Privacy Policy

Last updated: March 2025

1. Introduction and Objectives

This Privacy Policy describes our principles for processing, storing, and protecting your personal data, and clarifies your rights regarding such information. We are committed to complying with the GDPR and ensuring transparency, lawful processing, and data minimization in all our practices.

2. Definitions and Terminology

For the purpose of this Policy, the following definitions apply:

• Personal Data: Any information relating to an identified or identifiable individual, such as your name, email address, payment details, IP address, and device identifiers.
• Processing: Any operation or set of operations performed on personal data including collection, storage, use, modification, disclosure, or deletion.
• Consent: The explicit, informed permission provided by you for the processing of your personal data.
• Controller: The entity that determines the purposes and means of data processing; herein, ZEOTROPE SOFTWARE LTD acts as the data controller.
• Processor: A third party that processes data on behalf of the controller.

3. Contact Information and Role of the Data Controller

Data Controller: ZEOTROPE SOFTWARE LTD

Company Number: 06268324

Registered Office: 2 Villiers Court, 40 Upper Mulgrave Road, Cheam, Surrey, SM2 7AJ

Contact Email (Legal Queries): [email protected]

Telephone: [Insert Telephone Number if applicable]

4. Collection and Types of Processed Data

We collect both personal and non-personal data in order to provide, improve, and safeguard our services. The data we process includes:

• Personal Data: Information provided when registering or using our service (e.g., your name, email, payment information) and data automatically collected (e.g., IP address, device identifiers, usage details).
• Non-Personal Data and Aggregated Information: Data that cannot be used to identify you as an individual, such as website traffic statistics and aggregated user behavior.
• Data from Analytical Services:
  • Google Analytics: Provides insights into site traffic, referral sources, and aggregated user behavior.
  • Simple Analytics: Captures visit metrics and user interactions without traditional cookies to enhance privacy.
  • Heap Analytics: Automatically records user interactions for in-depth behavioral analysis.
  • Hotjar: Creates heatmaps, tracks clicks, and records user sessions for interface improvement. Collected data is anonymized and aggregated wherever possible.

5. Lawful Bases for Data Processing

We process your personal data based on the following legal grounds:

• Consent: Your explicit consent provided during registration or when starting to use our services.
• Contractual Necessity: To fulfill our contractual obligations, such as providing subscription services and account management.
• Legitimate Interests: To safeguard our service, conduct analytics, perform marketing research, and continually improve our offerings while ensuring data minimization.
• Legal Obligations: For compliance with legal, financial, and taxation requirements.

6. Purposes and Methods of Processing Personal Data

Your personal data is processed for a number of essential purposes including:

• Enabling subscription access and the provision of premium content.
• Conducting analytics with tools like Google Analytics, Simple Analytics, Heap Analytics, and Hotjar to optimize the user experience.
• Processing secure payments through trusted payment gateways such as Stripe.
• Managing marketing communications and newsletters, subject to your explicit consent.

To protect your data, we implement a range of technical and organizational measures, including encryption, anonymization, strict access controls, and regular data backups.

7. Data Retention and Deletion Policy

We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected or as legally required. You have the right to request the deletion or anonymization of your personal data in accordance with GDPR guidelines.

8. Data Transfer to Third Parties

Your data may be transferred to carefully selected third-party service providers for the following purposes:

• Payment processing (e.g., via Stripe) to securely handle transactions.
• Analytics services (including Google Analytics, Simple Analytics, Heap Analytics, and Hotjar) under strict contractual obligations.

If your data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards such as standard contractual clauses or equivalent certifications are in place.

9. Use of Cookies and Similar Technologies

Our website uses cookies and similar tracking technologies to improve your experience. This includes:

• Functional Cookies: Essential for website operations and providing a seamless user experience.
• Analytical Cookies: Used to collect anonymized data on user behavior and website performance, such as those employed by our analytics partners.
• Marketing Cookies: Utilized only with your explicit consent to deliver personalized advertisements and content.

You have the ability to manage or disable cookies through your browser settings.

10. Data Subject Rights

In accordance with GDPR, you have the following rights regarding your personal data:

• Right of Access: You may request details on the personal data we process about you.
• Right to Rectification: You have the right to update or correct inaccuracies in your personal data.
• Right to Erasure ("Right to be Forgotten"): In certain situations, you can request that your personal data be deleted.
• Right to Restrict Processing: You may request limitations on how your data is processed, especially for marketing purposes.
• Right to Data Portability: You have the right to receive your personal data in a structured format for transfer to another service provider.
• Right to Lodge a Complaint: Should you have any concerns, you can file a complaint with the appropriate data protection supervisory authority.

11. Data Security Measures

We have implemented comprehensive technical and organizational measures to ensure the security of your data. This includes:

• Data encryption during transmission and storage.
• Robust authentication and access control systems.
• Regular security audits and updates to our protective measures.
• Routine data backups to prevent data loss and ensure continuity.

12. Changes to the Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Significant changes will be communicated through email or on our website. The effective date for these changes is stated below.

Effective Date of Changes: March 2025

By accessing and using our website and services, you consent to the collection and processing of your personal data as described in this Privacy Policy. If you do not agree with our practices, please discontinue use of our services.