This Privacy Policy (“Privacy Policy”), describe how Zesty Tech Ltd., or its affiliates and subsidiaries (“Company” or “Zesty”) collect, use and disclose certain information, including Personal Data (as defined below) and the rights you have with regards to your information.
Zesty is the developer and operator of a cloud management and optimization software-as-a-service platform (“Platform” and collectively with the services therein shall be referred to as the “Services“). This Privacy Policy is an integral part of our Customer Terms and Conditions and website Terms of Use, and it governs the processing and transfer of Personal Data, directly or indirectly, in connection with:
- Individuals accessing and browsing our website available at: https://zesty.co/ (“Visitor” and “website” respectively).
- Prospects and potential business partner’s representatives we interact with by any means of communications (“Prospects”);
- Our customers (including any of their users and representatives) who sign up for or use the Platform (collectively shall be referred to herein as the “Customer”).
In the event you have applied for a job with us, please further review our Candidates Privacy Policy which governs our Personal Data processing practices in connection with such interactions.
Any capitalized terms not defined herein shall have the meaning ascribed to them in the Terms, unless otherwise stated herein Visitors, Prospects and Customer(s) shall be further, collectively and separately, referred to as “you“.
This Privacy Policy further explains how we safeguard your Personal Data and how you may exercise your rights related to your Personal Data, among others, and where applicable, as required according to the applicable data protection legislation.
ANY PERSONAL DATA YOU PROVIDE IS MADE AT YOUR FREE WILL AND CONSENT (WHERE REQUIRED UNDER APPLICABLE DATA PROTECTION LEGISLATION), AND YOU ACKNOWLEDGE THAT YOU ARE NOT UNDER ANY STATUTORY OBLIGATION TO PROVIDE PERSONAL DATA TO ZESTY. HOWEVER, IF YOU WILL NOT PROVIDE US WITH CERTAIN PERSONAL DATA, WE WILL NOT BE ABLE TO FULFILL CERTAIN PURPOSES, FOR EXAMPLE, PROVIDE CERTAIN SERVICES OR ENABLE CERTAIN USE OF OUR PLATFORM AND WEBSITE- ALL AS DESCRIBED UNDER SECTION 3 “DATA PROCESSED BY ZESTY & PURPOSE OF COLLECTION AND USE” OF THIS PRIVACY POLICY.
This Privacy Policy governs the use, processing and sharing of Personal Data that applies to all individuals world-wide. It further includes disclosure specification required under certain data protection laws (for example our lawful basis for processing Personal Data as required under the EU and UK General Data Protection Regulations (“GDPR”) and other disclosures required under the Israeli Privacy Protection Law). Certain jurisdictions require that applicable disclosures will be provided in a certain way and format, and therefore additional notices will apply as follows: Additional Information to California Residents: In the event you are a California resident– please also review our CCPA Privacy Notice to learn more about our privacy practices with respect to the California Consumer Privacy Act.
Additional Information to certain United States Residents: including (without limitations) Colorado, Connecticut, Virginia and Utah – please also review Section 12(B) under this Privacy Policy Additional Notice for US Residents to learn more about our privacy practices and your rights under these jurisdictions.
(1) POLICY AMENDMENTS
(2) CONTACT INFORMATION AND DATA CONTROLLER INFORMATION
Zesty, a company incorporated under the laws of the state of Israel, is the Controller, as such term, or equivalent, is defined under applicable privacy and data protection legislation. This means that we are responsible for deciding how your Personal Data is processed (purpose and means), as well as to implement applicable measures to secure the Personal Data we store, and where applicable, enable you to exercise your rights.
For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact as follows:
DPO Contact Information:
By Mail: privacy@zesty.co
Zesty Tech Ltd.
20 Lincoln, Tel Aviv-Jaffa, Israel 6713412
Representative for data subjects in the EU and UK:
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/17277710417
(3) DATA PROCESSED BY ZESTY
We may collect two types of information from you, depending on your interaction with us.
The first type of information is non-identifiable and anonymous information (“Non-Personal Data”). We are not aware of the identity of the individual from who we have collected the Non-Personal Data. Non-Personal Data which is being gathered consists of technical information, and may contain, among other things, the type of operating system and type of browser, type of device, your action in the website or Services (such as session duration).
The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”). We do not collect nor process under the scope of this Privacy Policy any “sensitive information” (or the equivalent term under applicable data protection laws such as “special categories of data”), such as individually identifiable information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual.
For the avoidance of doubt, any Non-Personal Data connected or linked to Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.
The table below details the types of Personal Data we process, the purpose, lawful basis, and our processing operations:
Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of Personal Data to third-party countries, as further detailed in Section 10 “DATA TRANSFER” below, is based on the same lawful basis as stipulated in the table above.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.
We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services provided through the website and Platform, as detailed above.
Note however, we will not use your Personal Data for any purpose that is materially different from the purposes for which the information was originally collected as detailed in the table above or subsequently authorized by you or required by applicable law. You may contact us directly at: privacy@zesty.co, regarding our use or disclosure of your Personal Data.
| Type of Data | Purposes of Processing | Legal Basis under the GDPR |
| VISITORS & PROSPECTS | ||
Online Identifiers and Engagement Data: When you interact with our website, we may collect your online identifiers, such as Internet Protocol (IP) address and identifiers generated through our use of cookies and tracking technologies such as cookie ID, tags and other unique identifiers (“Online Identifiers”). Further, when you access our website or interact with any of our digital assets, we may further collect information related to your interaction with such assets, which is collected directly by us or indirectly by our use of marketing tools, or analytic tools. This information includes the referring URL (that is, the webpage directing you to our website, and other websites you visited in the session), how you interact with our webpage, time, duration of use, pages you have viewed, or content clicked on our website and approximate geographical location (country) (“Website Interactions Data”). | First, Online Identifiers are collected and used, in particular to operate the website and enable its proper functionality to secure our website, prevent fraud and fix errors, for example to enable the website to upload, to enable certain features such as digital forms, to automatically recognize your browser by the next time you enter the website or to confirm you are a real person (and not a bot or other malware for security purposes). Second, the Online Identifiers and the Website Interactions Data are processed through marketing and analytic tools and partners, for analytic and marketing purposes, including for targeted advertising campaigns. For example, we process this data to understand how Visitors use our website and to measure effectiveness of our advertising campaigns in order to track conversions, build targeted audience, and remarket our Services to Visitors who have taken some action on the website. | Online Identifiers and Website Interactions Data which are processed for the proper and basic operation of the website, including strict security purposes (including through cookies known as “strictly necessary”), will be processed based on our legitimate interest. Processing Online Identifiers and Website Interactions Data, including through our use of cookies, including any targeting and marketing cookies, will be processed based on your consent which we will obtain through our cookie notice and consent management. You may withdraw consent at any time by using the cookie preference settings available through the website, or by managing opt-out through your browser or device. |
Contact Information & Communications Data: We process your contact information, such as, as applicable to the communication, your name, email address, phone number, position, organization you work with and country (“Contact Information”), in the following events: – If you contact us with any inquiries or request to connect, be provided with information regarding our Services, etc., either through an online form available on the, or by sending us an email or by any other means; – Regarding Prospects, if you sign up to receive marketing communications, join a demo, join a webinar or an event, etc. or through third party providers, that provides contact and business information for marketing and sales promotions and similar sources. We will further process and store the contacts of communications with you, including email correspondence and, where applicable call and meeting recording and may also process data related to such communication such as, interactions with email communications (access time and date), etc. (“Communications Data”). | If you contact us, we process Contact Information solely for the purpose of responding to your inquiries or request. Contact Information related to Prospects is processed to provide needed information, set up meeting, provide with demo and to send you marketing material related to our Services in which you have shown your interest, including promotions, such as new features, additional offerings, special opportunities etc. (“Direct Marketing”). We further process Prospects’ Contact Information gathered through third party sources to contact you and offer you information regarding our Services that we think will be of interest to you based on your organization position, etc. and to further promote and enhance our sales and marketing efforts. The Communications Data may be processed and stored by us in order to have records of our communications, to improve our customer services and marketing efforts, and in the event we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable). | In the event you contact us, we process Contact Information in order to reponed to your inquiry or request, based on your consent. In other cases, including for Direct Marketing, Contact Information is processed and stored subject to our legitimate interests. You can opt-out at any time using the “unsubscribe” or other option we provide within the body of the message. Communications Data is processed subject to our legitimate interest, provided that any recording of calls or meetings shall be made subject to obtaining your consent where required under applicable laws. |
| CUSTOMERS | ||
Customer Account Registration Information: In order to use our Services, you will be required to register and open an Account, or we will designate you with an Account based on the information you provided us. During the registration process you will be requested to provide us with certain information such as your name, company name, email address, and other similar contact information, and you will be able to create a username and password. | We use this information to create and designate your Account, authentication and validation, enable log-in, provide account management (including billing and invoices), support and to provide the Services, as well as to send needed operational information related to our engagement. In addition, we use this information for Direct Marketing purposes, meaning, as a Customer we may send you marketing related communications (by email or other contact details you have provided), materials and content regarding the Services you are currently using or any services we may offer in the future to keep you up to date, and for example, offers and content such as software updates, new capabilities and features, surveys, etc. | Processing this information for the purpose of creating your Account, enabling log-in and account management is necessary for the performance of the contract with the Customer. Processing of this information for Direct Marketing purposes is made subject to our legitimate interest. You can opt-out at any time using the “unsubscribe” option within the body of the message. Please note that if you choose to unsubscribe from our Direct Marketing, we will still retain your contact details and send you service-related emails, such as invoices. |
Customer Support & Success Communications: When we communicate with you for customer support or customer success, we process your contact information, as well as the content of our communications. | We use this information to provide you with the requested support or other information and to ensure ongoing assistance and satisfaction with our Services. We will process and retain our contact communications to have records of our business engagement and support provided, as well as to provide ongoing assistance and support and to further improve our Services and business operation, including sales and customer success efforts. We may use third party tools to process such data and gain insights and analytics for such internal purposes including AI tools. | We process such information to provide the support services as necessary for the performance of the contract with Customers. We will process and retain our contact communications based on our legitimate interests. |
Service Usage Data: When you use the Platform, information regarding such use is automatically generated and collected, which may include the click stream within the Platform, the use of the Services (i.e., accessed or used by Customer) and the time spent on those pages or features, crash data and analytics, etc. We record how you interact with our Service. We log crashes, interaction with the Services, how often you use the Service, how long you are on the Service, your purchases, etc. | We use this information secure our Services. We further process this information to help us to understand how you are using our Services, and how to better provide and improve our Services. This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. We also use such data for statistical analysis purposes, to test and improve our offers, decide how to improve the Service based on the results obtained from this processing. | We process this information subject to our legitimate interest. |
Information gathered through Participation in Survey or Providing Feedback: We may ask you to provide feedback on our Services, or participate in our survey, including any alpha/beta services or free demo services. If you choose to address our request for such feedback or participate in our survey, we will collect your feedback and contact information such as your name, email address, etc. | We use this information to improve, revise and enhance our Service, as well as optimize and customize the Services. | We process such information subject to your consent. You may withdraw your consent at any time. |
Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of Personal Data to third-party countries, as further detailed in Section 10 “DATA TRANSFER” below, is based on the same lawful basis as stipulated in the table above.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce our terms, agreements and policies, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.
We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services provided through the website and Platform, as detailed above.
Note however, we will not use your Personal Data for any purpose that is materially different from the purposes for which the information was originally collected as detailed above or subsequently authorized by you or required by applicable law. You may contact us directly at: privacy@zesty.co, regarding our use or disclosure of your Personal Data.
(4) HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with the website and Services, we may collect information as follows:
Automatically – we may use cookies (as elaborated below) or similar tracking technologies to gather some information automatically when you interact with our website.
Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as through the Services, contact us communications, registration, etc.
Provided by Third Parties – third parties service we use p such as content enrichment service providers or business information providers.
(5) COOKIES & TRACKING TECHNOLOGIES
We use “cookies” (or similar tracking technologies) when you access the website or interact with the Services we offer. The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, for statistical purposes, as well as for advertising purposes. You can find more information about our use of cookies, as well as change your settings and preferences, as detailed under our cookie declaration available through the cookies setting and management tool on our website.
Other than cookies classified as essential or strictly necessary for functionality purposes, you can always configure your cookies preferences and opt-out from use of certain or all cookies at any time, using the cookies preference management tool on our website. In some cases, certain services, features and functionality may not be available to you or work properly if you disable cookies.
In addition, most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings.
(6) SHARING PERSONAL DATA
We share your Personal Data with third parties, including our partners or service providers that help us provide our Services. You can find in the table below information about the categories of such third-party recipients.
| Category of Recipient | Data That Will Be Shared | Purpose of Sharing |
| Service providers | All types of Personal Data | We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes, conducting customer relationship management, and providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services. |
| Marketing partners | Online Identifiers, Website Interactions Data | We engage with marketing partners and share Personal Data to market and promote our services, including for targeted ads. These may include social media partners or other marketing services operators, including by way of placing their cookies or other tracking technologies on our website. These marketing partners may combine your Personal Data with other data they collect independently from you through other websites you visit online. |
| Zesty Tech Inc. | Contact Information, Communications Data information obtained through Customer support and success communications. | We may share certain information with our affiliated company, Zesty Tech Inc., for sales and marketing purposes. |
| Any acquirer of our business | All types of Personal Data | We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy. |
| Legal and Law Enforcement | Subject to law enforcement authority request. | We may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose. |
Note, we will not share your Personal Data with additional third parties or for purposes not detailed in the table above or subsequently authorized by you or required by applicable law. You may contact us directly at: privacy@zesty.co, regarding our use or disclosure of your Personal Data.
(7) YOUR RIGHTS RELATED TO YOUR PERSONAL DATA
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.
In the table below you can review your rights depending on your interaction with us, how you can exercise them, and appeal a decision we take in this regard, any specification per geo-location or territory are available below the table:
| RIGHT TO BE INFORMED, RIGHT TO KNOW | You have the right to confirm whether we collect Personal Data about you, if you wish to know if we collect Personal Data about you, please review this Privacy Policy. |
| ACCESS/INSPECTION RIGHTS | You further have the right to know which Personal Data we specifically hold about you, and receive a copy of such or access or inspect it, if you wish to receive a copy of the Personal Data or Personal Information, please submit a Data Subject Request Form (“DSR“) available here. |
| RIGHT TO CORRECT OR DELETE INACCURATE INFORMATION | You have the right to request us to correct inaccuracies in your Personal Data or delete inaccurate information, taking into account the nature and purposes of each processing activity. Please submit a DSR as available here. |
| RIGHT TO BE FORGOTTEN, RIGHT TO DELETION | In certain circumstances, you have the right to delete the Personal Data we hold about you. Please submit a DSR as available here. |
| RIGHT TO PORTABILITY | You have the right to obtain the Personal Data in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. We will select the format in which we provide your copy. If you wish to exercise this right, please submit our DSR as available here. |
RIGHT TO OPT OUT UNDER THE EU, AND SPECIFICALLY IN THE US THE RIGHT TO OPT OUT FROM: (I) SELLING PERSONAL DATA; (II) RIGHT TO OPT OUT FROM TARGETED ADVERTISING; AND (III) RIGHT TO OPT OUT FROM PROFILING AND AUTOMATED DECISION MAKING | Direct Marketing: You have the right to opt-out from Direct Marketing, by unsubscribing through the email received. Cookies: When you no longer wish for cookies to track your behavior for analytic and marketing purpose, change your preferences through the cookie settings available through the website. Sale of Personal Data for targeted advertising, monetary gain or profiling, or Share or Sale of Personal Information for analytic or marketing: If and to the extent applicable, you have the right to opt out of the sale of your Personal Data, for the purposes of targeted advertising, sale to a third party for monetary gain, analytic, etc. as detailed under the DSR or through the cookie settings available here. Last, you are able to install privacy-controls in the browser’s settings to automatically signal the opt-out preference to all websites you visit (like the “Global Privacy Control”). We honor the Global Privacy Control, where applicable, subject to your jurisdiction, as a valid request to opt-out of the sharing of information linked to your browser. Note you may have the right to authorize another person acting on your behalf to opt out (including by technical tools and opt out signals). |
| RIGHT TO APPEAL OR COMPLAINT | If we decline to take action on your request, we shall so inform you without undue delay as required under applicable laws. The notification will include a justification for declining to take action and instructions on how you may appeal, if applicable. Under the EU you have the right to lodge a complaint with the supervisor authority or the Information Commissioner in the UK. |
| NON-DISCRIMINATION | Such discrimination may include denying a service, providing a different level or quality of service, or charging different prices. We do not discriminate our customers or users. |
(8) DATA RETENTION
We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.
Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges; or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.
(9) SECURITY
At Zesty, security is our highest priority. We design our systems with your security and privacy in mind. We have implemented physical, technical, and administrative security measures for the Services that comply with applicable laws and industry standards which you can review here.
Note that we cannot be held responsible for unauthorized or unintended access beyond our control, and we make no warranty, express, implied, or otherwise, that we will always be able to prevent such access.
Please contact us at: privacy@zesty.co, if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
(10) DATA TRANSFER
We may store or process your Personal Data in the EU, the United States or in other countries. Thus, any information you provide us may be transferred to and processed in countries other than the country from which you accessed our Services. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer.
Specifically, when Personal Data collected within the EEA is transferred outside the EEA, to countries or frameworks which were not granted with an adequacy decision by the European Union, and therefore do not provide an adequate level of protection to your Personal Data while it is transferred to such third-country or under such framework, such transfer is subject to and made pursuant with the standard contractual clauses approved by the European Union.
Additionally, following the withdrawal of the United Kingdom (UK) from the European Union on January 31, 2020, the UK is no longer considered to be a part of the EEA and therefore, if and where Personal Data collected within the United Kingdom is transferred outside the UK, to countries or frameworks which were not granted with an adequacy decision by the UK Information Commissioner Office (“ICO”) and therefore do not provide an adequate level of protection to your Personal Data while it is transferred to such third-country or under such framework, such transfer is subject to and made pursuant with the UK standard contractual clauses.
Personal Data transferred from within the EU or the UK to Zesty Tech Inc., is subject to the EU-U.S. Data Privacy Framework Principles with regard to the processing of Personal Data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, as all detailed in our Data Privacy Framework Statement available at: https://zesty.co/dpf-statement/
(11) CHILDREN
Our website and Services are not intended for use by children and we do not knowingly collect or maintain information about anyone under the age of 16. Please contact us at: privacy@zesty.co, if you have reason to believe that a child has shared any information with us.
(12) JURISDICTION-SPECIFIC NOTICES
A. ADDITIONAL NOTICE TO CALIFORNIA RESIDENTS
This section applies to California residents only pursuant to the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act (collectively “CCPA”).
Please see the CCPA Privacy Notice here which discloses the categories of Personal Information collected, purpose of processing, source, categories of recipients with whom the Personal Information is shared with for a business purpose, whether the Personal Information is sold or shared, the retention period, and how to exercise your rights as a California resident.
B. ADDITIONAL NOTICE TO US RESIDENTS
Residents of certain U.S. states (depending on the applicable state law, , acting as an individual or in the household context only and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context or as representative of a business), may have additional rights under applicable privacy laws and be entitled to additional disclosures. “Personal Data” under applicable US privacy laws, generally means any information that is linked or reasonably linkable to an identified or identifiable individual (and usually does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the states laws scope, such as: HIPAA, GBPA, non-profit entities, etc.)
“Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal Data collected from a known child; Precise geolocation data.
We are required to provide you with a clear and accessible privacy notice that includes the categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categories of Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.
Categories of Personal Data & Categories of third parties with whom Personal Data is shared:
In Section 3 to the Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collected or processed, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without obtaining your consent, unless we are otherwise entitled, required or permitted under applicable laws.
Additionally, Section 6 to this Privacy Policy details and discloses the categories of third-parties we share for business purposes.
“Sale” of Personal Data:
Under US privacy laws, in principle, the term “sale” is referring to disclosing or making available Personal Data to a third-party in exchange for monetary or other valuable consideration, including for targeted advertising purposes. We do not “sell” information as this term is commonly understood, meaning – we do not, and will not, disclose your Personal Data in direct exchange for money or some other form of payment. However, subject to the definition of the term “sale” under applicable US privacy laws, our practice of using “cookies or other third-party advertising services and sharing Personal Data for such purpose is considered as a “sale”.
Such practice includes the following Personal Data categories shared with these third parties:
Identifiers – online identifiers such as IP and Cookie ID;
Internet and electronic network activity information – such as your engagement with our website and ads.
Geolocation data – derived from IP (country level).
Section 7 to this Privacy Policy details and discloses your rights and Personal Data shared or sold for targeted advertising.
Consumer Rights Related to Their Personal Data:
Residents of certain U.S. states may have additional rights under applicable privacy laws, subject to certain limitations, which may include:
Access – the right to confirm whether we are processing their Personal Data and to obtain a copy of their Personal Data in a portable and, to the extent technically feasible, readily usable format.
Delete – the right to request us to delete their Personal Data provided to or obtained by us.
Correct – the right to request us to correct inaccuracies in their Personal Data, taking into account the nature and purposes of the processing of the Personal Data.
Opt-Out – the right to opt out of certain types of processing, including: (i) to opt out of the “sale” of their Personal Data; (ii) to opt out of targeted advertising by us; and (iii) to opt out of any processing of Personal Data for purposes of making decisions that produce legal or similarly significant effects.
Section 7 to this Privacy Policy provides additional information regarding your principal rights.
Exercising Consumer Privacy Rights:
You may submit a request to exercise most of your privacy rights under U.S. state privacy laws by submitting a DSR as available here or contacting us at: privacy@zesty.co. We will take steps to verify your identity and your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for denial and how to remedy any deficiencies, where applicable.
Authorized agents may initiate a request on behalf of another individual, provided that such will be required to provide proof of their authorization, and we may also require that the individual directly verify his/her identity and the authority of the authorized agent.
We will respond to your request within the timeframe required under applicable law, and we reserve the right to extend the response time subject to applicable law requirements. If we refuse to take action on a request, we will notify you and our notification will include a justification for declining to take action and instructions on how you may appeal. Within the timeframe set out under applicable law of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the applicable authority or Attorney General of your jurisdiction (including – Colorado AG at https://coag.gov/file-complaint/; Connecticut Attorney General at: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318; Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform).
