Zam! keeps visible
- The public providers used for support, billing, auth, hosting, and sign-in.
- The fact that email providers can process email delivery metadata.
- The support limit that Zam! cannot decrypt Cloud Sync without your recovery key.
Trust & Privacy Stack
Services Zam! uses.
Zam! should be clear about the outside services that make the app, billing, support, and website work. This page is a plain-English stack disclosure, not a replacement for the Privacy Policy.
Provider stack
| Provider | Used for | What it may process |
|---|---|---|
| Proton Mail | Public support email. | Email contents, headers, sender and recipient addresses, timestamps, delivery metadata, IP-related metadata, country or region hints, user agent or device hints, and security or abuse-prevention records needed to deliver and protect mail. |
| Stripe | Premium billing, checkout, invoices, billing portal, and subscription state. | Payment method details, invoices, subscription status, customer records, dispute or fraud-prevention metadata, and legally required billing records. Zam! does not store full card numbers. |
| Supabase | Authentication, account systems, and Cloud Sync storage. | Account email or OAuth identity metadata, authentication events, signed-in session metadata, app-owned account records, and encrypted Cloud Sync vault blobs. Zam! does not store readable synced budget contents. |
| Cloudflare | Website delivery, security, edge routing, aggregate web analytics/Insights, and feedback endpoint hosting. | Request metadata, IP-related security metadata, region hints, user agent or browser/device hints, aggregate traffic/performance signals, rate-limit and abuse-prevention records, and delivery logs needed to serve and protect the site. |
| Google / Apple | OAuth sign-in where available. | Sign-in identity metadata needed to authenticate the account. Apple sign-in remains paused until enabled. |
Email powered by Proton Mail
Email Powered by
Email provider
Email provider
Zam! public mailboxes are hosted with Proton Mail. Email is a third-party support channel and is separate from encrypted Cloud Sync budget storage.
- Use email for concise support context, billing or legal questions, accessibility issues, and public coordination.
- Review diagnostic reports before attaching them, and remove anything you do not want sent by email.
- Do not send recovery keys, magic links, passwords, full card numbers, gift card numbers, PINs, or raw budget exports.
- Brand-asset references link back to Proton Mail and the Proton media kit.
Privacy boundaries
Zam! does not do
- Sell budget data.
- Use behavioral advertising trackers on the marketing site.
- Ask users to email recovery keys, magic links, passwords, card numbers, gift card numbers, PINs, or raw budget exports.