Privacy Policy

 

Effective Date: Oct 1, 2022

We at Velocita, Inc. dba Zinrelo (“Zinrelo,” “we,” “us,” “our”) know that our users (“you,” “your”) care about how your personal information is used and shared, and we take your privacy seriously. This privacy policy describes how Zinrelo, a provider of a loyalty rewards platform, collects and uses the personal information you provide on our Zinrelo.com or its corresponding Zinrelo app. By visiting or using the Website or loyalty rewards platform services (referred to interchangeably as “Website” or “Services”) in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy and you hereby consent that we will collect, use, and share your information.

What does this privacy policy cover?

This Privacy Policy covers our treatment of personally identifiable information (“Personal Information”) that we gather when you are accessing or using our Website or Services.

We do not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to register for our Services. No one under age 13 may provide any personal information to us or on the Services.

Whose information does Zinrelo collect?

Zinrelo gathers various types of Personal Information on its Website or loyalty application. Zinrelo may gather Personal Information from End-Customers of a Client who access loyalty program services, Administrative users of Client who manage the loyalty program, and Website users who may inquire about Zinrelo by filling out a form.

The Zinrelo loyalty application can also be set up so that End-Customers are only identified by an anonymized user token and no personal.

What information does Zinrelo collect? 

We gather various types of Personal Information from our users, as explained more fully below. We may use Personal Information to personalize and improve the Services, to allow our users to set up a user account and profile, to contact users, to fulfill your requests for the Services, to analyze how users utilize the Website, and as otherwise set forth in this Privacy Policy. We collect the following types of information:

INFORMATION PROVIDED TO US

Information is provided to us by users using our website or our loyalty application and may include name, email address, phone number, company name, postal address, social media handles and other such personal information.

INFORMATION COLLECTED AUTOMATICALLY

Whenever you interact with our Website, we automatically receive and record information on our server logs from your browser including your IP address, “cookie” information, and the page you requested. “Cookies” are identifiers we transfer to your computer or mobile device that allow us to recognize your browser or mobile device and tell us how and when pages in our Website are visited by you. You may be able to change the preferences on your browser or mobile device to prevent or limit your computer or device’s acceptance of cookies, but this may prevent you from taking advantage of some of our Website’s features. If you click on a link to a third-party website, such third party may also transmit cookies to you.

When you visit the Website, our servers automatically record information that your browser sends whenever you visit a website (“Log Data”). For example, Log Data may include information such as your computer’s IP address, browser type or the webpage you were visiting before you came to our Website, pages of our Website that you visit, the time spent on those pages, the information you search for on our Website, access times and dates, and other statistics. We use this information to monitor and analyze use of the Website and the Services and for the Website’s technical administration, to increase our Website’s functionality and user-friendliness, and to better tailor it to our visitors’ needs.

Additionally, we may also track and collect usage information on the website such as the number of visits, page URLs and other visitor tracking information. We may also use technologies such as cookies, beacons, scripts and tags. These technologies are used in analyzing trends, administering the website, tracking users’ movements around the site, and gathering demographic information.

Where we store your personal information? 

We store your personal information in the United States. If you are located outside the United States, the information that we collect from you may be transferred to, and stored and processed at, a destination in the United States. By submitting information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.

Will Zinrelo share any of the personal information it receives?

We neither rent nor sell your Personal Information in personally identifiable form to anyone. We share such Personal Information in personally identifiable form with third parties as described below.

TRUSTED THIRD PARTIES

We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide the Services to you. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.

BUSINESS TRANSFERS

We may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that is transferred. Also, if we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information would be one of the assets transferred to or acquired by a third party. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

PROTECTION OF ZINRELO AND OTHERS

We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or a court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Zinrelo, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. We also may be required to disclose an individual’s Personal Information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

WITH YOUR CONSENT

Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and you will be able to prevent the sharing of this information.

Is the personal information secure? 

We take maximum care to protect the privacy of your account and other Personal Information we hold in our records. the protection of user data is a high priority for us.

Zinrelo is SOC 2 Type 1 Compliant. System and Organization Controls (SOC) is developed by the American Institute of CPAs (AICPA). SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality, and privacy. SOC Compliance indicates that Zinrelo follows the highest standards for protecting customer data.

Zinrelo also employs a detailed Information Security Policy to ensure best practices for the protection of data. While we do not have official ISO certification, our Information Security Policy is modeled on the guidelines of ISO 27001 and ISO 27002 requirements. A copy of our Information Security Policy document is available upon request.

Your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

When you enter your information on our site, we encrypt the transmission of that information using transport layer security (TLS).
However, we cannot guarantee complete security. The transmission of information via the Internet is not completely secure. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.

What personal information can I access? 

Through your account settings, you may access, and, in some cases, edit or delete the following information you’ve provided to us:

  • Name and Password
  • Company Name
  • Website URL
  • Email address
  • Phone Number
  • Purchase data including products purchased, prices, quantity, store name, purchase location
  • Social Media profile info
  • Address
  • City
  • State
  • Region
  • Country
  • User tags to identify users
  • Time zone

The information you can view, update, and delete may change due to modifications to the Website or Services. If you have any questions about viewing or updating information we have on file about you, please contact us at [email protected]. We will respond to your request to access within 30 days. Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: [email protected]

What choices do I have? 

  • You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our special features.
  • You may be able to add, update, or delete information by simply sending an email to [email protected]. When you update information, however, we may maintain a copy of the unrevised information in our records. We will retain your information for as long as your account is active or as needed to provide you services.
  • You may request the deletion of your account by contacting us at [email protected]. Please note that some information may remain in our private records after your deletion of such information from your account. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements but barring legal requirements, we will delete your information within 90 days. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Zinrelo aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request the deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Zinrelo relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

TRANSFER OF YOUR DATA UNDER GDPR

If Zinrelo receives your data from the data controller residing in the European Economic Area (“EEA”), United Kingdom, or Switzerland, it may process such data on its servers in the United States. These data transfers are covered by a Data Processing Addendum (“DPA”) that includes all Standard Contractual Clauses approved by the European Commission on June 4, 2021 to ensure GDPR compliance in case of Data being transferred from a Controller-Processor from the European Economic Area, United Kingdom or Switzerland to the United States.

Changes to this privacy policy

We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make material changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or sending you an email prior to the change becoming effective. You are bound by any changes to the Privacy Policy when you use the Website after such changes have been first posted.

How to contact us

It is easy to contact Zinrelo. We provide annual training to our employees involved in the collection, processing, and dissemination of customer information. In addition, Zinrelo’s internal policies and procedures provide for disciplinary action if our employees fail to follow this statement. We periodically self-assess and review these internal policies and procedures to review compliance.

DATA PROTECTION OFFICER (“DPO”)

Zinrelo is headquartered in Palo Alto, California, in the United States. If you are a resident of the EU and have questions about the collection of your personal information, our DPO can assist you. You may contact our DPO at:

  1. Email: [email protected]
  2. Postal Mail: Zinrelo, Inc., Attn: DPO, 530 Lytton Ave, Suite 200, Palo Alto, CA 94301

ZINRELO’S COMPLIANCE TEAM AND DISPUTE RESOLUTION

In compliance with the Principles, Zinrelo commits to resolve any complaints about your privacy and our collection, use, or disclosure of your personal information. If you have any inquiries or complaints regarding this statement, you should first contact Zinrelo at:

  1. Email: [email protected]
  2. Postal mail: Zinrelo, Inc., Attn: DPO, 530 Lytton Ave, Suite 200, Palo Alto, CA 94301