Website Privacy Policy
How Zypra collects and uses your personal data on this website.
Introduction
This privacy policy explains how Zypra collects and uses your personal data when you visit our website at zypra.com ("our site"). It does not cover the Zypra mobile application, which has its own separate privacy policy available within the app.
This policy is provided in a layered format so you can navigate to the specific areas that interest you. Please also use the Website Terms of Use to understand the rules for using our site.
1. Important Information and Who We Are
Controller
1.1 Zypra, a foundation company incorporated in the Cayman Islands, is the controller and responsible for your personal data (referred to as "we", "us", or "our" in this privacy policy).
Contact Details
1.2 If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using our contact form by selecting "Legal & Compliance" as the subject.
Scope
1.3 This privacy policy applies to personal data collected through our website. Our site is not intended for children, and we do not knowingly collect data relating to children through this website.
1.4 If you download and use the Zypra mobile application, a separate privacy policy governs the data collected by the app.
2. The Types of Personal Data We Collect About You
Personal data means any information about an individual from which that person can be identified. We may collect, use, store, and transfer the following kinds of personal data about you when you use our site:
| Data Category | Examples |
|---|---|
| Identity Data | First name, last name, as provided by you when you contact us |
| Contact Data | Email address, as provided through our contact form |
| Technical Data | Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device type, and other technology on the devices you use to access this website |
| Usage Data | Information about how you use our website, including pages visited, time spent on pages, page interaction information (such as scrolling, clicks, and mouse-overs), and navigation paths |
We also collect, use, and share aggregated data such as statistical or demographic data. Aggregated data is not personal data as it does not directly or indirectly reveal your identity. For example, we may aggregate Usage Data to calculate the percentage of users accessing a specific website feature in order to improve our site.
3. How Is Your Personal Data Collected?
We use different methods to collect data from and about you:
Direct interactions
3.1 You may give us your Identity and Contact Data by filling in forms on our site or by corresponding with us. This includes personal data you provide when you:
- use our contact form to submit an enquiry;
- request information about our products or services; or
- give us feedback.
Automated technologies or interactions
3.2 As you interact with our site, we automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this data by using cookies, server logs, and other similar technologies. Please see Section 9 below for further details on cookies and your consent options.
4. How We Use Your Personal Data
Legal bases
4.1 The law requires us to have a legal basis for collecting and using your personal data. We rely on one or more of the following:
- Legitimate interests: Where it is necessary to conduct our business and pursue our legitimate interests, provided those interests do not override your rights. We use this basis for website analytics, security monitoring, and fraud prevention.
- Consent: Where you have given us your active agreement to use your personal data for a specified purpose, for example accepting non-essential cookies via our cookie consent banner. You can withdraw consent at any time.
- Legal obligation: Where we need to comply with a legal obligation.
- Contract performance: Where we need to process your data to respond to your enquiry or perform a contract with you.
Purposes of processing
4.2 We have set out below the ways we use your personal data and the legal bases we rely on:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| To operate and maintain our website | Technical Data, Usage Data | Legitimate interests (to keep our site running efficiently and securely) |
| To respond to your enquiries via our contact form | Identity Data, Contact Data | Contract performance; Legitimate interests (to respond to enquiries) |
| To analyse website usage and improve our site | Technical Data, Usage Data | Legitimate interests (to improve our website and user experience) |
| To protect our site against fraud, abuse, and security threats | Technical Data | Legitimate interests (to ensure website security) |
| To comply with legal obligations | All categories as required | Legal obligation |
4.3 We will not share your personal data with any third party for their own direct marketing purposes.
5. Disclosures of Your Personal Data
5.1 We may share your personal data with the following categories of recipients where necessary:
- Service providers: Third parties who provide website hosting and customer support services on our behalf. They are contractually bound to process data only on our instructions and in accordance with applicable data protection laws.
- Legal and regulatory authorities: Where we are required to disclose your data by law, court order, or in response to lawful requests by public authorities.
- Business transfers: If Zypra is restructured or its assets are transferred, user data may be transferred as part of that transaction, subject to equivalent privacy protections.
5.2 We do not sell your personal data. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.
6. International Transfers
6.1 We are based in the Cayman Islands. When you use our site, your personal data may be transferred to, and processed in, the Cayman Islands and other countries where our service providers are located.
6.2 Whenever we transfer your personal data out of the United Kingdom or the European Economic Area to countries which do not provide the same level of data protection, we ensure that appropriate safeguards are in place, including:
- standard contractual clauses approved by the European Commission or the UK International Data Transfer Agreement / Addendum;
- transfers to countries that have been deemed to provide an adequate level of protection; or
- other lawful transfer mechanisms as applicable.
6.3 To obtain further details of the safeguards we use for international transfers, please contact us.
7. Data Security
7.1 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. These measures include encryption of data in transit (TLS), access controls, and regular security assessments.
7.2 We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.
7.3 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. Data Retention
8.1 We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. Specifically:
- Contact form enquiries: 3 years from the date of your enquiry;
- Cookie consent records: 12 months from the date of consent;
- Server logs: 90 days;
- Data retained for legal compliance: As required by applicable law.
8.2 After the applicable retention period, we will securely delete or anonymise the data.
9. Cookies and Your Consent
What are cookies?
9.1 Cookies are small text files placed on your device by our website. They are widely used to make websites work more efficiently and to provide information to site owners.
Types of cookies we use
9.2 Our site uses the following categories of cookies:
| Cookie Category | Purpose | Requires Consent? |
|---|---|---|
| Strictly Necessary | Essential for the basic operation of our site, including security, network management, and accessibility. These cookies do not collect personal data for marketing purposes. | No — these are required for the site to function and cannot be disabled. |
| Functionality | Enable us to remember your preferences (for example, your choice of language) and to provide enhanced, personalised features. | Yes — these are only activated if you consent via our cookie banner. |
Your cookie choices
9.3 When you first visit our site, a cookie consent banner will appear, giving you the option to:
- Accept all cookies: Enables strictly necessary and functionality cookies.
- Accept necessary cookies only: Enables only the cookies required for the basic operation of our site. No functionality cookies will be placed on your device.
- Manage preferences: Allows you to select which optional cookie categories you consent to.
9.4 You can change your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of our site. Changing your preferences will take effect immediately for future visits; cookies that have already been placed can be deleted through your browser settings.
Browser-level controls
9.5 In addition to our cookie consent banner, you can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, some parts of our site may become inaccessible or not function properly.
10. Jurisdiction-Specific Provisions
10.1 European Economic Area and United Kingdom (GDPR / UK GDPR)
If you are located in the EEA or UK, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR. Our legal bases for processing are set out in Section 4. Your rights include the right to access, rectify, erase, restrict, port, and object to the processing of your personal data, and the right to withdraw consent at any time. To exercise any of these rights, please contact us. We will respond within one month. You also have the right to lodge a complaint with your national data protection authority, including the UK Information Commissioner's Office (ICO) at www.ico.org.uk.
10.2 California, USA (CCPA/CPRA)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA, including the right to know, the right to delete, the right to opt-out of the sale or sharing of personal information, and the right to non-discrimination. We do not sell your personal information. To exercise your CCPA rights, please contact us.
10.3 Other Jurisdictions
If you are located in a jurisdiction with specific data protection legislation (including Saudi Arabia, the United Arab Emirates, and India), we will process your personal data in accordance with the applicable local requirements. You may exercise your rights under local law by contacting us.
11. Changes to This Privacy Policy
We keep this privacy policy under regular review. This version was last updated on the effective date shown above.
12. Third-Party Links
Our site may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our site, we encourage you to read the privacy policy of every website you visit.
13. Contact Us
For any questions, concerns, or requests relating to this privacy policy or your personal data, please use our contact form.
Zypra®
Grand Cayman, Cayman Islands