Last updated: 2024-01-24
At ZOLEO, your privacy is of great importance to us. ZOLEO is committed to the protection of the personal information of all customers, prospects, emergency contacts, website visitors and all other individuals who entrust their personal information to ZOLEO.
- Personal information we collect
- Why we collect personal information
- When we share personal information – with your consent
- How we protect your information
- Accessing your information
- How we are accountable
- Legal and regulatory compliance
- Contact us
1. Personal Information We Collect
‘Personal information’ means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person. Personal information does not include aggregated information that cannot be linked to a specific individual.
ZOLEO only collects personal information we need in order provide you with our service and makes every effort to ensure that the information we hold is accurate, complete and up-to-date.
In addition to the information ZOLEO collects through its publicly facing website (see “Our Website Practices” below), ZOLEO collects personal information when you sign up for service including but not limited to your name, contact information, the names of your designated check-in and emergency contacts, your payment details, as well as other information that you provide to ZOLEO that identifies (or may identify) you. We also collect and/or transit your text messages, GPS location data, SOS emergency status, and other identifiable online activity in order to deliver the ZOLEO Service.
The ZOLEO application captures contact information and profile images for the purposes of handling SMS, app-to-app, and email messages and for display in your ZOLEO app contact list. Only contact numbers are synched with ZOLEO servers to identify other ZOLEO app users for app-to-app messaging. Sync records are discarded after each check.
You may view and update your personal information anytime by checking your account online at www.zoleo.com.
2. Why We Collect Personal Information
We collect your personal information:
- To provide you with information about our products and services, including your eligibility and suitability to use our products and services in certain locations;
- To verify your identity, payment, and other account details when you apply to purchase our products and services, which may include obtaining a credit report in order to assess your creditworthiness;
- To support various ZOLEO services and features, including local weather and information services, SOS Emergency Services, ZOLEO app contacts and messaging services, and ZOLEO location-based services, as well as other remote service and support features;
- To contact you when there are account-related issues, or when we have important updates regarding our products and services;
- To better understand your needs and preferences in order to develop and/or enhance our products and services;
- To compile and analyze aggregate statistics for internal reporting purposes;
- To assess and manage risk, including detecting and preventing fraud or error; and
- To meet auditing, legal and regulatory processes and requirements.
We identify when information is necessary in order to deliver our service and when it may be provided optionally.
Your consent to the collection of your personal information by ZOLEO is obtained when you enroll with the ZOLEO service and where applicable, when you enroll with certain optional value added services and features, where such consent will be automatically withdrawn when you cancel such optional services and features, subject to legal or contractual restrictions.
You may request to withdraw your consent to the collection of certain information, whereupon we will inform you of the consequences of withdrawing your consent, which may include an inability for us to continue to provide all or a portion of the Services you have purchased or requested. Please note that there may be instances where the law permits the collection, use or disclosure of your personal information without your consent, for example for debt collection, fraud investigations, and where necessary to protect our legal interests or the safety of others.
How Long We Keep Your Information
ZOLEO retains personal information only for as long as necessary to fulfill legal, regulatory, or business purposes. Once your information is no longer required by ZOLEO to meet business, legal or regulatory requirements, it is securely destroyed, erased or made anonymous. Keep in mind however that information may be retained for a lengthier period of time due to an on-going investigation or legal proceeding, and that residual information may remain in back-ups for a period of time after its destruction date.
3. When We Share Personal Information – With Your Consent
ZOLEO takes appropriate and reasonable steps to protect the interests of individuals when disclosing personal information. We share your personal information only with business partners, affiliates and service providers who assist us in delivering satellite communications and SOS emergency services to you; credit agencies; IT service providers; and marketing partners. We take reasonable and appropriate steps to ensure that any such third parties who we entrust with your personal information are reputable, comply with all applicable privacy regulations, and have safeguards in place to protect this information with the same duty of care as required by ZOLEO. We do not otherwise share your personal information with any other third parties without your prior consent or as we are required/permitted to by law to disclose such information.
ZOLEO may disclose your personal information to other third parties only if we reasonably believe that such disclosure is necessary to comply with any applicable law or regulation or to comply with or respond to a legal process or law enforcement or valid governmental request or to detect, present or address fraud or security issues or to protect against harm to others.
Our Website Practices
When you visit ZOLEO’s websites, we automatically receive and record information in our server logs from your browser or mobile platform, including the date and time of your visit, your IP address, unique device identifier, browser type and other device information (such as your operating system version and mobile network provider). By setting cookies, ZOLEO is able to enhance a user’s on-line experience (e.g. once you are logged in to your account, you are able to move between webpages without having to re-enter your credentials). You can disable cookies through your website browser, but this may affect your user experience.
ZOLEO also uses third party advertising partners to provide on-line visitors with relevant ads across the Internet. You may also opt out of interest-based advertising by visiting the opt-out tool made available by the Digital Advertising Alliance of Canada at https://youradchoices.ca/choices/.
For a complete list of cookies used on our website, click here.
External Links and Social Media
We may offer links from our website to the sites of third parties, such as affiliated organizations, that may be of interest to you. ZOLEO makes no representations as to such third parties’ privacy practices and we recommend that you review their privacy policies before providing your personal information to any such third parties.
ZOLEO’s use of social media serves as an extension of our presence on the Internet and helps us build a positive brand image as well as provide useful information to the public. Social media account(s), such as ZOLEO’s Facebook and Twitter accounts, are not hosted on ZOLEO’s servers. Users who choose to interact with ZOLEO via social media should read the terms of service and privacy policies of these services/platforms.
4. How We Protect Your Information
ZOLEO takes state-of-the art measures to help ensure the secure management and confidentiality of your personal information. ZOLEO has implemented critical physical, organizational and technical measures to guard against unauthorized or unlawful access to personal information we manage and store, and avoid accidental loss or destruction of, or damage to, your personal information. These include:
- Using data centers or third-party cloud service providers with effective physical and logical data security controls;
- Using secure encryption to maintain, store and transfer information, including modern tokenization for payment card information;
- Using robust authentication processes for access to online systems and other electronic records;
- Limiting access to personal information to only those employees who need the information to perform their work-related duties; and
- Maintaining secure office premises including locked filing cabinets and secure document shredding practices for paper records.
While no system is completely secure, these measures significantly reduce the likelihood of a data security breach. We also recommend that you help protect yourself from unauthorized access to your personal information – you should never share your ZOLEO account login credentials with another person or use the same username and password that you use with other online services. ZOLEO will not be liable for any unauthorized access to your personal information that is beyond our reasonable control.
Let us know right away if your contact information changes or you find any errors in your account statements or invoices. If you have reason to believe that the security of your account has been compromised, you must immediately notify ZOLEO of the problem in order for us to resolve the issue in a timely manner.
5. Accessing Your Information
You can make a written request for access to your personal information at any time if it is for information that you are unable to access yourself through your account so that you can ascertain which personal information is in ZOLEO’S possession, and the use and disclosure of your personal information by ZOLEO. To act on your request, we will need to verify your identity to the degree of certainty required by law, which may require you to provide information necessary to verify your account. You will need to provide as much information as you can to help us process your request and locate the information you require.
If you need assistance in preparing your request, please contact us and we would be pleased to help you. Upon your request, ZOLEO will also inform you of how your personal information has been or is being used, and who your personal information has been shared with. We may charge an appropriate fee to cover any expenses related to responding to your access request that we will disclose prior to responding to your request.
ZOLEO responds to access requests within 30 days, unless an extension of time is required. However, there may be contexts where access is refused or only partial information is provided, for example, in the context of an on-going investigation or where another individual’s personal information or identity must be protected.
6. How We Are Accountable
ZOLEO takes privacy complaints very seriously and has a procedure in place for escalating and managing any privacy related concerns to ensure that they are responded to in a timely and effective manner.
ZOLEO has appointed a Privacy Officer who oversees information-handling practices and ZOLEO’s privacy management program, including the containment, investigation and corrective actions for all privacy breach situations. The Privacy Officer’s duties include:
- Developing and, on a regular basis, reviewing the implementation of internal procedures to protect personal information;
- Ensuring all staff are trained on privacy best practices and are aware of the importance of safeguarding any personal information that they are privy to;
- Ensuring that all inquiries and complaints relating to privacy are appropriately handled; and
- Ensuring all third parties to whom ZOLEO provides access to personal information commit to protecting such information.
7. Legal And Regulatory Compliance
Personal information is collected, used, shared and stored in accordance with the privacy laws in the geographies in which ZOLEO operates, such as the EU General Data Protection Regulation (“GDPR”), the US Privacy Act and similar state regulations, Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”), and Australia’s Privacy Act 1988. ZOLEO respects the privacy best practice principles contained in the Canadian Standards Association Model Code for the Protection of Personal Information, CAN/CSA-Q830-96, the OECD Privacy Principles, and the Generally Accepted Privacy Principals recognized globally.
EU and UK Residents
ZOLEO remains the Controller of all Personal Data (the “Data Controller”) provided to us by our customers and our customers have all of the rights and privileges provided by the EU General Data Protection Regulation (GDPR) and the UK Data Protection, Privacy and Electronic Communications Regulation (also known as UK-GDPR). All third parties with whom we contract for the processing of customer personal information (each a “Data Processor”) must agree to ZOLEO’s Data Processing Agreement to maintain the security and integrity of your information.
In processing Customer Personal Data, ZOLEO’s legal bases for doing so include consent, performance of contractual commitments and the legitimate interest of the parties in processing the data.
EU and UK data subjects permanently residing in the European Union or the UK may have supplementary statutory rights with respect to their Personal Data as outlined in the GDPR and UK-GDPR, respectively. This includes the right to access their Personal Data, have it deleted, have it corrected, or object to/restrict processing of such data. If you would like to make such a request, please e-mail email@example.com. ZOLEO has developed a Data Subject Rights Procedure to ensure your request is responded to in a timely manner. In the context of a request for erasure, ZOLEO may scramble or anonymize the data subject’s information in a manner that is irreversible.
ZOLEO operates through its Canadian, U.S., UK and EU establishments and both Canada and the UK have been deemed to adequately protect data originating from the EU under the EU Data Protection Directive 95/46/EC (the GDPR’s predecessor). An adequacy finding allows the flow of data from the EU to Canada as a trusted country in data protection. In addition, ZOLEO uses data hosting providers who have made GDPR commitments of their own. Where data is transferred from the EU to a country that does not have an adequacy determination from the EU, ZOLEO will ensure that any such transfer from a data controller or processor in the EU satisfies all required GDPR requirements.
Right to Know. You have a right to request that we disclose to you the personal information we have collected about you and to request additional information about our collection, use, disclosure, or sale of such personal information.
Right to Request Deletion: California residents to whom the CCPA applies have the right to request that we delete their personal information under certain circumstances, subject to several exceptions. These exceptions include when information is: (1) needed to complete the transaction for which it was collected or to provide goods or services requested by the consumer; (2) used in the context of the business relationship with the consumer; (3) required to perform a contract; (4) used to detect security incidents and protect against malicious, fraudulent or illegal activity; (6) used solely for our internal uses as are reasonably expected; or (7) required to comply with a legal obligation or applicable laws.
Right to Opt-Out. ZOLEO does not sell your data for advertising or any other purposes and has not done so in the past 12 months. This being so, ZOLEO does not offer an opt-out to the sale of personal information.
If you are a California resident to whom the CCPA applies and would like to make requests related to the right to know, a request to delete, or a request for further information about our compliance with the CCPA, you may do so by emailing firstname.lastname@example.org. To act on your request, we will need to verify your identity to the degree of certainty required by law, which may require you to provide information necessary to verify your account. You may also designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
9. Contact Us
Any inquires, concerns or complaints regarding privacy should be directed to:
7A Taymall Avenue
M8Z 3Y8, Canada
Please remember that e-mail and text messaging are not secure forms of communication, so never send confidential personal information to us this way.