Log in
Try for free
Log in
Try for free
Home › Terms of personal data processing

Terms of personal data processing

Terms of personal data processing

Effective Date: 13th January 2026

Welcome to Zooza (“we”, “us” or “Zooza”). We provide education management software to individuals, companies, and organizations facilitating an educational programme (“you” or “Client”).

To provide our Services we need to collect some of your data, whether you are using https://www.zooza.online/

 (“Site”) or our platform (“Platform”) (collectively, our “Services”). This Privacy and Cookies Policy (the “Privacy Policy”) is intended to inform you about our practices regarding the collection and use of your data that you may submit to us through our website. This Privacy Policy should be read alongside, and in addition to the Terms & Conditions.

(A) Unless otherwise defined in this Privacy Policy, terms used have the same meaning as in the Terms & Conditions.

(B) This Privacy Policy may be updated to reflect changes in legislation. You can always find the most recent version on our Site. If we make substantial changes, we will try to provide at least a 30-day notice prior to any changes taking effect. What constitutes a substantial change will be determined at our sole discretion. By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Services.

(C) We process your data with due care, in accordance with all applicable laws and regulations, including the regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation (the “GDPR”) and the California Consumer Privacy Act of 2018 (the “CCPA”) (the “Applicable Data Protection Laws”).

(D) This Privacy Policy applies only to how we process Clients’ personal data. The Privacy Policy does not address, and we are not responsible for, the privacy practices of our Clients or any other parties.

(E) Personal Data means any information relating to an identified or identifiable natural person. “Personal Data” shall also mean “Personal Information,” or “Personally Identifiable Information” as commonly used under Applicable Data Protection Laws. Personal Data shall not include Aggregate and De-Identified information, as those terms are defined under Applicable Data Protection Laws.

(F) Due to the nature of our Services, Clients may provide personal data from Users under the age of 13. Zooza processes Client personal data of children under 13 years old in compliance with the Children’s Online Privacy Protection Act (“COPPA”). It remains the responsibility of the Client to request verified parental consent of Users under the age of 13 as described in our Terms and Conditions. The collection and use of Users data is governed by the privacy practices of the Client. More information can be found in this Privacy Policy.

1. Who processes your personal data?

1.1 Your personal data are being processed by our company Zooza s.r.o., with its registered Horská 1311/12, 958 06 Partizánske, Slovakia (the “Processor“, “we”, “us” or “our”).

1.2 To learn more about personal data management or if you have any other questions, you’re welcome to contact us at privacy@zooza.online.

2. What personal data is processed?

We may collect and process the following types of information about you:

Client personal identification: Client name, surname, email, phone number, address.

Business-related details: Client company name, billing details, VAT number.

Communication data: messages sent by the Client via email, SMS or WhatsApp through Zooza.

Payment information: Client payment history, invoices, transactions.

2.1 Technical Information

We and/or our authorised external service providers (as stated in this Privacy Policy) may automatically collect technical data when you visit or interact with our website. Technical data may include, in particular, the URL of the website you visited before using our Service, the time and date of user visits, surfing habits, IP address, the browser name, the type of computer or device accessing our Service, time spent on the website and other similar technical information.

2.2 Cookies

2.2.1 What are cookies?

(a) To make our Services work properly, we sometimes place small data files called cookies and similar technologies on your device.

(b) A cookie is a small text file that the website saves on your device when you visit it. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Permanent cookies last until you or your browser delete them or until they expire.

2.2.2 How do we use cookies?

(a) We use our session-based and also permanent functional cookies which enable the website to remember your actions and preferences (e.g., to remember that you are logged in) so you don’t have to keep re-entering them whenever you come back to the website or browse from one page to another.

(b) We also use third parties’ permanent cookies, specifically Google reCAPTCHA, which helps us to detect abusive traffic on our website without any user friction.

(c) Upon your consent, we use analytical cookies for the improvement of our Site and Platform. We may collect data such as device data, browsing data and interactions with the Site and Platform. You can withdraw your consent to analytical cookies at any time through your browser settings.

(d) Upon your consent, we use marketing cookies including social pixels, for retargeting you on other websites. You can withdraw your consent to marketing cookies at any time through your browser settings.

(e) Our Services and the communications generated from using our Services, such as promotional emails, may contain electronic images known as “web beacons”. Web beacons generally work in conjunction with cookies, and we may use them in the same way we use cookies.

2.2.3 How to control cookies?

(a) We inform you about the use of cookies on your device when you visit our website for the first time and, if applicable, we ask for your consent to use the cookies. The cookies will not be used for any purposes other than the ones stated above. Later, you may choose to accept or refuse cookies by selecting the appropriate settings in your browser.

(b) As mentioned above, in some cases we also may use cookies provided by third-parties (service providers). The list of such third-parties cookies of which you might encounter through our service is listed below. We are not responsible for third-party sites and their privacy practices. These companies collect and use this information under their own privacy policies and are responsible for their practices concerning cookies.

3. What are the purposes and legal basis for processing your personal data?

3.1 We process your personal data in order to:

3.1.1 Carry out the agreement existing between us based on your decision to use our Service

This purpose includes actions to facilitate Zooza providing the Services to you, including the following processing activities:

  •  
  • creating and providing your account from personal data you provide upon registration;
  • registration for courses and/or purchase of products;
  • administering courses organized by us;
  • facilitating the payment gateway;
  • registering and sending invoices;
  • informing you about updates and new features of our Service;
  • notifying you about updates of our Terms & Conditions and this Privacy Policy;
  • responding to you in relation to any queries you may have with respect to our Services;
  • resolving potential agreement-related troubleshoot problems and disputes.

We process the email address, payment information and other data provided by you voluntarily when you use our Service.

Legal basis for such processing: the performance of a contract in accordance with Article 6 (1) (b) of GDPR.

3.1.2 Market our Services

We may market current or future Services to you if you subscribe to our newsletter or consent to marketing cookies, as described above.

The Processor processes your email address on the following legal basis: your consent in accordance with Article 6 (1) (a) of GDPR (granted during submitting your email address to our newsletter bar) or legitimate interest in accordance with Article 6(1) (f) of GDPR (if you have an existing relationship with us).

You can stop direct marketing communications from us by:

  • clicking the “Unsubscribe from newsletter” link in any email communication that we send you. We will then stop any further newsletter emails; or
  • withdrawing your consent through privacy@zooza.online.

3.1.3 Improve our Services

This purpose includes the following processing activities using technical information:

  • to influence current and future features;
  • to prevent and detect security flaws and user interface issues.

The Processor processes technical information under the following legal basis: legitimate interest in accordance with Article 6(1)(f) of GDPR.

4. Sensitive data categories

4.1 Zooza does not intentionally collect special-category or sensitive personal data, such as biometric identifiers, health information, or precise geolocation. Clients are not to upload such information. If a Client chooses to collect such information in a custom field, they are responsible for compliance with applicable data protection laws.

5. Who are recipients of your personal data?

5.1 We only share your personal data within the organisation of the Processor and the group of companies into which the Processor belongs.

5.2 We do not share your personal data with any recipients outside of the Processor and the group of companies into which the Processor belongs unless one of the following circumstances applies:

5.2.1 It is necessary for the performance and improvement of our Services

To the extent that our external service providers (sub-processors) need access to your personal data to help us perform our Services for you, we have taken the appropriate contractual and organisational measures to ensure that your personal data are processed in accordance with all applicable laws and regulations.

When indicated, providers will only receive your technical data upon your consent.

  • Below is a non-exclusive list of our sub-processors:
  • Google LLC (Google Analytics)
  • Hotjar Ltd.
  • Hubspot, Inc.
  • Ecomail.cz, s.r.o.
  • Getsightcontrol.com
  • Microsoft Corp.
  • O2smstools s.r.o.
  • MIXPANEL, INC.
  • The Rocket Science Group LLC d/b/a Mailchimp
  • Meta Platforms, LLC
  • Devgenics s. r. o.

The list of external service providers we use may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in providing the Services.

5.2.2 It is necessary for legal reasons

We may share your personal data with recipients outside the Processor if we have a good-faith belief that access to and use of your personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of the Processor, our users or the public as far as in accordance with the law. When possible, we will inform you about such processing.

6. Do we transfer your data to countries outside the EU/EEA?

6.1 The Processor may transfer your personal data to countries outside the European Union and the European Economic Area where we engage with external service providers. In such a case, we transfer your personal data only to a country that is considered to have an adequate level of protection in accordance with the EU Commission’s decision or there are appropriate safeguards in place to protect your personal data, such as standard contract clauses or binding internal company rules. Regardless of the country in which your personal data is processed, the Processor takes reasonable technical, legal and organisational measures to ensure that the level of protection is the same as in the European Union and the European Economic Area.

6.2 If we are involved in a merger, acquisition or other reorganisation, your information may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.

7. What is the storage period?

7.1 The Processor stores your personal data only if it is legally permitted and necessary for the purposes for which the data were collected.

8. How does Zooza process data as a sub-processor?

8.1 When using our Services, you may be providing us with information of your own customer (“Users”). As a sub-processor, Zooza is entitled to process personal data provided by you or directly by the data subject to the extent necessary for the performance of the subject matter of this Agreement, the Main Agreement and legal obligations arising from specific legislation.

8.2 In particular, Zooza may use the services to process and disclose personal data, including but not limited to:

  •  
  • Information of children: child’s name, child’s date of birth;
  • Attendance and programme-related information: booked sessions, attendance records, instructor notes;
  • Any other personal data in custom fields created by the Client in the programme of using the Services.

8.3 The processor is also entitled to process personal data of data subjects insofar as their processing is necessary in relation to the purpose for which they are processed, depending on the functionality of the Zooza application used.

9. How is children’s personal data processed on behalf of Clients?

9.1 The Services are intended for use as directed in our General Terms and Conditions. The Services are not directed to children, and children do not create accounts or interact with Zooza directly.

9.2 Due to the nature of the Services, Zooza has actual knowledge that Clients may upload or otherwise provide personal data relating to children, including children under the age of 13, when using the Platform. In such cases, Zooza processes children’s personal data solely on behalf of and under the documented instructions of the Client, acting strictly as a data processor/service provider. Zooza does not determine the purposes or means of the processing of children’s personal data.

9.3 Children’s personal data processed through the Services may include, depending on the Client’s configuration:

  •  
  • identification data (such as a child’s name or date of birth);
  • course and scheduling information (such as attendance records or session bookings);
  • other information entered by the Client in custom fields.

9.4 Zooza processes children’s personal data only to the extent necessary to provide the Services and does not:

  •  
  • use such data for advertising or marketing purposes;
  • use such data for profiling, behavioural analysis, or tracking;
  • use such data for product development, analytics unrelated to service provision, or artificial intelligence or machine-learning training;
  • disclose such data except as required to provide the Services or where required by law.

9.5 Zooza does not seek or obtain parental consent directly. Responsibility for providing notices to parents or legal guardians and obtaining any required parental consent under applicable law, including COPPA, rests solely with the Client.

9.6 Parents or legal guardians who wish to exercise rights in relation to a child’s personal data should contact the relevant Client directly.

9.7 Children’s personal data is retained only for as long as necessary to provide the Services and is protected by appropriate technical and organisational security measures.

10. What are your rights?

10.1 Right of access — The Processor offers you access to your personal data we process. This means you can contact us and request from us a confirmation whether or not your personal data are being processed and if so, you have the right to request access to your data, which we will provide to you in the form of a so-called “registry” (stating, in particular, purposes, categories of personal data, categories of recipients of personal data, storage periods or criteria for determining storage periods).

10.2 Right to rectification — You have the right to have inaccurate personal data we have stored about you rectified.

10.3 Right to erasure — You may also ask us to erase your personal data from our systems. We will comply with such requests unless we have a legitimate ground to not delete your personal data.

10.4 Right to restriction of processing — You may request us to restrict certain processing of your personal data. If you restrict certain processing of your personal data, this may lead to fewer possibilities to use our Services and website.

10.5 Right to data portability — You have the right to receive your personal data from us in a structured, commonly used and machine-readable format in order to transmit the personal data to another controller.

10.6 How to use your rights — You may exercise your rights above, free of charge, in writing by sending a letter or email at support@zooza.online. We may require confirmation of your identity depending on your request.

11. May you complain?

11.1 In case you consider our processing activities of your personal data to be inconsistent with the applicable data protection laws, you may lodge a complaint with the local supervisory authority for data protection.

12. Are data secured?

12.1 We take all reasonable, appropriate security measures to protect the Processor and our customers from unauthorised access to or unauthorised alteration, disclosure or destruction of personal data we hold. Measures include, where appropriate, encryption, firewalls, secure facilities and access rights systems. Should, despite the security measures, a security breach occur that is likely to have negative effects to your privacy, we will inform you about the breach as soon as reasonably possible. If you have any questions, feel free to contact us at support@zooza.online.

13. Notice for California residents under CCPA (California Consumer Privacy Act of 2018)

13.1 If you are a resident of California, under the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws you may exercise your personal information rights in Section 10. You also have the right not to be discriminated against for exercising these rights. You may exercise any of these rights by emailing us at:

support@zooza.online

or write to us at:

Zooza s.r.o.

Horská 1311/12

958 06 Partizánske

Slovakia

13.2 Please note, we do not sell personal information.