Zephyr Privacy Policy

We've written this document without legalese to try and make it as clear as possible what we do, and do not do, with the information you provide us and we collect about you when you use our website or mobile applications.

If you have questions about this policy or are confused or curious about any of the terminology please feel free to contact us at privacy@zephyrapp.com.

We last updated this policy on November 28, 2016.


Who is collecting your information?

When you use zephyrapp.com your information is being collected by Zephyr, a privately-owned company whose offices are located at 142 Cameron Street, Suite 100, Moncton, New Brunswick, Canada.


How is my information being collected?

Your information is collected by Zephyr when you visit zephyrapp.com or when you use a tool, account, or application that has been connected to Zephyr like an email account, calendar, or other data reporting service.

We collect personal information by asking website users to complete web forms to use our service including account registration forms, our Zephyr subscription checkout process, and by processing information collected via web services accessible by a connected account.

Our collection complies with (and typically exceeds) Canada's anti-spam legislation (CASL), the Personal Information Protection and Electronic Documents Act (PIPEDA), and the PCI SSC Data Security Standards which govern secure online transactions.

Internationally, although we're not legally bound to, our policies are consistent with Article 8 of the European Convention on Human Rights (ECHR) and the European Commission's Data Protection Directive. The United States does not have a comprehensive national privacy framework, but Zephyr is consistent with the Children's Online Privacy Protection Act of 1998 (COPPA) which outlines how businesses and governments may collect information about persons under the age of thirteen, and the U.S. Department of Commerce's "Safe Harbor" framework.


What information are you collecting?

There are two categories of information that we collect: aggregate information and Personally Identifiable Information.

Aggregate information may include your browser, operating system, internet service provider, location (city), type of device used to access the website, how you arrived at the website (direct link, or link from another website, etc.), and what pages on our website you visit and for how long.

Aggregate information is collected anonymously and we can't use it to identify the identity of a visitor.

We also collect Personally Identifiable Information which can be used to identify who you are. This information might include your name, IP address, a username, email address, company or organization, emails, calendar items, and activity collected via connected accounts. We also collect the billing address you provide to us if you make a purchase.

Are you storing my credit card information?

No. Zephyr doesn't collect or store any credit card information. When you make a purchase through the Zephyr application your credit card information is securely processed by our credit card processor who manages the transaction.

The only information Zephyr stores about your credit card is what type of card it was (VISA, Mastercard or Discover), the expiry date so we know when a credit card may no longer be used, and whether or not the transaction was approved. Your card number, name on card, and CVV2 are never stored by Zephyr.


How is my information being used?

We use the information you've provided to us to provide the services you have engaged with Zephyr to provide. This might include, but isn't limited to recording work activity, creating and editing dockets, and managing projects.

In the case of information provided by connected services, like emails and calendar appointments, Zephyr only stores the information required by our algorithms to process the activity. We do not keep a record of the email or calendar event itself.

And finally, we may also disclose your information in response to a court order or at other times when we believe we are reasonably required to do so by law.


How is the information you collect being protected?

Your information is protected using password encryption that surpasses military standards for 'Top Secret'. Our servers are housed in a secure facility that also includes armed physical security. Access to users' personally identifiable information is limited to only those development team members who need to access it.

When information is shared with third-party services like payment processors or email applications, it is done so using API connections secured using SSL encryption.


How do I get more information?

If you have any feedback or questions about the details of our privacy policy or how we've applied it, please do not hesitate to contact us at privacy@zephyrapp.com. You should generally expect a reply within one business day.


No Disclaimer or fine print?

Nope. We've tried to be as clear and consistent as possible while outlining this policy. We have the utmost respect for your privacy.