Privacy policy
General information
This privacy policy has been compiled to better serve those who are concerned with how their 'Personally identifiable information' (PII) is being used online.
PII, as used in US privacy law and information security, constitutes any data that can pinpoint an individual, either by itself or when combined with other information.
Please read our privacy policy carefully to get a clear understanding of how We collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our Website.
This Privacy Policy describes the ways We collect, store, use and manage the information you provide to us or We collect in connection with your use of Zumatix Website accessible at https://zumatix.com/ and our other Websites on which this Policy appears (the 'Website'), and when you apply for or participates in Zumatix advertising program for publishers (the 'Program').
To explain the terms used:
- "Account" means a unique account created for You to access our Service or parts of our Service.
- "Affiliate" means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
- Reference to Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) should mean Zuma Solutions Limited, a United Kingdom company whose company registered office is Flat 44 Ennerdale House, 121 Hamlets Way, London, England, E3 4TY;
- "Country" refers to: United Kingdom
- "Device" means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- "Personal Data" is any information that relates to an identified or identifiable individual.
- Service refers to the Website.
- "Service Provider" means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
- "Usage Data" refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- "Website" accessible from https://zumatix.com/
- "You" means the individual accessing or using the Service. If you access or use the Service on behalf of a company or other legal entity, "You" refers only to the individual user. If you do not understand or agree to this Privacy Policy, you must leave this Website or service.
If you do not understand or agree to this Privacy Policy, you must leave this Website or service.
If there are any questions regarding this Privacy Policy you may contact us using the information below:
Zuma Solutions Limited.
Add: Flat 44 Ennerdale House, 121 Hamlets Way, London, England, E3 4TY
Contact email: info@zumatix.com
The Data controller responsible for your Personal Data is Zuma Solutions LTD.
We are in compliance with the requirements of the Children's Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our Website, programs are all directed at people at least 13 years old or older.
BY SUBMITTING YOUR INFORMATION TO US AND USING THIS WEBSITE AND/OR PROGRAM YOU AGREE TO THIS PRIVACY POLICY AND PROCESSING OF YOUR PERSONAL DATA IN THE MANNER PROVIDED IN THIS POLICY.
Legal basis
We make sure that our Privacy Policy matches the main regulations such as EU General Data Protection Regulation (GDPR), the Children's Online Privacy Protection Act, California Privacy Rights Act (CPRA), etc.
What data is being collected?
While using our Website We collect two types of Personal Data: Directly provided and Automatically collected.
Directly Provided
Directly Provided Personal Data refers to data We ask you to tell us voluntarily. For instance, personal identification information such as names, emails, phone numbers.
Automatically Collected
We may automatically collect certain Personal Data when you access or use the Website. Such information may include, without limitation, your Internet Protocol (IP) address, the type of device you use, device identifiers or serial numbers, browser type, version, and language preferences, the type and version of your operating system, as well as data regarding the number of visitors to, and frequency of use of, the Website. This information is collected and processed for the purpose of analyzing usage patterns and improving the functionality, performance, and overall user experience of the Website and Program.
Some of this Personal Data may be collected through the use of cookies, similar tracking technologies, and third-party analytics tools, including but not limited to Google Analytics.
Google Analytics collects information such as how often users visit the Website, what pages they visit when they do so, and what other sites they used prior to coming to the Website. We use the information We get from Google Analytics only to improve the Website and Program. Google Analytics collects only the IP address assigned to you on the date you visit the Website, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with your Personal Data. Although Google Analytics plants a permanent cookie on your Web browser to identify you as a unique user the next time you visit the Website, the cookie cannot be used by anyone but Google. Google's ability to use and share information collected by Google Analytics about your visits to the Website is restricted by the e Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to the Website by disabling cookies on your browser.
If you want to find out more about the types of cookies We use, take a look at our Cookies and Tracking Technologies.
Information from third parties
Except the Personal Data that is collected by the Website, We use external sources, mainly publicly available materials or reliable third parties such as payment providers or certificate authorities.
Sensitive Personal Information
We do not by any means collect and process Sensitive Personal Information.
Sensitive Personal Information (SPI) is data that goes beyond a name or email. It includes highly private details such as government identifiers (e.g., Social Security Number), account log-in credentials, financial account, precise geolocation, genetic data etc.
How Personal Data is Used?
Usage of your Personal Data is vital for us to properly provide you with requested services.
For better understanding, there are a primary means by which We process your Personal Data.
| Purpose of Processing | Examples of Processing | Legal Basis under GDPR |
|---|---|---|
| Operating our Website and Program | Running and maintaining the Website and Program; ensuring functionality; delivering services requested | Article 6(1)(b) – Performance of a contract; Article 6(1)(f) – Legitimate interest |
| Account setup and management | Creating, operating, and maintaining your account | Article 6(1)(b) – Performance of a contract; Article 6(1)(f) – Legitimate interest |
| Eligibility and identity checks | Determining whether you qualify for the Program; verifying your identity | Article 6(1)(b) – Performance of a contract; Article 6(1)(f) – Legitimate interest |
| Legal and regulatory compliance | Meeting tax and accounting obligations; complying with AML/CTF regulations; preventing illegal activities | Article 6(1)(c) – Compliance with a legal obligation |
| Customer support | Assisting with technical, payment, or other Website/Program-related issues | Article 6(1)(b) – Performance of a contract |
| Service improvement and development | Testing and developing new features; carrying out technical analysis; optimizing user experience | Article 6(1)(f) – Legitimate interest |
| Security, fraud prevention, and fairness | Detecting and reporting crime; ensuring network security; mitigating risks; preventing fraudulent or malicious activity; enforcing Terms and Conditions | Article 6(1)(c) – Compliance with a legal obligation; Article 6(1)(f) – Legitimate interest; Article 6(1)(b) – Performance of a contract |
| Analytics and reporting | Producing aggregated or anonymized statistics and reports for internal use, public release, or sharing with third parties | Article 6(1)(f) – Legitimate interest |
| Financial transactions | Facilitating, managing, and confirming payments and related financial operations | Article 6(1)(b) – Performance of a contract; Article 6(1)(f) – Legitimate interest |
| Fraud and risk assessments | Assessing fraud risk; verifying credentials via financial institutions, identity verification agencies, and credit reference agencies | Article 6(1)(c) – Compliance with a legal obligation; Article 6(1)(b) – Performance of a contract; Article 6(1)(f) – Legitimate interest |
| Advertising and risk management | Monitoring advertising activity linked to your account; managing associated risks | Article 6(1)(f) – Legitimate interest; Article 6(1)(b) – Performance of a contract |
| Exercising contractual rights | Enforcing rights under our Terms and Conditions or other agreements with you | Article 6(1)(b) – Performance of a contract |
| Group company disclosures | Sharing information within our corporate group for internal administration or restructuring | Article 6(1)(f) – Legitimate interest |
| Third-party disclosures | Sharing information with advertisers in connection with suspicious, fraudulent, or allegedly illegal activity | Article 6(1)(f) – Legitimate interest |
Cookies and Tracking Technologies
Cookies are small files that are stored on your device. In conjunction with comparable technologies, cookies facilitate the collection and retention of information regarding your browsing, usage, and download activities on our Site, as well as within the broader ecosystem of Websites and applications through which our Services are provided.
On our Website cookies are divided into two categories: sessional, which persists only until you end your session, and persistent, which persists even after you end your session.
Information collected through the use of the cookies and similar technologies is used by us for purposes described in our Privacy Policy.
Our use of cookies and similar tracking technologies is classified according to the purposes for which the related information is collected and processed. Please note that certain cookies may be deployed differently by our Clients:
- Strictly Necessary Cookies: These cookies are indispensable for the proper operation of the Site and cannot be deactivated within our systems. They are generally set in response to actions undertaken by you that constitute a request for services, such as configuring your privacy preferences, authenticating your login, or completing electronic forms.
- Performance and Analytics Cookies: These cookies enable us to monitor and analyze Site traffic and usage patterns, thereby facilitating the measurement and enhancement of the performance of the Site and the Services. They provide insights into the relative popularity of pages and the manner in which users navigate the Site.
- Functional Cookies: These cookies allow the Site to recognize you upon your return and to retain your stated preferences (for example, language selection or regional settings), thereby enhancing the personalization of your experience.
- Targeting Cookies: These cookies may be placed by our advertising partners to establish a profile of your interests and to deliver advertising content tailored to those interests. They may also serve to restrict the frequency with which specific advertisements are presented to you and to evaluate the effectiveness of advertising campaigns.
You have the right to decide whether to accept or reject cookies. You can:
- Browser Settings: Most browsers automatically accept cookies, but you may modify your browser settings to refuse cookies or alert you when cookies are being placed.
- Cookie Banner/Consent Tool: Where required by law, We will provide a cookie banner or consent management platform to allow you to manage your preferences.
- Opt-Out Tools: Some third-party providers may offer their own opt-out mechanisms (e.g., Google Analytics opt-out tools).
Please note that disabling certain cookies may affect the functionality of the Site and limit your user experience.
Automated Processing and AI
We may use automated systems, including algorithms and artificial intelligence tools, to analyze usage data and improve our Services. These systems do not make decisions that have legal or similarly significant effects on You. You may request human review of any decision based solely on automated processing.
Rules on sharing Personal Data
We have strict rules regarding who We can share your Personal Data with. It includes:
- Other companies in our group of companies;
- Third-party service providers and partners who assist us in the provision of Website and Services which you have requested, for example, to those who support delivery of or provide functionality on Website or for Program, or market or promote our Website and Program;
- Regulators, law enforcement agencies, government bodies, courts, fraud prevention agencies, licensing bodies or other third parties, where We think it is necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights (where possible and appropriate, We will notify you of this type of disclosure);
- Advertisers, whose offers you have accepted;
- Affiliates and other persons that introduce you to us;
- Identity verification agencies;
- An actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business; and/or
- Other persons where We have your consent.
Disclosure and processing of Your Personal Data
There are several situations in which We can disclose your Personal Data to ones listed above. Mostly they can be summarized to:
Contract Performance
We may disclose or process your Personal Data where such processing is necessary in order to take further steps at your request prior to entering into a contract, for example, during your enrollment in the Program, or where it is necessary for the performance of a contract to which you are a party, in accordance with Article 6(1)(b) of the GDPR.
Legal Obligations
We are subject to various legal obligations that require us to process your Personal Data. Such processing is carried out where it is necessary for compliance, for example, with tax and accounting requirements, anti-money laundering (AML) and counter-terrorist financing (CTF) regulations, fraud prevention, and mandatory reporting obligations to competent authorities.
Consent
In certain limited cases We disclose or process your Personal Data based on your consent, for example, when it is required for direct marketing purposes.
Legitimate interests
Your Personal Data may be disclosed or processed when We, other companies in our group of companies or third parties have a business or commercial reason to process your Personal Data.
Consent obligation
Since our services aim for consumers who have reached the age of consent, We do not collect or share Personal Data of anyone under 16.
International data transfer
We must warn you that your Personal Data may be transferred to, and processed in, countries other than your country.
We will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.
Provision for individuals in the European Economic Area (EEA): Aforementioned means that your data may be transferred outside of the EEA. Where your Personal Data is transferred outside the EEA, it will be transferred to countries where We have compliant transfer mechanisms in place to protect your Personal Data, in particular, by implementing the European Commission's Standard Contractual Clauses to the contracts with the entities the data is transferred to.
Security
We truly care about protecting your Personal Data and implement effective technical and organization actions and measures:
- Data encryption. We encrypt all data that goes between you and us using industry-standard TLS (Transport Layer Security), protecting your personal and financial data. Your data is also encrypted when it is stored on our servers, and encrypted when We transfer it between data centres for backup and replication.
- Limited access. We restrict access to personal information to our employees, contractors, and agents who need that information in order to process it.
- Network protection. Multiple layers of security controls protect access to and within our environment, including firewalls, intrusion protection systems and network segregation. Our security services are configured, monitored and maintained according to industry best practice. We partner with industry-leading security vendors to leverage their expertise and global threat intelligence to protect our systems.
- Secure data centres. Our servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. We maintain geographically separated data replicas to minimize the risk of data loss or outages.
- Security monitoring. Our security team continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.
- All personnel are subject to full confidentiality. In the event that your data is compromised, We will notify you and a competent supervisory authority(ies) within 72 hours.
Data breach notification
We implement automated systems to monitor and log all security incidents, identifying potential vulnerabilities and recording breach details for analysis.
However, if a breach occurs, affected users and the relevant supervisory authority are going to be informed within 72 hours.
Data Retention
We retain your Personal Data as long as it is allowed either by your consensual actions or by law.
Thus your Personal Data doesn't last forever: some data can be deleted directly by you, which means that data is retained after you remove it, or just deleted automatically by the date controller system.
We may delete your Personal Data ourselves in case it is no longer necessary. Storage periods will depend on several elements, such as the industry sector, the type of data processing, and any other regulatory requirements that apply.
To meet the data retention requirements We use effective management tools, technologies, and processes:
- Data organisation and classification - systems that sort and label data to make it easier to manage and keep only what's needed.
- Data encryption - tools that protect data by making it unreadable to unauthorised people, keeping it safe for as long as needed.
- Automatic data deletion - tools that automatically remove data when it's no longer needed.
- Data backup and archival - solutions that store data securely for a long time, with rules for how long it should be kept.
- Centralised data management - platforms that allow you to set and control data retention rules across different storage systems.
- Data access control - systems that ensure only authorised people can access or change data.
- Compliance management - tools that help meet legal rules by tracking data usage and retention and providing records for audits.
- Cloud storage and deletion - cloud services with built-in settings to keep or delete data based on rules.
Your rights
According to Chapter 3 of GDPR you can exercise the following rights:
- Right to access. You have the right to access (and obtain a copy of, if required) your Personal Data.
- Right to rectification. You have the right to update your Personal Data or to correct any inaccuracies.
- Right to erasure. You may have the right to request that We delete your Personal Data in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
- Right to restriction of processing. You may have the right to request to restrict the use of your Personal Data in certain circumstances, such as when you have objected to our use of your Personal Data but We need to verify whether We have overriding legitimate grounds to use it.
- Right to data portability. You have the right to transfer your Personal Data to a third party in a structured, commonly used and machine-readable format, in circumstances where the Personal Data is processed with your consent or by automated means.
- Right to object. You may have the right to object to the use of your Personal Data in certain circumstances, such as the use of your Personal Data for direct marketing.
- Right to complain. You may sent your a complaint to us if you believe We breached any rule of Personal Data collection, processing or protection.
Opt-Out Option
According to the Article 6(1)(b) GDPR and CCPA/CPRA (if you are a California Resident) you have the right to opt out of certain uses of your Personal Data, including receiving promotional emails, newsletters, data Sharing with Third Parties or other legitimate interests.
You may exercise this right by contacting us at info@zumatix.com.
Complaints
If you are not satisfied with how We are processing your Personal Data, please let us know by sending an email to info@zumatix.com. We will review and investigate your complaint, and try to get back to you within a reasonable time frame.
You have the right to complain to your local data protection authority. This right may not be available to you if there is no authority dealing with data protection in your country. You can exercise your rights at any time by making adjustments in your account or by sending an email to info@zumatix.com.
Modifications
We will occasionally update this Private Policy to reflect changes in our practices and services. When We post changes to this Private Policy, We will revise the 'Last Updated' data of this Private Policy.
We recommend that you check this page from time to time to inform yourself of any changes in this Private Policy or any of our other policies. If You continue to use the Service after those changes are in the effect, You agree to the revised Privacy Policy.
Please also read our Terms and Conditions.
Updated November 10, 2025