Privacy Policy
1. Introduction
ZenWorkflow Ltd (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring compliance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and other relevant legislation.
This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you access or use www.zenworkflow.io and any related services, applications, or platforms operated by ZenWorkflow Ltd (collectively, the “Platform”).
By accessing or using our Platform, you acknowledge that you have read and understood this Privacy Policy.
2. Scope of This Policy
This Privacy Policy applies to personal data collected through:
- Our website (www.zenworkflow.io)
- The ZenWorkflow SaaS platform
- Direct communications with us (email, support, onboarding, etc.)
This Policy does not apply to third-party websites, services, or platforms that may be linked from our Website. Those providers operate under their own privacy policies, and we encourage you to review them carefully.
3. Data Controller
For the purposes of applicable data protection laws:
ZenWorkflow Ltd acts as:
- Data Controller for personal data relating to Website visitors, account holders, and users of our Platform.
- Data Processor where our customers upload, store, or manage personal data within the Platform relating to their own clients or employees.
Where we act as a Data Processor, we process data only in accordance with our customers’ documented instructions.
4. Information We Collect
We collect information in the following ways:
4.1 Information You Provide Directly
You may provide personal data when you:
- Create an account
- Subscribe to our services
- Request a demo
- Contact support
- Communicate with us via email or forms
This may include:
- Full name
- Business name
- Email address
- Telephone number
- Billing information
- Mailing address
- Account credentials
We collect only data necessary to provide our services or fulfill contractual obligations.
4.2 Information Collected Automatically
When you access the Platform, certain data is collected automatically.
Log Data
Our servers may collect:
- IP address
- Browser type and version
- Operating system
- Pages visited
- Date and time of access
- Referring URLs
- Error logs and diagnostic information
This data is used for system administration, security monitoring, and performance optimization.
Device Information
We may collect information such as:
- Device type (desktop, mobile, tablet)
- Operating system and version
- Browser configuration
- Session identifiers
4.3 Cookies and Tracking Technologies
We use cookies and similar technologies as described in our Cookie Policy.
Non-essential cookies are deployed only with your consent.
5. How We Use Personal Data
We process personal data for the following purposes:
- To provide and operate the Platform
- To manage user accounts
- To process subscriptions and payments
- To provide customer support
- To improve system performance and user experience
- To ensure platform security and prevent fraud
- To comply with legal obligations
- To send service-related communications
Where required by law, we obtain your consent before sending marketing communications.
6. Legal Basis for Processing (GDPR)
Under the GDPR, we rely on one or more of the following legal bases:
- Performance of a Contract – to provide our services
- Legal Obligation – to comply with regulatory requirements
- Legitimate Interests – for security, analytics, and service improvements
- Consent – for marketing communications and non-essential cookies
You may withdraw your consent at any time.
7. Data Sharing and Disclosure
We do not sell personal data.
We may share personal data with:
- Cloud hosting providers
- Payment processors
- Analytics providers
- IT and security service providers
- Professional advisors
- Regulatory authorities (where legally required)
All third-party service providers are contractually obligated to protect your data and process it securely.
8. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Equivalent legal protection mechanisms
9. Data Retention
We retain personal data only for as long as necessary to:
- Provide services
- Fulfill contractual obligations
- Comply with legal requirements
- Resolve disputes
When data is no longer required, it is securely deleted or anonymized.
10. Data Security
We implement appropriate technical and organizational measures to protect personal data, including:
- Encrypted communications (SSL/TLS)
- Secure cloud infrastructure
- Access controls and authentication mechanisms
- Regular system monitoring and logging
While we take reasonable steps to protect data, no system can guarantee absolute security.
11. Your Rights Under GDPR
Where applicable, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure (“Right to be Forgotten”)
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent
- Lodge a complaint with a supervisory authority
Requests can be submitted via the contact details below.
12. Children’s Privacy
Our Platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.
13. Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in legal requirements
- Operational updates
- Technological developments
The latest version will always be available on our Website with an updated “Last Updated” date.
14. Contact Information
If you have questions or wish to exercise your data protection rights, please contact:
ZenWorkflow Ltd
Email: support@zenworkflow.io
Website: www.zenworkflow.io