This Policy is combined into our User Agreement (the “Terms”) and is a part of them.
PERSONAL INFORMATION WE PROCESS
Initial Account Sign-up Information. To sign up to and create a user account on ZenGo, we collect your email address.
Facial Image Information. If you wish to activate your ZenGo account with the back-up feature, as further explained in our Terms, you will need to provide your biometric data of your facial image, which is a mathematical representation of your face. You do not have to provide us with your face image data. However, you will not be able to use this back-up functionality of ZenGo without providing such information.
Support Information. When you contact us for technical and customer support requests, we collect the information included in your request and in follow-up interactions we have with you.
You do not have a legal duty to provide the above information. However, you will not be able to sign up to, and use the full functionalities of ZenGo, without providing the above information.
Transaction Information. When you activate your ZenGo account, your public key and private key will automatically be created. Using Secure Multi-Party Computation (MPC), we create two parts (“Shares”) that can be used together to perform the functionality of a private key. One of the Shares will be stored on your mobile device (“Device”) and the second Share will be stored on our servers. We will also collect information on all transactions connected to your public key created through ZenGo.
Device Information. We collect information about your Device, including its model, its operating system, browser you use, its version and language preferences, mobile network information and the Internet Protocol (IP) address through which you accessed the App.
Analytics Information. We use third party tools to automatically record and collect analytics information about your use of ZenGo, including your session durations, the content you accessed on the App, your interactions and user-interface clicks, the frequency and scope of your use of the App.
The overall personal information outlined above will be referred to as the “Information” or “Personal Information”.
ZenGo is not intended for children under the age of 18. We do not knowingly or intentionally collect information about children who are under 13 years of age.
IF YOU ARE UNDER THE AGE OF 13 YOU MAY NOT USE THE APP IN ANY WAY.
HOW WE PROCESS AND USE PERSONAL INFORMATION
We process your Initial Account Sign-up Information, Facial Image Information, Back-up Email Information, and Transaction Information to operate ZenGo and provide you with its features and functionality.
We use your Facial Image Information, Back-up Email Information, Analytics Information and Device Information to confirm your identity and prevent fraud.
We process your Initial Account Sign-up Information, Transaction Information and Analytics Information, to send you administrative notifications relating to ZenGo as well as promotional updates relating to ZenGo (“Promotional Communications”). You can control your notification settings and preferences through your Device setting.
Opt Out. You may also ‘opt-out’ of using your information for Promotional Communications at any time by sending an email to our support service at: firstname.lastname@example.org. By doing so, we will only delete your Information from our mailing list, while we will continue to be process your Information submitted to us which is necessary to provide you with our services.
We process your Analytics Information to understand how users interact with ZenGo so that we can further develop and enhance ZenGo.
We process your Initial Account Sign-up Information, Analytics Information and Support information to provide you technical or customer support in response to inquiries on these topics.
WHEN AND HOW YOUR PERSONAL INFORMATION IS SHARED WITH OTHERS
We will not share your Information with third-parties, except in the events listed below or when you provide us your explicit and informed consent.
We will share your Information with our service providers who assist us with the internal operations of ZenGo. These companies are authorized to use your personal information only as necessary to provide these services to us and not for their own promotional purposes. We do not sell your personal information to third parties.
If you violated any applicable law, your Information will be shared with competent authorities and with third parties (such as legal counsels and advisors), for the purpose of handling of the violation.
If we are required to disclose your information by a judicial, governmental or regulatory authority.
SECURITY AND INFORMATION RETENTION
We retain personal Information for the duration needed to support our ordinary business activities operating ZenGo. Thereafter, we will continue to retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims and enforce our User Agreement.
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal information, it is not guaranteed, and you cannot expect that the Service will be immune from information security risks.
ADDITIONAL INFORMATION FOR USERS IN THE EU
Controller. Kzen Networks Ltd. is the data controller of the personal data we process about you. KZen’s address is at: 17 Aranya street, Tel Aviv, Israel.
EU Representative. Our European representative, for the purposes of this Policy, is GDPR-Rep.eu. If you are within the European Economic Area, you may contact our European representative by visiting [https://gdpr-rep.eu/q/18444125] or through the following address:
Maetzler Rechtsanwalts GmbH & Co KG
Attorneys at Law
c/o KZen Networks LTD
Schellinggasse 3/10, 1010 Vienna, Austria
Please add the following subject to all correspondence with our EU representative: GDPR-REP ID: 18444125
Legal Basis for Processing Your Data.
- The legal basis under EU law for processing your Information for the purpose of operating ZenGo and providing its features is the performance of our Term of Use contract with you and our legitimate interests in the proper management and operation of ZenGo.
- The legal basis under EU law for processing your Facial image Information is your explicit consent.
- The legal basis under EU law for processing your Information for the purpose of sending you notifications (including Promotional Communications) relating to ZenGo is our legitimate interests in informing users of administrative issues and encouraging user engagement with ZenGo.
- The legal basis under EU law for processing your Information for the purpose of confirming your identity and preventing fraud is the performance of our Term of Use contract with you, our legitimate interests in keeping ZenGo free of fraudulent conduct and our necessity for compliance with legal obligations.
- The legal basis under EU law for processing Information to provide you technical or customer support is our legitimate interests in assisting our users on issues relating to their use of ZenGo.
- The legal basis under EU law for processing Analytics Information to further develop and enhance ZenGo is our legitimate interests in fostering and advancing ZenGo.
- The legal basis for sharing your Information with competent authorities and with third parties for the purpose of handling violations is our legitimate interests in enforcing our legal rights.
- The legal basis for disclosing your Information at the request of a judicial, governmental or regulatory authority is our compliance with legal obligations to which we are subject.
- The legal basis for processing your Information for the purpose of notifying you or providing you with updates to this Policy is our necessity for compliance with legal obligations under the GDPR.
Cross-Border Data Transfers.
Information we collect from you will be processed by Kzen in Israel, which is recognized by the European Commission as having adequate protection for personal data.
When we transfer your Information from within Europe to other jurisdictions outside Europe, we will do so by using adequate safeguards determined by the EU Commission.
EU Rights. If you are in the EU, you have the following rights under the GDPR:
- Right to Access your Personal Information that we process and receive a copy of it.
- Right to Rectify inaccurate Personal Information we have concerning you and to have incomplete Personal Information completed.
- Right to Data Portability, that is, to receive the Personal Information that you provided to us, in a structured, commonly used and machine-readable format. You have the right to transmit this Information to another service provider. Where technically feasible, you have the right that your Personal Information be transmitted directly from us to the service provider you designate.
- Right to Withdraw Consent to processing your Personal Information, at any time, where the processing is based on consent. If you do that, we will still process certain information on a legal basis other than consent, as described in this Policy. Withdrawing your consent will not affect the lawfulness of the data processing we carried out based on your consent before such withdrawal.
- Right to Object, based on your particular situation, to using your Personal Information on the basis of our legitimate interests. However, we may override the objection if we demonstrate compelling legitimate grounds, or for the establishment, exercise or defense of legal claims. You may also object at any time to the use of your Personal Information for direct marketing purposes.
- Right to Restrict processing your Personal Information (except for storing it) if you contest the accuracy of your Personal Information, for a period enabling us to verify its accuracy; if you believe that the processing is unlawful and you oppose the erasure of the Personal Information and request instead to restrict its use; if we no longer need the Personal Information for the purposes outlined in this Policy, but you require them to establish, exercise or defend legal claims; or if you object to processing, pending the verification whether our legitimate grounds for processing overrides yours.
- Right to be Forgotten. Under certain circumstances, such as when your right to object overrides our legitimate interests, you have the right to ask us to erase your Personal Information. However, we may still process your Personal Information if it is necessary to comply with a legal obligation, we are subject to under laws in EU Member States or for the establishment, exercise or defense of legal claims.
If you wish to exercise any of these rights, contact us at email@example.com.
We reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason for this.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority, in particular in the Member State of your residence, place of work or of an alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.
From time to time, we may change this Policy, in which case we will inform you of the updated Policy by emailing you.
Should you have any inquiries, complaints or suggestions, you may contact us at firstname.lastname@example.org. We will do our best to resolve your issue in a timely manner.
Last Update: February 10, 2019.