WELCOME TO ZARCLE!

When you use Zarcle, you trust us with your personal data. That’s why, first and foremost, we want to ensure you understand our privacy practices.

This policy describes the personal data we collect when you use the Zarcle application. It also outlines the purposes and the rights you have as a Data Subject. Click on each section of this policy to obtain important information regarding your personal data.

WHO IS THE DATA CONTROLLER?

In relation to the personal data collected for the use of the services available on this application, the Data Controller is Zarcle S.r.l. (Tax Code and VAT Number: 01917550434), with its registered office in Macerata (MC), Via Lorenzoni, No. 7. Zarcle S.r.l. can be contacted by email at info@zarcle.com.

SCOPE OF APPLICATION

This policy applies to users of Zarcle services (users of the application).

This policy describes how Zarcle collects and processes data. It applies to all Zarcle users.

Specifically, this policy applies to:

  • Customers: When we refer to customers, we mean people (users) who use the service by receiving a service from another user (provider).
  • Providers: When we refer to providers, we mean people (users) who use the service by offering a service to another user (customer).

All individuals subject to this policy are referred to in this document as “users,” individuals who request/receive and/or offer/provide services through their Zarcle account.

Our privacy procedures comply with current laws, specifically Regulation (EU) 2016/679 and Legislative Decree No. 196/2003, as well as the subsequent Legislative Decree No. 101/2018 and amendments.

The processing of personal data, in full compliance with the mentioned regulations, is based on the principles of fairness, lawfulness, transparency, and protection of privacy and the rights of Data Subjects.

Processing is carried out through IT and/or telematic tools, with organizational methods and logical processes strictly related to the purposes indicated.

DATA COLLECTION

Zarcle collects data:

  • PROVIDED BY USERS (for example, when creating an account). These include:
    • User profile information: We collect data when users create or update their Zarcle accounts. This information may include first name, last name, date of birth, gender, email address, phone number, login name and password, address, profile photo, payment information, or banking details (including payment verification details).
    • User-generated content: We collect data sent by users when they contact Zarcle customer support, provide ratings, or give feedback to other users.
  • CREATED DURING THE USE OF SERVICES (for example, location, app usage, and device data). These include:
    • Location information (customer and provider users): We collect precise or approximate location information from users’ mobile devices, if they allow us to do so through device settings. We collect this data from the moment a service request is made until it is completed and every time the app is running in the foreground (app open and on-screen). Customer and provider users can use Zarcle without allowing the collection of location information from their mobile devices, but this may impact certain app functionalities. For example, a user who has not authorized precise location information will have to manually enter the address for the service request. This data is used for purposes such as receipt generation, customer support, fraud detection, insurance, and disputes.
    • Transaction information: We collect transaction details related to the use of our services, such as the type of service requested or provided, request details (e.g., date and time, entered addresses, distance traveled, and requested services), and payment transaction details (e.g., the amount charged and payment method).
    • Usage data: We collect data related to how users interact with our services. This includes access dates and times, app features or pages viewed, browser type, app crashes, and other system activities.
    • Device data: We collect data regarding the devices used to access our services, including hardware models, IP addresses, or other unique device identifiers, software versions, operating systems, preferred languages, advertising identifiers, and mobile network data.
    • Communication data: We collect data related to in-app communications between Zarcle users. This includes the date and time as well as the content of in-app messages.

DATA FROM OTHER SOURCES, INCLUDING:

  • Users participating in our invitation programs. For example, when a user invites someone else, we receive the data of the invited individual.
  • Information provided by users or others in connection with complaints or disputes.

PURPOSES AND LEGAL BASES FOR PROCESSING

  • PROVIDING OUR SERVICES
    Zarcle uses the data to provide, personalize, maintain, and improve its services. This includes using data to:

    • Create/update accounts.
    • Enable the provision of services, such as using location information to determine where services should be delivered.
    • Process payments.
    • Perform necessary operations to maintain our services, including resolving software bugs and operational issues.

    Legal basis: Zarcle carries out these activities to fulfill the terms and conditions of agreements with users (Art. 6, Par. 1, Lett. b) of the GDPR).

  • SECURITY
    We use data to maintain the security, protection, and integrity of our services and users. This includes:

    • Using device, location, profile, usage, and other data to prevent, detect, and combat fraud. This includes identifying fraudulent account or service use, verifying user identities concerning certain payment methods, and preventing and combating unauthorized access to user accounts.
    • Using ratings, reported incidents, and other user feedback to encourage compliance with the app’s terms and conditions and as a basis for deactivating accounts of users with low ratings or who have otherwise violated the terms and conditions. To contest an account deactivation, contact Zarcle customer support.

    Legal basis: Zarcle carries out these activities because they are necessary to comply with the terms and conditions of agreements with users and/or for the legitimate security interests of Zarcle and its users (Art. 6, Par. 1, Lett. b) and f) of the GDPR).

  • CUSTOMER SUPPORT
    Zarcle uses the collected information (which may include storing chat messages) to provide customer support and to analyze and resolve issues raised by users and monitor and improve responses and support procedures.Legal basis: Zarcle carries out these activities because they are necessary to comply with the terms and conditions of agreements with users and/or for the legitimate interest of monitoring and improving its customer support services (Art. 6, Par. 1, Lett. b) and f) of the GDPR).
  • RESEARCH AND DEVELOPMENT
    We use collected data for testing, research, analysis, service development, and machine learning to improve the user experience. This helps us make our services more practical and easier to use, improve security, and develop new services and features.Legal basis: Zarcle carries out these activities because they are necessary for the legitimate interests of Zarcle to improve and develop new services and features (Art. 6, Par. 1, Lett. f) of the GDPR).
  • ENABLING COMMUNICATIONS BETWEEN USERS
    For example, a provider user might contact a customer user to confirm the location for service delivery; a customer user might contact a provider user to provide service-related information.Legal basis: Zarcle carries out these activities because they are necessary to comply with the terms and conditions of agreements with users (Art. 6, Par. 1, Lett. b) of the GDPR).
  • MARKETING AND ADVERTISING
    We use data to promote Zarcle services. This may include:

    • Sending emails, SMS, push notifications, in-app messages, or other marketing or advertising communications for products, services, features, offers, promotions, contests, news, and events from Zarcle.
    • This may include using location, service history, and/or usage data to send personalized marketing communications based on observed or inferred user interests and characteristics.

    Legal basis: Zarcle carries out these activities only with the consent of the individuals (users) (Art. 6, Par. 1, Lett. a) of the GDPR).

  • COMPLIANCE WITH THE LAW
    We use data to comply with the requirements of applicable laws, regulations, licenses, or operational agreements, or based on legal proceedings or requests from law enforcement or judicial authorities.Legal basis: Zarcle carries out these activities because they are necessary to fulfill a legal obligation that applies to Zarcle and to comply with applicable laws and regulations (Art. 6, Par. 1, Lett. c) of the GDPR).

DATA RETENTION

Personal data will be stored after the retention period has passed:

  • 5 years after the last use of our Platform if the user does not close their account.
  • 30 days after account closure, unless the user has received a negative rating or report, in which case their data is retained for 2 years after account closure. Certain categories of personal data may be retained for different periods:
  • Financial data (e.g., payments, refunds, etc.) will be retained for the duration required by applicable tax and accounting laws (e.g., tax documents are retained for up to 10 years).
  • All user-generated content (e.g., comments, reviews, and ratings) is anonymized as per the timelines outlined above but remains available on our Platform.
  • Log data will be retained for up to 12 months from the date it was collected.
  • In cases where the account was suspended or blocked, we will retain the data for 2 or 10 years depending on the severity of the violation to prevent the user from circumventing the applicable rules for providing our service.

WHO DO WE SHARE YOUR DATA WITH?

To achieve the purposes mentioned, we need to share your data with the following categories of recipients:

  • Zarcle S.r.l. personnel responsible for managing our application.
  • Zarcle S.r.l. suppliers (e.g., IT service providers and consultants): These entities use your data as “Data Processors” appointed by Zarcle S.r.l., through the signing of a specific contract.

COOKIES

For more information, please refer to our Cookie Policy, which should be reviewed alongside this privacy notice.

DO WE TRANSFER YOUR PERSONAL DATA TO NON-EU COUNTRIES?

The personal data we collect will not be transferred outside the European Union.

HAS A DATA PROTECTION OFFICER BEEN APPOINTED?

Zarcle S.r.l. has not appointed a Data Protection Officer.

WHAT RIGHTS DO YOU HAVE AS A DATA SUBJECT?

You have the rights guaranteed by the GDPR regarding your personal data by writing to info@zarcle.com. We commit to responding to your request as quickly as possible, and in any case, no later than thirty days from the receipt of your request. In some cases, we may ask for a copy of an identification document if it is necessary to verify your identity in relation to your request. Specifically, you can exercise the following rights:

  • Right of access: the right to know if personal data is being processed that concerns you and, if confirmed, to obtain a copy of that data and be informed about its origin, categories of data, recipients, processing purposes, the existence of automated decision-making (including profiling), data retention period, and GDPR rights.
  • Right to rectification or completion of your data.
  • Right to erasure: you can request the erasure of personal data if it is no longer necessary for the purposes for which it was collected, or if we no longer have authorization to process it.
  • Right to restriction of processing: you can request a limitation of processing in the following cases: i) if you contest the accuracy of your personal data, you may request a restriction while we verify its accuracy; ii) if we are no longer authorized to process the data, you may ask us to limit its use instead of erasing it; iii) if the data we hold is no longer necessary for the purposes for which it was collected but is necessary for you to establish, exercise, or defend a legal claim.
  • Right to data portability: the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that such data be transferred to another Controller.
  • Right to withdraw consent, for processing based on consent.
  • Right to object: you may object at any time to the processing of your personal data based on our legitimate interest.

You also have the right to file a complaint with the competent data protection authority if you believe the processing of your data is in violation of the GDPR.

We periodically update the content of this page. We invite you to regularly check this policy to stay updated on any changes that may have occurred since your last consultation.

Last update: November 2022