Privacy Policy

ZetaSafe has always informed its users of our general privacy policies and provides assurance about the collection and use of electronic information.

This privacy policy aims to give you information on how we collect and process your personal data through your use, including any data you may provide through this website and other services we provide.

Privacy Statement

ZetaSafe ltd is incorporated and registered in England and Wales with company number 04694186 with registered office at Innovation Centre, Silverstone Park, Silverstone, Towcester, NN12 8GX. ZetaSafe ltd is registered with the Information Commissioner’s Office (ICO). This means we are contractually committed to delivering our services in compliance with the Data Protection Act (DPA).

ICO Registration Number: Z9253709

At ZetaSafe, there is no higher priority than the privacy and security of our customers’ data. We believe that protecting the privacy of our customers’ data is integral to our mission of earning and maintaining the trust of each of our customers. We seek to lead the industry as a trusted repository for customer data through a world-class privacy program and provide a secure infrastructure and flexible tools that help enable our customers to comply with global privacy and data protection regulations.

The information contained in this policy has been published to inform you of the way in which any personally identifiable information (Personal Information) you may provide us with or we collect from you will be used. We recommend that you read our privacy policy carefully in order to fully understand how we treat your personal information.

This policy applies to the ZetaSafe® service and other services hosted by ZetaSafe Limited.

Personal information can identify you as an individual or is capable of doing so. Personal information does not include statistical information.

The periods we keep your information can vary according to the use given to the information. But we will not keep it for longer than necessary for the purposes for which the data was collected.

ZetaSafe Limited reserves the right to access and disclose individually identifiable information to comply with applicable laws and lawful government requests or to protect the system or its users.

For the purpose of the Data Protection Act 1998 and from 25 May 2018 unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679)(“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then any successor legislation to the GDPR or the Data Protection Act 1998 (the “Data Protection Laws”), we are a data controller and a data processor.

For www.zetasafe.com and other non-subscription-based services we are the data controller for any personal data we collect.

Customers act as the data controller for any personal data they provide regarding their use of the ZetaSafe service or other services we provide i.e. you own and control your data. In that scenario ZetaSafe ltd is the data processor and processes personal data on behalf of the data controller when they use ZetaSafe subscription-based service.

Personal Information we may obtain from you

Information you supply to us directly – this includes the information that you provide when filling in forms on our site, registering to use our services, or corresponding with us through our site or by phone, email or otherwise. Information we collect about you – this includes information provided through your visits to our site, which includes location and traffic data, weblogs, resources you access and other communication data.

“The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011” have been made to ensure that subscribers and users of electronic information and websites are properly informed as to the nature of COOKIES that may be set on their computers and to have the opportunity to make an informed choice as to whether they accept them.

Use of Cookies by ZetaSafe?

You can read more about how we use cookies on our Cookie policy page.

Where we store Personal Information about you

The information we obtain from you will be stored within the European Economic Area (“EEA”). In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our or contractual requirements. We have in place safeguards including explicitly listing all suppliers outside the EEA and verifying their data controls procedures to ensure the security of your data. Staff members operating within the EEA who work for or on behalf of us may process this information. Such staff members may, among other things, be involved in the processing of payment Personal Information, the provision of support services and the delivery of your request(s) for us to provide services.

When submitting your Personal Information or any third party Personal Information, you are agreeing to, or have obtained the data subject’s consent to, such processing, transfer or storage as outlined above. We will take all reasonable steps necessary to maintain the security of your Personal Information in accordance with this privacy policy.

We store the Personal Information you provide us with on our secure servers. In the event of us giving you (or you choose) a password which grants you access to specific areas within our site, it remains your responsibility to maintain the confidentiality of this password. This includes the responsibility to refrain from sharing your password with other parties.

We collect Personal Information and other information about you to allow us to provide the service and to improve our service. We use your Personal Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

How we use your Personal Information

The information we hold about you may be used in any of the following ways:

  • To provide and to improve our services to you
  • To send you further information about our services for which we think you may have an interest.
  • To send you further information about our services based on a request we have received from you
  • To fulfil our obligations to you
  • To provide you with notification about any changes to our services relevant to you

We may also use the Personal Information we hold about you to provide you with information about other services we offer which we feel may be of interest to you, using the principle of legitimate interest as the lawful basis of processing. This means we have a genuine and legitimate reason to hold your data and in doing so, we do not harm any of your rights and freedoms.

We may provide this information electronically via email, telephone, and/or by post. and, in each case, you have not opted out of receiving that marketing. If you wish to reject such communication regarding our other services, we will give you the opportunity to terminate our permission to contact you for such purposes.

Disclosure of your Personal Information

We are required to disclose your Personal Information in order to fulfil any legal obligation, to enforce our Terms and Conditions, or to protect the property, rights or safety of ZetaSafe users of our services or others.

Sub-processors

We use sub-processors in limited scenarios to deliver services to you.

What is a sub-processor

A sub-processor is a third-party data processor engaged by ZetaSafe, who has or potentially will have access to or process Service Data (which may contain Personal Data). ZetaSafe engages different types of sub-processors to perform various functions as explained in the tables below. ZetaSafe refers to third parties that do not have access to or process Service Data but who are otherwise used to provide the Services as “subcontractors” and not sub-processors.

Due Diligence

We undertake to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of proposed sub-processors that will or may have access to or process Service Data.

List of sub-processors

Entity Name Purpose / Type Country
Microsoft Ireland Operations Ltd (Azure) Cloud Service Provider / Infrastructure UK, Ireland, Netherlands
Google Inc. Cloud Service Provider / Infrastructure UK, Belgium, Germany, Netherlands
Zendesk Inc. Support Portal and Live Chat Ireland, Canada, United States
SendGrid Inc. Email Service United States
SurveyMonkey Inc

SurveyMonkey Europe UC (Wufoo)

Contact Webforms United States

Your Rights

You retain the right to request us to refrain from processing your Personal Information for the purposes of marketing. To exercise such right, you may reply to any information we send you, detailing your request that we refrain from sending any further marketing correspondence, or you can exercise this same right by contacting us electronically via email at [email protected].

We may at times provide links on our site to third party websites, including without limitation those owned or managed by our partner networks and affiliates. These websites have separate privacy policies, and we therefore cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites’ individual privacy policies before submitting any Personal Information.

We are required to maintain your Personal Information accurately, if you believe any of the Personal Information that we process is inaccurate you are entitled to contact us to correct any inaccuracies at [email protected] Where we agree that the Personal Information held by us is inaccurate we will correct such inaccuracies without undue delay.

We will not be responsible for correcting inaccuracies in third party Personal Information unless you have informed us of such inaccuracies and we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any inaccurate third party data.

Right to be forgotten – if we no longer have a legal basis to process your Personal Information or if the legal basis that we are relying on is consent and you subsequently withdraw your consent then we will stop processing your personal data. To the extent that you no longer wish to be contacted by us we will need to maintain a record of that to ensure that we do not contact you again in the future.

You are responsible for ensuring that any third-party request to be forgotten is applied to any third party Personal Information that you send to us, we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any third party requests to be forgotten.

Accessing your Personal Information

You may at any time contact us to review the Personal Information we hold about you. You may exercise this right by contacting us at [email protected] or otherwise in accordance with the Data Protection Laws.

Changes to our Privacy Policy

If at any time we make a change to our privacy policy, we will update this page to reflect such change. Where we feel it appropriate, we will notify you by email, however we recommend you review this page periodically to ensure you continue to agree with our current privacy policy.

Questions, Comments and Getting in Touch

We welcome any questions or comments in relation to this privacy policy, and advise you to send any such communication to [email protected] or by post;

ZetaSafe Limited
Innovation Centre, Silverstone Park,
Silverstone, Towcester,
NN12 8GX