Zerorez commits to protecting and respecting your privacy.
At Zerorez, we want you to understand the information we collect, how we use it, and who we share with. We want to protect your privacy and be transparent about our practices. This Privacy Policy ("Policy") describes the data collection, use, and sharing practices of Zerorez and its corporate affiliates, subsidiaries, and divisions as may change from time to time (collectively, "Zerorez," "Company," "we," "us," and "our"). This Policy shares our privacy practices for our websites, mobile applications, or other digital offerings (collectively "Technology"), and "Services" that we provide to you.
Before you submit any information when securing our Services or using the Technology, please carefully review this Policy and any other documents referred to therein to understand Company views and practices regarding your information and how we will treat it. By securing our Services or using any part of the Technology, you consent to the collection, use, and disclosure of your information as shared in this Policy. As we update the Technology and expand our Services and offerings, we will revise this Policy accordingly. You should check this page periodically for updates. Your continued use of the Services signifies acceptance of the terms of the updated Policy. This Policy applies regardless of how you interact with us, whether by simply accessing our Technology or by securing our Services.
As used in this Policy, "Personal Data" means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household or with a particular individual's or household's device; or any inferences drawn therefrom. Zerorez processes Personal Data in connection with the use of the Technology, providing our Services, or to manage the Company and its personnel.
Zerorez's Services and Technology are not intended for any child under the age of 18 who does not have explicit parental or guardian consent ("Unauthorized Child"). If you are an Unauthorized Child, please do not use or provide any information on this Technology or through any of its features, use any of the interactive or public comment features of this Technology, use our Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use.
We do not knowingly collect Personal Data from Unauthorized Children. If we learn we have collected or received Personal Data from an Unauthorized Child without verification of parental consent, we will delete that information. No Unauthorized Child may provide any information to our Technology. If you believe we might have any information from or about an Unauthorized Child, please contact us using the information at the end of this Policy.
Zerorez may function as a data controller, as that term or its equivalent is defined under various data protection laws. We assume the role of data controller when we determine the purposes for and the means by which Personal Data is processed. For example:
In the context of the Technology, Zerorez may operate as a controller with regard to IP address, device information, location information, and any other data collected when using our Technology.
When entering into an Agreement to provide Services, Zerorez may act as a controller for the account information, and other Personal Data that you provide voluntarily. Such Personal Data may include without limitation name, phone number, home or business address, email address, credit card or other payment information, and any other information you provide to use when entering into the Zerorez Account Agreement or upgrading up your Zerorez user account.
Zerorez is also the controller of any employment-related information that is provided to Zerorez by current and prospective employees and applicants. Please see Recruitment and Employee Data below for more details.
When acting as a data processor, we are restricted in what we are allowed to do with the Personal Data held by us. We may only process the information in accordance with the instructions of the controller and the agreements governing the data.
If you have questions or concerns about the use of your Personal Data, please contact using the Contact Information section.
We collect several types of information from and about the users of our Technology. The categories of information that we collect include:
Category |
Examples |
Purpose |
Source |
Retention |
Customer account information |
Name, email, phone, address, payment information |
To provide our Services, to enable transactions, and to communicate with our customers. To carry out our obligations and enforce our rights arising from any contracts entered into between the client and us, including for billing and collection. |
Customer |
Six years after the relationship ended. |
User information |
Name, IP address, and location |
To allow user to interact with and submit information to the Technology. |
User |
Two years after User no longer uses the account or it is closed. |
Marketing data |
Name, email, phone number, and social media accounts |
To make individuals aware of Zerorez's Technology and Services. |
Third party services, customers, and individuals themselves |
Until it becomes obsolete, or person opts out or otherwise asks us to delete the data. |
Vendor contact data |
Name, employer, employer's address, email, phone, and payment information |
To manage commercial relationships with vendors. |
Vendors and their employees |
Until six years, after the relationship has ended. |
Employee data |
Name, address, phone, email, social, financial account information, tax data, performance data, health data, background and educational information, employment history, etc. |
To manage employment relationships. |
Employees |
Until six years after the relationship with the employees is ended or as otherwise expedient for business or legal purposes. |
Recruitment data |
Name, resumé, employment history, education, criminal background, and credit history |
To locate and retain the best talent available. To improve our application and recruitment process. To accommodate individuals who may have specialized needs during the employment process. |
Job applicants |
One year after the recruitment process has ended. |
Automatically Collected Data |
IP address, cookies, social media, contact information |
To provide our Technology, for logon sessions, to learn about visitors, and to improve our services. |
Third party providers |
This data will be kept for 12 months after the Technology was last used. |
Social Media |
Name, IP address, user profile, username, location |
To support you, respond to questions, or engage with you. |
You and the social media platform. |
This data will be kept according to the privacy policies of the social media platform. |
We may engage with you on social media platforms (e.g., Facebook, Twitter, Pinterest, Instagram). If you contact us on a social media platform for customer support or for other reasons, we may contact you via the social media's direct message tools. Those communications to and from us are governed by this Policy. However, your use of a social media platform is also subject to the policies and terms of the relevant social media platform. Certain social media platforms may automatically provide us with your Personal Data, the information we receive will depend on the terms that govern your use of the social media platform(s) and any privacy settings you may have set.
As part of our recruitment and talent management process, we collect Personal Data of potential job candidates. In this context, we collect employment and application data, such as contact information (e.g., name, title, residential or postal address, telephone number, and personal email address); information in a curriculum vitae, resume, cover letter, or similar documentation; details regarding the type of employment sought, willingness to relocate, job compensation and benefit preferences; health data (e.g., medical conditions); information related to a candidate's background, education, criminal record, credit history and similar data; information provided about or by references or other third parties related to employment history, skills, qualifications, or education; and, information related to previous applications to us or previous employment history with us. When permitted by law, we may collect information about race and ethnicity to assist with our diversity and inclusion programs.
We use this information to identify and evaluate job applicants; to verify information; to complete employment, education, background and reference checks; to communicate about the recruitment process; to comply with our legal, judicial, regulatory, administrative, or other corporate requirements; to analyze and improve our application and recruitment process; to accommodate individuals who may have specialized needs during the employment process; and to protect the rights, interests, and property of our business, other job applicants, employees, or the public, as required, or permitted, by law. We share this Personal Data with third parties (see "Sharing Information / Third-Party Disclosures"), and we may also use this employment and application data for any other purpose set forth in this Policy.
As you navigate through and interact with our Technology, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
Details of your visits to our Technology, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Technology.
Information about your computer and internet connection, including your IP address, operating system, and browser type.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Because there is no consistent industry understanding of how to respond to "Do Not Track" signals, we do not respond to or alter our data collection and usage practices when we detect such a signal from your browser.
The information we collect automatically includes Personal Data. It helps us to improve our Technology and to deliver a better and more personalized service, including by enabling us to:
Estimate our audience size and usage patterns.
Store information about your preferences, allowing us to customize our Technology according to your individual interests.
Speed up your searches.
Recognize you when you return to our Technology.
The technologies we use for this automatic data collection may include:
Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Technology. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Technology.
Web Beacons. Our Technology and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Flash Cookies. Certain features of our Technology may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Technology. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see "Choices About How We Use and Disclose Your Information."
According to our Terms and Conditions, agreements with you, and the conditions set forth in those agreements, your data may be disclosed to third parties for targeted advertising. We may disclose Personal Data that we collect or you provide as described in this privacy policy:
To our subsidiaries and affiliates.
To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them.
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Zerorez's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Zerorez about our Technology users is among the assets transferred.
To fulfill the purpose for which you provide it.
For any other purpose disclosed by us when you provide the information.
With your consent.
We may also disclose your Personal Data:
To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Zerorez, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
We also may disclose aggregated information about our Users, website visitors and guests, and information that does not identify any individual, without restriction.
We strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with the following control over your information:
Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, some parts of this site may then be inaccessible or not function properly.
Promotional Offers from the Company. When you create your Zerorez account, you let us know whether we have permission to contact you electronically with marketing and other commercial communications unrelated to your agreement with Zerorez and the Technologies you use. You can change these instructions at any time. If you do not wish to have your contact information used by the Company to promote our own or third parties' products or services, you can opt-out by sending us an email using the contact information at the end of this Policy. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt-out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience or other transactions.
Residents of certain jurisdictions may have additional Personal Data rights and choices. Please see "Your Jurisdiction's Privacy Rights" for more information.
Residents of certain jurisdictions may have additional Personal Data rights and choices. Please see "Your Jurisdiction's Privacy Rights" for more information.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on secure servers behind firewalls. Any payment transactions will be encrypted using HTTPS protocol.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Technology, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Technology like message boards. The information you share in public areas may be viewed by any user of the Technology.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our Technology. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Technology.
We post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' Personal Data, we will notify you by email to the email address specified in your account or through a notice on the Technology's home or landing. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Technology and this Policy to check for any changes.
If you are a resident of the European Economic Area ("EEA"), you are protected by one of the world's most protective data privacy law called the General Data Protection Regulation ("GDPR"). The additional rights you may have are detailed subsequently. We also abide by U.S. state privacy laws, including California as well as Colorado, Connecticut, Utah, and Virginia. This section supplements the Zerorez Privacy Policy and will be updated as rights from other jurisdictions apply.
GDPR is a privacy and data protection regulation that imposes obligations on organizations that control or process the Personal Data of individuals located in the EEA and provides rights and protections to such individuals ("Data Subjects"). Similar rights are available to residents of Switzerland under the Swiss Federal Data Protection Act ("FADP"). The General Data Protection Regulation of the United Kingdom ("UK GDPR") imposes similar obligations on organizations processing UK Personal Data. We are committed to ensuring that the privacy of all data subjects whose data we process is protected as required by law. Thus, we strictly adhere to the provisions of all applicable data protection laws, including GDPR and UK GDPR.
To process your Personal Data, we rely on the following legal bases:
For the performance of a contract we have with you (for example, if you use our Services).
For compliance with a legal obligation to which we are subject (such as lawful requests from competent authorities such as law enforcement).
For the purposes of our legitimate interests (such as improving your experience on our Technology), provided that your rights and freedoms do not outweigh such processing.
For the purposes to which you consented when you provided the data or when you created an account with us.
To the extent a specific element of our processing of your Personal Data relies upon your consent, you may withdraw such consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the withdrawal of consent.
If you wish to object to the processing of your Personal Data on the basis of legitimate interest, a no opt-out mechanism is available to you directly, please contact us using the information provided in the Contact Information section at the end of this Policy.
Users in the EEA, UK, Switzerland, and residents of other jurisdictions also have the following rights, as set forth under applicable data protection law:
Access — you may ask us to confirm whether or not we are processing your Personal Data. If we are, you may request a copy of your Personal Data, which we will provide free of charge, together with information about the processing, such as the purposes of the processing and the categories of Personal Data concerned. However, this is not an absolute right and the interests of other individuals may restrict your right of access. We may decline or charge a reasonable administrative cost for requests which are excessive, particularly if they are repetitive.
Rectification — you may edit some of your Personal Data when you have access to do so. You may also ask us to change, update, or fix your Personal Data in certain cases, particularly if it is inaccurate.
Erasure — you may request the erasure of your Personal Data that Zerorez stores. If your Personal Data is shared by you or a data controller with others, Zerorez may not be able to delete that data.
Restrict Processing — you may ask us to restrict the processing of your Personal Data under certain circumstances, such as if your Personal Data is inaccurate or unlawfully held.
Data portability — you may ask for a copy of the Personal Data you provided to us in a structured, commonly used and machine-readable format and you may have the right to transmit this data to another entity.
Object — you may object to the processing of your Personal Data on grounds relating to your particular situation under certain circumstances, for example for direct marketing. If you have a right to object and you exercise this right, your Personal Data will no longer be processed for such purposes by us, unless there are overriding compelling legitimate grounds for the processing or as otherwise provided under applicable law.
Please note that we may need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law.
We have appointed an E.U. and U.K. Representative ("Representative") who may be contacted by supervisory authorities and data subjects on all issues related to processing of data. Our Representative may be contacted by using the details in the Contact Information section of this Policy.
Zerorez is committed to abiding by all applicable data protection laws and will honor the rights they confer on our Users and any data subject whose information we process.
Your data is primarily stored and processed in the U.K. However, at times, your Personal Data may be transferred to the United States to our service providers and to Zerorez employees, on an as needed basis. When your Personal Data is transferred, stored, or processed by us, we will take reasonable steps to safeguard the privacy of your Personal Data. For the information you provide directly to us and for which we function as a data controller (e.g., your account information), you consent by using the Technology to the transfer of your data outside of your country of residence. Some of these locations, including the United States, may not provide the same level of protection as defined by the data protection law in your country.
To obtain a copy of the Zerorez Data Processing Agreement, which are the Standard Contractual Clauses that Zerorez and its data processors have entered into for the protection of data transferred out of the EEA, UK, Switzerland, and other jurisdictions with similar requirements, please click here contact us as indicated at the end of this Privacy Policy.
Where the Personal Data to be transferred has been shared with us as a data processor, we have entered into binding contractual agreements with the data controllers, which form the lawful basis for the transfer and ensure the protection of the Personal Data.
Zerorez has appointed a Representative who may be addressed by supervisory authorities and data subjects on all issues related to processing of data by a controller established outside the EEA and UK. The EEA and UK Representative may be contacted in any manner set forth subsequently in the Contact Information section of this privacy policy.
Some states in the U.S. have passed privacy laws: California, as well as Colorado, Connecticut, Utah, and Virginia. This section supplements the Policy by explaining your privacy rights if you are a resident of one of these states, provides certain mandated disclosures about our treatment of Personal Data, and includes instructions on how you can exercise your rights.
The California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2021) ("CCPA") also requires some companies to provide California consumers with additional information related to how they collect, use, retain, and disclose Personal Data and describe additional rights available to the consumer. Accordingly, in addition to the information provided in our Privacy Policy, we provide the following information to California consumers:
We collect, use, disclose, share, and retain Personal Data as further described in our Privacy Policy and as summarized subsequently.
We may handle information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device.
Among the categories of data identified by the CCPA, we collect the following categories of data:
Category |
Activity |
Collected |
A. Identifiers. |
We collect real names, postal addresses, online identifiers, IP addresses, email addresses, account names, Social Security numbers, driver's license numbers, passport numbers, or other similar identifiers. |
YES |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. |
YES |
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
YES |
D. Commercial information. |
Records of personal products or services purchased and other purchasing or consuming histories or tendencies. |
YES |
E. Biometric information. |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
NO |
F. Internet or other similar network activity. |
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. |
YES |
G. Geolocation data. |
Physical location or movements (latitude, longitude, city, state) are relayed. |
YES |
H. Sensory data. |
Audio, electronic, visual, thermal, olfactory, or similar information. |
NO |
I. Professional or employment-related information. |
Current or past job history or performance evaluations. |
NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. |
NO |
K. Inferences drawn from other personal information. |
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
YES |
Personal information does not include:
Publicly available information from government records.
Deidentified or aggregated consumer information.
Information subject to other laws like:
We obtain the categories of Personal Data listed previously from the following categories of sources:
You: for example, from websites you visit, or services you acquire.
Data analytic providers: for example, from observing your actions on our websites, social media accounts, or from our emails.
We use the data we collect for a business purpose disclosure. A business purpose disclosure means using the Personal Data for the business's or a service provider's operational purposes, or other notified purposes, or for the service provider or contractor's operational purposes.
The following chart summarizes how data that is collected is used:
Purpose of Use |
Data Categories |
Business Purpose or Sold |
Providing services to customers. |
Identifiers, Personal Data, Commercial Information, and Internet or Other Similar Network Activity |
Business Purpose |
Securing supplies and equipment to operate business. |
Identifiers, Personal Data, or Commercial Information |
Business Purpose |
Marketing to potential customers. |
Commercial, Internet or Other Similar Network Activity, or Geolocation Data |
Business Purpose |
Managing, overseeing, and hiring workforce. |
Professional or employment-related information |
Business Purpose |
Support, personalize, and develop our Technology. |
Internet or Other Similar Network Activity, Geolocation Data, or Inferences Drawn from Other Personal Data |
Business Purpose |
Respond to law enforcement requests and as required by applicable law, court order, or governmental regulations. |
As appropriately and legally requested by law enforcement. |
Business Purpose |
Evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our consumers is among the assets transferred. |
|
Business Purpose |
California consumers enjoy some additional rights beyond those described in the privacy policy. These rights include the following:
You have the right to be informed of the Personal Data that we collect, sell, or disclose about you during the past 12 months. You also have the right to know about Personal Data shared for cross-context behavioral advertising.
You may request a list of third parties to which we have disclosed Personal Data for such third parties' direct marketing purposes. You are limited to one request per calendar year.
You have a right to request that we delete Personal Data under certain circumstances, subject to certain exceptions.
You have a right to opt out from future "sales" or "sharing" of Personal Data. Selling or sharing is defined broadly under the CCPA.
You have the right to request that we correct inaccurate Personal Data.
You have the right against discrimination for exercising any of your rights under the CCPA.
For additional assistance with any of these rights, contact us using the Contact Information section of this Policy. In your request, please attest to the fact that you are a California resident and provide a current California address for our response.
If you are a resident of Colorado, Connecticut, Utah, or Virginia, we have certain obligations, and you have certain rights with respect to your Personal Data, including:
Right to confirm whether the controller is processing the consumer's Personal Data and the right to access such information
Right to correct inaccuracies in Personal Data
Right to delete Personal Data
Right of data portability
Right to opt out from targeted advertising
Right to opt out from the sale of Personal Data
In certain states, you also have the right to opt out from profiling in furtherance of decisions that produce legal or similarly significant effects on the consumer (such as Virginia, Colorado, and Connecticut) and appeal a decision regarding a request to exercise your rights. If you wish to exercise one or more of these rights, please see the Contact Information section provided subsequently.
If you would like to opt out of targeted advertising or the sale of Personal Data, you should first review your preferences and opt out of advertising cookies and other technologies used for browser-based cross context behavioral advertising. In addition, you may contact us directly to opt out of the sale or sharing of customer information for cross context behavioral advertising and partner marketing by using the Contact Information section.
Zerorez strives to ensure that every person has access to information related to our Technology, including this Policy. Please contact us if you would like this Policy provided in an alternative format, and we will seek to meet your needs.