Last update December 31, 2019
We are committed to safeguarding the privacy of users of Zerynth products and services operated by or on behalf of TOI Srl (provider of Zerynth).
For customers based in the European Union (EU) we make every effort to be fully GDPR compliant. For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ and a ‘data processor’ of your personal information.
Zerynth Data Protection Officer is Giacomo Baldi, you can reach him via email, firstname.lastname@example.org .
Our Physical address is: Largo Padre Renzo Spadoni Snc, 56126 Pisa, Italy
1.1. When we say “we,” “our” or “us” “Zerynth”, and “TOI” we are referring to the company “TOI SRL”, with registered office in Pisa (Italy) at Largo Padre Enzo Spadoni SNC, registered in the Pisa (Pi) Register of Companies Office with tax identification code (Partita IVA) no. 02188290502 and Economic and Administrative Index of Pisa (Pi) no. (Numero REA) 187997.
1.2 “Services” means the any and all services and hosted software applications provided by ZERYNTH, including but not limited to, ZERYNTH VIRTUAL MACHINES, ZERYNTH STUDIO, the ZERYNTH APP, the ZERYNTH templates, the ZERYNTH Libraries, The ZERYNTH modules, the ZERYNTH drivers, the ZERYNTH API, the ZERYNTH CLOUD, the ZERYNTH DEVICE CLOUD the ZERYNTH ADVANCED DEVICE MANAGER (ADM), the ZERYNTH Project management system, the ZERYNTH website, the ZERYNTH community forum, the 4ZEROMANAGER and any other software services offered by ZERYNTH.
1.3 “Products” means the physical products produced and sold by Zerynth including, for example shields, sensors, accessories and any kits.
1.4 “You” means yourself and any entities you represent. If you are entering into this agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity, its affiliates and all users who access our services through your account to these terms and conditions, in which case the terms “you” or “your” shall refer to such entity, its affiliates and users associated with it. if you do not have such authority, or if you do not agree with these terms and conditions, you must not accept this agreement and may not use the services.
1.5 “Third Party Products” – includes but is not limited to applications, websites, APIs, cloud services, software, or hardware, produced by anyone other than Zerynth, that interact with, use or connect to any Zerynth Products or Services.
1.6 “APIs” means any API (Application Programming Interface) owned and operated by Zerynth.
2. Personal Data we collect
Information provided by you
If you sign up for any of our Services, or visit a website operated by or on behalf of Zerynth (a “Zerynth Website”), you provide certain information to us in order to set up and maintain an account with us (“Account Data”). This may include information such as: your name, title, company, email address, phone numbers, age range and payment information. The detailed list of personal data to provide is reported in the following paragraphs.
You may also provide information to us when you report a problem with one of our products or services, when you contact us with an account management question, a technical problem, to comment on a Zerynth Website, or when you ask for information about our products or services. You may choose not to provide certain types of Personal Data to us, but please be aware that in that case some functionality may not be available to you. We will let you know prior to collection of the information whether the provision of Personal Data we are requesting is compulsory or voluntary, and the consequences of not providing that information.
We may collect additional information in relation to specific products or services:
2.1 Zerynth Studio and Zerynth Toolchain
Zerynth Studio and its associated toolchain provide services and tools to make the creation and deployment of commercial, standards-based IoT solutions possible at scale.
In addition to Account Data, we can also process not-mandatory Personal Data that you can opt to provide via the Zerynth Studio profile section, such as: First Name; Last Name; Country of Residence; Job; Company; Website.
2.2 Zerynth ADM and Zerynth APP
Zerynth, via the Zerynth ADM and Zerynth APP services in connection with your Account Data, captures additional information (“Device Data”) that may include device IDs, timestamps, authentication records, location information, the origin, destination, type and quantity of traffic passed and other operational data.
2.3 Zerynth Projects
We do not intentionally collect sensitive personal information, such as social security numbers, genetic data, health information, or religious information. Although Zerynth services do not request or intentionally collect any sensitive personal information, we realize that you might store this kind of information in your projects, such as in a repository saved on our servers. If you store any sensitive personal information on our servers, you are consenting to our storage of that information on our servers.
We do not intentionally collect information that is stored in your repositories or other free-form content inputs. Information in your repositories belongs to you, and you are responsible for it, as well as for making sure that your content complies with our Terms of Service. Zerynth employees do not access repositories unless required to for security or maintenance, or for support reasons, with the consent of the repository owner.
2.4 Zerynth Community
Zerynth Community hosts discussions, blogs and information which help to deliver a Zerynth-based design efficiently through collaboration with Zerynth engineers, our ecosystem of partners and tech enthusiasts. You can find out more about the Zerynth Community here.
In order to write in the Zerynth Community, you are asked to register a Zerynth account (see §2.1 for details on personal data to provide to register a Zerynth account) or provide your existing Zerynth account credentials. In addition, you can opt to provide the following not-mandatory personal data as requested by the Zerynth Community software: Name; Profile Picture; “About me” section; Location; Website; Profile Background; User Card Background and User Card Badge.
2.5 Zerynth Websites
Our web server logs, browser cookies and local shared objects may collect details of your domain name, operating system, browser type, IP address, a unique identifier for your computer, or other access device and details of your visits to a Zerynth Website including, but not limited to, traffic data, location data, weblogs and other communication data, the services and resources that you access and your use of such resources.
We collect and store information about your visit to Zerynth Websites automatically using browser cookies (files which are sent by us to your computer) or similar technology which we can access when you visit a Zerynth Website in future.
The Zerynth websites work also as a portal to let you input your personal data for specific purposes:
- To subscribe to the Zerynth mailing list without the need to create a Zerynth account. The personal data requested are: your first name; your email address.
- To contact us for information or support about Zerynth products and services, via live chat. The personal data requested are: your email address.
- To contact us for information or support about Zerynth products and services, via web form or to access technical or marketing content such as: white papers; ebooks; technical reports. The personal data requested are: First Name (required); Last name (required); Your Email (required); Country (required); Your Job (required); Your Company (not required).
- Purchase Zerynth products or services. The personal data requested are: First Name; Last Name; Billing Email Address; Zerynth Account Email Address; Credit Card.
3. Where we process or store Personal Data
All user data is collected and stored in Zerynth servers physically located in datacenters of Switzerland and Ireland.
While the data protection, privacy, and other laws of Italy and the European Union might not be as comprehensive as those in your country, we take many steps to protect your privacy. By using our Services, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in Zerynth servers and those third parties with whom we share it as described in this policy.
When we transfer Personal Data to servers controlled by a third-party data hosting company we conduct security checks on these companies to ensure adequate safeguards are in place to protect the transfer of Personal Data. We take steps reasonably necessary to ensure that Personal Data is transferred securely. Unfortunately, the transmission of information via the internet, server, database, network or email transmission is never fully secure or error free. Although we do our best to protect Personal Data, we cannot guarantee the security of the Personal Data you transmit to us, and you accept the inherent risk associated with such transmission.
4. Links to other websites
5. How we use Personal Data
We use Personal Data for our legitimate business interests, with your consent, or in order to comply with our legal obligations.
We process Personal Data for the following purposes:
5.1 Operating, maintaining and improving our products and services. We use your Personal Data to operate our business. This means we use your data to provide a product or service to you, to provide you with technical support, to respond to your questions, to provide further information in respect of services you have purchased from us, to determine trends and measure site usage which aids in the design of new products and services, to protect against wrongdoing, and to enforce our website terms and conditions of use and other agreements.
5.2 Marketing. We use your Personal Data to provide, administer and communicate with you about products, services, events, surveys and promotions by Zerynth, to send you marketing communications, to display content and advertising that we believe might be of interest to you, through our Services.
You have the right to request us to not use your Personal Data for marketing communications. You can opt out of receiving electronic communications by clicking on the ‘unsubscribe’ link at the bottom of any such electronic communication or by following the opt-out instructions provided in any marketing communication.
In addition, we process your Personal Data for the following further purposes in relation to certain products and services:
5.3 Zerynth tools and services
We may process your Personal Data for: 1) forensics purposes, which includes investigating and preventing security incidents such as breaches, attacks and hacks; and 2) audit purposes, which includes use for administrative purposes, such as billing and transaction logs.
5.4 Zerynth events
We use your Personal Data in order to administer any Zerynth events you register to attend, and may pass your Personal Data to our event partners for the purposes of effectively running such events. For example, our event partners may use your Personal Data to help organise the event or help us register attendees at the event, schedule meetings at the event and administrate an application for the event.
5.5 Social media
6. Disclosure to third parties
We consider your information to be a vital part of our relationship with you. We do not sell your Personal Data to third parties, including to third-party advertisers.
There are, however, certain circumstances in which we may disclose, transfer or share your Personal Data with certain third parties without further notice to you, as set forth below:
6.1 Business Transfer or Asset Sale
In the event that we sell or buy any business or assets, or if Zerynth, or substantially all of its assets are acquired by a third party, the relevant Personal Data held by us will be one of the transferred assets.
6.2 Legal Requirement
We may use or disclose your Personal Data in order to comply with a legal obligation, to prevent loss of life or injury, or to protect the rights or property of Zerynth. Where possible we will tell you in advance of such disclosure.
6.3 Suppliers, consultants and other third parties
We disclose Personal Data in the ordinary course of business when we engage suppliers to help provide products and services to you. For example, we may engage marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others. We provide Personal Data to third parties solely for the purposes of delivering our products and services.
We may share aggregated demographic data with our partners or third-party providers. This data is not linked to any information that can identify any individual person.
6.4 Social media connections
If you connect or integrate any social media services with services we provide, you may receive social notifications either from us or from third-party companies providing social media services. You can manage these social notifications by changing your privacy settings on the relevant social media site or by discontinuing your interaction with the third-party site. If you register and provide information to a forum or blog, the information you provide will be published for anyone to see. Where you create a connection between Zerynth services and third-party sites, we may collect, use, disclose, transfer and store or retain information relating to your account with such third-party services.
We have appropriate security measures in place to protect against loss, misuse or alteration of information that we have collected. We use industry-standard encryption technologies when transferring and receiving Personal Data, we use network access control technology to limit access to the systems on which Personal Data is stored, and we monitor for possible vulnerabilities and attacks. Unfortunately, we cannot guarantee that the technical, physical and organizational measures we take will prevent every security threat, nor can we guarantee that your Personal Data will not be improperly accessed, used, altered or destroyed.
By collecting or storing your Personal Data, we do not undertake to be bound by any additional information security measures that may apply to you or your Personal Data under other laws, or additional protection that applies to the processing of sensitive personal data, unless we have agreed in a separate services agreement to do so.
If we become aware that there has been a breach in security of any of the Personal Data that we store or that is stored by our third-party service providers, we will promptly notify you as required by law and consistent with our need to determine the scope of the breach and to safeguard our systems.
8. Data retention
We keep Personal Data only for as long as necessary for the purposes for which it was collected, to provide you with products or services, for legitimate business interests including audit and forensics purposes, and where required or permitted by law. Please note that even if we delete your Personal Data it may persist on backup or archival media for an additional period of time.
9. Your Rights
In compliance with GDPR, you can request access (i.e. to transfer in a structured, commonly used and machine-readable format, to you), correction or deletion of any personal information that Zerynth has about you. You can access, change or delete your personal information at any time by emailing us at email@example.com. Your request will be completed within 30 days.
You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent.
These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
If you have unresolved concerns you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.