Privacy Policy

Last Updated: October 3, 2024

This Privacy Policy describes how Zyphor ("we," "us," or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from zyphor.io (the "Site") or otherwise communicate with us regarding the Site (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" refer to any individual accessing the Services, whether as a customer, website visitor, or any other individual whose personal information we process.

We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with the UK General Data Protection Regulation ("UK GDPR"), the EU General Data Protection Regulation ("EU GDPR"), and other applicable data protection laws.

Please read this Privacy Policy carefully to understand how we collect, use, and share your personal data.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal or regulatory reasons. When we make changes, we will post the updated version on this page, update the "Last Updated" date, and take any other steps required by applicable law, such as notifying you via email or displaying a notice on the Site.

Data Controller and Contact Information

For the purpose of applicable data protection laws, Zyphor is the data controller of your personal information. Our contact details are as follows:

  • Email: privacy@zyphor.io
  • Address: 128 City Road, London, ENG, EC1V 2NX, United Kingdom

How We Collect and Use Your Personal Information

We collect personal information about you from a variety of sources, depending on how you interact with us and our Services. We process this data to provide, improve, and personalize our Services, and for other purposes as described below.

Categories of Personal Information Collected

  • Contact Information: Name, email address, phone number, billing and shipping addresses.
  • Account Information: Username, password, security questions.
  • Order Information: Products purchased, order history, payment confirmation.
  • Customer Support Information: Information provided when contacting us for support or inquiries.
  • Usage Data: Information about how you interact with our Site, device and browser information, IP address, and other technical information.

Lawful Bases for Processing

We rely on the following lawful bases to process your personal information, as required under GDPR and UK GDPR:

  • Performance of a Contract: We process your personal information to fulfill our obligations under our contract with you, such as processing your orders, delivering products, and providing customer support.
  • Consent: We process your personal information when you have given your explicit consent, such as for marketing communications. You can withdraw your consent at any time.
  • Legitimate Interests: We process your personal information for our legitimate business interests, such as to improve our Services, detect and prevent fraud, or for marketing purposes, provided that such interests are not overridden by your rights and interests.
  • Legal Obligations: We may process your personal information to comply with applicable laws, regulations, and legal obligations.

How We Use and Share Your Personal Information

We use your personal information for the following purposes:

  • Providing Products and Services: To process your orders, arrange for shipping, and provide customer support.
  • Marketing and Advertising: To send you promotional materials and show targeted advertisements based on your preferences and past interactions.
  • Security and Fraud Prevention: To detect and prevent fraud, unauthorised transactions, and other illegal activities.
  • Business and Operational Purposes: To analyze usage patterns, maintain our Site, and improve our Services.

We share your personal information with third parties in the following scenarios:

  • Service Providers: With third-party service providers who perform services on our behalf, such as payment processing, order fulfillment, and IT management.
  • Marketing and Advertising Partners: With business and marketing partners for the purposes of advertising and promotions.
  • Compliance and Legal Obligations: When required by law, to protect our rights, or in connection with a business transaction.

International Data Transfers

Your personal information may be transferred to, stored, and processed in a country other than your own, including outside the EEA or the UK, where data protection laws may not be equivalent to those in your jurisdiction.

When transferring personal data outside the EEA or the UK, we ensure that adequate safeguards are in place, such as using Standard Contractual Clauses approved by the European Commission, or other appropriate mechanisms to protect your data in accordance with the GDPR.

Data Retention and Security

We will retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. We implement technical and organizational measures to protect your personal information against unauthorized access, loss, or misuse. However, no security measure is completely secure, and we cannot guarantee the security of your personal information.

Your Rights Under GDPR

As a resident of the UK or EEA, you have certain rights regarding your personal data, including:

  • Right of Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request that we delete your personal data in certain circumstances, such as when it is no longer needed for the purpose for which it was collected.
  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to have it transferred to another controller.
  • Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or when the processing is based on our legitimate interests.
  • Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with the relevant data protection authority if you believe our processing of your personal data infringes your rights under GDPR.

To exercise any of these rights, please contact us using the contact information provided above.

Data Subject Requests and Verification

To exercise your rights, you may contact us using the contact details provided above. We may need to verify your identity to respond to certain requests. If you request a copy of your personal data or to have your data deleted, we may ask for information to confirm your identity, such as your email address or other account-related details.

Complaints and Dispute Resolution

If you have any concerns or complaints regarding our handling of your personal information, please contact us first, and we will do our best to resolve the issue. If you are not satisfied with our response, you may lodge a complaint with the relevant supervisory authority in your jurisdiction.

  • UK: Information Commissioner’s Office (ICO) - ico.org.uk
  • EEA: Contact your local data protection authority. You can find their contact information here.

Children's Data

Our Services are not intended for children under 16, and we do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided personal data, please contact us, and we will delete such data as soon as possible.

Contact Information

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

  • Email: contact@zyphor.io
  • Address: 128 City Road, London, ENG, EC1V 2NX, United Kingdom

For the purposes of applicable data protection laws, we are the data controller of your personal information, unless otherwise specified.