ZEN-it App Privacy Policy
Effective Date: 03 October 2024
About this Privacy Policy
This Privacy Policy applies to the ZEN-it mobile application (the “App”). The privacy policy applicable to the website www.zenitapp.in and related pages (collectively, the “Website”), is available at https://www.zenitapp.in/website-privacy-policy.
The App is provided by CalmCue Tech LLP. All references to “CalmCue”, “ZEN-it”, “we”, “us”, “our” and all linguistic variations of these terms are to CalmCue Tech LLP. ZEN-it was earlier branded as “ZEN~It” and all references to ZEN~It in any material whatsoever refer as well to CalmCue Tech LLP or the App, as
contextually appropriate. All references to “you”, the “user” or “User” are to any natural person who downloads and uses the App (whether free or as a Premium User).
ZEN-it is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how ZEN-it collects, uses, discloses, processes and safeguards your information when you use the App.
Specifically, this Privacy Policy will help you understand key privacy information such as:
-
What personal data we collect and Process
-
Who receives your personal data
-
How we secure and store your personal data
-
How you can access, edit, and request deletion of your data
-
International transfers of your personal data
​​
By using the App, you consent to the practices described in this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the App.
You have the choice whether or not to consent to certain kinds of Data Processing. Please read this Privacy Policy and view the ‘Privacy Choices’ on your Profile to exercise your choice.
Important Terms
Analytics Data: means data collected and Processed through automated means, when Users launch and interact with the App. Analytics Data includes the Usage Data and data collected by third parties.
Billing Data: means data concerning the receipt of payment from a Premium User to the App, and includes a transaction identifier, the amount and currency received, the date of receipt of payment, mode of payment, details on refund if any, bank, wallet or virtual payment address associated with the payment (if any), email address and contact number of the customer, and any other details shared by ZEN-it’s payment processor with us.
Controller: The person or entity that determines the purposes and means of the Processing of Personal Data.
Data: Data includes User Account Data provided actively by users in order to sign up or use the App, Upload Data uploaded by Users in using the App, Usage Data and Self-Care Data about tracks listened to by Users, Billing Data that is collected to process payments for the User, Analytics Data collected by automated processes (explained further below), as well as any data created by combining some or more of these kinds of data.
External Calendar Data: means data of events, tasks, reminders, or other data specific to a date/time, stored on any external calendar by a user.
​
Personal Data: means any information relating to a living, identifiable person that can be used to identify a natural person either standalone, or in conjunction with other personal data. It includes data such as a name, an identification number, location data, or an online identifier.
Process and Processing: This means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, throughout the data lifecycle. It includes collection, recording, organisation, structuring, storage, adaptation, alteration, combination, retrieval, use, disclosure, dissemination, restriction, erasure or destruction.
Processor: means a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.
Self-Care Data: means data about the tracks, sessions, videos and content viewed and/or bookmarked by Users in the Self-Care section of the App.
Upload Data: means data entered by Users to avail the App’s features, such as tasks on the to-do list or events on the calendar.
​
Usage Data: means data relating to the features used by a User, the frequency and/or duration of use, the usage flows and in the case of Subscription, the abandonment of a Subscription action by the user.
User Account Data: means the data provided actively by Users when creating an account on the App, as elaborated below.
Capitalised terms that are not defined here have the same meanings as in the Terms of Service.
Data Collection and Processing on the App
Account Creation
​
When you sign up for an account on the App, you are required to provide an email address, choose a username and to confirm that you are 18 years of age or older (collectively, your “User Account Data”). User Account Data is necessary for us to be able to create a unique account for you, and offer you the full features and functionality of this App, while restricting access to the App to those who are 18 years of age or older, as per our Terms of Service.
Users can alternatively choose to sign up to the App using a Single Sign-On (“SSO”) process. In such case, we collect the email address of the User and require Users to perform authentication actions depending on the SSO option chosen by them, to create their User Account on the App. Users who sign up to the App using SSO processes will be asked to provide a name/username to address them, confirm that they are 18 years or older. As above, we require this to restrict access to the app to those who are 18 years of age or older.
We use email addresses provided by users to send administrative/transactional communications. We will also send marketing communications to users on their email addresses, if this is consented to by the user beforehand, or where otherwise permitted by law. You can find and manage the settings for marketing communications using the ‘Privacy’ option in the Settings page in the Profile section of the App.
​
You can also unsubscribe from promotional emails by following the instructions in any of the promotional emails that we send to you.
​
Use of App Features
​
Upload Data
​
When users enter data into the App in order to use the App, avail its features and functionalities, this data is termed Upload Data. Upload Data may or may not contain Personal Data; Please do not include Personal Data and/or sensitive information, in Upload Data.
We Process Upload Data to provide Users the relevant features in respect of which they have uploaded the Upload Data. We also Process Upload Data to satisfy our legitimate business interests in understanding App usage, and the nature and importance of tasks uploaded by Users. We also Process the Upload Data to improve our App, in particular, our Priority Wizard feature.
​
Our customers’ trust is important to us. We do not share any Upload Data or Self-Care Data with any third parties for their use. We do not sell any User Data.
​
Administrative Communications
We send administrative communications, transactional communications, relevant information, prompts and alarm notifications to users through prompts, push notifications and/or emails. Users can enable or disable these notifications by following system prompts on their mobile phone, or by disabling notifications through the settings available in the Profile section of the App.​​​​
​
If a User chooses to sync External Calendar Data from external calendars (Gmail and/or Outlook) with the calendar feature in the App, they may do so by configuring such external calendar accounts with the App on the Calendar Preferences screen. In order to do this, the User will be prompted to authenticate their external calendar account (Gmail or Outlook) through an 0auth process, i.e., they will be prompted to sign into their Google or Outlook account.
The App does not store any data from any external calendars of a User. Instead, the App performs a real-time sync with such external calendars to retrieve and display data from such calendars in the App’s calendar feature. We store Users’ associated Google or Outlook email addresses and tokens only, for as long as their Google Calendar or Outlook Calendar remains synced. The App does not access any other Google User data or Outlook user data from Users’ accounts.
ZEN-it's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Users can choose to stop syncing External Calendar Data at any time, using the same buttons on the Calendar Preferences screen of the App.
​
Badges and Achievements
We also offer Users the option to share badges and achievements on social media through ‘Share’ buttons on the App. This will require some User Data to be shared with the respective social media service to provide a seamless experience to the User. The sharing of the content on the social media service will be subject to the terms and privacy policy of the respective social media service. Users are advised to review and be aware of those before they share any content to those platforms. ZEN-it does not control, nor can we be responsible, for any content that you post to such external platforms, including these shareable achievements/badges.
​
Subscription & Billing
​
The App is provided on a freemium/paid-subscription model. We do not directly collect billing information from Users, however, Processors that we use do Process Billing Data to collect payments from the users and transmit them to us. These Processors collect and Process such information in accordance with applicable laws in the jurisdiction that they operate in. We also use in-app billing options provided by the Google Play Store and Apple Store, to process User subscriptions. In this case, we only receive the information shared by the respective store, on user transactions.
For details on the privacy policy of our payment processor RazorPay, please refer to https://razorpay.com/privacy/.
We collect and maintain records of dates and types of subscription availed by users, and the payment method used in order to preserve records for compliance purposes, to provide information to Users in case of any query from them and for customer support purposes. We also have access to and Process the Billing Data shared with us by the payment Processors that we use, to maintain payment records, resolve any payment issues (including technical issues with payment completion) or other customer support requirements.
​
Analytics Data Collection and Processing
Certain kinds of Personal Data are not actively provided by users, but are collected and Processed while they launch/interact with the App (“Analytics Data”). We collect this Analytics Data to provide you a better experience in using the App, and to improve our marketing and customer growth strategies.
Specifically, we collect the following kinds of Analytics Data: Usage Data (described below), Self-Care Data (described below) and device operating system.
​
We also receive Analytics Data in pseudonymised, aggregated form from third parties such as Google Analytics, Firebase, and Apple App Analytics. This data includes information about general location (e.g., city-level data) and device type and model (e.g., Android or iOS, models of Android or Apple devices), but it cannot be used to identify any specific user. We analyse this aggregated Analytics Data to improve our product offering, app functionality, and marketing strategies.
Usage Data and Self-Care Data
We Process Usage Data and Self-Care Data in order to understand Users’ preferences for various features and Self-Care Content on the App, and to improve our App content, marketing and product strategies.
We may analyse Usage Data in conjunction with Self-Care Data and User identifiers in order to set up notifications, reminders, badges (achievement notifications) or User-specific messages to highlight User preferences. We also analyse Usage Data in conjunction with User identifiers to provide Users information on the analytics of their App usage, visible to Users in the Profile section of the App.
​
​
Advertising and Audience Targeting
When we run advertisements for ZEN-it on third-party platforms such as Google and Meta (Facebook/Instagram), we use the audience targeting options provided by these platforms. These platforms may use data they have collected from users (based on users' demographics, interests, behaviors, or general location) to show our ads to relevant audiences.
The data used for these targeting purposes is not collected or processed by ZEN-it. Instead, it is based on the information that platforms like Google and Meta already have about their users. For more details on how these third parties collect and process data for ads, please refer to their privacy policies:
​
​
Description of Bases for Processing
We will only process your Personal Data where we have a legal basis to do so.
Our bases for the data processing we carry out, are as follows:​
​​
Syncing of External Calendars
Basis for Processing
Processing Undertaken
-
Performance of our contract with you or to take steps prior to entering into a contract
-
Collection and Processing of User Account Data (including third party-account data made available by the User to us during SSO sign-in) for creation of user account;
-
Processing of Billing Data received from third party payment processors for enabling Premium Users to acquire subscriptions;
-
Processing of Usage Data and Self-Care Data to undertake analysis and provide analytics for the User to view under the Profile section of the App.
-
Legitimate interest in conducting our business
-
Processing of location data to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to prosecute those responsible for that activity.
-
Processing of device data to analyse and understand user interaction with our App, to verify or maintain the quality of the App and to improve, upgrade or enhance the App including its functionality;
-
Processing of device data to debug and identify and repair errors in the App, and to provide customer support;
-
Processing of Usage Data to assess the performance of our Priority Wizard prioritisation algorithm, and consider changes and enhancements to the same;
-
Processing of Usage Data to analyse and understand User preferences for various features, to improve our offerings to all Users and to provide specific reminders/messages to a particular User based on their preference;
-
Processing of Self-Care Data to analyse and understand User preferences for various Self-Care Content, to improve our offerings to all Users and to provide specific reminders/messages to a particular User based on their preference;
-
Processing of Usage Data on aggregated basis among all Users to analyse and understand the performance of various features to take business decisions on retaining or removing features or elements of features;
-
Processing of Self-Care Data on aggregated basis among all Users to analyse and understand the performance of various Self-Care Content to take business decisions on retaining, augmenting, removing or creating new categories, sub-categories or titles of Self-Care Content;
-
Sending promotional (direct marketing) messages, including emails to our Users where applicable laws permit such communications;
-
User’s consent (exercised through the Privacy options on sign up and in Profile/Settings)
-
​Processing of Usage Data and Self-Care Data for understanding per-user preferences and tailoring marketing communications to Users (where we have a basis to send marketing communications to those Users); and
-
Sending promotional emails with offers, discounts, news, etc. to Users that have expressly consented to receive promotional emails through the App or otherwise, where applicable laws require such consent.
Please see ZEN-it’s Cookie Policy for information on how we use cookies.
Data Sharing and Recipients
​
ZEN-it is the Controller of Data Processed on the App, and determines the purposes and means of Processing Personal Data from/on the App and the Website. We do not share your Data with third parties except in the situations listed in this Privacy Policy, or when you provide us with your explicit and informed consent to do so.
Our customers’ trust is important to us. We do not share any Upload Data, Usage Data or Self-Care Data with any third parties for their use. We do not sell any User Data. We use Upload Data, Usage Data and Self-Care Data only as indicated above, to improve customers’ experience in-App and in some cases, to tailor our communications to Users where permissible.
We engage service providers as necessary to carry out our Processing, for hosting, maintenance, backup of the App, storage of the Data, backend processing and infrastructure, backend email integrations and analytics. These service providers are authorised to access or Process your Personal Data in this context only as necessary to provide these services to us and not for any other purposes.
Whenever your Personal Data is shared with any of these entities, ZEN-it remains responsible for the Processing that is carried out by them and implements appropriate and effective measures to ensure that such Processing remains compliant. No third parties are authorised to access any Personal Data from the App or Website for their use.
We will also Process and disclose your Data in the following situations, if we are required to do so, subject to applicable laws:
-
If you have violated our Terms of Service of the App/Website, or violated any applicable law, we will share your Data with competent authorities and with third parties (such as legal advisors), to handle the violation or breach and pursue appropriate remedies or actions.
-
We will share your Data with third parties in the event of a change in our structure necessitating such a transfer. If our business is reorganised into a different legal structure or entity (such as due to a merger or acquisition, or otherwise), we will share information/your Data to (i) enable the structural change in the operation of the business, and (ii) enable the continuation of business operations. Unless you receive prior notice in this respect, this Privacy Policy will continue to govern your Data.
-
We will Process and disclose your Data when required by law, to prevent harm, or in the public interest:
-
We will disclose your Data in order to comply with, or in accordance with, applicable laws, regulations, and legal process.
-
We will disclose your Data in response to lawful requests by public authorities, including to meet national security, regulatory or law enforcement requirements or in compliance with judicial orders.
-
We will share your Data with third parties, governmental, regulatory or law enforcement authorities, if necessary in order to detect, prevent, or otherwise address security incidents or technical issues, or protect against malicious, deceptive, fraudulent, or illegal activity, and to prosecute those responsible for that activity.
-
​​​
Security
​
We implement appropriate security measures to reduce the risks of damage, loss of information, and unauthorised access or use of information, including technical measures (such as encryption) and procedural measures (such as password protection and access limitation).
Users are requested to report any data security incidents or breaches impacting them, or that they become aware of, to support@zenitapp.in with the subject “Data Security Incident”.
​
Data Breach
In the event of a data breach that involves Personal Data, ZEN-it is committed to complying with all applicable data breach notification laws. We will notify affected individuals and/or relevant authorities as required by law.
If we determine that a data breach has occurred, we will provide notice as promptly as possible and within the timeframes required by applicable law. Such notice may include:
-
The categories of Personal Data involved in the breach;
-
The types of individuals potentially affected (e.g., users, customers);
-
Steps we have taken to address the breach and mitigate harm;
-
Contact information for further questions and how affected individuals can protect themselves from potential harm.
We will notify you via email, in-app notifications, or other appropriate channels, depending on the contact information you have provided to us.
Data Retention
We retain User Data for as long as Users maintain User Accounts with us. Users can delete their User Accounts by visiting Settings in the Profile section of the App and choosing the option ‘Delete Account’.
We may need to retain some User Data for compliance purposes, whether it was obtained directly from the User or through other means (such as Billing Data obtained from payment service providers) in certain geographies. Unless we are legally required to retain any User Data, we will not retain User Data beyond the date they delete their User Account.
​
Data Subject Rights
​
You have data subject rights to access, update, correct, complete or delete your Data, obtain a copy of your Data, withdraw your consent to Processing of your Data (where Processing is dependent on your consent), and to object to or restrict certain Data Processing activities. If you wish to exercise any of these rights, please contact us at support@zenitapp.in with the subject ‘Data Subject Rights’. We will respond to your enquiries within the legally mandated time period, or (if no such period is mandated), a reasonable period of time.
​
Should Users wish to exercise their right to data portability, we will endeavour to provide such of their Data as is subject to such right, in a common, machine-readable format that is feasible for us to extract and share.
We reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you the information that you have asked for, or to carry out your request, we will explain the reason for this.
​
California Privacy Rights (CCPA)
If you are a resident of California, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA). These rights include:
-
Right to Know: You have the right to request information about the Personal Data we have collected, used, or disclosed within the last 12 months.
-
Right to Delete: You have the right to request that we delete your Personal Data, subject to certain exceptions.
-
Right to Opt-Out of the Sale of Personal Data: While we do not sell personal data, if this policy changes in the future, we will update this Privacy Policy and provide a clear mechanism to exercise your Right to Opt-Out of the Sale of Personal Data by including a "Do Not Sell My Personal Information" link in the App and Website, as required by law.
-
Right to Non-Discrimination: We will not discriminate against you for exercising any of your rights under the CCPA.
To exercise your CCPA rights, please contact us at support@zenitapp.in. For verification purposes, we may request additional information to verify your identity before fulfilling your request.
​
Children's Privacy
The App is not directed to children under the age of 13, and we do not knowingly collect Personal Data from children under 13. If we become aware that we have collected personal data from a child under the age of 13 without parental consent, we will delete that information immediately and will not retain any of the child's personal data. If you are a parent or guardian and believe that we have inadvertently collected Personal Data from your child under 13, please contact us at support@zenitapp.in.
We recommend that parents and guardians take an active role in their children's online activities and interests.
​​
International Data transfers
​
CalmCue Tech LLP is incorporated in India, and processing of User Data from ZEN-it App is conducted in India. In some instances, we may engage processors having servers or that conduct their business from other jurisdictions, such as the EU or USA.
If you create an account on our App, your User Data will be transferred to and processed in India, and may be transferred to and processed in the EU and USA as well, in accordance with our business needs or our processors’ business needs.
We implement technical and organisational security measures to secure User Data including encryption and access controls, password protection. We also implement measures under applicable data protection laws, where necessary for international transfers of data.
​
ZEN-it Users may request copies of our agreements with processors for international transfers of data, at support@zenitapp.in.
​
Changes to this Privacy Policy
​
From time to time, we may change this Privacy Policy. If we do so, we will make efforts to proactively notify you of such changes. In any event, the latest version of the Privacy Policy will always be accessible on our App, in the Privacy Policy section under the Profile tab, as well as on our Website.