ZetaSafe has always informed its users of our general privacy policies and provides assurance about the collection and use of electronic information.
ZetaSafe ltd is incorporated and registered in England and Wales with company number 04694186 with registered office at Innovation Centre, Silverstone Park, Silverstone, Towcester, NN12 8GX. ZetaSafe ltd is registered with the Information Commissioner’s Office (ICO). This means we are contractually committed to delivering our services in compliance with the Data Protection Act (DPA).
ICO Registration Number: Z9253709
At ZetaSafe, there is no higher priority than the privacy and security of our customers’ data. We believe that protecting the privacy of our customers’ data is integral to our mission of earning and maintaining the trust of each of our customers. We seek to lead the industry as a trusted repository for customer data through a world-class privacy program and provide a secure infrastructure and flexible tools that help enable our customers to comply with global privacy and data protection regulations.
This policy applies to the ZetaSafe® service and other services hosted by ZetaSafe Limited.
Personal information can identify you as an individual or is capable of doing so. Personal information does not include statistical information.
The periods we keep your information can vary according to the use given to the information. But we will not keep it for longer than necessary for the purposes for which the data was collected.
ZetaSafe Limited reserves the right to access and disclose individually identifiable information to comply with applicable laws and lawful government requests or to protect the system or its users.
For the purpose of the Data Protection Act 1998 and from 25 May 2018 unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679)(“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then any successor legislation to the GDPR or the Data Protection Act 1998 (the “Data Protection Laws”), we are a data controller and a data processor.
For www.zetasafe.com and other non-subscription-based services we are the data controller for any personal data we collect.
Customers act as the data controller for any personal data they provide regarding their use of the ZetaSafe service or other services we provide i.e. you own and control your data. In that scenario ZetaSafe ltd is the data processor and processes personal data on behalf of the data controller when they use ZetaSafe subscription-based service.
Information you supply to us directly – this includes the information that you provide when filling in forms on our site, registering to use our services, or corresponding with us through our site or by phone, email or otherwise. Information we collect about you – this includes information provided through your visits to our site, which includes location and traffic data, weblogs, resources you access and other communication data.
“The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011” have been made to ensure that subscribers and users of electronic information and websites are properly informed as to the nature of COOKIES that may be set on their computers and to have the opportunity to make an informed choice as to whether they accept them.
The information we obtain from you will be stored within the European Economic Area (“EEA”). In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our or contractual requirements. We have in place safeguards including explicitly listing all suppliers outside the EEA and verifying their data controls procedures to ensure the security of your data. Staff members operating within the EEA who work for or on behalf of us may process this information. Such staff members may, among other things, be involved in the processing of payment Personal Information, the provision of support services and the delivery of your request(s) for us to provide services.
We store the Personal Information you provide us with on our secure servers. In the event of us giving you (or you choose) a password which grants you access to specific areas within our site, it remains your responsibility to maintain the confidentiality of this password. This includes the responsibility to refrain from sharing your password with other parties.
We collect Personal Information and other information about you to allow us to provide the service and to improve our service. We use your Personal Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
The information we hold about you may be used in any of the following ways:
We may also use the Personal Information we hold about you to provide you with information about other services we offer which we feel may be of interest to you. We may provide this information electronically via email, telephone, and/or by post. and, in each case, you have not opted out of receiving that marketing If you wish to reject such communication regarding our other services, we will give you the opportunity to terminate our permission to contact you for such purposes.
We are required to disclose your Personal Information in order to fulfil any legal obligation, to enforce our Terms and Conditions, or to protect the property, rights or safety of ZetaSafe users of our services or others.
We use sub-processors in limited scenarios to deliver services to you.
A sub-processor is a third-party data processor engaged by ZetaSafe, who has or potentially will have access to or process Service Data (which may contain Personal Data). ZetaSafe engages different types of sub-processors to perform various functions as explained in the tables below. ZetaSafe refers to third parties that do not have access to or process Service Data but who are otherwise used to provide the Services as “subcontractors” and not sub-processors.
We undertake to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of proposed sub-processors that will or may have access to or process Service Data.
|Entity Name||Purpose / Type||Country|
|Microsoft Ireland Operations Ltd (Azure)||Cloud Service Provider / Infrastructure||UK, Ireland, Netherlands|
|Google Inc.||Cloud Service Provider / Infrastructure||UK, Belgium, Germany, Netherlands|
|Zendesk Inc.||Support Portal and Live Chat||Ireland, Canada, United States|
|SendGrid Inc.||Email Service||United States|
SurveyMonkey Europe UC (Wufoo)
|Contact Webforms||United States|
You retain the right to request us to refrain from processing your Personal Information for the purposes of marketing. To exercise such right, you may reply to any information we send you, detailing your request that we refrain from sending any further marketing correspondence, or you can exercise this same right by contacting us electronically via email at email@example.com.
We may at times provide links on our site to third party websites, including without limitation those owned or managed by our partner networks and affiliates. These websites have separate privacy policies, and we therefore cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites’ individual privacy policies before submitting any Personal Information.
We are required to maintain your Personal Information accurately, if you believe any of the Personal Information that we process is inaccurate you are entitled to contact us to correct any inaccuracies at firstname.lastname@example.org. Where we agree that the Personal Information held by us is inaccurate we will correct such inaccuracies without undue delay.
We will not be responsible for correcting inaccuracies in third party Personal Information unless you have informed us of such inaccuracies and we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any inaccurate third party data.
Right to be forgotten – if we no longer have a legal basis to process your Personal Information or if the legal basis that we are relying on is consent and you subsequently withdraw your consent then we will stop processing your personal data. To the extent that you no longer wish to be contacted by us we will need to maintain a record of that to ensure that we do not contact you again in the future.
You are responsible for ensuring that any third-party request to be forgotten is applied to any third party Personal Information that you send to us, we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any third party requests to be forgotten.
You may at any time contact us to review the Personal Information we hold about you. You may exercise this right by contacting us at email@example.com or otherwise in accordance with the Data Protection Laws.
Innovation Centre, Silverstone Park,