Z
ZimmimTech

GDPR Compliance

General Data Protection Regulation (EU) 2016/679 • Last Updated: May 20, 2026

🔒 Data Protection✅ Rights Enforced💰 Fees May Apply

This GDPR Compliance statement outlines how we adhere to the General Data Protection Regulation (GDPR) for individuals located in the European Economic Area (EEA), United Kingdom, and Switzerland. We are committed to protecting your privacy rights, but all data processing is provided "as is" without warranty of absolute security.

1. Lawful Basis for Processing

We process your personal data under the following GDPR Article 6 lawful bases:

  • Contract performance (Art. 6(1)(b)): Processing necessary to deliver software licenses, digital products, and services you purchased.
  • Legal obligation (Art. 6(1)(c)): Compliance with tax, anti-fraud, and regulatory requirements.
  • Legitimate interests (Art. 6(1)(f)): License enforcement, fraud prevention, security monitoring, and business analytics.
  • Consent (Art. 6(1)(a)): For optional marketing communications (you may withdraw anytime).

2. Your GDPR Rights

Under GDPR Articles 15-22, you have the following rights. To exercise any right, book a paid consultation session (administrative fees may apply for excessive or complex requests):

Right to Access

Obtain confirmation of processing and receive a copy of your data.

Right to Rectification

Correct inaccurate or incomplete personal data.

Right to Erasure (Right to be Forgotten)

Request deletion of your data, subject to legal retention obligations.

Right to Restrict Processing

Limit how we use your data while disputes are resolved.

Right to Data Portability

Receive your data in a machine-readable format.

Right to Object

Object to processing based on legitimate interests or direct marketing.

3. International Data Transfers

Your personal data may be transferred to and processed in countries outside the EEA, including the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection. However, we provide no warranty that foreign jurisdictions offer equivalent data protection to GDPR standards.

4. Data Retention Periods

We retain personal data only as long as necessary for the purposes outlined in this policy:

  • Account & license data: Duration of active account + up to 3 years after termination
  • Transaction records: 7 years (tax and legal compliance)
  • Support requests: 2 years after resolution
  • Marketing data: Until consent is withdrawn
  • Anonymized analytics: Indefinitely

📋 Data Protection Officer & Complaints

For GDPR-related inquiries, book a paid consultation via our portal. You also have the right to lodge a complaint with your local Supervisory Authority (e.g., ICO in the UK, CNIL in France). However, we encourage you to contact us first to resolve any concerns.

Submit GDPR Request →
Disclaimer:
While we strive for full GDPR compliance, we provide NO WARRANTY that our systems are immune to breaches or errors. You use our platform at your own risk. For urgent privacy matters, book a paid virtual meeting.