Privacy Policy

1. Scope

This policy applies to information collected through our websites, landing pages, contact forms, investor or business inquiry workflows, advertising campaigns, analytics tools, pixels, tags, cookies, and related online or offline interactions that link to or reference this policy.

2. Information We Collect

Depending on how you interact with us, we may collect the following categories of information:

• Identifiers and contact details, such as your name, email address, phone number, company, and job title.
• Inquiry and correspondence data, including information you submit through forms, surveys, applications, or messages.
• Device and technical data, such as IP address, browser type, device identifiers, operating system, language, and referral URLs.
• Usage data, such as pages viewed, links clicked, time spent on pages, session events, and similar interaction data.
• Approximate location data inferred from IP address or device settings.
• Marketing and preference data, including ad interactions, consent choices, campaign attribution, and communication preferences.
• Professional, education, or application-related information where relevant to recruiting, partnerships, or institutional engagement.

3. Sources of Information

We may collect personal data directly from you, automatically through your use of our website, and from third parties such as:

• Analytics, advertising, and measurement providers.
• Social media platforms and advertising partners, including services offered by Google, Meta, and similar networks.
• Form, hosting, CRM, communication, and workflow providers that help us operate our website and business.
• Public sources, professional networks, and referral partners where permitted by law.

4. How We Use Personal Data

We may use personal data for the following business and commercial purposes:

• To operate, secure, maintain, and improve our websites, forms, and digital experiences.
• To respond to inquiries, evaluate partnership opportunities, process applications, and communicate with you.
• To understand website traffic, measure engagement, and improve content, outreach, and user experience.
• To detect fraud, abuse, security incidents, and unlawful activity, and to enforce our policies.
• To comply with legal, regulatory, tax, accounting, audit, and recordkeeping obligations.
• To market our services, initiatives, institutions, and affiliated entities, where permitted by law.
• To deliver, measure, and optimize advertising, including audience building, remarketing, conversion tracking, and campaign attribution.

5. Cookies, Pixels, Analytics, and Advertising Technologies

We and our service providers may use cookies, SDKs, pixels, local storage, tags, and similar technologies to remember your preferences, understand site usage, secure our services, and support advertising and measurement activities.

These technologies may be used to collect or receive information from this website and elsewhere on the internet and then use that information to provide analytics services, measure campaign performance, personalize content, create audiences, and deliver advertisements on third-party platforms, including Google, Meta/Facebook, Instagram, and related partner networks.

Where required by applicable law, we will rely on consent before placing non-essential cookies or using advertising and analytics technologies. You may also be able to control cookies through your browser settings, device settings, applicable consent tools, and third-party opt-out mechanisms.

We do not guarantee that any particular advertising or analytics vendor is active on every page or at every time, but this policy is designed to disclose the categories of technologies and uses commonly expected by major advertising and measurement networks.

6. Legal Bases for Processing in Europe

If you are in the European Economic Area, United Kingdom, or Switzerland, we may process personal data under one or more of these legal bases:

• Your consent.
• Performance of a contract or steps requested before entering into a contract.
• Compliance with legal obligations.
• Our legitimate interests, such as operating our business, securing our systems, communicating with relevant stakeholders, and improving our services, provided those interests are not overridden by your rights.

7. How We Disclose Information

We may disclose personal data to the following categories of recipients:

• Affiliated entities within the Zoul Group and the holding companies named in this policy.
• Hosting, cloud, analytics, CRM, communication, recruiting, legal, compliance, and business operations providers.
• Advertising, social media, remarketing, and measurement partners.
• Professional advisers, auditors, insurers, and financial institutions.
• Authorities, regulators, courts, or law enforcement where required or appropriate by law.
• Parties involved in a transaction such as a merger, acquisition, financing, restructuring, or asset transfer.

We do not sell personal data for money. However, some privacy laws define certain advertising, audience matching, or analytics data sharing as a sale or sharing, and we provide the disclosures in this policy with that possibility in mind.

8. International Data Transfers

We may process and store personal data in the United States, the European Union, and other jurisdictions where we or our service providers operate. When required by law, we use appropriate safeguards for cross-border transfers, such as contractual protections and supplementary measures that are reasonable for the transfer context.

9. Data Retention

We retain personal data for as long as reasonably necessary for the purposes described in this policy, including to maintain our relationship records, respond to inquiries, comply with legal obligations, resolve disputes, enforce agreements, and support security, audit, and business continuity requirements.

10. Your Privacy Rights

Depending on your jurisdiction, you may have rights to request access to, correction of, deletion of, restriction of, or portability of your personal data, to object to certain processing, to withdraw consent, and to opt out of targeted advertising, profiling, or certain forms of data sharing.

Residents of California and other U.S. states with privacy laws may have rights to know what categories of personal data we collect, use, disclose, sell, or share; to request deletion or correction; to limit certain uses of sensitive personal data where applicable; and to opt out of sales, sharing, targeted advertising, or profiling as defined by law.

Individuals in the European Union, United Kingdom, and similar jurisdictions may also have the right to lodge a complaint with a supervisory authority in their place of residence, work, or alleged infringement.

11. Children's Privacy

Our websites and services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. Where a higher age threshold applies under local law, we intend to comply with that standard. If you believe a child has provided personal data to us, contact us so we can review and delete the information where appropriate.

12. Data Security

We use reasonable technical, administrative, and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, and disclosure. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

13. Third-Party Services and Links

Our website may link to third-party websites, social media services, embedded forms, or tools that operate under their own terms and privacy notices. We are not responsible for the privacy, security, or content practices of those third parties.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. When we do, we will post the revised version on this page and update the effective date above.

15. Contact

For privacy requests, data subject rights requests, or questions about this policy, please contact us through the contact form on our contact page. To help us process your request, please identify the affiliated entity involved, if applicable.