Privacy policy

Effective Date: April 24, 2018

Welcome, and thank you for your interest in Zingaya, Inc., a Delaware corporation (together with its affiliates and subsidiaries, “Zingaya”, “we,” or “us”), our websites including https://zingaya.com (each a “Site,” and collectively, the “Sites”), and all related web sites, downloadable software, mobile applications (including tablet applications), and other services provided by us and on which a link to this Privacy Policy is displayed, and all other communications with individuals though written or oral means, such as email or phone (collectively, together with the Sites, our “Service” or “Services”).

This Privacy Policy (“Policy”) describes the information that we gather on or through the Service, how we use and disclose such information, and the steps we take to protect such information. By visiting the Sites, or by purchasing or using the Service, you accept the privacy practices described in this Policy.

This Policy is incorporated into, and is subject to, the Zingaya Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the Zingaya Terms of Service.

Explanation of Service

We provide a SaaS-based telecommunications platform which enables you to (i) create, and (ii) allow your End Users to utilize, voice and video calls through an internet browser (including related services). Through our Service, you and your End Users can communicate with others through voice, video and/or other forms of communication.

Privacy Shield Commitment

As set forth in more detail herein, we self-certify compliance with the EU-US Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (collectively, “Privacy Shield”), as set forth by the U.S. Department of Commerce, Zingaya complies with the EU Data Protection Directive 95/46/EC framework as set forth by the European Union regarding the collection, use, and retention of personal data from European Union member countries and Switzerland to the United States. Zingaya has certified that it adheres to the requirements of notice, choice, onward transfer, security, data integrity, access and enforcement.

Definitions

“Client” means a customer of Zingaya.

“Client Data” means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service.

“End User” means a Client’s customers and end users (including, without limitation, those authorized by Client) of the Service.

“Personal Data” means any information relating to an identified or identifiable natural person.

“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.

“Restricted Area” means the area of the Site that can be accessed only by Users, and where access requires logging in.

“User” means an employee, agent, or representative of a Client, who primarily uses the Restricted Areas of the Site for the purpose of accessing the Service in such capacity.

“Visitor” means an individual other than a User, who uses the Public Area, but has no access to the restricted areas of the Site or Service.

What Information Do You Provide to us and How Do We Use it ?

When you use our Services you provide three types of Information:

(1) Personal Data

(2) Usage Information

(3) SIP & Skype account Information

Personal Data

Personal Data is information collected, received, accessed, used and disclosed (both online and offline) that allows us to identify you. Examples of this kind of information include, as applicable, your name, organization name, email address, login and password, phone number, billing address, mailing address, credit card and payment details, data required for registration, and other similar kinds of information that may be used for the same purpose. We may also request photo identification and/or proof of address information for account verification, telephone number verification, and legal compliance purposes.

Usage Information

Usage Information consists of information provided passively or generated automatically during your use of Zingaya’s Service) including the number of calls, call length, called numbers and call content. Usage Information may include Call Detail Record information (“CDR”) and other call records of Clients and End Users. CDR records may include Personal Data including (i) the identify an End User who initiates a voice or video call, and (ii) the identity of the person which receives such voice or video call. Unless required by applicable law, we don’t provide information on calls, call length, called numbers or call content to any third party.

SIP & Skype Account Information

SIP account information consists of SIP requisites you enter in order to redirect calls using the Zingaya Services. Skype account information consists of Skype ID that you enter in order to redirect calls using the Zingaya Services. Unless required by applicable law, this information is not provided to any third party.

Integrated Services

You may be given the option to access or register for the Service through the use of your user name and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your Google or Facebook account, or otherwise have the option to authorize an Integrated Service to provide Personal Data or other information to us. By authorizing us to connect with an Integrated Service, you authorize us to access and store information that the Integrated Service makes available to us (including, without limitation, your name, email address(es), date of birth, gender, current city, profile picture and URL), and to use and disclose it in accordance with this Policy. You should check your privacy settings on each Integrated Service to understand what information that Integrated Service may make available to us, and make changes as appropriate. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Service.

Personal Data & Non-Personal Data

Personal Data:

Zingaya will not rent or sell your Personal Data to others. We may store Personal Data in locations outside the direct control of Zingaya (for instance, on servers or databases co-located with hosting providers including, without limitation, Amazon Web Services, Servers.com, Google Cloud and Liquid Web (“Hosting Providers”). Zingaya’s Hosting Providers may physically have servers located anywhere in the world (i.e. including outside the European Union). Any Personal Data you elect to make publicly available on our Sites or through the Service, such as posting comments on a blog page, will be available to others. If you remove information that you have made public on our Sites or through the Service, copies may remain viewable in cached and archived pages of our Sites or the Zingaya Service, or if other users have copied or saved that information. If you wish to post a comment on our blog, registration may be required.

Non-Personal Data:

We may gather and share non-Personal Data (such as anonymous usage data, referring/exit pages and URLs, IP address, browser and platform types, referring/exit pages, operating system number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Zingaya Services and those of our partners. If you remove information that you have made public on the Zingaya Service or Sites, copies may remain viewable in cached and archived pages of the Zingaya Service or Sites, or if other users have copied or saved that information. Non-Personal Data may be stored indefinitely.

Use of Information

We use information that we collect in a variety of ways in providing the Service and operating our business, including, with respect to operations, improvements and communications. Such uses include facilitating the functioning of our business and Sites, complying with applicable law, providing you with products and services, or as otherwise as appropriate in connection with a legitimate business need, including, without limitation:

(1) enabling, providing and enhancing the efficacy of Zingaya’s Sites, products, or services (including the Service and for any other purposes as may be further set forth in agreements between Zingaya and its Clients, including acting as a data processor on behalf of its Clients which act as data controllers);

(2) customer service activities (including via email and telephone), including administering your account, processing / fulfilling / confirming orders, billing, providing technical support, responding to your requests, providing updates, and customizing, enhancing, upgrading and improving Sites and offerings;

(3) sales, marketing and promotional activities (including sales tracking and administering contests), and customer relationship management (including newsletters, notices and sending you requested product or service information); and

(4) internal business processes and management, analysis (including usage trends and preferences), crime/fraud detection and prevention, security, protecting Zingaya’s legal rights, and compliance with governmental, legislative, and regulatory requirements.

You have the ability to opt-out of receiving any promotional communications as described below under “Your Choices.”

Zingaya may disclose Personal Data to business partners and subcontractors, as necessary, for the purpose of providing Zingaya’s Services and performing other requested services, or as otherwise appropriate in connection with a legitimate business need. Such companies are authorized to use Personal Data only as necessary to provide such services to Zingaya.

Credit Card details will be handled securely to ensure confidentiality and 128-bit SSL encryption is used to ensure sensitive data is protected during transmission over the internet.

The Sites also contain a blog where your feedback is accessible by the public as well as by the Zingaya team.

Your feedback sent via Zingaya e-mail is accessible by the Zingaya team only.

We reserve the right to utilize Personal Data and Non-Personal Data for marketing purposes (for instance by displaying selected comments on our website or in other communications), and in order to comply with applicable law (including, without limitation, providing data to our telecommunications providers including Voxbone which is headquartered in Belgium).

From time to time, we may send you surveys or solicit your feedback. We use surveys to gauge user interest in new products and premiums we may offer. We may ask for your feedback on site features. We will use the information we gather to improve our Sites and provide a more meaningful experience to Clients and End Users. We may also use the information to alert you about offers and products in which you have expressed an interest in.

In the event that we (and/or our business lines, subsidiaries or affiliates) are ever sold, acquired, merged, liquidated, reorganized, or otherwise transferred, we reserve the right to transfer our user databases (together with any Personal Data or Non-Persona Data contained therein), to a third-party acquiring our assets. In the event we do so, we will place a prominent notice of the sale on the homepage of our corporate website, with links to information as to how you can change your privacy preferences.

Storage and Processing

As set forth in more detail above, but subject to appropriate safeguards: (i) your information collected through the Zingaya Service may be stored and processed anywhere in the world (including, without limitation, in the United States, Europe, or any other country in which Zingaya or its subsidiaries, affiliates or service providers maintain facilities), and (ii) Zingaya may transfer information that we collect about you, including Personal Data, to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world.

How we Protect Your Information

Zingaya is concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to Zingaya or guarantee that your information on the Zingaya Service may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. When you enter sensitive information (such as log in credentials) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). No method of transmission over the Internet or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Site, you can contact us at privacy@zingaya.com We may use an outside help platform, and a credit card processing company to bill you if you purchase Services. Such companies do not retain, share, store or use Personal Data for any other purposes.

You shouldn’t install any specific software to use Zingaya Services, and our Site pages don’t install any software to your system.

Federal Trade Commission

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC) and/or the Department of Transportation. We may be required to disclose Personal Data that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Cross Border Transfer

Notwithstanding any other provision contained in this Privacy Policy, we comply with the requirements of the U.S.-EU Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries and Switzerland to the United States. We adhere to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity and purpose limitation, access and recourse, enforcement and liability with respect to all Personal Data transferred from the EU to the US, and from Switzerland to the US, within the scope of its Privacy Shield certification. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/list.

We continue to adhere to the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce, which will not be affected by the participation in the Privacy Shield Framework.

Certain Personal Data may be subject to our more specific privacy policies, which are also consistent with the requirements of the U.S.-EU Privacy Shield Framework.

We may also collect Personal Data concerning our (and our affiliates’) employees, consultants and candidates for employment (Human Resources Data) in connection with administration of our human resources programs and functions and for purpose of communicating with our employees and consultants.

Unless we tell you differently, companies who work on our behalf do not have any right to use the Personal Data we provide to them beyond what is necessary to assist us. We ensure that those companies are contractually bound to confidentiality and use the data received on our behalf in line with this Privacy Policy and guarantee an adequate level of data protection. We will remain liable for any failure by the third party that receives Personal Data on our behalf, unless we prove that the event giving rise to the damage was solely caused by the third party.

As discussed above, Zingaya’s Hosting Providers may physically have servers located anywhere in the world (i.e. including outside the European Union). In addition, Zingaya’s Service may be used to make and receive calls anywhere in the world. If you use our Services then information (including, without limitation, Personal Data) may be transferred to other countries outside of your country of residence, depending on the type of information and how it is stored by us. Such countries (including, without limitation, the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage and use of your Personal Data will at all times continue to be governed by this Privacy Policy.

How Do We Protect Your Data, Information, and Resources?

We use secure technology to protect any information you provide us. The collected passive information is stored in secure databases.

Your Choices – Access, Correction & Deletion

We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database.

You may update, correct, or delete your account information and preferences at any time by accessing your Profile page within our site. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.

At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact Zingaya’s Data Protection Officer at privacy@zingaya.com. You also have a right to lodge a complaint with data protection authorities.

This provision does not apply to Personal Data that is part of Client Data. In this case, the management of the Client Data is subject to the Client’s own Privacy Policy, and any request for access, correction or deletion should be made to the Client responsible for the uploading and storage of such data into the Service.

Data Retention

We only retain the Personal Data collected from you for as long as your account is active or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:

• the contents of closed accounts are deleted within twelve (12) months of the date of closure;

• backups are kept for twelve (12) months;

• billing information is retained for a period of seven (7) years as of their provision to Zingaya in accordance with applicable accounting and taxation laws;

• information on legal transactions between Client and Zingaya is retained for a period of seven (7) years as of their provision to Zingaya in accordance with the general limitation period set for civil claims in applicable law.

Data Controller and Data Processor

Zingaya does not own, control or direct the use of any of the Client Data stored or processed by a Client, User or End User within the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. Zingaya is largely unaware of what Client Data is actually being stored or made available by a Client or End User to or through the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client, Users and End Users.

Because Zingaya does not collect or determine the use of any Personal Data contained in the Client Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, Zingaya is not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”), and does not have the associated responsibilities under the GDPR, with respect to Personal Data contained in any Client Data. Zingaya should be considered only as a processor on behalf of its Clients, Users and End Users as to any Client Data containing Personal Data that is subject to the requirements of the GDPR. Except as provided in this Privacy Policy, Zingaya does not independently cause Client Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties, except to third-party subcontractors who may process such data on behalf of Zingaya in connection with Zingaya’s provision of Services to Clients, User and End Users. Such actions are performed or authorized only by the applicable Client or End User.

The Client or End User is the data controller under the Regulation for any Client Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of Personal Data contained within any Personal Data.

Zingaya is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Client, Users or End Users, nor is Zingaya responsible for the manner in which the Client, Users or End Users collect, handle disclosure, distribute or otherwise process such information.

Dispute Resolution

If you believe your Personal Data has been used in a way that is not consistent with this Privacy Policy, we invite you to contact us first at privacy@zingaya.com. We will make all efforts to resolve your complaints timely and accurately. Further, we have committed to cooperate with EU Data Protection Authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC), and to comply with the information and advice provided by such authorities with regard to data transferred from the EU and Switzerland.

Under certain conditions, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.

Modification of Privacy Policy

We reserve the right to modify the provisions of this Privacy Policy if deemed necessary. We will inform you of these changes on our website.

Contact Information

You can contact us by writing or email us at the address below:

Zingaya, Inc.
Attn: Data Protection Officer
2225 East Bayshore Road Palo Alto, CA 94303-3220

Email for General Support: support@zingaya.com

Email for Privacy Issues: privacy@zingaya.com