Sign InSign Up

ZOOP Privacy and Cookies Policy

At ZOOP, we are committed to protecting your privacy and handling your personal data with care and transparency. This Privacy and Cookies Policy (the “Policy”) explains what information and personal data we collect and process from you as a user of the ZOOP platform (“Platform” or “Service”), how and why we use it, with whom we share it and the rights and choices you have. It applies to all users on the Platform, including visitors to our website or app.

By creating an account or using the Platform, you acknowledge that you have read and agree to this Policy. We will only use your personal data as described in this Policy and in accordance with applicable data protection legislation, such as the EU/UK General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

1. Authorization to Process Personal Data

Registering an account on the Platform or otherwise providing us your personal data represents your conscious and express acceptance of the processing of your personal data by ZOOP for the purposes and in the manner described in our Terms and Conditions and this Policy. In other words, by creating an account or using our Services, you authorize us to handle your information as outlined here. This authorization forms part of the contract between you and us for use of the Platform. In certain cases, we will seek your specific consent as described in this Policy. If you do not consent to the processing of your data as described, you should not use the Platform. We undertake to process your personal data in accordance with applicable data protection legislation and principles, and only for the purposes stated in this Policy or as otherwise permitted by law.

2. Data Processed

Personal Data (or “personal information”) means any information that identifies or relates to an identifiable individual. We collect various categories of personal data from you (the “User”) and about your use of the Platform, as described below:

  • Information You Provide to Us: When you register or create an account, we collect personal data that you provide on signup. This may include your name, email address, username, password and/or a cryptocurrency wallet address if you choose to link a supported wallet instead of using email login. We may also ask for your date of birth or confirmation of age to ensure you are an adult and contact details such as a phone number or mailing address for account verification or communications. You may further provide profile information (like a profile photo, display name, biography or other details) at your discretion, as well as any content you choose to post or upload to the Platform, such as text, images, videos or comments). If you adhere to special programs, namely loyalty rewards, or make purchases through the Platform, you may need to provide additional information such as payment details (e.g. credit card number or payment account information) and billing address; note that payment transactions are typically processed by third-party payment gateways and processors, so we may only receive limited information, like a payment confirmation or truncated card number, for record keeping. In certain cases, to comply with legal requirements such as Know-Your-Customer (“KYC”) rules, Anti-Money Laundering (“AML”) laws or to prevent fraud, we may collect identity verification data – for example, we might request copies of your government-issued ID (e.g. passport or driver’s license), a proof of address (such as a utility bill or other correspondence letter), or other information to verify your identity and eligibility, namely a photograph or facial biometric data (a live selfie) for facial recognition matching as part of verification. This information is only collected when necessary – for instance, before enabling token redemptions or high-tier features – and is used strictly for compliance and security purposes. 
  • Information We Collect Automatically: Like most online services, we automatically collect certain data about your service and usage of the Platform. When you use our services or app, we gather information such as your IP address, device type, operating system version, browser type and language, device identifiers and app version. We log details about your interactions with the Platform, for example: the dates and times of visits or app sessions, pages or screens viewed, features used, clicks, taps and other actions taken, the content you view or engage with, and referring webpages or app store source. We also record transactional events within the Platform, such as earning of reward points, conversions of points to tokens, posts or likes) tied to your user account. In addition, we use cookies and similar tracking technologies, such as web beacons or mobile SDKs, to collect data about your browsing activities on our sites. This may include cookie identifiers or mobile advertising IDs, and analytics information about how you navigate through our Service. For example, we may collect data on how long you spend on certain pages, error logs and interaction data which helps us improve our features. Some cookies are necessary to enable core functionality such as keeping you logged in or remembering your preferences, and others help us analyze traffic and usage patterns or personalize your experience.  Cookies may also be used to secure the Platform by enabling features like two-factor authentication and detecting suspicious logins. You can, at any time, configure your web browser or device settings to block or delete cookies, but note that some parts of our Service may not function properly if cookies are disabled. For more information, see our Cookies notice or your browser’s help documentation on managing cookies.
  • Information from Third Parties: We may process personal data about you from other sources in certain situations. For instance, if you choose to register or log in via a social network or third-party account, we will receive basic profile information (your name, email or user ID) from that third-party as needed to create your account. If another user invites you to the Platform or refers to you, we might receive your email or username from them. In addition, if we employ third-party identity verification services, those providers may furnish us with verification status or risk scores. We could also receive information about you from public blockchain networks: for instance, if you link a crypto wallet, we may look up associated blockchain data, such as your token holdings or transaction history related to our Platform’s tokens, to facilitate Platform features. However, such data is usually public on the blockchain and not collected under our control. Finally, we may collect information that you publicly share through the Platform or our official pages on social media. We treat all such third-party or publicly-sourced information in accordance with this Policy once it is associated with your account or otherwise combined with personal data we have collected directly from you.

In summary, the personal data we process can be categorized as follows:

  • Identification Data: details that identify you, such as your full name, date of birth, government-issued identification numbers or documents, and any biometric identifiers used for verification;
  • Contact and Profile Data: contact information and account details like your email address, phone number, mailing address, username and password, as well as profile information;
  • Transactional Data: information about your transactions within the Platform, including payment and purchase details, billing information, linked digital wallet information and your purchase or redemption history;
  • Communication Data: content of communications we exchange with you.
  • Marketing Data: your preferences for receiving marketing communications and details about your engagement with those communications;
  • User-Generated Content and Metadata: any content you create or provide on the Platform and related metadata.

3. Purpose, Use and Communication of Personal data

We use your personal information only for specified, explicit and legitimate purposes, and we do not further process it in a manner incompatible with those purposes. In this Section, we describe why and how we use your data (“Purposes”) and the legal basis that allow us to process it under data protection laws.

We also explain with whom we may share your data (“Communication” or “Disclosures”).

3.1. Purposes and Legal Basis for Processing:

  • Provide and Operate the Platform: First and foremost, we process your data to provide you with the Services and features you request – this includes using your registration information to create and administer your user account, enabling you to create and share content, facilitating social interactions, awarding loyalty points for your engagement, and allowing you to redeem or convert rewards (ZOOP Points or ZOOPCoin) in accordance with our Platform’s mechanics. We use personal data to authenticate you when you log in and to maintain your account and profile, including storing your content, preferences and history on the Platform. This also entails processing data when you enter promotions, surveys or other activities on the Platform. This data processing is necessary to perform our contract with you (the Terms and Conditions). Without this data, we cannot provide the core Platform services to you.
  • Communicate with You: We use contact information, like your email address or in-app notifications, to send service-related communications, such as account confirmations, password resets, important updates about your account or the Platform, and customer service messages. We may also respond to you regarding any inquiries, support requests or feedback you send us. Such communications are our legitimate interest in providing an expectably reliable customer service. We will also use your contact details to send you marketing or promotional communications, such as updates on new features, special offers or bonus promotions, based on our legitimate interests supported by our relationship in which you expect this data processing on our side. You can opt out at any time by using the unsubscribe link or contacting us. 
  • Personalization and Platform Enhancement: We may process data about your activities and interests to personalize your experience on the Platform. This means processing your usage data to recommend content or creators you might like or to tailor the order of posts in your feed to show you relevant material. We also analyze usage and feedback to improve our products and services, develop new features and understand user trends. For example, we might review aggregated data on which features are used the most or run analytics on how users progress through our onboarding in order to optimize those aspects. We may also measure the effectiveness of any marketing campaigns (if applicable) by analyzing engagement. These processing activities are based on our legitimate interests in improving and growing our Platform and providing users with a more engaging, customized service. We ensure that our legitimate interests do not override your rights and freedoms by offering opt-outs wherever feasible and using de-identified data for analytics when possible.
  • Safety, Security and Legal Compliance: Protecting our users and complying with laws are paramount. We process personal data to enforce our Terms and Conditions to prevent fraud, spam and other malicious activities, and to ensure the integrity and security of the Platform. We may use automated tools to detect fake accounts or bot activity, monitor content for abuse or violations, and log IP addresses to combat suspicious logins or Distributed Denial of Service (DDoS) attacks. If we suspect prohibited behavior, we might use data to investigate and take appropriate human action, including human review of relevant data. We also process personal information as needed to meet our legal obligations – this can include verifying your identity and eligibility (e.g. to comply with age restrictions or KYC/AML regulations), keeping required records and responding to lawful requests by authorities. Specifically, we use your information to perform legally mandated KYC checks and Customer Due Diligence (“CDD”) procedures to comply with AML and other financial crime prevention regulations. Processing for these safety and compliance purposes is supported by necessity for compliance with legal obligations, as well as based on our legitimate interests to maintain a safe Platform. In certain jurisdictions, we may have specific legal requirements to retain data for a set period, as according to Section 3.3 on Data Retention).
  • Enhanced Due Diligence (“EDD”): There are some instances where we implement additional screening measures for certain users who present a higher risk profile. Enhanced Due Diligence (“EDD”) involves collecting and analyzing supplementary personal information beyond standard KYC to thoroughly verify a user’s identity, background and the nature of their intended activities, which can include proof of address documents (e.g., bank, brokerage, and/or credit card statements, utility bills, mortgage statements, and/or property tax statements), employment or professional information (e.g., employer, job title/position, office location); source of wealth (e.g., bank deposit confirmation); and enhance identity check (e.g. verification of secondary IDs). We conduct EDD only when required by law or by our internal risk management policies (for instance, if initial KYC checks flag potential risks or if you seek to engage in higher-risk transactions), and the legal basis for this processing is compliance with our anti-money laundering obligations and our legitimate interest in preventing fraud and illicit activity. All additional data collected for EDD is used solely for compliance verification and is protected with the same care as other personal data.
  • Additional Uses with Consent: If we ever need to process your personal data for a purpose that is not outlined in this Policy or obviously related to the original purposes, we will seek your prior consent. We will not process personal data for any new, incompatible purpose without your prior consent. You are not obligated to consent to any additional use, and your refusal will not affect the core services we provide to you.

3.2. Disclosure of Personal Data (Sharing with Third Parties):

We do not sell your personal information to data brokers or unrelated third parties for their own marketing use. However, we do share certain categories of personal data with trusted third parties and partners, but solely for the business and legal purposes described below. In all cases, we share the minimum necessary information, and we require service providers, contractually, to protect and use it only for the purposes we specify. The circumstances under which we may disclose personal data include:

  • Service Providers: We employ third-party companies and individuals to perform services on our behalf that support the Platform’s operation and infrastructure. This includes, for example, cloud hosting providers (who store our databases and files), content delivery networks, data analytics providers (who help us analyze usage), email delivery services (to send authentication codes or communications), customer support tools, payment processors (to handle any purchases or transactions – note that for payments, the provider directly receives your payment details and we generally do not store your full credit card info), and identity verification services (to perform KYC checks when required). These service providers act under contractual instructions from us and are not allowed to use your personal data for any purpose other than providing the requested services. For instance, our analytics provider cannot use your data to independently market to you, and any payment processor is restricted to using data only to process payments and comply with legal obligations.
  • Affiliates and Corporate Group: We may share personal data with our affiliated companies under common ownership or control. In particular, if ZOOP’s services are provided by multiple legal entities, your information may be shared between these entities. Such intra-group sharing is done for internal administrative purposes, platform functionality and to give you a seamless experience across the Platform. All affiliated group members will honor the commitments in this Privacy and Cookies Policy. 
  • Other Users and Public Disclosure: Certain information on the Platform is meant to be shared with other users by the nature of the service. Any content you post or make publicly available on your profile will be visible to other users on the Platform, and potentially indexable by search engines, if the Platform allows public web viewing of content. Similarly, if the Platform features social interaction, your basic profile info may be displayed to others. Please be mindful that any information you choose to share in a public profile or in user-generated content can be viewed and used by others; such sharing is initiated by you, not by us. We are not responsible for how other users might use information you make public through the Platform. We will never, in any case, share your private communications, except as needed to provide the service or if required by law.
  • Legal Compliance and Protection: We may disclose personal data to courts, law enforcement, regulators, governmental authorities or other third parties when we believe such disclosure is necessary to comply with a legal obligation or request, such as a subpoena, court order or search warrant. We may also share information if we believe in good faith that it is appropriate to protect our rights, property and safety or that of our Users or others. For example, we might disclose data to law enforcement to report suspected illegal activity or to investigate violations of our Terms. Whenever we disclose data under these circumstances, we will only do so to the extent we deem reasonably necessary and in accordance with applicable law.
  • With Your Consent: In cases where you have provided explicit consent for a specific data sharing arrangement not covered above, we will share your information according to that consent. You have the right to revoke any such consent at any time, and we will cease sharing in the future.

We want to reiterate that we do not sell your personal data or share it with third parties for their own direct marketing. Also, we do not share personal information for targeted advertising purposes without your consent. All transfers of personal data to our service providers or affiliates are made under written agreements that require them to keep the data confidential and secure. Additionally, any data we disclose to comply with legal obligations will be narrowly scoped to that requirement. We may share aggregated or de-identified information with third parties freely, such as publishing statistics about platform usage, as that information is not personal data and will not identify you.

3.3. Data Retention and International Transfers:

Your personal data will be stored only as long as necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law. In general, we retain your information for as long as you maintain an account with us, or as needed to provide you with the Services. If you delete your account (or it is deactivated), we will delete or anonymize your personal data within a reasonable period after the account disclosure, except to the extent we need to keep it to comply with legal obligations or resolve disputes (we may retain certain transaction records and correspondence for a number of years to meet financial reporting or audit requirements, or to have an accurate record in case of legal claims. We also may retain backup copies of data for a limited time in our disaster recovery systems. When we no longer have a legitimate need to keep your personal data, we will securely erase it or anonymize it.

Because ZOOP operates globally, your personal data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards when transferring personal data internationally, namely to our servers or partners in the United States or other jurisdictions. These safeguards may include transferring to countries that the European Commission has determined provide an adequate level of data protection, and for other transfers, using Standard Contractual Clauses (“SCC”) approved by the European Commission or other lawful transfer mechanisms. Regardless of where your data is processed, we protect it to the same high standard and ensure your privacy rights remain enforceable. You may contact us for more information about international data transfers or to obtain a copy of the relevant safeguards.

We also take steps to secure your personal data, as detailed in Section 6 below, wherever it is stored.

4. Rights of Data Subjects

You have rights regarding your personal data. We respect and uphold these rights, and provide you mechanisms to exercise them. Under GDPR and equivalent data protection laws, you have the following rights (subject to certain exceptions and limitations): the right to access the personal data we hold about you, the right to rectification of inaccurate data, the right to erasure of your data (“the right to be forgotten”), the right to restrict processing of your data, the right to object to certain processing, and the right to data portability. Additionally, if we have collected and processed your personal data based on your consent, you have the right to withdraw your consent at any time, which will not affect the lawfulness of processing based on consent before its withdrawal. Below, we explain these rights with more detail:

4.1. Access, Rectification and Erasure of Personal Data:

  • Access: You have the right to request that we confirm whether we are processing your personal data, and to obtain a copy of the personal data we hold about you, as well as information about how we use it. This is commonly known as a Subject Access Request. Upon verification of your identity, we will provide you with a summary of your personal data in our records, and supplementary details such as the purposes of processing, the categories of data, and the parties with whom it is shared.
  • Rectification: We want to ensure that your personal information is accurate and up to date. You have the right to request correction of any incorrect or incomplete data we have about you. If you realize that any information in your account profile is wrong (for example, you change your email or your address), you can usually update it directly in your account settings. If not, you can contact us to have it corrected. 
  • Erasure: You have the right to request that we delete your personal data, in certain circumstances. You can request erasure, for example, if the data is no longer necessary for the purposes for which it was collected, if you have withdrawn consent and no other legal basis for processing exists, or if you object to processing and we have no overriding legitimate grounds. If you wish to delete your account, you may do so through the settings (if available) or by contacting us. Please note, we may need to retain some information after account deletion when required by law or for legitimate business purposes for instance, we might retain transaction records to comply with financial regulations or keep a record of your email to honor an unsubscribe request. We will inform you if any data cannot be fully erased due to a legal exception​. Other than such cases, we will proceed to erase or anonymize your personal data within a reasonable timeframe upon your request.

4.2. Objection to and Restriction of Processing:

  • Right to Object: You have the right to object to our processing of your personal data in certain scenarios. You can also object when we are processing your data based on legitimate interests (or performing a task in the public interest) and you have grounds relating to your situation. Notably, you can object at any time to processing of your data for direct marketing purposes – if you do so, we will stop using your data for marketing (this is an absolute right). In such cases, we will consider your objection and will cease processing the data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or unless the processing is for the establishment, exercise, or defense of legal claims.
  • Restriction: You have the right to request that we limit the processing of your personal data in certain circumstances. This right applies, for instance, if you contest the accuracy of the data (for a period enabling us to verify it), or if the processing is unlawful and you oppose erasure and prefer restriction, or if we no longer need the data but you need it for a legal claim, or if you have objected (pending verification of overriding grounds). When processing is restricted, we will continue to store your data but will not use it or share it further except for storage or as necessary for legal claims or protecting others’ rights. If you request a restriction, we will inform you before lifting the restriction. In summary, if you exercise your right to object or restrict, we will pause or adjust processing of the specific data as required by law. We will also inform any third parties to whom the data was disclosed (if feasible) about the restriction or objection so they can also respect it.

4.3. Data Portability:

You have the right to data portability, which means you can request to receive certain personal data that you have provided to us in a structured, commonly used format, and have the right to transmit that data to another controller, where technically feasible​. This right applies only to personal data that we process by automated means, and only where the processing is based on your consent or on a contract to which you are a party (i.e. the legal basis is consent or contract). We will make efforts to provide the data in a convenient format  that you can then port to another service if you wish. Note that data portability does not imply erasure; after providing your data to you, we may still keep a copy as required.

4.4. Exercising Your Rights: 

To exercise any of your data subject rights, you can contact us using the information in Section 7 below. Typically, you will need to send us an email from the address associated with your account or provide sufficient information for us to verify your identity. This is to ensure we do not disclose or modify data at the request of someone other than the data subject. We may ask for additional information to verify your identity before fulfilling a request (for example, we might ask you to confirm some profile details or provide identification). We will respond to legitimate requests as soon as possible and at least within the timeframe required by law (30 days under GDPR, which may be extended for complex requests). There is no fee for making a request, unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request. If we refuse a request, we will explain our reasons subject to legal restrictions.

We also inform you that, under GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates the law. For example, if you are in the EU, you can contact the data protection authority in your country of residence, or in the UK the Information Commissioner’s Office (ICO). We encourage you to contact us first, and we will do our best to address your concerns, but you always have the option to approach the authorities. If, after contacting us, you feel that your data protection rights have not been respected, you may file a complaint with the competent supervisory authority in your jurisdiction. 

Note for California residents: In addition to the rights above, California consumers have specific privacy rights under the CCPA, including the right to opt out of the sale or sharing of personal information and the right not to be discriminated against for exercising their rights. Please see Section 10 below for a detailed description of your California privacy rights and how to exercise them.

5. Definition of Profiles and Automated Decisions

In providing our Services, we may process some personal data through automated means, including the creation of user profiles. “Profiling” means analyzing or predicting aspects of an individual’s behavior, preferences or interests through automated processing. Automated decision-making refers to decisions made about you by a computer or algorithm without significant human involvement. We would like to clarify how we use these techniques on the ZOOP Platform:

  • Profile Definition: We may build a basic profile of your interests and engagement with the Platform based on your activities. We may also categorize Users by their loyalty tier (e.g. Silver, Gold, Platinum, Centurion) based on objective criteria like the amount of ZOOPCoin staked or points earned, as described in our Terms. These profiles are used to personalize your experience, such as showing you relevant content or offering rewards suited to your tier) and to operate features like our loyalty rewards program. Importantly, we do not use profiling to make any decisions that produce legal effects or similarly significant effects on you without human review. Any profiling we do is intended to enhance your experience, and you have the right to object to profiling as noted in Section 4.2. if you have a specific reason.
  • Automated Decisions: Some functions of the Platform involve automated decision-making, like using automated filters to moderate content or to detect violations of our community rules. Another example is using automated verification systems: when verifying your identity documents, a system might automatically confirm if the ID is valid. No fully automated decision that significantly affects your rights or interests is made without human oversight. We have procedures to ensure that if an automated system flags or denies something critical, such as suspending your account or rejecting a transaction, a human will review the decision and the data, particularly if you contest it. This is in line with our commitment that final decisions involve human intervention whenever necessary.

In summary, while we use technology like algorithms and machine learning to improve our service for personalization, security and efficiency, we do not rely on solely automated decisions for anything that could be considered high-risk or unfair to you. If you believe that an automated decision has been made in error, you have the right to contact us and request human review of that decision. We will also be transparent in informing you if any given decision was made automatically and what logic was used, to the extent required by law.

6. Data Security Measures

We take the security of your personal data very seriously. ZOOP implements a variety of technical and organizational measures to protect your information against unauthorized access, loss, misuse, or alteration. These measures are designed following industry best practices and are regularly reviewed and updated to maintain an appropriate level of security. Some of the key security practices we employ include:

  • Encryption: Sensitive data is encrypted in transit and, where applicable, at rest. For example, our website is served over HTTPS to encrypt data exchange between your browser and our servers, and user passwords are stored using strong one-way hashing algorithms. If you link a crypto wallet, know that we never receive your private keys – you retain control, and transactions are signed client-side. Any payment information handled by third-party processors is protected by their security protocols and we do not store full payment card details on our servers.
  • Access Controls: We restrict access to personal data strictly to authorized personnel who need it to operate or support the Platform. Our staff and contractors are bound by strict and rigorous confidentiality obligations. We implement role-based access controls, meaning each employee can only access the specific data necessary for their job function. Administrative access to systems containing personal data requires strong authentication (such as multi-factor authentication) to prevent unauthorized logins​.
  • Monitoring and Testing: We monitor our systems and infrastructure for potential vulnerabilities and attacks. We keep our software and libraries up to date to patch security issues promptly.
  • Organizational Policies: We have internal policies and training in place to ensure all team members follow security and privacy best practices. Our team is educated about social engineering risks and proper data handling procedures. We also have an appointed security team that responds to incidents. In the event of any data breach affecting your personal data, we will notify you and the relevant authorities as required by law.

While we strive to use commercially acceptable means to protect your information, please be aware that no method of transmission over the Internet, and no method of electronic storage, is 100% secure​. Therefore, we cannot guarantee absolute security. You also play an important role in keeping your data safe, therefore, we urge you to use a strong and unique password for your account and to keep your account credentials confidential. If you suspect any unauthorized access or encounter any security issues, please contact us immediately.

7. Data Protection Officer and Contact Information

We have appointed a team responsible for privacy and data protection, which includes a Data Protection Officer (DPO) where required. If you have any questions, concerns, or requests regarding this Privacy and Cookies Policy or your personal data, you can contact our Data Protection Officer or privacy team at support@zoop.com​.

7.1. Exercising your rights: 

To make a data access, correction, or other request (as outlined in Section 4), please write to us at the contact details above with attention to “Privacy Request.” We may provide a form to streamline the process. As noted, we will need to verify your identity to process certain requests, which might involve additional steps or information​. We will respond within the timeframe required by law.

If you have a concern about how we have handled your personal data, we encourage you to contact us so we can try to resolve it. However, if you are not satisfied with our response, you have the right to contact your country’s data protection authority or another applicable regulator. For users in the EEA, you can find your DPA’s contact at the European Data Protection Board website; in the UK, you can reach the ICO; and in California, you can reach the California Attorney General’s office or the California Privacy Protection Agency.

8. Modifications to the Policy

We may update or modify this Policy from time to time, for example to reflect changes in our practices, to clarify our policies, or to ensure compliance with legal requirements or guidance. If we make material changes, we will notify you by appropriate means, such as by posting a notice on our website or in-app, and/or by sending an email notification to the address associated with your account – prior to the change becoming effective, as required by law​. We will also update the “Last Updated” date at the top of this Policy. We encourage you to review this Policy periodically to stay informed about our data practices.

Your continued use of the Platform after any changes to this Policy signifies your acceptance of the updated terms, to the extent permitted by law​. If you do not agree with any update, you should discontinue use of the Services and may request that we delete your personal data. For significant changes, especially those that may affect your rights, we will obtain your consent if and as required. For example, if we were to seek new consent for a new processing purpose, we would do so explicitly.

We will not apply changes to this Policy retroactively without your consent, and if we make a change that requires by law to seek your consent, we will do so. We will always keep older versions of this Policy available (upon request or via our website) for reference so you can see what has changed.

9. Applicable Law and Jurisdiction

This Policy and any matters relating to the processing of your personal data are governed by the laws of England and Wales. Any disputes concerning the interpretation or enforcement of this policy shall be subject exclusively to the jurisdiction of the courts of England and Wales, except where local laws applicable to you mandate a different jurisdiction.

If any provision of this Policy is found invalid or unenforceable by a competent court, that provision shall be enforced to the maximum extent permissible, and the remainder of the Policy shall remain in full effect. Our failure to enforce any part of this Policy is not a waiver of our right to later enforce that or any other part.

10. California Privacy Rights (“CCPA”)

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA) regarding your personal information. These include:

  • Right to Know: You can ask us to tell you what personal information we have collected about you and how we have used, shared, or sold it. You may also request a copy of this personal information we hold about you.
  • Right to Delete: You can request that we delete the personal information we have collected from you.
  • Right to Opt-Out: You can opt out of the sale of your personal information to third parties.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, please contact us at privacy@zoop.com

If you have reached the end of this Policy, thank you for taking the time to understand our practices. 

We hope it has clarified how ZOOP handles your personal data and your rights regarding that data. 

Using our Platform implies trust in how we manage your information, and we value that trust. We are continuously working to protect your data and privacy.