§1 PREAMBLE
Protecting your privacy and your personal information is a high priority at ZeyOS. This is why we are committed to processing your data in compliance with applicable data protection laws in all countries in which ZeyOS operates.
This Privacy Policy lays out the details of our general privacy practices that apply to the personal information we collect, use and share about consumers and other individuals among our clients, business partners, supplier and other organizations with which ZeyOS has or considers a business relationship.
ZeyOS is serious about protecting the privacy of our users. Therefore, ZeyOS adheres to the General Data Protection Regulation (GDPR) (EU) 2016/679 to ensure that their privacy is protected.
This Privacy Statement especially applies to all information collected when a user (hereinafter "The User") either visits one of our websites and Internet services (hereinafter "The Websites"), namely www.zeyos.com, developers.zeyos.com and jobs.zeyos.com, or uses any of our Software Products or Subscriptions (hereinafter collectively referred to as "The Products"; for exact definitions, see our Terms of Service at https://www.zeyos.com/tos/).
§2 NAME AND ADDRESS OF THE CONTROLLER
The Data Controller is
• ZeyOS GmbH & Co. KG (also referred as "ZeyOS")
• Registered at HRB München 95355
• Address: Stepbergweg 5, 82491 Grainau, Germany
• Phone: +49 89 416173780
• E-mail:
[email protected]
The responsible officer is Peter-Christoph Haider.
§3 INFORMATION TRANSMISSION AND USE
(1.) Usually you can visit the ZeyOS Websites (e.g. https://www.zeyos.com/) or any other Products by ZeyOS without telling us who you are and without giving any personal information about yourself. In some cases, however, ZeyOS or its partners may require you to disclose some information about yourself. For instance, you may give us your credit card details to buy something from us or you might enter your personal contact details when contacting our team. If you tell us that you do not want us to use this information to make further contact with you beyond fulfilling your requests, we will respect your wishes.
(2.) If you give us personal information about somebody else, such as a spouse or work colleague, we assume that you have their permission to do so.
(3.) Upon each of the User’s visits to our Websites, we may automatically collect technical information, including the Internet Protocol (IP) address used to connect Users’ computers to the Internet, your login information, browser type and version, time zone settings, browser plug-in types and versions, operating system and platform.
(4.) ZeyOS may also collect information about the User’s visit to our Websites, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
(5.) If you request something from our Websites, for instance, a product or service, a call-back, or specific marketing materials, we will use the information you provide to fulfil your request. To help us do this, we may share information, with others, for instance, other departments of ZeyOS, ZeyOS’s business partners, financial institutions, shipping companies, postal or government authorities (i.e. customs authorities) involved in the fulfilment. In connection with a transaction we may also contact you as part of our customer satisfaction surveys or for market research purposes.
(6.) ZeyOS does not collect payment card details of our Users. In order to pay for the fees related to our Services we use third party payment processors that will collect and process the payment card details of our Users.
(7.) ZeyOS is also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers) and may receive information about you from them.
§4 PURPOSE OF THE PROCESSING
We may collect your personal information as an individual for various purposes, such as the following:
(i.) Providing information to Users through our Websites and Products;
(ii.) Providing Users with our Websites and Products;
(iii.) Support and assist Users in using our Websites and Products;
(iv.) Customize our Products to the individual needs of Users;
(v.) Notify Users about changes to our Websites and Products;
(vi.) Providing Users with the information requested through webforms;
(vii.) Providing Users with information about other services we offer that are similar to those that users have already purchased or enquired about (only if Users have consented to this). We inform that in each commercial communication Users receive, we will provide Users with the appropriate information to exercise their right of objection in case they wish to object to the sending of commercial communications. The acceptance to send commercial information is always revocable, without retroactive effects;
(viii.) Understanding and optimizing how our Websites and Products are used;
(ix.) Measuring or understanding the effectiveness of advertising we serve to Users and others, and to deliver relevant advertising to Users.
§5 LEGAL BASIS FOR THE PROCESSING
Insofar as we obtain the consent of the processing of personal data from the parties concerned, Article 6 (1) lit. a of the EU-General Data Protection Regulation (GDPR) serves as a legal basis.
For the processing of such personal data, which is necessary to fulfil a contract, where the contract party is the concerned person, Article 6 (1) lit. b GDPR serves as a legal basis. This also applies to personal data processing which is necessary in preparation of a contract.
Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation which our company is under, Article 6 (1) lit. c serves as a legal basis.
In such a case when vital interests of the person concerned or of another natural person render the processing of personal data necessary, Article 6 (1) lit. d serves as a legal basis.
If the processing of personal data is necessary in terms of defending a justified interest on the part of our company or of a third party and the interests, fundamental rights and fundamental freedoms of the concerned party do not exceed the aforementioned interest, Article 6 (1) lit. f serves as a legal basis for the processing.
In case when Users purchase our Products, the legal basis for the processing is the performance of the contract entered into by the parties.
In all other cases, the legal basis for the processing is the consent provided by the User.
§6 DATA DISCLOSURE
(1.) The User’s personal data may be disclosed to third parties which are companies that provide services to ZeyOS. These third parties are:
(i.) ZeyOS, Inc., a Delaware Corporation, which is the owner of the ZeyOS trademark and logo and also holds the copyright to the ZeyOS Software Platform;
(ii.) Other service providers, such as our channel managers, payment providers and third-party applications which integrate with our Websites or Products, for the performance of any contract we enter with them or our Users;
(iii.) Advertisers that require the information to select and serve relevant adverts to our Users and others; and
(iv.) Analytics providers that assist ZeyOS in the improvement and optimization of our Websites or Products.
(2.) Some personal data of our Users may be stored in or transferred to a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for ZeyOS or one of our business partners or service providers. By using our Websites or Products, Users acknowledge and agree that we may be transferring, storing and processing their personal data outside of the country in which they reside. ZeyOS will take all steps reasonable necessary to ensure that Users’ data are treated securely.
(3.) ZeyOS also may disclose personal data of our Users as required by law, or when we believe in good faith that disclosure is necessary to protect our rights, protect the safety of our Users or the safety of others, investigate fraud, or respond to a government request.
§7 RIGHTS OF THE DATA SUBJECT
Each User (data subject) has the following rights regarding its personal data:
(1.) Right of confirmation: to obtain from the Controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may at any time contact our data protection officer or another employee of the controller.
(2.) Right of access: to obtain from the controller free information about his or her personal data stored at any time and a copy of this information.
(3.) Right to rectification: to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
(4.) Right to erasure (Right to be forgotten): to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies and as long as the processing is not necessary:
(i.) The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
(ii.) The data subject withdraws consent on which the processing is based according to point (a) of Article 6 (1) of the GDPR, or point (a) of Article 9 (2) of the GDPR, and where there is no other legal ground for the processing.
(iii.) The data subject objects to the processing pursuant to Article 21 (1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 (2) of the GDPR.
(iv.) The personal data have been unlawfully processed.
(v.) The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
(vi.) The personal data have been collected in relation to the offer of information society services referred to in Article 8 (1) of the GDPR.
(5.) Right of restriction of processing: to obtain from the controller restriction of processing where one of the following applies:
(i.) The accuracy of the personal data is contested by the data subject, for a period enabling the Controller to verify the accuracy of the personal data.
(ii.) The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
(iii.) The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
(iv.) The data subject has objected to processing pursuant to Article 21 (1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
(6.) Right to data portability: to receive the personal data concerning the User, which was provided to a controller, in a structured, commonly used and machine-readable format. The User shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided as long as the processing is based on consent and the processing is carried out by automated means. Furthermore, in exercising his or her right to data portability pursuant to Article 20 (1) of the GDPR, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and does not adversely affect the rights and freedoms of others.
(7.) Right to object: to object, on grounds relating to the User’s particular situation, at any time to processing of personal data concerning the User which is based on point (e) or (f) of Article 6 (1) of the GDPR. This also applies to profiling based on these provisions.
(8.) Right to withdraw data protection consent: to withdraw consent to processing of the User’s personal data at any time.
If the data subject wishes to exercise any of the aforementioned rights, he or she may at any time directly contact ZeyOS by sending the appropriated request to the contact information outlined in §2
Finally, each data subject has the right to lodge a complaint before the appropriate Data Supervisory Authority.
§8 SECURITY
The security of the information you store in ZeyOS is important to us. This is why we outline our security measures and processes and practices in our Statement of Security (https://www.zeyos.com/security/), which provides more information on our current security measures to keep your data safe.
Nevertheless, please note that no data transmission over the Internet or information storage technology can be guaranteed to be totally secure. As a result, whilst we strive to protect our Users’ information, we cannot ensure or warrant the security of any information which Users send to us, and the Users do so at their own risk.
§9 JOBS AND RECRUITMENT
In connection with a job application or inquiry, whether advertised on the ZeyOS website or otherwise, you may provide us with information about yourself, such as a resume. We may use this information throughout ZeyOS and its related entities for the purpose of employment considerations or your inquiry. Unless otherwise told, we will keep the information for future considerations until we are legally required to delete the details of your application or inquiry.
§10 PUBLIC BLOGS, FORUMS AND CHAT ROOMS
If you participate in a ZeyOS blog, discussion forum, chat room or any other kind of public information platform, you should be aware that the information you provide there will be made broadly available to others who have access to that platform. Also, please be aware that individual platforms may have additional rules and conditions. Each participant's opinion communicated in such platforms is his or her own opinion and should not be considered to be reflecting the opinion of ZeyOS.
§11 COOKIES
(1.) A cookie is a small bunch of data, which a website will store on your computer in order to identify the Users of a website or web application and to save user-specific information.
(2.) In order to use the ZeyOS website or any ZeyOS online services, your web browser must accept cookies.
(3.) In addition to this, cookies will help us to provide better service to you. For example, we keep track of the domains from which people were redirected, and we also track visitor activity on our Websites our when using our Products. ZeyOS or others on ZeyOS’s behalf may use this data to analyze trends and statistics and to help us provide better customer service.
§12 DATA STORAGE
(1.) ZeyOS works together with third parties which to provide services such as specialized hardware, Internet connectivity, storage capacity and other technologies required for the operation of the ZeyOS website and other ZeyOS services.
(2.) The data shall only be stored for the time strictly required for each purpose of the processing and shall promptly be deleted straight afterwards, without prejudice to the legal storage obligations provided for by the law.
(3.) In case where Users purchase our Products, the personal data will be kept as long as the contractual relationship between the parties is maintained and, in any case, until legal liabilities are extinguished definitively (by expiry of the statute-of-limitations period).
(4.) In all other cases, the personal data provided will be kept as long as the data deletion is not requested by the User. Likewise, data will be kept according to the legal time-frame set forth in legal, fiscal and accounting matters, taking as reference the date of the request for data deletion.
§13 CONTRIBUTIONS AND CO-DEVELOPMENT
Should you as an individual or representative of a legal entity voluntarily submit contributions, such as source code, documentation, bug reports, enhancements, images or any other kind of intellectual work, you as the copyright holder grant ZeyOS a permanent, transferrable and unlimited right to use these works in any way ZeyOS sees fit. If ZeyOS uses such works in one of its Products, it does not grant you any right on this product whatsoever.
§14 LINKS TO EXTERNAL WEBSITES
Our Websites and Products may contain links to other websites. ZeyOS is not responsible for the privacy practices or the content of those other websites and you should note that we do not have any control over that other website. You should exercise caution and look at the privacy statement applicable to the website in question.
§15 VALIDITY AND MODIFICATIONS
(1.) ZeyOS will be able to modify, totally or partially, this Privacy Policy, publishing any change or alteration in the same manner in which these conditions appear or via any type of communication directed to the users, as ZeyOS chooses.
(2.) The temporary validity of this Privacy Policy coincides, therefore, with the time of exposure, until they are totally or partially modified, in which case these latter modified will become the valid ones.
Last change: 2018-05-28