Privacy Policy
Last Amended: January 11, 2023
This Privacy Policy (“Privacy Policy”), describe how Zesty Tech Ltd., or its affiliates and subsidiaries (“Company” or “Zesty”) collect, use and disclose certain information, including Personal Data (as defined below) and the rights you have with regards to your information
Zesty is the developer and operator of a cloud management and optimization software-as-a-service platform (“Platform” and collectively with the services therein shall be referred to as the “Services“). This Privacy Policy is an integral part of our Customer Terms and Conditions and our website Terms of Use (“collectively “Terms“) and governs the processing and transfer of information, directly or indirectly when you use our Services (“Customer”), apply for a job (“Candidate”), or merely when you visit and browse our website available at: https://zesty.co/ (“website“), or engage with our blogs, demos, register to a webinar, or other similar forums (“Prospect”).
Any capitalized terms not defined herein shall have the meaning ascribed to them in the Terms, unless otherwise stated herein, Customer, Candidate, and Prospect shall be further, collectively and separately, referred to as “you“.
This Privacy Policy further explains how we safeguard your Personal Data and how you may exercise your rights related to your Personal Data, among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
In the event you are a California and Colorado resident and the CCPA applies to you – please also review our CCPA Privacy Notice.
(1) POLICY AMENDMENTS:
We reserve the right to amend this Privacy Policy from time to time, at our sole discretion. The most recent version of this Privacy Policy will always be posted on the website and the update date will be reflected in the “Last Amended” heading. We will provide notice to you if these changes are material, and, where required by applicable law, we will obtain your consent. Any amendments to the Privacy Policy will become effective immediately, unless we notify otherwise. We recommend you review this Privacy Policy periodically to ensure that you understand our most updated privacy practices.
(2) CONTACT INFORMATION AND DATA CONTROLLER INFORMATION
Zesty, a company incorporated under the laws of the state of Israel, is the Controller (as such term is defined under the GDPR or equivalent privacy legislation).
For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact as follows:
DPO Contact Information:
By Mail: privacy@zesty.co
Zesty Tech Ltd.
20 Lincoln, Tel Aviv-Jaffa, Israel 6713412
Representative for data subjects in the EU and UK:
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/17277710417
(3) DATA PROCESSED BY ZESTY
We may collect two types of information from you, depending on your interaction with us.
The first type of information is non-identifiable and anonymous information (“Non-Personal Data”). We are not aware of the identity of the individual from who we have collected the Non-Personal Data. Non-Personal Data which is being gathered consists of technical information, and may contain, among other things, the type of operating system and type of browser, type of device, your action in the website or Services (such as session duration).
The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”).
For the avoidance of doubt, any Non-Personal Data connected or linked to Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.
The table below details the types of Personal Data we process, the purpose, lawful basis, and our processing operations:
Type of Data | Purposes of Processing | Legal Basis under the GDPR |
PROSPECTS | ||
Website Interaction and Marketing: When you interact with our website, we may collect your online identifiers, such as Internet Protocol (IP) address and Cookie ID, unique identifiers (“Online Identifiers”). Further, we will collect your behavior information, which is collected indirectly by our external marketing tools, or analytic tools. This information includes the referring URL (that is, the webpage directing you to our website, and other websites you visited in the session), your interests in our competitors, the web page you visited when you tapped/clicked on our ad, how you interact with our webpage, time, duration of use, pages you have viewed on our website (“Behavior Data”). | First, Online Identifiers and cookies are used, in particular to operate the website and enable its proper functionality, for example to automatically recognize you by the next time you enter the website or to confirm you are not are a real person. Second, the Online Identifiers and the Behavior Data are indirectly processed by marketing and analytic tools, for analytic and remarketing purposes. We process this data to understand how visitors use our website and to measure effectiveness of some ads we use in order to track conversions, build targeted audience, and remarket our Services to people who have taken some action on the website. | Strictly necessary cookies which are required for the proper and basic operation of the website will be processed in our legitimate interest. Other cookies, including any targeting and marketing cookies, will be processed based on your consent which we will obtain through our cookie notice and consent management. You may withdraw consent at any time by using the cookie preference settings or by managing opt-out through your browser or device. |
Contact Information: In the event you contact us with any inquiries, either through an online form available on the website (i.e., the contact us and support pages, the DSR form, etc.), or by sending us an email or by any other means, you will be requested to provide us certain information such as your name, telephone number, company name, email address (“Contact Information”). | We will use your Contact Information solely for the purpose of responding to your inquiries. The correspondence and its contents with you may be processed and stored by us in order to improve our customer services and in the event we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable). | We process Contact Information subject to our legitimate interest. |
Additional features: In the event you choose to provide feedback, post on our website or social media pages, participate in our webinars or events we host, you may be required to provide us with certain additional information. | We will use this information for the purpose of providing you with the services that you requested. | We process this information subject to our legitimate interest. |
Booking a Demo: In the event you choose to book a free demo you will be requested provide us with your name and company email address. | We will use this information for the purpose of providing you with the information or Services that you have requested. | We process this information for the purpose of performing our contract with you. |
Call Records: When contacting our Prospect Customers, we might record your call with us (“Call Records”). | We use such call records in order manage, measure and improve our sales efforts and enhance our Services. | We process Call Records subject to your consent which will be obtained at the beginning of our conversation. |
CANDIDATES | ||
Career: When you apply for a job at Zesty, we will process your CV (and the information included therein), as well as additional information such as your contact information (name, email address and phone number), information regarding your education and skills, employment history, and your photo (to the extent provided by you). Further, where required by law, we may process diversity and inclusion data regarding your candidacy, such as ethnicity, gender, or any disability. In addition, we may collect further information from public and online sources, referees, background checks where applicable, and former employers and combine such data with your other data (collectively, “Recruitment Information”). | We will use your Recruitment Information to process your job application and for our internal recruitment management purposes, for further recruitment steps (e.g., interview), and to enable us to comply with corporate governance and legal and regulatory requirements. Following the completion of the recruitment process, we may further retain and store the Recruitment Information (including other interactions with us under such process) as part of our internal record keeping, including for legal defense from any future claim, as well as, where we find applicable and subject to applicable law requirements, to contact you in the future for other position we believe you qualify for. If you are hired, your Recruitment Information will be kept on our HR systems as part of your employment and our corporate management. We use Hi Bob which processes your Recruitment Information on our behalf subject to this data processing agreement. | We process Recruitment Information subject to our legitimate interest. We will retain your data for records keeping and future defense from legal claims under our legitimate interest, or if you have provided consent to contact you in the future. We use third party service provider for the purpose of managing job applications, currently we are using Comeet which processes your Recruitment Information on our behalf subject to this data processing agreement. |
CUSTOMERS | ||
Customer Account: In order to use our Services, you will be required to register and open an account or we will designate you with an account based on the information you provided us. During the registration process you will be requested to provide us with certain information such as your name, company name, email address, and other similar contact information, and you will be able to create a user name and password. | We use this information to create your account, authentication, provide account management (including billing and invoices), support and to provide the Services. In addition, we use this information for direct marketing purposes, meaning, as a Customer we may send you marketing related communications (by email or other contact details you have provided), materials and content regarding the Services you are currently using or any services we may offer in the future to keep you up to date, and for example, offers and content such as software updates, new capabilities and features, surveys, etc. | We process this information for the purpose of performing our contract with you. Processing of this information for direct marketing purposes is made subject to our legitimate interest. You can opt-out at any time using the “unsubscribe” option within the body of the message. Please note that if you choose to unsubscribe from our direct marketing, we will still retain your contact details and send you service-related emails, such as invoices. |
Customer Support: When you contact us for customer support, we will process your Contact Information. | We will use the Contact Information to provide the customer support needed. We will retain such correspondence for as long as needed, and to evidence the support was provided. | We process such information to provide the support services and fulfill the contractual obligations. |
Payment Details: We use NetSuite as our payment processor pursuant to NetSuite Privacy Policy (“Payment Information”). | To process your payment and provide you with the service you purchased. | Processing is necessary for the performance of a contract with you. |
Usage Data: When you use the Platform, information regarding such use is automatically generated and collected, which may include the click stream within the Platform, the use of the Services (i.e., accessed or used by Customer) and the time spent on those pages or features, crash data and analytics, etc. We record how you interact with our Service. We log crashes, interaction with the Services, how often you use the Service, how long you are on the Service, your purchases, etc. | We use this information to help us to understand how you are using our Services, and how to better provide and improve our Services. This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. We also use such data for statistical analysis purposes, to test and improve our offers, decide how to improve the Service based on the results obtained from this processing. | We process this information subject to our legitimate interest. |
Survey and Feedback: We may ask you to provide feedback on our Services, including any alpha/beta services or free demo services. If you choose to address our request for such feedback or participate in our survey, we will collect your feedback and contact information such as your name, email address, etc. | We use this information to improve, revise and enhance our Service, as well as optimize and customize the Services. | We process such information subject to your consent. You may withdraw your consent at any time by contacting us the contact information provided herein. |
(4) HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with the website and Services, we may collect information as follows:
Automatically – we may use cookies (as elaborated below) or similar tracking technologies to gather some information automatically when you interact with our website.
Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as through the Services, contact us communications, registration, etc.
Provided by Third Parties. – our third parties service providers which collect personal data on our behalf, such as content enrichment service providers.
(5) COOKIES & TRACKING TECHNOLOGIES
We use “cookies” (or similar tracking technologies) when you access the website or interact with the Services we offer. The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, for statistical purposes, as well as for advertising purposes. You can find more information about our use of cookies, as well as change your settings and preferences, as detailed under our cookie policy.
(6) SHARING PERSONAL DATA
We share your Personal Data with third parties, including our partners or service providers that help us provide our Services. You can find in the table below information about the categories of such third-party recipients.
Category of Recipient | Data That Will Be Shared | Purpose of Sharing |
Service providers | All types of Personal Data | We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes, conducting customer relationship management, and providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services. |
Zesty Tech Inc. | Contact Information, prospects information, leads, and customer success. | We may share certain information with our affiliated company, Zesty Tech Inc., for sales and marketing purposes. |
Any acquirer of our business | All types of Personal Data | We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy. |
Enforcement of our rights and security detections. | All types of data | We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required. |
Legal and law enforcement | Subject to law enforcement authority request. | We may share certain data when we believe it is appropriate to do so in order to comply with the law enforcement, governmental agencies or authorized third parties, or protect the rights, property, or security of Zesty, our Customers or others. |
(7) YOUR RIGHTS RELATED TO YOUR PERSONAL DATA
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.
For California residents, please see our CCPA Privacy Notice.
For detailed information on your rights and how to exercise your rights, please see the Data Subject Request Form (“DSR”) form available here and send it to our privacy team at: privacy@zesty.co.
(8) DATA RETENTION
We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.
Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges; or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.
(9) SECURITY
At Zesty, security is our highest priority. We design our systems with your security and privacy in mind. We have implemented physical, technical, and administrative security measures for the Services that comply with applicable laws and industry standards which you can review here.
Note that we cannot be held responsible for unauthorized or unintended access beyond our control, and we make no warranty, express, implied, or otherwise, that we will always be able to prevent such access.
Please contact us at: privacy@zesty.co, if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
(10) DATA TRANSFER
We may store or process your Personal Data in the EU, the United States or in other countries. Thus, any information you provide us may be transferred to and processed in countries other than the country from which you accessed our Services. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer. When Personal Data that was collected within the EEA is transferred outside the EEA, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data. You may exercise your rights, where applicable, to receive information regarding the transfer mechanism that was used during such transfer. Personal Data transferred outside the EEA is transferred, in all cases pursuant to standard contractual clauses approved by the European Union (“SCCs“). Additionally, following the withdrawal of the United Kingdom (UK) from the European Union on January 31, 2020, the UK is no longer considered to be a part of the EEA and therefore, the transferring of Personal Data from the EEA to the UK will also be subject to the SCCs or other contractual clauses that will ensure the security of the Personal Data (pending an adequacy decision from the European Commission).
(11) CHILDREN
Our website and Services are not intended for use by children and we do not knowingly collect or maintain information about anyone under the age of 16. Please contact us at: privacy@zesty.co, if you have reason to believe that a child has shared any information with us.
Previous Versions:
