This Privacy Policy describes zipBoard’s practices regarding the collection, use and disclosure of the information we collect from and about you when you use zipBoard’s web-based and mobile applications (the “Service/Application/Products”). We take our obligations regarding your privacy seriously and have made every effort to draft this Privacy Policy in a manner that is clear and easy for you to understand. 

Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use a website or online service.

 

In the event our site contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of your activities after you leave our site.

This policy is effective as of 4 March 2021.

Last updated: 4 March 2021

Our Collection and Use of Information 

Information we collect falls into one of two categories: “voluntarily provided” information and “automatically collected” information.

 “Voluntarily provided” information refers to any information you knowingly and actively provide us when using or participating in any of our services and promotions.

 “Automatically collected” information refers to any information automatically sent by your devices in the course of accessing our products and services.

Information You Provide to Us 

Account Creation: We collect personal information, such as your name and email address, when you register for an account on the Service. You may also provide us with optional information such as a photograph. Your user name, email address and any optional profile information that you elect to associate with your account is referred to herein as your “Profile Information.” 

 Payment Information: If you are a user of our paid premium service, we will utilize a third party credit card payment processing company to collect payment information, including your credit card number, billing address and phone number. We will share this payment information with the third party processing company as detailed below in “How We Share Your Information: With Trusted Service Providers and Business Partners.” We do not store your payment information. 

Communication with us: We may use your email address to send you Service-related notices (including any notices required by law, in lieu of communication by postal mail). We may also use your email address to send you announcements and information about other products or services (including third party services) that you may be interested in (together, the “Marketing Messages”). You may opt-out of receiving Marketing Messages at any time by following the instructions provided in the Marketing Message. Through your account interface, you may also opt-out of receiving categories of Service-related notices that are not deemed by zipBoard to be integral to your use of the Service. 

 Even if you are not a registered user of our Service, if you email us we may retain a record of such email communication, including your email address, the content of your email, and our response. 

 If you choose to use our invitation service to invite a friend to the Service, we will ask you for that person’s contact information, which may include their email address or their social network identity, and automatically send an invitation. zipBoard stores the information you provide to send the invitation, to register your friend if your invitation is accepted, and to track the success of our invitation service. 

 Access to customer data, logs is restricted to only authorized employees. Security training is  provided to all employees and contractors. On termination of employment or contracts, all  access to internal systems are revoked. Password managers / SSH access used to access admin  systems & service accounts.  

Your Content 

 User-Generated Content

 We consider “user-generated content” to be materials (text, image and/or video content) voluntarily supplied to us by our users for the purpose of publication, processing, or usage on our platform. All user-generated content is associated with the account or email address used to submit the materials.

 Your use of the Service will involve you uploading or inputting various content into the Service; including but not limited to: tasks, attachments, project names, team names, and conversations (together, the “Content”). 

You control how your Content is shared with others via your settings on the Service. zipBoard may view your Content only as necessary (i) to maintain, provide and improve the Service; (ii) to resolve a support request from you; (iii) if we have a good faith belief, or have received a complaint alleging, that such Content is in violation of our Acceptable Use Guidelines; (iv) as reasonably necessary to allow zipBoard to comply with or avoid the violation of applicable law or regulation; or (v) to comply with a valid legal subpoena or request that meets the requirements of our Law Enforcement Guidelines. We may also analyze the Content in aggregate and on an anonymized basis, in order to better understand the manner in which our Service is being used. 

Information We Collect Automatically 

We use technologies like cookies and pixel tags to provide, monitor, analyze, promote and improve the Service. For example, a cookie is used to remember your user name when you return to the Service and to improve our understanding of how you interact with the Service. You can block cookies on your web browser; however please be aware that some features of the Service may not function properly if the ability to accept cookies is disabled. 

Log Files 

When you use the Service, our servers automatically record certain information in server logs. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, mobile carrier, and other such information. Log files help us to monitor, analyze, improve and maintain the Service and to diagnose and fix any Service-related issues. 

Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened, and other technical information relating to the problem. You may or may not receive notice of such errors, even in the moment they occur, that they have occurred, or what the nature of the error is.

Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons

Device Identifiers 

 When you visit our website or interact with our services, we may automatically collect data about your device, such as:

  • Device Type

  • Operating System

  • Unique device identifiers

  • Device settings

  • Geo-location data

 Data we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us. We may associate this device identifier with your Service account and will use data associated with your device identifier to customize our Services to your device and to analyze any device-related issues.

 Location Information 

 We may collect and process information about the location of the device from which you are accessing the Service. Location data may convey information about how you browse the Service and may be used in conjunction with personally identifiable information. You can disable location based services in settings associated with the Service; however please be aware that some features of the Service may not function properly if location services are turned off. 

 

How We Share Your Information 

We may share the information we collect from you with third parties as detailed below. 

As Directed By You 

 We will display your Profile information on your profile page and elsewhere on the Service in accordance with the preferences you set in your account. You can review and revise your Profile information at any time. We will display your Content within the Service as directed by you. 

If you elect to use a third party application to access the Service, then we may share or disclose your account and Profile information and your Content with that third party application as directed by you. Please remember that we are not responsible for the privacy practices of such third parties so you should make sure you trust the application and that it has a privacy policy acceptable to you. 

With Trusted Service Providers and Business Partners 

 We may utilize trusted third party service providers to assist us in delivering our Service. For example, we may use third parties to help host our Service, send out email updates, or process payments. These service providers may have access to your information) for the limited purpose of providing the service we have contracted with them to provide. They are required to have a privacy policy and security standards in place that are at least as protective of your information as is this Privacy Policy. We may also store personal information in locations outside the direct control of zipBoard (for instance, on servers or databases co-located with hosting providers). 

 zipBoard uses a number of third-party processors to deliver our services to you. These sub-processors are listed below for your information. 

AWS 

zipBoard uses AWS USA for hosting our services and all related data through Amazon’s AWS offering. 

 

Stripe 

We use Stripe for payment and invoicing. Stripe collects identifying information about the devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection. 

 

Login Services 

zipBoard allows logging in and creating account with the following providers:

 

Google accounts 

zipBoard allows signup and login through Google Accounts, provided by Google.


Microsoft accounts 

zipBoard allows signup and login through a Microsoft Accounts, provided by Microsoft. 

Google cloud analytics 

zipBoard uses google analytics and tag manager for website usage analysis. The tracked data is not connected to specific individuals and is anonymous. 

Hubspot 

zipBoard uses Hubspot as a CRM system to store contacts, sales information about prospects and current customers. 

Sendinblue 

zipBoard uses Sendinblue to manage transactional emails related to projects and tasks and also send newsletter emails. 

 

Crisp 

zipBoard uses crisp for chat support and also to send product emails to users. 

Helpscout 

zipBoard uses helpscout for email support and also to manage help documentation. 


Scheduled weekly & monthly backups (EBS & S3 snapshots) are done to ensure continued access  & fall back solutions. Well tested & fast access to backups also stored on AWS.  

 

With Law Enforcement or In Order to Protect Our Rights 

 We may disclose your information (including your personally identifiable information) if required to do so by law or subpoena and if the relevant request meets our Law Enforcement Guidelines. We may also disclose your information to our legal counsel, governmental authorities or law enforcement if we believe that it is reasonably necessary to do so in order to comply with a law or regulation; to protect the safety of any person; to address fraud, security or technical issues; or to protect zipBoard’s rights or property. 

 

In an Aggregate and Non-Personally Identifiable Manner 

 We may disclose aggregate non-personally identifiable information (such as aggregate and anonymous usage data, platform types, etc.) about the overall use of our Service publicly or with interested third parties to help them understand, or to help us improve, the Service. 

 In Connection With a Sale or Change of Control. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Service can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Privacy Policy until such time as this Privacy Policy is updated or amended by the acquiring party upon notice to you. 

 

How We Protect Your Information 

 When we collect and process personal information, and while we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use, or modification.

You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services.For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.

The security of your information is important to us. When you enter sensitive information (such as a credit card number) as part of our service, we encrypt the transmission of that information using industry-standard encryption. 

 

zipBoard uses commercially reasonable and industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of your information. For example, we continuously and regularly back up your data to help prevent data loss and aid in data recovery. 

 If you have any questions about security on our Service, you can view our Security Overview Page or contact us at [email protected]

 

Risks Inherent in Sharing Information 

 Although we allow you control over where you share your Content and what information is included in your Profile and take reasonable steps to maintain the security if the information associated with your account, please be aware that no security measures are perfect or impenetrable. We cannot control the actions of other users with whom you share your Content and we are not responsible for third party circumvention of any privacy settings or security measures on the Service. 

 

Your Choices About Your Information 

 Right to Decline: By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You may, of course, decline to submit personally identifiable information through the Service, in which case zipBoard may not be able to provide certain services to you. 

 Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

 Right to Update: You may update or correct your account information at any time by logging in to your account. 

 Right to refrain contacting for direct marketing: You can ask us to stop contacting you for marketing reasons. 

 Right to erasure of your personal data: You can ask us to completely delete your personal data anytime.We would inform the same to everyone with whom the data is shared from our side(unless it is impossible or requires huge efforts). We might continue processing your data in certain cases where we have a legal justification to do that(e.g for retaining proofs for past interactions like billing records or records for resolved support requests, etc.). 

 Right to data portability: You can ask us for an e-copy of your personal data that we have(that you consented to provide us). You can use this data elsewhere. 

 Right to access your personal data: You can ask us anytime, if we are processing your personal data. We will confirm the status and let you know. In the event we are processing your personal data, we can provide you with details(if asked for) like what data we have, the purpose of processing data, the retention period, data recipients or any information about the data source. 

 Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

 Right to complain: If you have any concern relating to your personal data handling at our end,you can contact us anytime. We will do the best to answer your concerns. But if you are still not satisfied you can report it to the data protection authorities. 

 Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example processing transaction data), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services.

 Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.

 Use of Cookies

 We use “cookies” to collect information about you and your activity across our site. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our site. This helps us serve you content based on preferences you have specified. Please refer to our Cookie Policy for more information.

 

ZipBoard Blogs 

 Information you provide in comments to our blogs are public and may be read, collected, and used by others who view those blogs. Your posts will remain even after you cancel your Service account. 

 

Children’s Privacy 

 Our Service is not directed to persons under 13. zipBoard does not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to register for an account on the Service. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we take steps to remove that information. If you believe that we might have any information from or about a child under 13, please contact us at [email protected]

International Data Transfer

 

Additional Disclosures for Australian Privacy Act Compliance (AU)

 

 Where the disclosure of your personal information is solely subject to Australian privacy laws, you acknowledge that some third parties may not be regulated by the Privacy Act and the Australian Privacy Principles in the Privacy Act. You acknowledge that if any such third party engages in any act or practice that contravenes the Australian Privacy Principles, it would not be accountable under the Privacy Act, and you will not be able to seek redress under the Privacy Act.

 

Additional Disclosures for General Data Protection Regulation (GDPR) Compliance (EU)

 Data Controller / Data Processor

 The GDPR distinguishes between organizations that process personal information for their own purposes (known as “data controllers”) and organizations that process personal information on behalf of other organizations (known as “data processors”). We, zipBoard Tech Inc, located at the address provided in our Contact Us section, are a Data Controller with respect to the personal information you provide to us.

 We may transfer information that we collect about you, including personally identifiable information, to affiliated entities, or to other third parties (as provided herein) across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. and the use and disclosure of information about you, including personal information, as described in this Privacy Policy. 

 As our systems are hosted in Amazon Web Services, we don’t have any direct access to any of the physical media storing personal data. Also, during data transport personal data can’t be copied, read, modified or deleted without permission. You can check out AWS compliance standards here: https://aws.amazon.com/compliance/programs/

 Legal Bases for Processing Your Personal Information

 We will only collect and use your personal information when we have a legal right to do so. In which case, we will collect and use your personal information lawfully, fairly, and in a transparent manner. If we seek your consent to process your personal information, and you are under 16 years of age, we will seek your parent or legal guardian’s consent to process your personal information for that specific purpose.

 Our lawful bases depend on the services you use and how you use them. This means we only collect and use your information on the following grounds:

 Consent From You

 Where you give us consent to collect and use your personal information for a specific purpose. You may withdraw your consent at any time using the facilities we provide; however this will not affect any use of your information that has already taken place. You may consent to providing your email address for the purpose of receiving marketing emails from us. While you may unsubscribe at any time, we cannot recall any email we have already sent. If you have any further enquiries about how to withdraw your consent, please feel free to enquire using the details provided in the Contact Us section of this privacy policy.

 Performance of a Contract or Transaction

 Where you have entered into a contract or transaction with us, or in order to take preparatory steps prior to our entering into a contract or transaction with you. For example, if you purchase a product, service, or subscription from us, we may need to use your personal and payment information in order to process and deliver your order.

 Our Legitimate Interests

 Where we assess it is necessary for our legitimate interests, such as for us to provide, operate, improve and communicate our services. We consider our legitimate interests to include research and development, understanding our audience, marketing and promoting our services, measures taken to operate our services efficiently, marketing analysis, and measures taken to protect our legal rights and interests.

 Compliance with Law

 In some cases, we may have a legal obligation to use or keep your personal information. Such cases may include (but are not limited to) court orders, criminal investigations, government requests, and regulatory obligations. If you have any further enquiries about how we retain personal information in order to comply with the law, please feel free to enquire using the details provided in the Contact Us section of this privacy policy.

 International Transfers Outside of the European Economic Area (EEA)

 We will ensure that any transfer of personal information from countries in the European Economic Area (EEA) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.

 Your Rights and Controlling Your Personal Information

 Restrict: You have the right to request that we restrict the processing of your personal information if (i) you are concerned about the accuracy of your personal information; (ii) you believe your personal information has been unlawfully processed; (iii) you need us to maintain the personal information solely for the purpose of a legal claim; or (iv) we are in the process of considering your objection in relation to processing on the basis of legitimate interests.

 Objecting to processing: You have the right to object to processing of your personal information that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights, and freedoms, in order to proceed with the processing of your personal information.

 Data portability: You may have the right to request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format. You may also have the right to request that we transfer this personal information to a third party.

 Deletion: You may have a right to request that we delete the personal information we hold about you at any time, and we will take reasonable steps to delete your personal information from our current records. If you ask us to delete your personal information, we will let you know how the deletion affects your use of our website or products and services. There may be exceptions to this right for specific legal reasons which, if applicable, we will set out for you in response to your request. If you terminate or delete your account, we will delete your personal information within 30 days of the deletion of your account. Please be aware that search engines and similar third parties may still retain copies of your personal information that has been made public at least once, like certain profile information and public comments, even after you have deleted the information from our services or deactivated your account.

 Additional Disclosures for California Compliance (US)

 Under California Civil Code Section 1798.83, if you live in California and your business relationship with us is mainly for personal, family, or household purposes, you may ask us about the information we release to other organizations for their marketing purposes.

 To make such a request, please contact us using the details provided in this privacy policy with “Request for California privacy information” in the subject line. You may make this type of request once every calendar year. We will email you a list of categories of personal information we revealed to other organisations for their marketing purposes in the last calendar year, along with their names and addresses. Not all personal information shared in this way is covered by Section 1798.83 of the California Civil Code.

 Do Not Track

 Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. At this time, we do not respond to browser “Do Not Track” signals.

 We adhere to the standards outlined in this privacy policy, ensuring we collect and process personal information lawfully, fairly, transparently, and with legitimate, legal reasons for doing so.

 Cookies and Pixels

 At all times, you may decline cookies from our site if your browser permits. Most browsers allow you to activate settings on your browser to refuse the setting of all or some cookies. Accordingly, your ability to limit cookies is based only on your browser’s capabilities. Please refer to the Cookies section of this privacy policy for more information.

 CCPA-permitted financial incentives

 In accordance with your right to non-discrimination, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels for the goods or services we provide.

 Any CCPA-permitted financial incentive we offer will reasonably relate to the value of your personal information, and we will provide written terms that describe clearly the nature of such an offer. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

 California Notice of Collection

 In the past 12 months, we have collected the following categories of personal information enumerated in the California Consumer Privacy Act:

Customer records, such as billing and shipping address, and credit or debit card data.Commercial information, such as products or services history and purchases. Audio or visual data, such as photos or videos you share with us or post on the service. Geolocation data.

 For more information on information we collect, including the sources we receive information from, review the “Information We Collect” section. We collect and use these categories of personal information for the business purposes described in the “Collection and Use of Information” section, including to provide and manage our Service.

 Right to Know and Delete

 If you are a California resident, you have rights to delete your personal information we collected and know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us:

  • The categories of personal information we have collected about you;

  • The categories of sources from which the personal information was collected;

  • The categories of personal information about you we disclosed for a business purpose or sold;

  • The categories of third parties to whom the personal information was disclosed for a business purpose or sold;

  • The business or commercial purpose for collecting or selling the personal information; and

  • The specific pieces of personal information we have collected about you.

To exercise any of these rights, please contact us using the details provided in this privacy policy.

 

 Shine the Light

 If you are a California resident, in addition to the rights discussed above, you have the right to request information from us regarding the manner in which we share certain personal information as defined by California’s “Shine the Light” with third parties and affiliates for their own direct marketing purposes.

 To receive this information, send us a request using the contact details provided in this privacy policy. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code.

 

Data Retention 

 We will retain your personal data as long as required for the reasons mentioned in this Privacy Policy, while we have a justifiable business need for that, or if required for legal purposes(e.g. tax, accounting,etc.), whichever is longer. If we retain any information for improvement of service, we would do the needful to anonymise the data such that it no longer identifies you. This information will only be utilized to get insights about the service usage trends. 

 

Links to Other Websites 

 We are not responsible for the practices employed by websites linked to from within the Service, nor the information or content contained therein. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect and your activities on that third party website are subject to such third party website’s own rules and policies. 

 

Business Transfers

 If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information

 

Changes to Our Privacy Policy 

 If we change our Privacy Policy, we will post those changes on this page to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page. 

 If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.

 If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

Contact Us 

For questions about these or any zipBoard terms or policies, email us at [email protected]