Zendaction AB acts as the data controller for all personal data processed in connection with visits to our website and usage of the Zendact Foresight Service ("Service").
2. Scope of This Policy
This Privacy Policy covers:
Website Visitors: Individuals who visit our website.
Service Users: Individuals and organizations who use our Zendact Foresight AI service.
This Privacy Policy explains how we collect, use, store, and protect personal data in connection with your visit to our website and usage of the Service in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
3. What Personal Data We Collect
3.1 Website Visitors
When you visit our website, we may collect:
Automatically Collected Data
IP address and location data
Browser type, version, and language settings
Operating system and device information
Pages visited, time spent, and navigation patterns
Referral websites and search terms
Date and time of access
Cookies and similar tracking technologies
Voluntarily Provided Data
Contact form submissions (name, email, message)
Newsletter subscriptions (email address)
Download requests (name, email, company)
Event registrations and webinar attendance
3.2 Service Users (Zendact Foresight)
Upon your registration of a user account and your usage of the Service, we may collect:
Account Information
Full name and email address
Company/Organization name
Job title and department
Phone number
Billing address and payment information
Account preferences and settings
Service Usage Data
Service interaction patterns and frequency
Feature usage and preferences
Session data and timestamps
Error logs and technical diagnostics
Learning progress and analytics (if applicable)
Communication Data
Support tickets and help desk interactions
Customer feedback and survey responses
Email correspondence with our team
Product improvement suggestions
Important: Users are prohibited from uploading personal data into the Service, except for account management and support purposes. The Service is not designed to handle personal data beyond what is necessary for account administration and customer support.
3.4 Payment Information
Payment processing is handled by secure third-party payment providers. We do not store complete credit card details but may retain:
Payment method type (e.g., Visa ending in 1234)
Billing address and invoice information
Transaction history and payment status
4. How We Use Your Data
We process your personal data for the following purposes:
4.1 Website Operations
Provide and maintain website functionality
Analyze website performance and user behavior
Improve user experience and website design
Ensure website security and prevent fraud
Respond to contact form submissions and inquiries
4.2 Service Provision (Zendact Foresight)
Create and manage user accounts
Provide AI-powered learning and analysis services
Maintain service performance and reliability
Provide customer support and technical assistance
Monitor service usage patterns for optimization
4.3 Business Operations
Process payments and manage billing
Send Service updates and important notifications
Conduct user research and service improvement
Analyze usage patterns for product development
Ensure platform security and prevent misuse
Comply with legal obligations and enforce our terms
4.4 Marketing and Communication
Send promotional materials and product updates
Provide educational content and best practices
Invite participation in surveys and research
Notify about new features and service enhancements
4.5 Legal and Security
Prevent fraud, abuse, and unauthorized access
Investigate security incidents and policy violations
Comply with legal requests and regulatory requirements
Protect our rights and interests
Maintain audit trails and compliance records
5. Legal Basis for Processing
We process personal data based on the following legal bases:
5.1 Contractual Necessity
Account creation and management
Service delivery and AI processing
Payment processing and billing
Customer support provision
Performance of our Terms and Conditions
5.2 Legitimate Interests
Website analytics and improvement
Security monitoring and fraud prevention
Service optimization and feature development
Internal analytics and reporting
Direct marketing to existing customers
Business development and research
5.3 Consent
Marketing communications to prospects
Optional analytics and tracking cookies
Newsletter subscriptions
Participation in surveys and research
Additional data collection beyond service requirements
5.4 Legal Obligations
Tax and accounting record retention
Response to legal requests
Regulatory compliance reporting
Data breach notifications
6. Data Sharing and Recipients
6.1 Service Providers and Processors
We share personal data with trusted third-party service providers who assist in:
Technical Infrastructure:
Cloud hosting and data storage providers
Content delivery networks (CDNs)
Database management services
Backup and disaster recovery services
Business Operations:
Payment processors and financial institutions
Customer support and help desk platforms
Email delivery and communication services
Analytics and monitoring tools
6.2 Data Processing Agreements
Service providers that process personal data are, to the extent required by applicable law, bound by:
Data processing agreements
Appropriate technical and organizational security measures
Confidentiality and data protection obligations
Instructions to process data only for specified purposes
Prohibitions on using data for their own purposes
6.3 Legal Disclosures
We may disclose personal data when required by:
Court orders, subpoenas, or legal processes
Law enforcement or regulatory authorities
Protection of our rights, property, or safety
Investigation of fraud or security incidents
Compliance with applicable laws and regulations
6.4 Business Transfers
In connection with any merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to the same privacy protections.
6.5 Third Parties With Your Consent
We may share personal data with other parties when you provide explicit consent for specific purposes.
7. International Data Transfers
7.1 Data Processing Locations
Your personal data may be processed in countries outside the European Economic Area (EEA), including:
United States (for certain AI and cloud services)
Other countries where our service providers operate
7.2 Transfer Safeguards
For transfers outside the EEA, we implement appropriate safeguards to the extent required by applicable law, including:
Adequacy Decisions:
We prioritize countries with EU adequacy decisions where possible
Standard Contractual Clauses (SCCs):
EU-approved Standard Contractual Clauses for transfers to non-adequate countries
Additional contractual protections and technical safeguards (if needed)
7.3 Your Rights Regarding Transfers
You have the right to obtain information about transfer safeguards and may request copies of relevant documentation.
8. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy:
8.1 Account and Service Data
Active accountsDuration of account plus 30 days after termination
Inactive accounts12 months of inactivity before deletion
Service usage logs12 months for service improvement
8.2 Communication and Support
Customer support records3 years from last interaction
Email communications3 years from last correspondence
Marketing communicationsUntil consent is withdrawn plus 6 months
8.3 Financial and Legal Records
Payment and billing data7 years (legal and tax requirements)
Legal documentationDuration of legal requirement plus 3 years
Compliance recordsAs required by applicable regulations
8.4 Website Analytics
Website visitor dataUp to 26 months
Cookie dataAs specified in cookie preferences
Security logs12 months for fraud prevention
9. Your Data Protection Rights
As a data subject, you have the following rights relating to your personal data:
9.1 Right of Access
Request copies of your personal data
Receive information about how your personal data is processed
Obtain details about personal data sharing and retention
9.2 Right to Rectification
Request correction of inaccurate personal data
Complete incomplete personal data
Update outdated information
9.3 Right to Erasure
Request deletion of personal data in specific circumstances
"Right to be forgotten" when personal data is no longer necessary
Withdrawal of consent where processing is based on consent
9.4 Right to Restrict Processing
Limit processing while accuracy is verified
Restrict processing instead of deletion
Object to processing for specific purposes
9.5 Right to Object
Object to processing based on legitimate interests
Object to direct marketing at any time
Object to automated decision-making
9.6 Right to Withdraw Consent
Withdraw consent for consent-based processing (does not affect lawfulness of processing before withdrawal)
9.7 Exercising Your Rights
To exercise any rights, contact us at privacy@zendaction.se. We will respond within 30 days and may request identity verification for security purposes.
10. Data Breach Notification
In the event of a personal data breach that poses risks to your rights and freedoms, we will notify you and relevant authorities as required by law.
11. Cookies and Tracking Technologies
11.1 Types of Cookies We Use
We use the following types of cookies:
Essential Cookies (No Consent Required):
Authentication and session management
Security and fraud prevention
Load balancing and performance
User preferences and settings
Analytics Cookies (Consent Required):
Website usage statistics and visitor behavior
Performance monitoring and optimization
A/B testing and feature evaluation
Traffic source analysis
Marketing Cookies (Consent Required):
Advertising effectiveness measurement
Social media integration and sharing
Personalized content recommendations
Retargeting and remarketing campaigns
11.2 Cookie Management
You can manage your cookie preferences through our consent tools and browser settings.
11.3 Third-Party Cookies
We use cookies from trusted third parties including:
Google Analytics for website analytics
Payment processors for transaction security
Customer support platforms for help functionality
Social media platforms for sharing features
12. Changes to This Policy
12.1 Policy Updates
We may update this Privacy Policy from time to time to reflect inter alia:
Changes in our data processing practices
New legal requirements or regulations
Service improvements and new features
User feedback and best practices
12.2 Notification of Changes
We will notify you of material changes to this Privacy Policy through appropriate means, which may include email or website notices.
12.3 Acceptance through Continued Use
Your continued use of our website or services after notified policy changes constitutes acceptance of the updated Privacy Policy.
13. Contacts and Complaints
13.1 Privacy Contact Information
For privacy-related inquiries, exercising your rights, or reporting concerns or complaints:
EU/EEA: You may also contact your local data protection authority in your country of residence.
You may contact supervisory authorities directly without first contacting us, though we encourage you to reach out to us first so we can address your concerns promptly.