Zeply OÜ is registered in Estonia with registration number 14729704 and is licensed by the Estonian Financial Intelligence unit under license number FVT000128.
We reserve the right to modify this Policy at any time, and when required by law, we will notify you of changes to this Policy. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our Services prior to the change becoming effective.
Please review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page.
If you do not agree with or you are not comfortable with any aspect of this Policy, you should immediately discontinue access or use of our Services.
Information Collection and Use
We collect personal information to provide you with our Services. When we require certain personal information from users it is because we are required by law to collect this information or it is relevant for specified purposes. Any information you provide to us that is not required is voluntary. You are free to choose whether to provide us with the types of personal information requested, but we may not be able to serve you as effectively or offer you all of our Services when you do choose not to share certain information with us.
We collect personal information, which is required by law to open an account, add a payment method, or execute a transaction. We also collect personal information when you use or request information about our Services, subscribe to marketing communication or request support. We may also be required to collect additional information on a per-transaction basis.
Confidentiality and Security Procedures
Using your personal information:
As well as checking your identity, the personal information we hold may be used for: Considering any of your applications. Carrying out risk assessments. Performing our obligations under any contract we have with you. Administering our relationship with you including resolving queries or issues. Establishing and managing your account. Reviewing your ongoing needs. Providing you with the information, products, and services that you request from us. Investigating any complaint, you may make. Providing evidence in any dispute or anticipated dispute between you and us. Enhancing our customer service and products. Undertaking product development and analysis. Detecting or preventing fraud or other crimes.
Use of Information collected automatically
We receive and store certain types of information automatically, such as whenever you interact with the Site or use the Services. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, device ID, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier.
Legal Basis for Processing Personal Data
Zeply may process your Personal Data for any of the following reasons:
- To satisfy our legal obligations;
- To perform a contract with you;
- You have given us permission to do so;
- The processing is in our legitimate interests and it is not overridden by your rights;
- For payment processing purposes; and
- To protect our property, rights or safety of Zeply, our customers or others.
- Retention of Data
We store your personal information securely throughout the life of your account held with us. We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting obligations or to resolve disputes.
While retention requirements vary by jurisdiction, we usually retain information for at least 5 years and a maximum of 10 years.
Transfer of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside Estonia and choose to provide information to us, please note that we transfer the data, including Personal Data, to Estonia and process it there.
Your consent to this Policy followed by your submission of such information represents your agreement to that transfer.
We will take all the steps reasonably necessary to ensure that
Your data is treated securely and in accordance with this Policy; and
No transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.
Disclosure of Data
Disclosure for Law Enforcement
Under certain circumstances, Zeply may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
- We may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation;
- To protect and defend the rights or property of Zeply;
- To prevent or investigate possible wrongdoing in connection with the Service;
- To protect the personal safety of users of the Service or the public; and
- To protect against legal liability.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Information from Third-Party Sources
We may employ third-party companies and individuals (hereinafter referred to as “Service Providers”) to:
- facilitate our Service; or
- provide the Service on our behalf; or
- perform Service-related services; or
- assist us in analysing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyse the use of our Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://policies.google.com/privacy?hl=enhttps://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950
Facebook adheres to the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://optout.aboutads.info/?c=2&lang=EN, the Digital Advertising Alliance of Canada in Canada https://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
European Economic Area (“EEA”) residents have the following rights hereunder. The below can be exercised by contacting us at firstname.lastname@example.org so that we may consider your request under applicable law.
By accessing your profile, you can set your communication preferences. You can also make individual rights requests relating to your personal information via our live chat or by emailing email@example.com. We encourage you to make any individual rights requests directly through your profile because it ensures that you have been authenticated already. Otherwise, when we receive an individual rights request via email we may take steps to verify your identity before complying with the request to protect your privacy and security.
Right to withdraw consent
You have the right to withdraw your consent to the processing of your personal information collected based on your consent, at any time. Your withdrawal will not affect the lawfulness of Zeply’s processing based on consent before your withdrawal.
Right of access to and rectification of your personal information
You have a right to request that we provide you a copy of your personal information held by us. This information will be provided without undue delay subject to some fee associated with the gathering of the information (as permitted by law), unless such provision adversely affects the rights and freedoms of others.
You may also request us to rectify or update any of your personal information held by us that is inaccurate. Your right to access and rectification shall only be limited where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated.
Right to erasure
You have the right to request erasure of your personal information that:
- is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- was collected in relation to processing that you previously consented, but later withdraw such consent; or
- was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing.
Should we have made your personal information public and we are obliged to erase said personal information, we will take reasonable steps, including technical measures, to inform other parties that are processing your personal information that you have requested the erasure of any links to, or copy or replication of your personal information. This will be done whilst taking into account of available technology and the cost of implementation. The above is subject to limitations by relevant data protection laws.
Right to data portability
If we process your personal information based on:
- a contract with you; or
- based on your consent, or
- the processing is carried out by automated means,
you may request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another data controller, where technically feasible, unless exercise of this right adversely affects the rights and freedoms of others. A “controller” is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of your personal information.
Right to restriction of or processing
You have the right to restrict or object to us processing your personal information where one of the following applies:
You contest the accuracy of your personal information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your personal information.
The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead.
We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise or defend legal claims.
You have objected to processing, pending the verification whether the legitimate grounds of Zeply’ processing override your rights.
Restricted personal information shall only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if and when the restriction is lifted.
Notification of erasure, rectification, and restriction
We will communicate any rectification or erasure of personal information or restriction of processing to each recipient to whom your personal information has been disclosed unless this proves impossible or involves disproportionate effort. We will inform you about those recipients if you request this information.
Right to object to processing
Where the processing of your personal information is based on consent, contract or legitimate interests, you may restrict or object, at any time, to the processing of your personal information as permitted by applicable law. We can continue to process your personal information if it is necessary for the defence of legal claims, or for any other exceptions permitted by applicable law.
Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing of your personal information, including profiling, which produces legal or similarly significant effects on you, save for the exceptions applicable under relevant data protection laws.
Storage of your personal information
We will try to limit the storage of your personal information to the extent that storage is necessary to serve the purpose(s) for which the personal information was processed, to resolve disputes, enforce our agreements, and as required or permitted by law.
- Your rights to personal information are not absolute. Access may be denied when:
- Denial of access is required or authorized by law;
- Granting access would have a negative impact on other’s privacy;
- To protect our rights and properties; and
- Where the request is frivolous or vexatious.
- We may ask you to verify your identity before responding to such requests.
Our Service does not address anyone under the age of 18 (hereinafter referred to as “Children” or “Child” interchangeably).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers without unnecessary delay. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the EEA.
You are entitled to request to have your personal information reviewed, corrected, or amended or to request that the same be deleted if inaccurate.
If you close your Account, we will mark your account in our database as “Archived”, but will keep your account information in our database for a period described above. This is necessary in order to deter fraud, by ensuring that persons who try to commit fraud will not be able to avoid detection simply by closing their account and opening a new account. However, if you close your account, your personal information will not:
- be used by us for any further purposes; or
- be sold or shared with third parties,
- except as necessary to prevent fraud and assist law enforcement, as required by law, or in accordance with this Policy.