At Zest, we understand the importance of your privacy. That's why we're committed to handling your personal and health data with the utmost care and respect. Here's how we gather, process, and protect your data while using our system:
Direct User Input: Your interactions with Zest may involve sharing various pieces of personal information. These might include your name, gender, date of birth, contact details (address, email, phone number), billing details, and other data obtained when you complete surveys, comment on our community sections, request services, or report issues. Should you get in touch with us, we'll retain a record of our correspondence.
Health & Lifestyle Data: We consider health and lifestyle details - your "special category data" - crucial to our services. This information may involve health indicators, symptoms, your profession, medications you're using, and others. We also collect data about your visits and engagement with our system, including but not limited to traffic, location, and other communication data.
Technical Data & Analytics: We'll gather analytical data about your interaction with our system, such as pages visited, links clicked, text entered, mouse movements, system specifications, and app usage. This information is anonymized prior to being transferred to external analytical services.
Here's a breakdown of the types of information we may store to provide and continually enhance our services for your benefit:
Identification Information: If you willingly share it, we will store your basic details like name, email address, phone number, mailing/billing addresses, and date of birth.
Financial Information: We utilize payment processor(s) to handle your financial information necessary for processing payments, storing only a tokenized version and keeping your payment card information off our servers.
Communication Information: We gather data when you contact us or voluntarily respond to our questionnaires, surveys, or market research requests.
Commercial Information: Your product browsing and purchasing history on Zest is recorded.
Social Media Information: Interacting with us on social media platforms may allow us to receive personal information you share or make available based on your privacy settings.
Writing and Content Information: Features requiring account creation may involve storing your written content in an encrypted form on our servers. You may opt for Advanced Data Protection, which assigns you a private recovery key code, giving you sole decryption and recovery ability for your content.
Internet Activity Information: This includes device information, usage information, estimated location information derived from your IP address, and information related to your interaction with our emails.
Collection Technologies: To facilitate the above, we may employ technologies like cookies, local storage technologies, and web beacons.
By law, we are obligated to maintain the confidentiality of your personal and health data and provide this privacy notice outlining our duties and practices. Rest assured, any use or disclosure of your data will adhere strictly to this policy.
Zest is committed to respecting the privacy and safeguarding the personal data of our users. We use your data to provide, maintain, and enhance the services that we offer. All the information we collect serves to create a better, more personalized experience for our users.
The data we collect is used for various purposes, which include but are not limited to:
Zest operates on a principle of data minimization and shares your personal information under but not limited to the following conditions:
Service Providers: We may share your personal data with our trusted third-party service providers, such as hosting services, email services, customer support services, and analytics services. Our service providers are contractually obligated to handle your data in line with our privacy standards and applicable data protection laws.
Legal and Professional Advisors: We may disclose your information to our legal and professional advisors for consultancy or if required by law, regulation, legal process, or governmental request.
Business Transactions: In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, or similar event, user information may be part of the transferred assets.
Government Authorities: If necessary, we may disclose your information to government authorities to comply with the law, enforce our terms and conditions, or protect our or others' rights, property, or safety.
User Consent: We will share your data with other parties when we have your explicit consent to do so. This includes when you choose to share your own data through our services, such as in public transactions or on social media platforms.
We communicate with you, for example, by push notifications or by emails. These may include reminders and motivational messages encouraging you to continue growing your relationship, or other information about the Services. As a result, you may, for example, receive a push notification every day at a particular time reminding you. To opt out of receiving push notifications, you need to change the settings on your device. To opt-out of receiving emails, you should click unsubscribe link in the footer of our email.
Upon your request, we can disclose your personal data to you. This may require your written authorization. Also, we might use and disclose your personal data to remind you to interact with or complete tasks relating to your use of our system.
We may share personal data with third-party service providers hired to provide services on our behalf. These providers are under strict privacy and security obligations consistent with this policy and the current data protection regulation. They are only permitted to process data in the ways specified by us.
We may also share anonymized information with third-party service providers who assist us in our marketing activities and in improving our services.
In certain circumstances, we may be legally obligated to use or disclose your personal data, for instance, for public health activities, health oversight activities, or law enforcement.
We may use personal data for internal and external research and publicity purposes. This could involve publishing aggregate, anonymous information about our users in the context of providing public information and conducting academic research.
In the event of an acquisition of Zest or a substantial portion of its assets by a third party, personal data held by us about our users would be among the transferred assets.
Rest assured that, except as described above, we will only share your personal information with any other party with your consent or as required by law.
Zest adheres to a principle of retaining personal data only as long as necessary. We will store your personal data for as long as it is required to fulfill the purposes outlined in this Privacy Policy, or until such time as we have no legal obligation to retain it. Once the data is no longer necessary or legally required, it will be securely deleted from our systems.
Zest’s services are designed for users aged 18 and above. We do not intentionally gather personal data from individuals under the age of 18. If we become aware that we have inadvertently collected personal data from a person under the age of 18 without verifiable consent from a parent or guardian as stipulated by law, we will promptly remove such information. At this time we do not plan on making our services can be made available to users under the age of 18.
As per the relevant laws and subject to any applicable exceptions, California residents may exercise the following rights:
If you wish to exercise any of these rights, have any questions, or need an alternate version of this Privacy Policy, please email us. We aim to be as transparent as possible regarding your options and the implications of exercising certain options. After receiving your request, we may request additional information from you to verify your identity. Your authorized agent may submit requests in the same manner, although we may require the agent to provide signed written permission to act on your behalf, and you may also be required to independently verify your identity with us and confirm that you authorized the agent to submit the request. We assure you that exercising your rights will not result in differential treatment.
The personal data you share with us is securely stored on protected servers operated by vetted 3rd party providers, such as Amazon Web Servers, WebFlow and Google Cloud Services. These service providers are at the forefront of delivering reliable and secure hosting services. You can learn more about their stringent security protocols and procedures by reading their respective security whitepapers.
All your data is saved in encrypted format, and all communication is securely transmitted over SSL as a standard protocol. Passwords are stored using secure hashing techniques, further safeguarded within our encrypted databases. However, there may be occasions when your anonymized data could be transferred to and stored in a location outside of the United States. By providing your personal data, you consent to this potential transfer, storage, or processing.
Despite the high level of security measures we implement, we must stress that the transfer of information via the internet can never be completely foolproof. While we go above and beyond to protect your personal data, we cannot provide an absolute guarantee of security for data transferred to our system; any such transmission is at your own risk. Upon receipt of your personal data, we employ rigorous procedures to thwart unauthorized access. This is in compliance with our stringent data protection policy, code of practice, and our responsibilities as a data controller operating within the United States.
At Zest, we prioritize minimal data storage, collecting only what's crucial to deliver our services and fulfill our mission of positively impacting global health. Stored data is protected through a blend of technical, organizational, and physical measures. However, no system is invulnerable, and thus, while we strive for the utmost security, we can't promise absolute protection. Usage of our services implies acceptance of this risk.
In the unlikely event of a data breach, we commit to promptly take appropriate action. We will investigate the breach, take steps to mitigate any potential harm, and bolster our systems to prevent future breaches. We will also communicate to you as soon as possible, providing an overview of the breach, the types of information involved, and recommended steps to protect yourself. Notifications of this nature will be sent via the email you have provided, ensuring you are kept informed. Please note, while we are committed to maintaining the security of your personal data, we cannot guarantee the security of data transmission over the internet. Therefore, any transmission of personal data to and from our services is at your own risk. Always access our services within a secure environment.
Modifying Personal Information: Reach out to us for any updates or modifications to ensure the accuracy and completeness of your personal information.
Marketing Communications Opt-Out: You can opt out of receiving marketing communications by adhering to the instructions in any marketing email sent by us. Note that certain communications may still reach you despite opting out of marketing communications.
Online Tracking Limitations: The ability to limit online tracking is available to you. This feature is often used to opt out of personalized ads from service providers we may associate with. Remember that minimal information may be shared with these providers to execute, enhance, and assess our promotional campaigns effectively.
While we view responsible advertising as a tool for small businesses to succeed with minimal privacy intrusion, we understand if you disagree. Here's how you can limit online tracking:
Remember, these opt-out methods are usually browser or device-specific. You need to opt-out on every browser and device you use.
Although ads are part of most of the sites you frequent, interest-based advertising helps them generate revenue to stay afloat. It also helps small businesses thrive. While there may be malicious players, we believe that the services above maintain a balance between privacy preservation and relevant advertising. Despite your choice, advertisements will still appear, but they will likely be less relevant to you.
Personal Information Requests: We also provide options impacting how we manage the personal data under our control. You can request the following:
To request these, please contact us as indicated below. We may require additional information to confirm your identity. California residents can appoint an "authorized agent" to submit requests on their behalf. We will request identity and authority confirmation from the agents. You have the right to exercise these rights without discrimination.
Limits on Your Choices: In certain scenarios, your choices may be restricted, for instance, when your request infringes upon others' rights, hampers our service provision, or conflicts with our legal obligations. If you're unsatisfied with our response, you can lodge a complaint by contacting us.
If you reside within the European Union (EU) or European Economic Area (EEA), the General Data Protection Regulation (GDPR) grants you specific data protection rights.
Zest is committed to ensuring that your rights under GDPR are upheld. Our intent is to provide mechanisms for you to access, modify, or erase your Personal Data, should you wish to do so.
To inquire about your Personal Data stored by Zest or request modifications, please reach out to us at privacy@tryzest.app.
You possess the following data protection rights under GDPR:
To safeguard your rights, we may request identity verification before processing your inquiries. It's worth noting that, due to the inherent nature of our services, certain data is essential, and its removal might affect service provision.
If you have concerns about how Zest manages your Personal Data, you're entitled to lodge a complaint with your regional data protection authority within the European Economic Area (EEA).
In alignment with the California Consumer Privacy Act (CCPA):
Our Stance on “Do Not Track” Signals:While "Do Not Track" is a preference users can set in some browsers, Zest values offering clear choices regarding data used for online advertising and analytics. That's why we furnish several opt-out routes. However, as of now, Zest doesn't process browser-initiated DNT signals.
We use cookies and similar tracking technologies to collect and use personal information about you, including to serve interest-based advertising. Cookies are small data files stored on your browser or device that allow us to recognize you and remember your preferences. Types of cookies we may use include session cookies (temporary cookies that expire when you close your browser) and persistent cookies (cookies that remain on your device for an extended period or until you delete them).
You have several options to manage your cookie preferences:
Please note, if you choose to remove or reject cookies, this could affect certain features or services of our website or services. Also, if you opt out of online advertising, you will still see ads but they may not be as relevant to you.
Our third-party partners may use cookies or similar tracking technologies to collect information about your browsing activities over time and across different websites following your use of our services.
For more detailed information about the specific cookies we use, why we use them, and your choices regarding cookies, please contact us.
Our website or services may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements or practices or any data breaches or mishandling by third parties. When you leave our website or services, we encourage you to read the privacy policy of every website you visit.
Zest is headquartered in the United States and your data is initially received by us in the U.S. We may transfer your personal data to our affiliates and service providers located within and outside of the U.S. Be aware that these regions may not offer the same level of data protection as your own jurisdiction. In such instances, we ensure appropriate measures are enacted to provide a robust level of protection for your personal data. We strictly adhere to all relevant data protection laws, typically relying on an EU Commission or UK government adequacy decision, Standard Contractual Clauses, or other legally recognized mechanisms for the safe transfer of your personal data across borders. For additional details regarding our international data transfer practices, please reach out to us as detailed in the "Contact us" section below.
Our services and business operations might undergo changes over time. Consequently, alterations to this Privacy Policy may occur as needed. When such changes are made, we will post the revised policy on this page unless a different form of notice is mandated by the prevailing laws. By continuing to utilize our services or providing us with your personal information following these updates, or other notifications as appropriate, you are giving your consent to the amended Privacy Policy and its described practices.
Should you have any queries regarding the technical terms used in our Privacy Policy, our data handling practices, or if any aspect of the Privacy Policy requires further explanation, please don't hesitate to reach out to us at our dedicated request address: privacy@tryzest.app