COOKIES are small files that a site or its service provider transfers to your device (computer or mobile device) or its hard drive through your web browser, only if you allow the same, and they enable the sites or service provider’s systems to recognize your browser and capture and remember certain information.

DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Policy, we are a Data Controller of your data.

DATA PROCESSORS (OR SERVICE PROVIDERS) mean any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.

DATA SUBJECT / USER is any living individual who is the subject of Personal Data and is using our Platform. For the purpose of this Policy, you are a Data Subject / User.

We collect several different types of information for various purposes to provide and improve our Services.

All information collected by the Company is with the Users’ consent. The Company is however free to use, collect, and disclose information of the Users which is in the public domain.

Personal Data

While using the Platform and accessing the Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data ”). Personal Data may include, but is not limited to:

1. (a) Full name;
2. (b) Email ID (personal and work);
3. (c) Phone number;
4. (d) Title / Designation (if required);
5. (e) Name of Organization;
6. (f) Details of Organization;
7. (g) Information available on the apps and/or platforms used and connected to the Platform by you for work purposes, including but not limited to Slack, email messages, and any messages and/or documents uploaded, shared or transferred via such platforms;
8. (h) Nationality, geolocation and time zone;
9. (i) Information related to the Subscription of your choice;
10. (j) Notification preferences;
11. (k) Financial Information (including billing address and limited information regarding the payment mode); and
12. (l) Metrics on use of the Platform, including but not limited to the date of sign-up to the Platform, number of logins, and last login to the Platform.

We may also collect information that your browser sends whenever you visit the Platform or when you access the Services by or through a computer or mobile device (“Usage Data”).

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of the Platform that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Platform through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on the Platform and we hold certain information.

Cookies may include an anonymous unique identifier. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze the Platform and the Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some features of the Platform, and the Platform may not work as designed. For more information on cookies and how to disable them, you can consult the information provided by the Interactive Advertising Bureau at www.allaboutcookies.org.

Examples of Cookies we use:

• (a) Session Cookies. We use Session Cookies to operate the Platform.
• (b) Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
• (c) Security Cookies. We use Security Cookies for security purposes.
• (d) Advertising Cookies. Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.

Social Media Data

We have pages on social media sites like Twitter, and LinkedIn (“Social Media Pages”). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.

Others

We also collect certain information either when the Users provide it while using the Platform or Services and / or automatically as the Users navigate through the Platform (which may include Personal Data and information collected through web beacons and other tracking technologies and which is covered by this Policy). We DO NOT sell this data to any third parties.

You also provide information to us through our Services, including your reviews, photographs, videos, comments, lists, followers, the users you interact with and other information in your account profile, if applicable.

If the Company has reasons to suspect that the information provided by any User is misleading, inaccurate, obsolete or incomplete, the Company reserves the right to refuse provision of the Services to the User or suspend/withhold such User’s access to the Platform, at its sole discretion, without incurring any liability to the User or any third-party. We will not be liable for reliance on or consequences of any misleading, inaccurate, obsolete or incomplete information by you.

The Company uses the collected data for various purposes:

1. (a) to provide and maintain the Platform and the Services;
2. (b) to notify you about changes to the Platform and the Services; 
3. (c) to allow you to participate in interactive features of the Platform when you choose to do so; 
4. (d) to provide customer support; 
5. (e) to gather analysis or valuable information from you, including any ideas, suggestions, proposals, and/or recommendations, so that we can improve the Platform and the Services; 
6. (f) to monitor the usage of the Platform;
7. (g) to detect, prevent and address technical issues;
8. (h) to fulfill any other purpose for which you provide it;
9. (i) to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
10. (j) to provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc.;
11. (k) to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
12. (l) in any other way we may describe when you provide the information;
13. (m) for any other purpose with your consent. 

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Your information, including Personal Data, may be transferred      and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

Your consent to this Policy followed by your submission of such information represents your agreement to such transfer.

The Company will take all the steps reasonably necessary to ensure that your Personal Data, is treated securely and in accordance with this Policy, and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your Personal Data.

We may disclose Personal Data collected by us, or provided by you for:

1. (a) Disclosure for Law Enforcement. Under certain circumstances, we may be required to disclose your Personal Data for purposes of compliance with applicable law or in response to valid requests by public authorities.
2. (b) Business Transaction. If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.
3. (c) Other cases. We may disclose your information also:
   • i. to our subsidiaries and affiliates;
   • ii. to contractors, Service Providers, and other third parties we use to support our business;
   • iii. to fulfill the purpose for which you provide it;
   • iv. for the purpose of including your company’s logo on our website;
   • v. for any other purpose disclosed by us when you provide the information;
   • vi. with your consent in any other cases;
   • vii. if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others.

The security of your data is important to us, and we have implemented reasonably sufficient means to protect the same, including access controls and data encryption. However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we have implemented best industry practices, security policies, rules and technical measures to protect your Personal Data that is under the Company’s control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss, we cannot guarantee its absolute security. We shall not be held liable for any loss whatsoever incurred by the Users or any third-party for any data loss or theft due to unauthorized access to the Users’ electronic devices through which the Users avail the Services.

This section applies to you if you are based in California, or are a resident of California.

The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Data we collect and how we use it, the categories of sources from whom we collect Personal Data, and the third parties with whom we share it, which we have explained above.

We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:

1. (a) Right to Know and Acces. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Data we have collected about you.
2. (b) Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
3. (c) Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
4. (d) Request that a business that sells a consumer's personal data, not sell the consumer's personal data.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at  contact@zivy.app.

In the preceding 12 (twelve) months, we have not disclosed your Personal Data to any third party in a manner that would be considered a sale under the CCPA.

This section provides additional information about this Policy relevant to you if you are from the European Economic Area (the EEA), any European Union (EU) country, United Kingdom, or Switzerland (together “European Area Countries”). It supplements and should be read in conjunction with the rest of this Policy.

Under the European Area Countries’ privacy laws, we are the controller with respect to your Personal Data.

Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it (for example, direct marketing activities), we will obtain and rely on your consent in relation to the processing concerned. Otherwise, we will process Your Personal Data only where the processing is necessary:

1. (a) for the performance of a contract to which You are a party or in order to take steps at Your request prior to entering into such a contract;
2. (b) for the purposes of the legitimate interests (Art. 6(1)(f) GDPR) pursued by Us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by Your interests or fundamental rights and freedoms which require protection of Personal Information;
3. (c) for the fulfilment of Our legal obligations– the legal basis for processing of Your Personal Information will be the necessity for compliance with a legal obligation which We are subject to (Art. 6(1)(c) GDPR).

1. (a) Data Erasure. In certain situations, GDPR gives you the “right to be forgotten.” You can invoke this right where one of the following grounds applies:
   1. i. the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
   2. ii. you withdrew consent to the processing of Personal Data and there is no other legal ground for continuing to process it;
   3. iii. you object to the processing of your Personal Data when there are no overriding legitimate grounds for processing;
   4. iv. you object to the processing of your Personal Data for marketing purposes;
   5. v. your data is processed unlawfully;
   6. vi. the Personal Data has to be erased for compliance with a legal obligation.
2. (b) Complaints to the Relevant Public Authority. In connection with our actions as the controller of your Personal Data, you are entitled to lodge a complaint to the relevant supervisory authority. You can find the list of local authorities responsible for data protection in EU and their contact details at https://edpb.europa.eu/about-edpb/about-edpb/members_en. The relevant public authority in the UK is the Information Commissioner’s Office  (https://ico.org.uk/). The relevant public authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC) (https://www.edoeb.admin.ch/edoeb/en/home.html). 

We encourage you to first contact us at  contact@zivy.app.

We may employ third party companies and individuals to facilitate the Services (“Service Providers”), provide Services on our behalf, perform Service-related ancillary services or assist us in analysing how the Services are used by our Users.

The Service Providers will have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purposes.

Some of the Service Providers we engage include (but are not limited to) the following analytics, development, and LLM Service Providers:

Analytics

We may use third-party Service Providers to monitor and analyze the use of the Platform and the Services.

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of the Services. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

We also encourage you to review the Google's policy for safeguarding your data: https://support.google.com/analytics/answer/6004245.

Firebase

Firebase is the analytics service provided by Google Inc.

You may opt-out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy?hl=en

For more information on what type of information Firebase collects, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

We may use third-party Service Providers to automate the development process of the Platform. 

GitHub

GitHub is provided by GitHub, Inc.

GitHub is a development platform to host and review code, manage projects, and build software.

For more information on what data GitHub collects for what purpose and how the protection of the data is ensured, please visit GitHub Privacy Policy page: https://help.github.com/en/articles/github-privacy-statement.

Data Sharing with Third-Party AI Platforms and Tools

We may use third party artificial intelligence platforms such GPT3.5, open source Large Language Models (LLMs) such as Mistral, Natural Language Processing (NLP) models such as BERT and others hosted on third party platforms for the purpose of enhancing our messages ranking and classification algorithms and functionalities. The sole intent of interfacing with the third-party mechanism(s) is to enrich the user experience. The data shared excludes any personally identifiable information and isn't utilized by the third-party for any other objective. 

In addition to the above list, we may share Personal Data with vendors and Service Providers, to assist us in meeting business operations needs and to perform certain services and functions. These Service Providers may include but are not limited to providers for hosting services, cloud services, and other information technology services providers, provisioning of services requested, email communication software and email newsletter services, advertising and marketing services, payment processors, customer relationship management and customer support services, and web analytics services such as:

Amazon Web Services (AWS)

AWS is an on-demand cloud storage and computing platform.

For more information on how they may store or use your data, please visit: https://aws.amazon.com/privacy/

New Relic

New Relic enables performance monitoring and real-time analytics.

For more information on how they may store or use your data, please visit: https://newrelic.com/termsandconditions/privacy

Grafana Cloud

Grafana Cloud is am observability platform for efficiently managing our Platform and Services.

For more information on how they may store or use your data, please visit: https://grafana.com/legal/privacy-policy/

Redis

Redis is an in-memory data structure store used as a database, cache, and message broker.

For more information on how they may store or use your data, please visit: https://redis.com/legal/privacy-policy/

Microsoft Clarity

Microsoft Clarity is an analytics tool that provides insights into user behavior and preferences.

For more information on how they may store or use your data, please visit: https://privacy.microsoft.com/en-us/privacystatement

Rollbar

Rollbar is a cloud-based error monitoring and debugging service.

For more information on how they may store or use your data, please visit: https://docs.rollbar.com/docs/privacy-policy

Vercel

Vercel enables our developers to host, deploy, and scale the Platform and Services.

For more information on how they may store or use your data, please visit: https://vercel.com/legal/privacy-policy

We request you to review and confirm your acceptance with the latest terms and privacy policies of the Service Providers, available on their respective websites or platforms.

We may provide paid products and/or services, including payment based subscription models for access to certain features of the Platform or certain Services, or the entire Platform and all the Services provided by us as the case may be. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details and the same are directly provided by you to our third-party payment processors, whose use of your Personal Data is governed by their respective privacy policies. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The Platform may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. Please note that when Users click on one of these links, they are entering another website over which we have no control and for which we will bear no responsibility. We strongly advise you to review the privacy policy of every site you visit. 

By accessing the Platform, you agree that we have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services, and we shall not be liable to you or any other User for any breach of Personal Data or loss incurred by your use of such websites or services. The inclusions or exclusions are not suggestive of any endorsement by the Company of the website or contents of the website. You may visit any third-party website linked to the Platform at your own risk. 

The Platform and the Services are not intended for use by children under the age of 18 (“Child” or “Children”). 

We do not knowingly collect Personal Data from Children. If you become aware that a Child has provided us any Personal Data, please contact us at contact@zivy.app. If we become aware that we have collected Personal Data from Children without verification of parental consent, we shall take all steps necessary to remove such Personal Data from our servers.

We reserve the right to update or change this Policy from time to time. You are advised to review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on the Platform. We will notify you of any changes by posting the new Policy on this page. We will endeavour to notify You for any such material changes, on a best efforts’ basis, via email and/or a prominent notice on the Platform, prior to the change becoming effective and update “effective date” at the top of this Policy.

If you have any questions about this Policy, please contact us:

By email: contact@zivy.app