There are many different ways in which you can use our services to exchange information, communicate with other people or create new content.
If you share information with us, for example by creating an account with us, we can make these services even better - to help you connect with other people or to make sharing with others faster and easier. When you use our services, we want you to be aware of how we use information and how you can protect your privacy.
To the extent that our processing of your data is covered by the General Data Protection Regulation 2016/679 ("GDPR"), the sections of this Privacy Policy in Appendix 1 - Your Rights - apply to you.
Our Privacy Policy explains:
We have tried to keep it as simple as possible, but if you are unfamiliar with terms such as cookies, IP addresses and browsers, please read these keywords first. Your privacy is important to us; please take the time to learn about our practices - and if you have any questions, please contact us.
Our goal is to make it clear what information we collect so that you can make informed choices about how the information is used and control with whom you share it. By providing us with personal information, you consent to our collection, storage, use and disclosure of your personal information in accordance with this Privacy Policy. You do not have to provide us with any personal information, but if you do not, it may affect your use of this website or the products and/or services offered on or through it.
You can also set your browser to block or indicate all cookies, including those associated with our services, when a cookie is set by us. However, it is important to remember that many of our services may not function properly if your cookies are disabled. For example, you may not be able to log in to ZYP.ONE or use other services.
We collect information in order to provide better services to all our users - from simple things like what language you speak to more complex things like what content of ours is most important to you.
We collect information in the following ways:
We may use the information we collect, including your Personal Information and Transaction Data, from any of our services at one or more of the locations where ZYP.ONE operates or otherwise conducts business (currently our location in Germany, Berlin) for the following purposes:
To use the information we collect, we may need our systems to access, screen, store, film and/or scan your information. Where appropriate or required by data protection laws, we will ask for your consent before using information for any purpose other than those set out in this Privacy Policy.
We will retain your personal information for as long as necessary to provide the services we provide to you or for other purposes described in this Privacy Policy, and you may at any time request that we stop processing your personal information or delete it.
We are required by law to retain some of your data for certain periods of time. If we no longer need your data, we will ensure that your data is destroyed or de-identified.
We may need to retain certain personal information after the discontinuation of the provision of products or services in order to enforce our terms and conditions, prevent fraud, identify, issue or resolve legal claims and/or maintain proper accounting records.
ZYP.ONE processes personal information on our servers in many countries around the world. If you choose, we will process your personal information on a server within your country of residence. Please inform us about this wish immediately upon conclusion of the contract.
We may share personal information outside of Germany with third parties, as listed in Appendix 2 - Third Party Service Providers.
By providing us with your personal information, you consent to the transfer of your personal information to third parties living outside Germany. When we share your personal information with third parties, we will take reasonable steps to ensure that any recipient outside Germany handles such information in a manner consistent with German and European data protection principles.
We do not share personal information with companies, organizations and individuals outside of ZYP.ONE unless one of the following circumstances applies:
With your consent
We may share personal information with companies, organizations or individuals outside of ZYP.ONE if we have your consent.With account administrators
If your account is managed for you by an organization administrator, your organization's administrator and the resellers who provide user support for your organization will have access to your information (including your email and other data).For more information, see the privacy policy of your account administrator.
We do not share personal information with companies, organizations and individuals outside of ZYP.ONE unless one of the following circumstances applies:
With third-party service providers
We may share personal information:To address fraud, security or technical issues
We will disclose your personal information to trusted third parties when necessary to detect, prevent or otherwise address fraud, security or technical issues.For legal reasons
We may disclose your information if required to do so by applicable law, regulation or as part of any actual or anticipated legal process (including when reasonably necessary to enforce applicable terms of use or to establish, exercise or defend our legal rights). If we receive a request from a regulatory or law enforcement agency and if permitted by GDPR, the CCPA and other laws, we may disclose certain information to such agencies or authorities.Merger or acquisition
If we merge with or are acquired by another company, we may share your personal information with the new owners of the company and their advisors. We will continue to ensure the confidentiality of all personal information and notify affected users (for example, by sending a message to the email address associated with your account) before personal information is transferred or becomes subject to another privacy policy.We may share aggregated, non-personally identifiable information publicly and with our partners, such as publishers, advertisers, or affiliated websites. For example, we may make information publicly available to show trends in the general use of our services. This may include government agencies, industry groups, insurance companies and educational/training institutions.
We have implemented robust measures regarding the security of the information we collect and store about you (including through the use of network and database security measures) and will use reasonable efforts to protect your personal information from unauthorized access or unauthorized alteration, disclosure or destruction. In particular:
The transmission of information over the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our servers over third-party networks; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorized access.
Our Privacy Policy applies to all services offered by ZYP.ONE and its partners, including services offered on other websites, but excludes services that have separate privacy policies that do not include this Privacy Policy.
Our Privacy Policy does not apply to services offered by other companies or individuals, including products or websites that appear in search results, websites that may contain ZYP.ONE services, or other websites that are linked to our services. Our privacy policy does not cover the information practices of other companies and organizations that advertise our services.
We regularly check the compliance with our data protection regulations. We also adhere to various self-regulatory frameworks. When we receive formal written complaints, we contact the person who made the complaint to investigate it. We work with the relevant regulatory authorities, including local data protection authorities, to resolve complaints regarding the transfer of personal information that we cannot resolve directly with our users.
You may choose to limit the collection or use of your personal information. If you have previously agreed to the use of your personal information for direct marketing purposes, you can change your mind at any time by contacting us using the information below.
You can request details of the personal information we hold about you. There may be an administration fee for providing this information. In certain circumstances, as set out in the Privacy Act 1988 (Cth), we may refuse to provide you with personal information we hold about you.
If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information that is found to be inaccurate, incomplete, misleading or out of date.
If you believe that we have violated the German Federal Data Protection Act (BDSG) and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged violation. We will investigate your complaint immediately and reply to you in writing, outlining the outcome of our investigation and the steps we will take to deal with your complaint.
Please note that by clicking on links and banner ads on our websites, your browser may access a third party website that has a different privacy policy than ZYP.ONE.
We are not responsible for and have no control over the information transmitted to or collected by these third parties and you should consult their privacy policies.
We may revise this privacy policy from time to time and will post the most current version on our website. If a revision reasonably restricts your rights or involves a material change in the way we process your personal information, we will notify you.
If you have any questions or if you would like to contact us about the processing of your personal data, please contact us in one of the ways listed below. When you contact us, we will ask you to verify your identity.
Contact name: Data protection officer
E-Mail: privacy@lumiformapp.com
Mail:
ZYP.ONE GmbH
The Data Protection Officer
Torstrasse 75
10119 Berlin - Germany
For the purposes of this Privacy Policy, the owner of the Personal Information is ZYP.ONE GmbH or one of its subsidiaries ("ZYP.ONE") and our contact details are listed in the Contact Us section above.
In accordance with the GDPR, the main reasons on which we rely when processing personal data collected through our websites and services are the following:
As mentioned above, we will share your personal information with trusted third parties when we have contracted them to provide services that you or our customers have requested, and to perform maintenance work or respond to technical incidents that affect our services. Our current third party providers are listed in Appendix 2.
When we share personal information with third parties, we require these third parties to meet minimum standards of confidentiality and data protection.
Where personal information is transferred to third parties outside the EEA or who will access the information from outside the EEA, we will ensure that approved safeguards are in place to ensure that we comply with GDPR, such as the standard contractual clauses approved by the European Commission or the EU/US Privacy Shield.
ZYP.ONE processes personal data on our servers in many countries around the world. We may process your personal data on a server located outside the country where you live, including outside the EEA. The primary storage location for user data and data uploaded to our products is a data center in Germany, operated by our third party cloud hosting provider, Amazon Web Services ("AWS"). AWS is a participant in the EU/US Privacy Shield, under which transfers of personal data to the United States are authorized.
We will retain your personal information for as long as necessary to provide the services we provide to you or for other purposes described in this Privacy Policy, and you may at any time request that we stop processing your personal information or delete it (see the section below regarding your rights).
You have certain rights in relation to personal information that we hold about you. Details of these rights and how to exercise them are set out below. We require proof of your identity before we can respond to your request.
Right of access
You have the right at any time to ask us for a copy of the personal data stored with us. If we have good reason and if the GDPR permits, we may refuse your request for a copy of your personal data or certain elements of the request. If we refuse your request or any part of it, we will inform you of our reasons for doing so.
Right of rectification or completion
If the personal information we hold about you is incorrect, out of date or incomplete, you have the right to have the information corrected, updated or completed. You can let us know by contacting us at privacy@lumiformapp.com.
Right of cancellation
Under certain circumstances, you have the right to request the deletion of your personal data stored with us, e.g. if the data are no longer necessary for the purposes for which they were collected or processed or if our processing of the data is based on your consent and there are no other legal reasons justifying the processing of the data.
Right of opposition or restriction of processing
Under certain circumstances, you have the right to object to the processing of your personal data by us by contacting us at privacy@lumiformapp.com For example, if we process your data on the basis of our legitimate interests and there are no compelling legitimate reasons for our processing that outweigh your rights and interests. You also have the right to object to the use of your personal data for direct marketing purposes.
You may also have the right to limit the use of your personal data by us, for example in cases where you have questioned the accuracy of the data and during the period in which we verify the accuracy of the data.
Right to transferability of data
In certain cases, you have the right to receive all personal information we hold about you in a structured, commonly used and machine-readable format. You may ask us to transfer this information to you or directly to a third party organisation.
The above right exists only in respect of personal information that:
We welcome such requests, but cannot guarantee technical compatibility with third-party systems. We are also unable to fulfill requests relating to the personal data of other persons without their consent.
You can exercise any of the above rights by contacting us through any of the methods listed in the Contact Us section above.
Most of the above rights are subject to restrictions and exceptions. We will give reasons if we are unable to comply with a request to exercise your rights.
If we process your personal data on the basis of your consent, you have the right to withdraw your consent at any time. You can do so by contacting us using the details in the "Contact" section above.
Automated decision making occurs when an electronic system uses personal information to make a decision without human intervention. It is specifically regulated in the GDPR when such decisions are made that have legal or other significant effects on the individual. It is permissible in the following circumstances:
Third party service provider | Purpose | Country |
---|---|---|
Atlassian | Ticketing system and page for team collaboration | USA |
AWS Amazon | Data hosting | Germany |
Fullstory | User experience research | USA |
Google Cloud, G-Suite | Document management, e-mail, analytics | USA |
Hubspot | Customer Relationship Management | USA |
Intercom | Customer support system | USA |
Sendgrid | E-mail service provider | USA |
Slack | Internal communication tool | USA |
Stripe | Payment processing | USA |