Book Demo
EN
Language
English
Español
Français
Deutsch
PL
NL

ZigZag Privacy Policy

Last updated: March 24th, 2026

PRIVACY POLICY OF ZIGZAG GLOBAL LTD

  • CONSUMER RETURNS
  • ABOUT ZIGZAG GLOBAL
    • Our data protection obligations
    • ICO and complaints
  • PRIVACY
    • Personal data we collect
    • How we collect personal data
    • Legal grounds for processing personal data
    • How we use personal data
    • Your data protection rights
    • How we protect personal data
    • How long we keep personal data
    • Who we share personal data with
    • International data transfers
    • Providing your data to us
    • Automated decision-making and profiling
    • Cookies
    • Other websites
    • Changes to our privacy policy

CONSUMER RETURNS

ZigZag provides software and related services to help retailers manage consumer returns globally. When consumers use a returns portal or returns services provided by ZigZag, we process personal data necessary to administer and manage the return. This may include the consumer’s name, contact details, address, order or return reference information, and details relating to the returned item.

Consumers may be required to provide certain information through the returns portal in order to initiate a return, such as order details, return reasons and contact information. This information is used to enable the return to be processed and managed by the relevant retailer.

In some cases, consumers may also be given the option to upload photographs of the item being returned (for example where an item is damaged, defective or incorrect) to assist the retailer in reviewing and assessing the return request.

ZigZag provides the technology platform through which this information and any images are submitted and made available to the retailer responsible for the return. The retailer remains responsible for determining whether a return, exchange or refund should be approved.

Further information about how personal data submitted through the returns portal is processed is set out later in this policy.

Payments and payment data

Where a consumer is required to make a payment in connection with a return, payment details are collected and processed securely by our third-party payment service providers. ZigZag does not store or process payment card details and does not have access to full card information.

The personal data we process in relation to payments is limited to information necessary to administer the transaction, such as payment status, transaction references and reconciliation details. Such information is retained only for as long as necessary to meet contractual, accounting or legal obligations.

 Consumers place a returned order by:

  • entering the required information on the returns portal; and
  • entering their credit or debit card details for payment of applicable charges. 

We will then confirm your returned order by:

  • sending you an order confirmation together with an order tracking number; and
  • providing confirmation on the Returns Portal.

Once you receive the returned order confirmation you need to:

  • print the return label which can be downloaded from the returned order confirmation screen or the returned order confirmation email, or safely store the QR code required at the appropriate drop off point. 
  • Please note that some services require a printer.
  • ensure that the returned order is sufficiently packaged in appropriate protective packaging to avoid damage in transit;
  • attach the return label securely to the returned order; drop the returned order at the appropriate drop off point or have it collected depending on the service selected at checkout; and
  • obtain a receipt for the returned order at the appropriate drop off point.

ZigZag is unable to supply you with the services unless you have complied with the requirements above.

We reserve the right to reject a shipment that contains any illegal, dangerous, flammable or hazardous goods or products. If you wish to use our services to return restricted items you must obtain our prior written consent.

You must drop the returned order off at the appropriate drop off point within 14 days of receipt of the order confirmation as the return label may expire after that date

Refunds

  • You may choose to cancel the return within 14 days of receipt of the returned order confirmation provided that you have not already sent the item. In the event of cancellation you shall be entitled to request a refund.
  • You will receive a refund if we need to cancel the order for events outside of our control. 

We reserve the right to refuse a refund if you failed to:

  • complete the returns process or send back your return within 14 days
  • pack your return securely and safely in appropriate packaging
  • send your item back using the valid returns label that we supplied
  • did not obtain any proof of posting using a tracked method.

ZigZag will supply the services to you using reasonable care and skill. We shall endeavour to meet the timeframes stipulated for the appropriate service selected for the returned order but any such timeframes shall be estimates only and time shall not be of the essence in performance of the services. ZigZag shall not be held responsible for failure of carriers to deliver on time or for events outside our reasonable control.

We may perform the services ourselves or we may sub-contract part or all of the services to partners such as carriers or 3PL providers. You acknowledge that we provide a service for the transport of goods with a specified timeframe for delivery, therefore you do not have a right to cancel the Order under the Consumer Contracts (Information, Cancellation and Additional Payments) Regulations 2013 (Regulation 28(1)(h)). This does not affect your statutory rights.

By using the services, you accept our terms and conditions available on our website at https://www.zigzag.global/.

ZigZag accepts responsibility for the returns postage label, but by using our services you acknowledge that we are not the retailer of the returned goods. We are a service partner of the retailer providing a returns software solution (returns portal) and return postage or carrier labels on behalf of the retailer.

The cost of using the service is displayed on the portal and are inclusive of taxes applicable.

Payment for the services is required upon completion of your returned order by credit or debit card via our payment gateway, via PayPal or Apple pay or Android Pay. If you paid for a return, please note that on your debit

/ credit or bank statement you will see the charges are payable to ZIGZAG GLOBAL as we are the company providing you with the services not the retailer of the returned products.

Some of the retailers we work with may choose to deduct the cost of postage from your refund rather than charging you for a postage label in the checkout. If this option is offered you will need to agree to this deduction before the return label can be provided. Please check the retailers returns policy if you are unsure.

ABOUT ZIGZAG GLOBAL

In this privacy policy, when we use the terms ZigZag, we, us, or our, we are referring to ZigZag Global Ltd, a company registered in England and Wales under company number 09404819 with our registered office at 14th Floor, 33 Cavendish Square, London, W1G 0PW. Our VAT registration number is 217382805.

If you have any questions about this privacy policy, how we process your personal data or if you have any comments, suggestions or complaints, please contact us. You can contact ZigZag by e-mailing ZigZag at support@zigzag.global. If you wish to contact us in writing you can send this to us by e-mail, by hand, or by pre- paid post to:

ZigZag c/o Global Blue 

14th Floor

33 Cavendish Square 

London

W1G 0PW

If your correspondence requires a response we will confirm receipt of this by contacting you in writing or by return of email. If we have to contact you or give you notice in writing, we will do so by e-mail, by hand, or by pre-paid post to the address you provide to us in the returned order.

Our data protection obligations

ZigZag processes personal data information in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and, where applicable, the EU General Data Protection Regulation (EU) 2016/679).

Information Commissioner’s Office (ICO) and Complaints

ZigZag is registered with the UK Information Commissioner’s Office (ICO), the supervisory authority for data protection matters in the UK. Our registration number is ZA469884. If you have any concerns about data protection, we would appreciate if you contacted us first so we can discuss these with you before you approach the ICO. You also have the right to make a complaint at any time to the ICO. For data protection matters, please email us at support@zigzag.global

For detailed information about data protection, visit the ICO website: https://ico.org.uk/for-organisations/guide- to-the-general-data-protection-regulation-gdpr/

PRIVACY

Personal data we collect

Personal data means any information about an individual from which that person can be identified. It does not include anonymous data. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Basic personal details, such as your name and job title.
  • Contact data, such as your phone number, email address, delivery/return/correspondence address.
  • Returns and order data, such as order numbers, product details, return reasons, refund or exchange preferences, parcel tracking information, and other information relating to the processing of a product return through a retailer’s returns portal.
  • Financial data, such as payment card details, bank account details and billing information. We do not store or process full payment card details. Payment card information is processed directly by our payment service providers. We may, however, receive limited transaction information such as payment status, references or reconciliation data.
  • Profile data, such as information about your preferences or interests.
  • Transaction data, such as information about services provided to retailers, payments made for those services, and records of return transactions processed through the platform.
  • Communications data, such as records of correspondence and communications with you, including emails, support enquiries, telephone call notes, or communications submitted through our platform.
  • Technical data, such as internet protocol (IP) address, device information, browser type, operating system, login data, and information about how you interact with our website or platform, including through cookies or similar technologies.
  • Usage data, such as information about how retailer users or consumers interact with our services, including platform activity and analytics data.
  • Recruitment data, such as a copy of your curriculum vitae (CV), employment history, education, details of any professional memberships, and any other similar information provided during recruitment.
  • Image data, such as photographs uploaded by consumers through a retailer’s returns portal where this functionality is available (for example photographs of damaged or defective goods submitted as part of a return request). These images may include incidental personal data visible within the photograph, such as delivery labels, packaging information or other identifying details.

How we collect personal data

In the course of our business activities, including but not limited to operating our website, software, services and events, we may collect and process personal information relating to individuals and businesses. When you provide us with your personal data, whether through our website, by email, in person, over the phone, or when you engage with our services, you acknowledge that it will be processed in accordance with this policy. We may also provide additional notices at the point of collection to explain particular uses of your personal data and, where appropriate, to give you the opportunity to opt in or opt out of specific processing activities.

We may collect personal data in a number of ways, including:

  • Directly from you, for example when you contact us via our website, by email, phone, social media or post, create an account, sign a contract with us, make an enquiry, subscribe to communications, or register for an event, webinar, conference or trade show.
  • Automatically when you interact with our website or platform, including through cookies or similar technologies which collect technical data about your device and browsing activity.
  • From publicly available sources, such as Companies House, Google or LinkedIn, for example to keep contact details up to date or understand the organisations we work with.
  • From third party sources, such as our retailer clients, payment providers, service providers or event partners, where relevant to providing our services.

This may include basic contact details (such as name, company, job title, email address and telephone number), information about your organisation or role, and information relating to your interactions with ZigZag, our website, events or services.

How we use personal data

We use the personal data we collect to operate our business and provide our services, including the ZigZag returns platform and related services for retailers. In particular, we may use personal data:

  1. To respond to enquiries and provide information about our services or platform.
  2. To manage our relationship with customers, prospective customers and business contacts.
  3. To provide and improve our services, software and website.
  4. To communicate with you about our services, business updates, industry developments, events, webinars or best practice relating to returns and retail operations.
  5. To inform you of any changes to our services, website, policies or terms.

If you contact us via our website, subscribe to our communications, or provide your contact details to us (for example at an event or conference), we may add your details to our contact database so that we can communicate with you. Marketing communications will only be sent where permitted under applicable data protection laws, and you may unsubscribe at any time using the instructions included in those communications.

Legal grounds for processing personal data

We will only use your personal data where we are permitted to do so by applicable law. In accordance with UK, EU and other applicable data protection laws, we must rely on one or more legal grounds/lawful bases when processing personal data. The lawful bases we rely on include:

  • Performance of a contract: where processing is necessary to perform a contract we have entered into with you, or with a retailer client in connection with the services we provide.
  • Legitimate interests: where processing is necessary for our legitimate interests (or those of a third party), provided your interests and fundamental rights do not override those interests.
  • Legal obligation: where we need to comply with a legal or regulatory obligation.
  • Legal claims: where processing is necessary to establish, exercise or defend legal claims.
  • Consent: where you have provided your consent to the processing of your personal data (for example for certain marketing communications), which you may withdraw at any time.

How we use personal data

We may use personal data in the following ways. In each case we indicate the lawful basis relied upon.

1. Providing and operating our services: this includes operating the ZigZag returns platform, facilitating product returns for retailers, managing client accounts, maintaining records of communications and providing customer support.

Legal grounds: performance of a contract and legitimate interests in operating our services.

2. Operating and improving our website and platform: this includes responding to enquiries, ensuring our website and platform function properly, analysing usage and improving the performance, functionality and security of our services. 

Legal grounds: interests in operating and improving our website and services, and consent where required (for example for cookies).

3. Communications and marketing: this includes sending information about our services, industry developments, events or webinars where you have requested information from us, have an existing business relationship with us, or have opted in to receive communications. You may unsubscribe at any time.

Legal grounds: legitimate interests in promoting and developing our services and consent where required under applicable data protection laws.

4. Research and service development: this includes analysing trends, usage and operational data to improve our technology, services and returns management solutions.

Legal grounds: legitimate interests in improving and developing our services.

5. Recruitment: this includes processing information provided by individuals applying for roles with ZigZag, including CVs and other recruitment materials.

Legal grounds: legitimate interests in assessing candidates and taking steps prior to entering into an employment contract.

6. Legal, regulatory and business administration purposes: this includes complying with legal and regulatory obligations, preventing fraud, protecting our legal rights and managing or restructuring our business. 

Legal grounds: compliance with legal obligations, legitimate interests in protecting and managing our business, and establishing or defending legal claims.

7. Processing returns on behalf of retailers: where consumers submit returns through a retailer’s returns portal powered by ZigZag, we process personal data to facilitate those returns and related logistics. This may include information entered into the returns portal and, where available, photographs uploaded by consumers to demonstrate the condition of returned goods (for example where items are damaged or incorrect). In these circumstances, the retailer will typically act as the data controller and ZigZag will act as a data processor, processing personal data on the retailer’s behalf and in accordance with its instructions.

Legal grounds: performance of a contract with our retailer clients and legitimate interests in providing returns management services. In these circumstances, the retailer will typically act as the data controller and ZigZag acts as a data processor on their behalf.

8. Events and conferences: this includes registering individuals for events, webinars, conferences or trade shows organised or attended by ZigZag, communicating event information (such as agendas or updates), and administering attendance. Where events are co-organised with third parties, relevant registration information may be shared with the event partner where this is made clear at the point of registration. Events may also involve photography or filming which may be used in event reports or related communications where notified to attendees.

Legal grounds: legitimate interests in organising and promoting events and managing attendance, and consent where required (for example where information is shared with event partners or used for marketing purposes).

Your data protection rights

Under applicable data protection laws, individuals have certain rights in relation to their personal data. These include the right to:

  • request access to the personal data we hold about you and receive a copy of it;
  • request correction of inaccurate or incomplete personal data;
  • request deletion of your personal data in certain circumstances, including where there is no lawful reason for us to continue processing it, where you have successfully objected to processing, or where the personal data has been processed unlawfully;
  • request restriction of the processing of your personal data in certain circumstances, for example while we verify the accuracy of the personal data, where processing is unlawful but you do not want the personal data erased, where you require the personal data for the establishment, exercise or defence of legal claims, or where we are considering an objection you have made;
  • object to the processing of your personal data where we are relying on legitimate interests as our legal basis. You also have an absolute right to object to the processing of your personal data for direct marketing purposes;
  • request the transfer of your personal data to you or to a third party in a structured, commonly used and machine readable format, where processing is based on consent or on a contract and is carried out by automated means.

Where processing is based on consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing carried out before consent was withdrawn.

If you wish to exercise any of these rights, please contact us at support@zigzag.global. We may request information to verify your identity before responding, to ensure that personal data is not disclosed to someone who is not entitled to receive it.

We will usually respond to legitimate requests within one month. Where a request is particularly complex or numerous, we may require additional time, in which case we will inform you. You will not normally be required to pay a fee, although we may charge a reasonable fee or refuse to comply where a request is manifestly unfounded or excessive.

Your rights are subject to certain legal exemptions and limitations, including where processing is necessary to comply with legal obligations, to establish, exercise or defend legal claims, to maintain legal professional privilege, or to protect the rights of others or the public interest.

If you are not satisfied with how we handle your personal data or our response to your request, you have the right to lodge a complaint with the ICO.

How we protect personal data

ZigZag implements appropriate physical, technical and organisational measures designed to protect personal information against unauthorised access, loss, alteration or misuse, in accordance with applicable data protection laws and taking into account the nature of the data processed and the associated risks.

Information security is an integral part of our data protection practices. We maintain internal security policies, standards and procedures governing the handling, storage and processing of personal data.

Access to personal information is restricted to authorised personnel on a “need-to-know” basis, and we work with trusted service providers who are required to implement appropriate technical and organisational safeguards and contractual protections when processing personal data on our behalf..

Data centres: Each data centre we operate from has hardware security access for example:

  • 24/7/365 manned facilities
  • CCTV security cameras covering inside, outside and all entrances of data centres
  • site entrances controlled by electronic perimeter access card system
  • sites remotely monitored by 3rd party security company
  • entrances secured by mantraps with interlocking doors
  • SSAE-16 & HIPAA compliant, and aligned with recognised industry security and data protection standards applicable to our hosting providers.

Data may be stored on secure infrastructure operated by ZigZag or by approved third party hosting providers who are contractually required to maintain appropriate security standards. Systems used to process personal data are protected through password controls, restricted user permissions and other access management controls.

Maintaining security: Our employees receive appropriate training and guidance relating to information security and data protection on an ongoing basis, and ensure the ongoing security of our servers and systems. This means that security patches and system updates are managed in accordance with our internal security and change management processes, with appropriate consideration given to security, data protection and privacy.

Access to personal data is limited to employees, agents, contractors and other authorised personnel who require access in order to perform their duties. Such individuals are subject to appropriate confidentiality obligations and must process personal data only in accordance with our instructions and internal policies.

Where we have an agreement in place with our customers to do so, we also maintain the security of our customer’s own servers or hosted applications.

Access to servers: Remote admin access to our servers is strictly restricted to key personnel within our Technical Support team. Our team will access a server only to resolve an issue reported by the client. Or to ensure that the Managed Hosting Service Level opted for by a client is met.

Microsoft’s Data centre staff have physical access to the servers, but we have strict protocols in place to ensure they only do so where authorised by our technical support team, and such a request will only be made where they need to carry out a visual check of a server or perform physical maintenance on the server itself.

ZigZag employees: All ZigZag employees are trained and made aware of their responsibilities under GDPR including their duties with regards to access, security and processing of any personal data stored on our servers. Security and data governance are covered in our employee handbooks and actively discussed as part of quarterly meetings to ensure all staff are up to date.

Changes to our approach: Should our approach to any aspect covered by this statement change we will make sure, where your data is impacted, that we notify you within a reasonable timeframe and in line with any contractual terms in place between us.

Data breaches: In the unlikely event of a personal data breach occurring we will notify you without undue delay and in accordance with applicable legal and regulatory obligations. We have procedures in place to identify, investigate and respond to suspected personal data breaches. Where required by law, we will notify the relevant supervisory authority, such as the Information Commissioner’s Office, and affected individuals where appropriate. Although we take appropriate steps to protect personal data, the transmission of information via the internet is not completely secure and any transmission to our website or platform is at the user’s own risk.

How long we keep personal data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to provide our services, to fulfil any related or compatible purposes, comply with legal, accounting or regulatory requirements, and to resolve disputes.

Retention periods may vary depending on the type of personal data and the context in which it is processed. When determining appropriate retention periods, we take into account the nature, amount and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which the personal data is processed, whether those purposes can be achieved through other means, and applicable legal, regulatory or contractual obligations and limitation periods for potential claims.

Where personal data is processed for more than one purpose, we may retain it until the latest applicable retention period has expired, although we will cease using the data for any purpose whose retention period has ended.

Where personal data is no longer required, it is securely deleted or anonymised in accordance with our data retention practices. Where deletion is not possible due to legal, regulatory or contractual obligations, we will restrict further processing of the data and retain it only for those specific purposes.

Once the applicable retention period has expired, personal data will be securely deleted or anonymised. Anonymised data, which can no longer be linked to an identifiable individual, may be retained for research, statistical or service improvement purposes without time limit.

Who we share personal data with

We may share personal data with third parties where necessary to provide our services, operate our business, or comply with legal obligations.

Depending on the context, this may include sharing personal data with:

  • retailers and commercial partners for whom we provide returns services;
  • couriers, logistics providers, customs brokers and fulfilment partners involved in the collection, transportation and processing of returned goods;
  • payment service providers who process payments securely on our behalf;
  • technology, hosting and infrastructure providers who support the operation, security and maintenance of our platform and systems;
  • service providers involved in returns administration, including providers supporting parcel tracking, delivery notifications, duty drawback, tax handling, claims management or exception order processing;
  • our professional advisers, including legal, financial, business, risk management and other advisers, as well as our bankers, insurers, insurance brokers and auditors;
  • third party service providers who support our internal operations or compliance activities;
  • debt recovery or credit management service providers where necessary to recover sums owed to us;
  • professional advisers, regulators or authorities where required by law or where necessary to establish, exercise or defend legal claims.

We share personal data only where there is a lawful basis to do so and, where applicable, subject to appropriate confidentiality obligations, data processing agreements or other contractual safeguards designed to protect personal data.

We carry out appropriate due diligence on third party service providers who process personal data on our behalf and requires them to implement appropriate technical and organisational measures and contractual safeguards

International data transfers

In the course of providing our services, operating our website and platform, and engaging third party service providers, we may transfer, store or access personal data outside the UK and the European Economic Area (EEA). This may include transfers to technology providers, hosting providers, payment providers, logistics partners or other service providers located in other jurisdictions, or where personal data is stored or processed on servers located outside the UK or EEA.

Where personal data is transferred outside the UK or the EEA, we will ensure that an appropriate level of protection is afforded to it in accordance with applicable data protection laws. This will be achieved by implementing one or more of the following safeguards:

  • transferring personal data to countries that have been recognised by the UK government as providing an adequate level of protection for personal data;
  • putting in place appropriate contractual safeguards, such as the International Data Transfer Agreement or the International Data Transfer Addendum to the European Commission’s standard contractual clauses, together with any supplementary technical or organisational measures where required.

Where third party service providers or partners process personal data on our behalf outside the UK or EEA, we ensure that appropriate contractual protections are in place to safeguard that data.

Please contact us if you would like further information about the safeguards relied upon for any particular transfer of your personal data, or to request a copy of the relevant transfer mechanism.

Automated decision-making and profiling

ZigZag Global may use automated tools, including artificial intelligence–based systems, to support certain recruitment and assessment activities. These tools may involve the automated processing of personal information for the purposes of screening or evaluating candidates.

Such processing is not used as the sole basis for decisions producing legal effects or similarly significant effects on individuals. Appropriate human review and oversight form part of the relevant decision-making process.

Cookies

Cookies are small text files that are placed on your device when you visit a website. Our website uses cookies and similar technologies to distinguish you from other users, enhance your browsing experience and help us improve our website and services. We use cookies and similar technologies to ensure our website functions correctly, to understand how visitors use our website, and to improve user experience.

A cookie allows a website to recognise your device and store certain information about your preferences or past actions. Some emails and webpages may also contain small electronic files known as web beacons, which allow us to monitor whether communications have been opened or pages visited.

Some cookies are essential for the operation of the website, while others are used for analytics or other non- essential purposes. Where applicable, cookies may also be used to analyse website traffic and, if enabled, support our marketing activities. When you first visit our website, you will be presented with a cookie banner that allows you to accept, reject or customise your preferences in relation to non-essential cookies. Strictly necessary cookies do not require consent.

We may use the following types of cookies:

  • Strictly necessary cookies. These are required for the operation of our website and enable core functionality such as security, network management and accessibility.
  • Analytical or performance cookies. These help us understand how visitors use our website, including which pages are visited and how users navigate the site, so that we can improve its performance and usability. For example, we may use analytics tools such as Google Analytics to collect information about website usage, including the number of visitors, pages visited, duration of visits and referral sources. Where required, IP anonymisation is enabled.
  • Functionality cookies. These allow the website to remember choices you make, such as language or region, and provide enhanced, more personalised features.
  • Marketing or targeting cookies, where enabled. These may be used to measure the effectiveness of advertising campaigns or to deliver content that is more relevant to you and your interests. For example, we may use tools such as Google Tag Manager to manage website tags and tracking technologies, and advertising technologies such as the Meta Pixel or Google Ads cookies to measure advertising performance and improve marketing activities.

Where required by applicable law, we will obtain your consent before placing non-essential cookies on your device.

You can control or delete cookies through your browser settings. Most browsers allow you to block or delete cookies through their settings, and you may also change your cookie preferences at any time through the “Cookie Settings” option available on our website where implemented. Further information about how to manage cookies can be found at www.aboutcookies.org.

Other websites

Our website may contain links to other websites operated by third parties. This privacy policy applies only to our website and services. We are not responsible for the privacy practices or content of third-party websites, and we encourage you to review the privacy policies of any external sites you visit.

Changes to our privacy policy

We keep this privacy policy under regular review and may update it from time to time to reflect changes in our practices, services or legal requirements. Any updates will be published on this page, and the “Last updated” date at the top of the policy will be revised accordingly.

ZIGZAG actúa únicamente como Encargado de Tratamiento de los datos personales enlo que a la prestación de servicios se refiere. ZIGZAG presta sus servicios a Usuariosprofesionales que gestionan a través de nuestra plataforma las devoluciones de susclientes, Dichos Usuarios profesionales son los Responsables de Tratamiento de losdatos de sus clientes y asumen la responsabilidad de la cesión de los mismos.

No obstante lo anterior, como titulares de la web y por tanto Responsable delTratamiento de los datos incluidos en la misma, se le informa que, según lo dispuestoen el Reglamento (UE) 2016/679, de 27 de abril, (RGPD) y en la Ley 3/2018, de 5 dediciembre, de protección de datos y garantía de los derechos digitales (LOPDGDD),trataremos sus datos tal y como reflejamos en la presente Política de Privacidad.

En esta Política de Privacidad describimos cómo recogemos sus datos personales ypor qué los recogemos, qué hacemos con ellos, con quién los compartimos, cómo losprotegemos y sus opciones en cuanto al tratamiento de sus datos personales.

Esta Política se aplica al tratamiento de datos personales de clientes finales recogidospor los Usuarios profesionales y cedidos a ZIGZAG para la prestación de sus servicios.Si acepta las medidas de esta Política, acepta que tratemos sus datos personalescomo se define en esta Política.

Contacto

Denominación: ZIGZAG, S.L., (en adelante “ZIGZAG”)
Domicilio: Avda. Burgos nº 12, 1º Izda, 28036, Madrid
CIF: B-22484497
Email: (gcs@zigzag.global)

Principios

Estamos comprometidos con el más alto grado de calidad, lo que incluye tratar losdatos de los clientes finales que nos son cedidos por los Usuarios profesionales conseguridad y transparencia. Nuestros principios son:
  • Legalidad: sólo recopilaremos Datos personales para fines específicos,explícitos y legítimos.
  • Minimización: limitamos la recogida de datos de carácter personal a lo que esestrictamente relevante y necesario para los fines para los que se hanrecopilado.
  • Limitación de la Finalidad: sólo recogeremos datos personales para los finesdeclarados y solo según sus deseos.
  • Precisión: mantendremos datos personales exactos y actualizados.
  • Seguridad: aplicamos las medidas técnicas y organizativas adecuadas yproporcionales a los riesgos para garantizar que los datos no sufran daños, talescomo divulgación o acceso no autorizado, la destrucción accidental o ilícita o supérdida accidental o alteración y cualquier otra forma de tratamiento ilícito.
  • Derechos ARCO: disponemos de medios para que el cliente final solicite elacceso, rectificación, cancelación, etc. de sus datos cuando lo considereoportuno, de lo cual informaremos puntualmente al Responsable de Tratamiento
  • Conservación: Conservamos datos personales de manera legal y apropiada ysólo mientras es necesario para los fines para los que se han recopilado.
  • Transferencias internacionales: no está prevista ninguna transferencia de estetipo sin tener en cuenta la perteneciente a la cesión intergrupo (ZIGZAGGLOBAL IBERIA, S.L. es la filial española de la empresa británica ZIGZAGGLOBAL LTD. Las transferencias a Reino Unido están basadas en la Decisiónde adecuación de la Comisión Europea de fecha 8 de junio de 2021. Noobstante, si se diera el caso de que los datos vayan a ser transferidos fuera de laUE/EEE se protegerán adecuadamente de conformidad con la legislaciónvigente.
  • Terceros: el acceso y transferencia de datos personales a terceros se llevan acabo de acuerdo con las leyes y reglamentos aplicables y con las garantíascontractuales adecuadas.

Recogida y tratamiento de sus datos personales:

Los tipos de datos que se pueden solicitar y tratar a través de la web son únicamentedatos de carácter identificativo: nombre, dirección, email y teléfono

También recogemos de forma automática datos sobre su visita a nuestro sitio websegún se describe en la política de cookies.

Siempre que solicitemos datos personales, informaremos con claridad al Responsablede Tratamiento de qué datos personales recogemos y con qué fin. En general, a travésde nuestra página web, recogemos y tratamos datos personales con el propósito deresponder a las consultas planteadas por por los Usuarios profesionales, así como parala propia prestación del servicio contratado por el Usuario profesional.

Legitimidad

De acuerdo con la normativa de protección de datos aplicable, los datos personalespodrán tratarse:
  • En caso de consentimiento, que se podrá retirar en cualquier momento.
  • En caso de interés legítimo que no menoscabará en modo alguno ningún derecho de privacidad.

Cesión de datos personales

Los datos pueden ser comunicados a empresas relacionadas con ZIGZAG para laprestación de sus diversos servicios en calidad de Encargados del Tratamiento. Laempresa no realizará ninguna cesión, salvo por obligación legal.

Transferencia internacional de datos

No está prevista ninguna transferencia de este tipo sin tener en cuenta la pertenecientea la cesión intergrupo (ZIGZAG GLOBAL IBERIA, S.L. es la filial española de laempresa británica ZIGZAG GLOBAL LTD. Las transferencias a Reino Unido estánbasadas en la Decisión de adecuación de la Comisión Europea de fecha 8 de junio de2021. No obstante, si se diera el caso de que los datos vayan a ser transferidos fuerade la UE/EEE se protegerán adecuadamente de conformidad con la legislación vigente.

Derechos de los interesados

Se reconoce a los clientes finales la posibilidad de ejercitar los derechos de acceso,rectificación, cancelación, portabilidad, limitación del tratamiento o, en su caso,oposición, enviando comunicación debidamente fundamentada y acompañada de copiadel DNI al correo electrónico gcs@zigzag.global o bien al domicilio social de lacompañía indicado en la presente política, de lo cual se informará de inmediato alResponsable de Tratamiento

El cliente final también tiene derecho a presentar una reclamación ante la Autoridad decontrol competente (www.aepd.es) si considera que el tratamiento no se ajusta a lanormativa vigente.

Información legal

Los requisitos de esta Política complementan, y no reemplazan, cualquier otro requisitoexistente bajo la ley de protección de datos aplicable, que será la que prevalezca, encualquier caso.

Esta Política está sujeta a revisiones periódicas y la empresa puede modificarla encualquier momento. Cuando esto ocurra, le avisaremos de cualquier cambio y lepediremos que vuelva a leer la versión más reciente de nuestra Política y que confirmesu aceptación.