Zenown

Privacy Policy

Latest update: December 15, 2021

Our Websites and our app collect some Personal Data from its Users.

This document can be printed for reference by using the print command in the settings of any browser.

In addition to the information contained in this privacy policy, our Websites and our app may provide you with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.

Who we are and what we do

We are ZenOwn AG a company incorporated in Zug, Switzerland with registered number CH-170.4.016.968-7 (referred to herein as “we”, “us” or “our”, as the context requires)

Address: Baarerstrasse 82, 6300 Zug, Switzerland

Email: contact@zenown.com

We provide home inventory management services through our mobile app or through the websites linked from our partners QR code available in their products tags or packaging with the purpose of allowing our users to collect invoices, register and keep track of warranties and sell products they no longer need. We are the controller of our users’, partners’, clients’ and prospects’ CRM data to the extent it pertains to natural persons. We are joint controllers with our partners for some users’ data, such as email address and usage data. We have set out a joint controller arrangement which reflects our respective roles and responsibilities. You can ask for further information about this by contacting us at contact@zenown.com

This policy (together with our [Terms and Conditions] and any other documents referred to on them) set out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It applies to our users, partners, clients, prospects and to other individuals whose data we may process except for our employees (“you”).

We may change this policy from time to time so please, check our website occasionally for any updates. If we make material changes in the way we use your personal information, we may notify you by posting a notice on our website or sending you an email at the email address provided at the time of registration.

DPO CONTACT DETAILS

Aphaia Ltd
Eagle House
163 City Road, London,
EC1V 1NR
DPO Telephone: +44 20 3917 4158

Email address: dpo@aphaia.co.uk

UK REPRESENTATIVE

We have appointed Prighter as our representative in the UK. If you are in the UK and would like to address any concerns related to how we process your data or exercise your rights, you can contact Prighter using the contact details below or through this website.

Prighter Ltd (UK)
20 Mortlake Mortlake High Street
London SW14 8JN
UNITED KINGDOM

Email address:  info@prighter.com

Definitions and legal references

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information allows for the identification or identifiability of a natural person.

Usage Data

Information collected automatically through our Websites (or third-party services employed in our Websites) or app, which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment

User

The individual using any of our Websites or our app who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor 

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller 

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of our Websites or app. The Data Controller of the Data gathered through our Websites or our app is ZenOwn.

Our Websites (or our App)

The means by which the Personal Data of the User is collected and processed, including the websites linked from the QR code in our partners’ product tags or packaging allowing Users to register their warranty with ZenOwn.

Service

The service provided by our Websites and our app as described in the relative terms (if available) and on this site/application.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Types of data collected

We may process either personal data provided by you directly, or, in case of Usage Data, personal data collected automatically when using this Website or our app. Among the types of Personal Data that our Websites and our app may collect, by themselves or through third parties, there are: Cookies (please see the ‘Cookies’ section below); Usage Data; email address; order and purchase order details and any other personal information contained in the invoices, receipts and warranties submitted to our app, such as names and surnames, physical address and phone number

Where you have logged into our app via Apple ID or Google Mail, we may also collect your email address where Apple ID and Google Mail terms allow us to do so.

If you are a partner or a client, we may collect your name and surname, email address, physical address, phone number, company and position and contract.

Users are responsible for any third-party Personal Data obtained, published or shared through our Websites or app and confirm that they have the third party's consent to provide the Data to the Owner.

Mode and place of processing the Data

Methods of processing

We take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. 

Legal basis of processing

We may process Personal Data relating to you if one of the following applies:

  • You have given your consent for one or more specific purposes. In these cases you can opt-out at any time by contacting us at contact@zenown.com or through any of the designated methods in each case.
  • provision of Data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof;
  • processing is necessary for compliance with a legal obligation to which we are subject;
  • processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us;
  • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party. Where this basis applies, we have undertaken the relevant Legitimate Interest Assessment to demonstrate that our compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the affected data subjects. You can request further information about this by reaching us at contact@zenown.com.

In any case, we will gladly help to clarify the specific legal basis that applies to the processing. You can contact us at contact@zenown.com for this purpose.

Purpose of processing

We use the data we collect from you in order to provide our Services, comply with our legal obligations, respond to enforcement requests, protect our rights and interests (or those of yours or third parties), detect any malicious or fraudulent activity, send marketing communications and for analytics.

Contacting the User : Contact form (ZenOwn)

ZenOwn will use these details to reply to requests for information, quotes or any other kind of request as indicated by the form's header. 

Analysis and predictions based on the User's Data ("profiling"): The Owner may use the Personal and Usage Data collected through ZenOwn to create or update User profiles. This type of Data processing allows the Owner to evaluate User choices, preferences and behaviour for the purposes outlined in the respective section of this document.

User profiles can also be created through the use of automated tools like algorithms, which can also be provided by third parties. To find out more, about the profiling activities performed, Users can check the relevant sections of this document.

The User always has a right to object to this kind of profiling activity. To find out more about the User's rights and how to exercise them, the User is invited to consult the section of this document outlining the rights of the User.

Marketing

You may receive marketing communications from us if you have requested information from us or requested our services if, in each case, you have not opted out of receiving that marketing.

Where you opt out of receiving these marketing communications, we may still process your personal data for other required purposes.

We may share your email address with our partners for marketing purposes where you have opted-in to receive marketing communications from them.

We do not sell, rent or lease or provide in any other way our customer lists to third parties.

Push notifications for direct marketing - ZenOwn may send push notifications to the User for the purpose of direct marketing (to propose services and products provided by third parties or unrelated to the product or service provided by ZenOwn).

Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for ZenOwn or all of the apps on the particular device.

Users must be aware that disabling push notifications may negatively affect the utility of ZenOwn.

Besides applicable device settings, the User may also make use of the rights described under User rights in the relevant section of this privacy policy.

Push notifications based on the User's geographic location - ZenOwn may use the User's geographic location to send push notifications for the purposes outlined in this privacy policy.

Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for some or all of the apps on the particular device.

Users must be aware that disabling push notifications may negatively affect the utility of ZenOwn.

Push notifications - ZenOwn may send push notifications to the User to achieve the purposes outlined in this privacy policy.

Users may in most cases opt-out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then change those settings for ZenOwn, some or all of the apps on the particular device.

Users must be aware that disabling push notifications may negatively affect the utility of ZenOwn.

You may always object / opt-out by following the link in our email message or by sending us an email to contact@zenown.com. If you want to opt-out from our partner’s marketing communications, please check their website and the means enabled for such purpose.

Data disclosure

In addition to us, in some cases, the Data may be accessible to other parties in the ways described below:

- Our partners. Where you have downloaded our app or registered your warranty through one of the websites linked from the QR code available in our partners’ product tags or packaging, we may share your email address with them for marketing purposes if you provide us your consent. We may also share some usage data with them in case you buy any of their products through the brand space in our app.

-Our third-party service providers who perform functions on our behalf in connection with the operation of our business such as IT service providers, including cloud storage, mail carriers, analytics and communications providers, and system administrators or third parties who host and manage data;

-Analytics, CRM and other software that assist us in the communication with you and the improvement and optimisation of our website;

-Third parties if we are required to do so by law, or if we believe that such action is necessary to: (a) fulfil a government, or regulatory authority request; (b) conform with the requirements of the law or legal process; (c) protect or defend our legal rights or property, our websites or customers;

-Other reasons – We may also share your personal information with a purchaser or potential purchaser of our business.

-Any other third parties with your express consent.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Place

The Data is processed at our operating offices in Switzerland and in any other places where the parties involved in the processing are located.

Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. 

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, by ensuring at least one of the following safeguards is implemented:

-transferring your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

-entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA. In these cases we will undertake a Data Transfer Impact Assessment where required pursuant to the Schrems II decision in order to verify, on a case-by-case basis, whether the law in the recipient country ensures adequate protection for personal data transferred under this tool.

For further information on the safeguards used, please contact us at  contact@zenown.com

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for or as otherwise required by applicable law. 

When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention periods.
Therefore:

  • Personal Data collected for purposes related to the performance of a contract between us and you shall be retained at least until such contract has been fully performed.
  • Personal Data collected for the purposes of our legitimate interests shall be retained as long as needed to fulfil such purposes in line with the Legitimate Interest Assessment. 

We may be allowed to retain Personal Data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted or anonymised. 

The rights of Users

You may exercise certain rights regarding your Data processed by us:

  • Withdraw your consent at any time. You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Data. Please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • Object to processing of your Data. You have the right to object to the processing of your Data if the processing is carried out based on legitimate interest. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Access your Data. You have the right to learn if Data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. You have the right to verify the accuracy of your Data and ask for it to be updated or corrected. We will need to verify the accuracy of the new data you provide to us.
  • Restrict the processing of your Data. You have the right, under certain circumstances, to restrict the processing of your Data. In this case, we will not process your Data for any purpose other than storing it.
  • Have your Personal Data deleted or otherwise removed. You have the right, under certain circumstances, to obtain the erasure of your Data from us. Please note that when you register with your Apple ID and you choose not to share your email with us, Apple does not share the details of your Apple ID with us and we cannot match any data with you once you have deleted the app. Receive your Data and have it transferred to another controller. You have the right to receive your Data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.
  • Lodge a complaint with the relevant supervisory authority. You have the right to bring a claim before the competent data protection authority.

How to exercise these rights

Any requests to exercise User rights can be directed to us through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by us as early as possible and always within one month.

Cookie Policy

Websites use Cookies. To learn more and for a detailed cookie notice, the User may consult the Cookie Policy.

Additional analytics

Google Analytics with anonymized IP (Google Ireland Limited)

Google Analytics is a web analysis service provided by Google Ireland Limited ("Google"). Google utilizes the Data collected to track and examine the use of ZenOwn, to prepare reports on its activities and share them with other Google services.

Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

This integration of Google Analytics anonymizes your IP address. It works by shortening Users' IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US.

Personal Data collected: Cookies; Usage Data.

Place of processing: Ireland – Privacy PolicyOpt Out

Facebook Analytics for Apps (Facebook, Inc.)

Facebook Analytics for Apps is an analytics service provided by Facebook, Inc.

Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. 

Google Analytics for Firebase (Google Ireland Limited)

Google Analytics for Firebase or Firebase Analytics is an analytics service provided by Google Ireland Limited.

In order to understand Google's use of Data, consult Google's partner policy.

Firebase Analytics may share Data with other tools provided by Firebase, such as Crash Reporting, Authentication, Remote Config or Notifications. The User may check this privacy policy to find a detailed explanation about the other tools used by the Owner.

ZenOwn uses identifiers for mobile devices and technologies similar to cookies to run the Firebase Analytics service.

Users may opt-out of certain Firebase features through applicable device settings, such as the device advertising settings for mobile phones or by following the instructions in other Firebase related sections of this privacy policy, if available.

Personal Data processed: Application opens; Application updates; Cookies; device information; first launches; geography/region; In-app purchases; number of sessions; number of Users ; operating systems; session duration; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data.

Place of processing: Ireland – Privacy Policy

MixPanel (MixPanel)

MixPanel is an analytics service provided by Mixpanel Inc.

Personal Data processed: Cookies and Usage Data. Place of processing: United States – Privacy Policy

Firebase Hosting (Google Ireland Limited)

Firebase Hosting is a hosting service provided by Google Ireland Limited.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy 

Firebase Cloud Storage (Google Ireland Limited)

Firebase Cloud Storage is a hosting service provided by Google Ireland Limited.

Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy.

Firebase Cloud Functions (Google Ireland Limited)

Firebase Cloud Functions is a hosting and backend service provided by Google Ireland Limited.

Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy 

Firebase Cloud Firestore (Google Ireland Limited)

Firebase Cloud Firestore is a hosting and backend service provided by Google Ireland Limited.

Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy 

Content performance and features testing (A/B testing) - The services contained in this section allow the Owner to track and analyze the User response concerning web traffic or behavior regarding changes to the structure, text or any other component of ZenOwn.

Firebase Remote Config (Google Ireland Limited)

Firebase Remote Config is an A/B testing and configuration service provided by Google Ireland Limited.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy 

Managing contacts and sending messages - This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.

These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.

Firebase Notifications (Google Ireland Limited)

Firebase Notifications is a message sending service provided by Google Ireland Limited. Firebase Notifications can be integrated with Firebase Analytics to target analytics-based audiences and track opening and conversion events.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy 

Firebase Cloud Messaging (Google Ireland Limited)

Firebase Cloud Messaging is a message sending service provided by Google Ireland Limited. Firebase Cloud Messaging allows the Owner to send messages and notifications to Users across platforms such as Android, iOS, and the web. Messages can be sent to single devices, groups of devices, or specific topics or User segments.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy 

Infrastructure monitoring - This type of service allows ZenOwn to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.

Which Personal Data are processed depends on the characteristics and mode of implementation of these services, whose function is to filter the activities of ZenOwn.

Firebase Performance Monitoring (Google Ireland Limited)

Firebase Performance Monitoring is a monitoring service provided by Google Ireland Limited.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy

Remarketing and behavioral targeting: This type of service allows ZenOwn and its partners to inform, optimize and serve advertising based on past use of ZenOwn by the User.

This activity is facilitated by tracking Usage Data and by using Cookies and other Identifiers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.

Some services offer a remarketing option based on email address lists.

In addition to any opt-out feature provided by any of the services below, Users may opt out by visiting the Network Advertising Initiative opt-out page.

Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.

Facebook Custom Audience (Facebook, Inc.)

Facebook Custom Audience is a remarketiInfrastructure monitorinng service provided by Facebook, Inc. that connects the activity of ZenOwn with the Facebook advertising network.

Users can opt out of Facebook's use of cookies for ads personalization by visiting this opt-out page.

Personal Data processed: Cookies; email address.

Place of processing: United States – Privacy PolicyOpt Out 

Registration and authentication - 

Depending on what is described below, third parties may provide registration and authentication services. In this case, ZenOwn will be able to access some Data, stored by these third-party services, for registration or identification purposes. 

Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service.

Firebase Authentication (Google Ireland Limited)

Firebase Authentication is a registration and authentication service provided by Google Ireland Limited. To simplify the registration and authentication process, Firebase Authentication can make use of third-party identity providers and save the information on its platform.

Personal Data processed: email address; first name; last name; password.

Place of processing: Ireland – Privacy Policy

Social features - Firebase Invites (Google Ireland Limited)

Firebase Invites is a social feature provided by Google Ireland Limited that enables Users to share ZenOwn. The sharing may contain referral codes, or content from within ZenOwn and may be done via email or SMS. Sharing is tracked with Google Analytics for Firebase, which informs the Owner that the User has opened or installed ZenOwn via invite.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy. 

Firebase Dynamic Links (Google Ireland Limited)

Firebase Dynamic Links is a social feature provided by Google Ireland Limited. Dynamic Links are tracked within Firebase or Google Analytics for Firebase, which informs the Owner about the details of the User journey to and within ZenOwn.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland – Privacy Policy.