determines in its discretion that a cash refund is appropriate
- No further remedy of any kind is available
THIS CREDIT IS GROWTHSYNTH LLP'S ENTIRE LIABILITY FOR ANY AUTONOMOUS MODE INCIDENT. NO ADDITIONAL REMEDY IS AVAILABLE FOR AD SPEND ON CONNECTED PLATFORMS, LOST REVENUE, CAMPAIGN LOSSES, OR ANY OTHER LOSS BEYOND THE CREDIT DESCRIBED.
17.7 Non-Compliance Reduces or Eliminates Claims
Any claim against Growthsynth LLP — whether under Section 17.4 or otherwise — will be reduced or eliminated to the extent that:
- The Customer failed to monitor as required by Section 8.6
- The Customer failed to report within 24 hours as required by Section 8.7
- The Customer failed to disable Autonomous Mode promptly upon identifying unexpected behaviour
- The loss was caused or contributed to by the Customer's own configuration, instructions, or negligence
- The loss was caused or contributed to by a third-party platform outage, policy change, or API change
17.8 Exceptions
- Death or personal injury caused by negligence
- Fraud or fraudulent misrepresentation
- Any liability that cannot be excluded by applicable law
18. Indemnification+
18.1 Customer Indemnifies Growthsynth LLP
The Customer agrees to indemnify, defend, and hold harmless Growthsynth LLP and its partners, officers, employees, and agents against all claims, damages, losses, liabilities, costs, and expenses (including legal fees) arising from:
- Breach of this Agreement
- Violation of applicable law
- Breach of Connected Platform terms
- Any claim that Customer Data or the Customer's instructions infringe third-party rights
- Any claim by the Customer's own end users or customers arising from campaigns executed by Zephra on the Customer's behalf
- The Customer's failure to comply with its data controller obligations under Section 14
18.2 Growthsynth LLP Indemnifies Customer
We agree to indemnify you against third-party claims that the Zephra platform, used in accordance with this Agreement, infringes that party's registered Intellectual Property Rights. This does not apply where infringement arises from your modification of the platform, combination with other services, or use in violation of this Agreement.
19. Term and Termination+
19.1 Term
This Agreement begins at account creation and continues until terminated.
19.2 Termination by Customer
You may close your account at any time through the in-platform account closure function or by emailing hello@zephraai.com. Termination takes effect at end of current billing period. No early termination fee.
19.3 Termination by Us
- Immediately: For material breach including prohibited use, non-payment after 30 days' notice, or legal/regulatory requirement.
- 30 days' notice: For any other reason including platform discontinuation.
- Dormant accounts: If your account has had no login activity for 24 consecutive months and has no active subscription, we will send notice to your registered email. If no response is received within 30 days, we may close the account and delete associated data per our Privacy Policy retention schedule. Any unconsumed token balance will be refunded to the payment method on file before closure.
19.4 Effect of Termination
- Your licence and all autonomous operations cease immediately
- Queued autonomous actions already in execution will complete; no new ones are initiated
- Customer Data deleted within 90 days per Privacy Policy (except legally required retention)
- Unconsumed token balances refunded pro-rata within 30 days
- Accrued payment obligations survive
19.5 Survival
Sections 1, 10, 12, 17, 18, 20, 21, and 22 survive termination.
20. Dispute Resolution+
20.1 Good Faith Negotiation
In the event of any dispute, the parties must first attempt to resolve the matter through good faith negotiation for a period of at least 30 days before initiating any formal proceedings.
20.2 Mediation
If negotiation fails, either party may refer the dispute to mediation under the rules of the Indian Institute of Arbitration & Mediation (IIAM). Costs of mediation shall be shared equally.
20.3 Arbitration
If mediation fails within 60 days, disputes shall be settled by binding arbitration under the Arbitration and Conciliation Act 1996 (India). The tribunal shall consist of a sole arbitrator. Language: English. Seat: Bengaluru. For claims below INR 1,000,000, arbitration shall be conducted solely on written submissions.
20.4 Consumer Rights Preserved
Nothing in this Agreement prevents a customer from exercising their statutory rights under applicable consumer protection laws, including the Indian Consumer Disputes Redressal Commission, Australian Competition and Consumer Commission, and equivalent bodies.
20.5 Injunctive Relief
Either party may seek emergency injunctive relief from a court of competent jurisdiction to protect Intellectual Property Rights or Confidential Information without first exhausting the dispute resolution process above.
21. Governing Law+
This Agreement is governed by the laws of India. Mandatory consumer protection rights under the laws of the Customer's country of residence are not affected by this clause. EU and UK customers retain the benefit of mandatory EU and UK consumer law. Australian customers retain the benefit of the Australian Consumer Law.
22. General Provisions+
- Entire Agreement: This Agreement and our Privacy Policy constitute the entire agreement between the parties and supersede all prior agreements.
- Severability: If any provision is unenforceable, it will be modified to the minimum extent necessary; all other provisions continue.
- Waiver: Failure to enforce any right does not constitute waiver. Waivers must be in writing.
- Assignment: You may not assign this Agreement without our written consent. We may assign to a successor entity with 30 days' notice.
- No Agency: The parties are independent contractors. Zephra acts as your agent only within the specific scope of permissions you grant on Connected Platforms.
- Notices: Notices to us: hello@zephraai.com. Notices to you: email address on account. Effective on confirmed delivery.
- Language: English governs. Any translation is for convenience only.
- Export Control: You agree to comply with all applicable export control laws and not use the platform in violation of applicable sanctions.
Schedules+
Schedule A — Connected Platforms (Live Reference)
Schedule A is maintained as a live webpage at zephraai.com/sub-processors, which is always the current and authoritative list of platforms available for connection to Zephra. The webpage is updated as platforms are added or removed. No advance notice is required for additions. No document update is required — your acceptance at signup covers all current and future platforms listed on the webpage. You can choose not to connect any particular platform at any time. Connection always requires your explicit authorisation via OAuth.
To view the current list of Connected Platforms, visit: zephraai.com/sub-processors
Schedule B — Data Processing: Technical and Organisational Measures
This Schedule describes Growthsynth LLP's technical and organisational measures (TOMs) as Data Processor under Section 14. These measures are current as of the Effective Date and reviewed and updated periodically.
B.1 Data at Rest
- All Personal Data on Google Cloud Platform: AES-256 encryption
- Database encryption keys: managed via Google Cloud KMS, access restricted to authorised service accounts
- OAuth tokens and credentials: encrypted secrets management, not stored in application databases
B.2 Data in Transit
- Client-to-server: industry-standard encryption in transit (TLS 1.3)
- Internal service-to-service: TLS encrypted
- API communications with Connected Platforms: HTTPS with certificate validation
B.3 Access Controls
- Role-based access control: minimum-necessary access
- Production access: multi-factor authentication required
- Staff data access: logged and subject to periodic access review
- Offboarding: access revoked within 24 hours of staff departure
B.4 Infrastructure
- All Personal Data processed on Google Cloud Platform (ISO 27001, SOC 2 Type II certified)
- No Personal Data stored on employee personal devices
- Regular automated backups with tested restoration procedures
B.5 Incident Response
- Automated monitoring for anomalous access patterns
- Incident response: detection → containment → assessment → notification → remediation → post-incident review
- Customer notification within 72 hours of confirmed breach
B.6 Data Minimisation
- Server-side tracking: IP anonymisation by default (last octet truncation)
- Automated retention-based deletion jobs
- OAuth token storage: session-scoped where technically feasible
Schedule C — Sub-Processor List (Always Current at zephraai.com/sub-processors)
Schedule C is maintained as a live webpage at zephraai.com/sub-processors. That URL is the authoritative and always-current list. This version reflects the position at the Effective Date only.
C.1 Infrastructure
- Google Cloud Platform · Google LLC · US and EU regions · Infrastructure, storage, hosting · cloud.google.com/security
C.2 AI Model Providers
- OpenAI · OpenAI, L.P. · United States · AI model inference · openai.com/policies
- Anthropic · Anthropic, PBC · United States · AI model inference · anthropic.com/legal/privacy
- Google AI (Gemini) · Google LLC · US and EU · AI model inference · cloud.google.com/terms/data-processing-addendum
- Groq · Groq, Inc. · United States · AI model inference platform · groq.com/privacy
C.3 Payment Processors
- Stripe, Inc. · United States · Payment processing (international) · stripe.com/privacy — billing data only; no end-user Personal Data
- Razorpay Software Pvt. Ltd. · India · Payment processing (India) · razorpay.com/privacy — billing data only; no end-user Personal Data
C.4 Infrastructure Location Note
Growthsynth LLP's infrastructure may be located in India, the United States, the European Union, or other regions depending on current hosting providers and server availability. The infrastructure location may change. All locations are subject to the same data protection obligations regardless of region. For the current infrastructure location, contact hello@zephraai.com.
C.5 Changes to This Schedule
This Schedule is updated as sub-processors are added or changed in accordance with Section 14.5. The online version at zephraai.com/sub-processors is always current. Email notifications are sent to registered account holders when this Schedule is updated.