Confidentiality and data protection
Last update: 13th january 2023
This policy only applies to personal data processed by or on behalf of UserZoom. The type of data that we collect and how that data is processed may vary depending on your relationship to us as further indicated below.
About us and how to contact us
The UserZoom Group consists of UserZoom Technologies, Inc, together with a number of subsidiaries (including UserZoom Inc, UserZoom Limited, UserZoom GmbH, UserZoom Technologies, Inc Sucursal en España, and Panisero SAS). You can contact us via email at email@example.com or by phone at (866) 599-1550.
Who do we share your information with and where are they?
Your personal information may be shared with our processors. We may also share your data amongst the UserZoom group companies (as outlined above). We will have in place an agreement with each of these processors which will restrict how they are able to process your personal information and require them to keep it secure. We will never sell your personal data.
We may also share your personal information: (a) as required by law or legal process; (b) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements or other requests;(c) to investigate suspected violations of any terms or policies applicable to our products or the services provided by us or our third party providers or affiliates; (d) where we reasonably conclude that it is necessary for defending, exercising or establishing our legal rights; (e) to investigate alleged or actual fraud, misrepresentation or other misconduct; (f) in connection with a prospective sale, merger, change of control, bankruptcy or similar transaction; and (g) to other third parties with your express consent.
The security of your personal information is important to us. We have adopted appropriate technical and
organisational measures and follow industry best practices in order to protect any personal data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore we cannot guarantee its absolute security.
How long do we keep your information for?
We may only retain your personal information for the purposes set out in this policy and for as long as we have a legal or business requirement to do so. By law, different retention periods apply to different types of records and data, however the longest we will normally hold any personal data is 7 years from the date of your last interaction with us.
Exercising your rights
You have the right to request that we:
- Provide you with access to your personal information
- Rectify or correct your personal information
- Erase your personal information
- Restrict processing of your personal information, including refraining from selling it or otherwise providing it to any third parties
You also have the right to lodge a complaint with the appropriate supervisory authority in your country if applicable, if you consider that we are in breach of our obligations under data protection laws. The foregoing rights may be subject to certain limitations pursuant to applicable law. You may request the exercise of these rights by sending an email to firstname.lastname@example.org. Additionally, you may unsubscribe from marketing emails by clicking the ‘unsubscribe’ button in the footer of any of those emails.
We will respond to your request within 30 days, unless a faster response is required by law.
Sources of Personal Data
We collect information about you from several sources, which include third party providers or directly from you. Because information from several sources may be combined into one record, it may be difficult or impossible to identify the exact source of one particular piece of information.
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
We adhere to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, although we do not rely on such frameworks as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU in Case C-311/18. If any personal data is transferred outside of the EEA, we will ensure that any such transfer of personal data is governed by an adequacy decision or an alternative valid mechanism for international data transfers, such as the Standard Contractual Clauses.
We participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List.
We are responsible for the processing of personal data we receive, under each Privacy Shield Framework, and subsequently transfer to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.