Privacy Policy

Zestia Limited (a private limited company registered in England with number 06418281 whose registered office is at 20 Dale St, Manchester, M1 1EZ)("we") are the controller of your Personal Data and are committed to protecting and respecting your privacy.

This privacy policy (“Privacy Policy”), together with our Customer Terms and any other documents referred to in this Privacy Policy, sets out the basis on which any personally identifiable information (“Personal Data”) we, Capsulecrm Inc. or any member of the Zestia group of companies collects from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it in respect of your use of capsulecrm.com (“the Service”).

By using the Service, you are accepting the terms of this Privacy Policy. In the event of a conflict between the terms of this Privacy Policy and the Customer Terms, the Customer Terms will prevail.

Legal Basis for processing

We collect and use the personal data described below in order to provide you with access to our Service in a reliable and secure manner. We also collect and use personal data:

• For our legitimate business needs (which includes providing our Service to you where we do not have a contract in place with you); promoting our business and informing our marketing strategy; enforcing our legal and contractual rights; improving our Service for the benefit of you and other Users; IT and network security and prevention of fraud.
• To comply with our legal obligations.

To the extent we process your personal data for any other purposes, we ask for your consent in advance or require that our partners obtain such consent.

Information we may hold about you

We may collect, receive and process the following information about you.

Information you give us. If you decide to register with or use the Service you will provide your name, email address and contact details.

Information we collect about you. Each time you use the Service we may automatically collect information about your device and your usage of our Service which may qualify as Personal Data, for example:

• Technical information that your browser sends whenever you visit a website or your mobile app sends when you are using it. This log data may include your Internet Protocol (IP) address, the address of the web page you visited before using the Service, your browser type and settings, the date and time of your use of the Service, information about your browser configuration and plug-ins, language preferences and cookie data.
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
• We may also collect publicly accessible data about you from social media websites that you visit when using the Service.
• We may also collect non-personally identifiable information (e.g. gender and location) to assist in providing the Service to you. Non-personally identifiable information by itself cannot be used to identify or contact you. However, this information may be combined with other identifiers in a way that enables you to be identified.

Information we obtain from other sources. We also collect information about you if you use any of the other websites we operate or the services we provide or from publicly available sources. We may combine this information with personal data provided by you. This helps us update, expand, and analyse our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. We also use this for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying contact information. The Personal Data we collect includes:

• Publicly available information about you; such as information published about you, for example by Companies House, including postal address, job title, email address, phone number, professional or employment-related information, education information and commercial information.
• Internet activities: internet data (or user behavioural data), IP addresses, internet activity information and inferences about your preferences and behaviour.
• Social media profiles: information published about you on social media profiles such as LinkedIn, Facebook, Twitter etc.

Information collected by third parties. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, email notification providers, system security providers, hosting providers, search information providers, credit reference agencies) and may receive information about you from them.

View our list of 3rd party services

Use of cookies

We use cookies on our website to distinguish you from other users of our website and Service. This helps us to provide you with a good experience when you browse our website and also allows us to improve the website and Service. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

If you are under 16 years of age

If you're under the age of 16, you may not have an account on the Service. We do not knowingly collect information from or direct any of our content specifically to children under 16. If we learn or have reason to suspect that you are a user who is under the age of 16, we will unfortunately have to close your account. Please see our Customer Terms for information about account termination.

Uses made of Information

We will only use information held about you for the following purposes:

• To understand and improve the Service we provide to you.
• To ensure that content from our Service is presented in the most effective manner for you and for your computer.
• To communicate with you by responding to your requests and sending you emails and messages about invoicing and account management.
• To administer your account and keep track of billing and payments.
• To keep the Service secure by investigating and preventing abuse and fraud.
• To carry out our obligations arising from any contracts entered into between you (or your business/employer) and us and to provide you with the information, products and services that you (or your business/employer) request from us.
• To provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about.
• To notify you about changes to our Service.
• For internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
• To allow you to participate in interactive features of our Service, when you choose to do so.
• To measure or understand the effectiveness of advertising we serve to you and others.
• To deliver relevant advertising.
• To make suggestions and recommendations to you and other users of our Service about services that may interest you or them.
• To comply with our legal and regulatory obligations.

We will not sell or rent your Personal Data to anyone.

Disclosure of your information

We may share your Personal Data with the following third parties:

• any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
• any entity to which we sell our business or assets (or a substantial part of the same).
• any entity or regulator to which we are under a legal duty to disclose or share your Personal Data.
• our professional advisors, such as our lawyers, accountants and tax advisors.
• We also engage certain third party service providers to supply the hardware infrastructure, storage and associated services for us to provide, improve and optimise the Service. All Personal Data submitted to third parties will be either anonymised or encrypted using SSL technology, and such service providers will only use your Personal Data in accordance with our instructions.

Marketing Communications

Consent. We will only use your name and email address to send marketing communications to you, where you have “opted in” to receive such communications or where we are entitled to send you information about our similar goods and services under applicable law. You may elect to stop receiving our marketing emails at any time by following the unsubscribe instructions included in such emails.

We send push notifications from time to time in order to update you about any Service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device. If you change your mind about being contacted in the future, please click on the opt out options included in emails or the Service and we will remove you from our mailing lists.

Protection of your information

Where we have given you (or you have chosen) a password which enables you to access certain parts of the Service, you are responsible for keeping this password confidential. We ask you not to share any password with anyone. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our Service; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Links to other websites

The Service may contain links to and from third party websites of our partners, networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for the privacy practices or content of these websites. You are responsible for checking the privacy policy of any third party websites we link to.

For EU, Swiss and UK Customers only - transfers and storage of personal data

As described in our Data Privacy Framework Certification, Capsulecrm Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce, (together the “DPF Principles”) regarding the collection, use and retention of personal data from the EEA, Switzerland and the UK, respectively. Capsulecrm Inc. has certified to the U.S. Department of Commerce that we adhere to the DPF Principles. We remain responsible for any of your personal data that is shared under the Onward Transfer Principle with third parties for external processing on our behalf, as described in our Privacy Policy.

To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

If you have any queries regarding our privacy practices in relation to our DFP certification, please contact us at: info@zestia.com. We are subject to the investigatory and enforcement powers of the US Federal Trade Commission. You may also refer a complaint to your local data protection authority and we will work with them to resolve your concern. In certain circumstances, the DPF provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the DPF Principles.

Our Service is global and your information including the Personal Data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), Switzerland or the UK. It may also be processed by staff operating outside the EEA, Switzerland or the UK who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. By submitting your Personal Data, you agree to this transfer, storing or processing outside of the EEA, Switzerland or the UK. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

We always ensure that your information is only transferred in full accordance with applicable data protection law. In particular, this means that your information will only be transferred to a country that provides an adequate level of protection (for example, because the European Commission or the UK or Swiss data protection authorities have determined that a country provides an adequate level of protection) or the recipient is bound by standard contractual clause according to conditions provided by the European Commission or applicable laws in Switzerland or the UK.

Our Service is accessible via the Internet and may potentially be accessed by any user around the world. Other users may access the Service from outside the EEA, Switzerland or the UK. This means that where you chose to upload your data to the Service, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA, Switzerland or the UK may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.

Your Rights

You have the following rights in relation to your Personal Data:

Access to information. You have the right to access information held about you.

Right to deletion, rectification and data export. We permit you to delete, rectify and export information you have provided to us, in a structured, machine readable and commonly used format subject to the conditions of our Customer Terms and our legal obligations set out below.

Restriction or Objection to processing. You have the right to request a restriction on or object to our processing of your Personal Data.

Withdraw Consent. You have the right to withdraw your consent to the processing of your Personal Data at any time.

You can make a request in relation to any of the above rights by contacting us as set out at the end of this Privacy Policy. We will respond to such queries in accordance with the provisions of applicable data protection law.

Data Retention

We retain Personal Data for as long as we provide the Services to you or your account remains open. However, we may keep some data after your account is closed or you cease using the Service, for the purposes set out below.

After you have closed your account we may retain Personal Data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Customer Terms, contact you for marketing purposes, or fulfil your request to “unsubscribe” from further messages from us. If none of these obligations apply we will delete Personal Data within 12 months of your account being closed.

Complaints

If you have any complaints about our use of your information please contact us as set out at the end of this Privacy Policy or for individuals located in the EU, our EU representative is:

• Email: capsule@datarep.com
• Online webform: www.datarep.com/data-request
• Addresses: View all EU rep contact locations

You also have the right to contact your local data protection supervisory authority:

For individuals located in the UK: The Information Commissioner’s Office (“ICO”) at Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF, England.

For all other individuals: Your local data protection supervisory authority in the country in which you are located.

Changes To This Privacy Policy

We reserve the right to change this Privacy Policy at any time and any amended Privacy Policy will be posted on our websites and notified to you by email, where appropriate. Please check back frequently to see any updates or changes to our Privacy Policy. This Privacy Policy was last updated on 1st November 2023 and replaces any other Privacy Policy previously applicable from this date.

Contact Us

Questions, comments and requests regarding this Privacy Policy are welcomed and should be forwarded by email to: info@zestia.com.