Privacy Policy

We collect information in the following ways:

• Information you give us directly. When you fill out our contact form, book a strategy call, apply for a role, or communicate with us by email, we collect your name, email address, company name, job title, phone number, and any details you include in your message.
• Automatically collected information. When you visit our website we may automatically receive your IP address, browser type, operating system, referring URL, pages visited, and time spent on each page through standard server logs and analytics tools.
• Cookies and similar technologies. We use cookies to operate the website, remember your preferences, and understand traffic patterns. See Section 6 for details.
• Information from third-party tools. Our website uses third-party services (listed in Section 5) that may collect data in accordance with their own privacy policies.

We use the information we collect to:

• Respond to your enquiries and deliver the services you have requested.
• Schedule and conduct strategy calls or discovery sessions.
• Send you service-related communications, updates, and project information.
• Send marketing content such as newsletters or case studies — only where you have given your consent, and only until you unsubscribe.
• Improve our website and services based on aggregated, anonymised usage data.
• Comply with legal obligations, enforce our agreements, and protect the rights and safety of Zyene, our clients, and the public.

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on the following legal bases:

• Contract performance — to fulfil services you have requested or to take pre-contractual steps at your request.
• Legitimate interests — to respond to enquiries, improve our website, prevent fraud, and conduct our business operations.
• Consent — for marketing communications. You may withdraw consent at any time by using the unsubscribe link in any email or by contacting us directly.
• Legal obligation — where we are required to retain or disclose data by law.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law.

• Contact and enquiry records are retained for up to 3 years from the date of last contact, unless an ongoing business relationship requires longer retention.
• Client project data is retained for up to 5 years after project completion to meet contractual and regulatory requirements.
• Marketing consent records are retained for as long as we hold consent, and for 1 year after withdrawal to demonstrate compliance.
• Website analytics data is retained in aggregated, anonymised form indefinitely.

When data is no longer required, it is securely deleted or anonymised.

We share data with trusted third-party services that help us operate our business. Each provider processes data in accordance with its own privacy policy and applicable data protection law. The services we currently use include:

• Zoho CRM / Zoho Sheets — to manage client and prospect records.
• Web3Forms — to receive and route contact form submissions.
• Vercel — our website hosting and infrastructure provider.
• Google Analytics / Google Tag Manager (if active) — to understand website traffic and user behaviour.
• Stripe — for payment processing, if applicable.

We do not share your personal data with any other third party without your explicit consent, except where required by law or court order.

If we ever sell or transfer any part of our business, personal data held at that time may form part of the transferred assets. We will notify affected individuals in advance wherever possible.

Cookies are small text files stored on your device when you visit our website. We use the following types of cookies:

• Essential cookies — required for the website to function. These cannot be disabled.
• Analytics cookies — help us understand how visitors use the site (pages viewed, session duration, referral source). We use this data in aggregate only.
• Preference cookies — remember choices you make (e.g., language or display settings).

You can control and delete cookies through your browser settings. Disabling analytics cookies will not affect your ability to use the website but will limit our ability to improve it. For more information about managing cookies, visit allaboutcookies.org.

Zyene operates from the United States. If you are accessing our website or services from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.

Where personal data is transferred from the EEA or UK to countries outside those regions, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or we rely on other lawful transfer mechanisms.

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, or destruction. These measures include encrypted data transmission (HTTPS/TLS), access controls limited to authorised personnel, and regular review of our security practices.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure ("right to be forgotten") — request deletion of your personal data where there is no compelling reason for us to keep it.
• Restriction — ask us to limit how we use your data in certain circumstances.
• Data portability — receive your data in a structured, machine-readable format.
• Objection — object to processing based on legitimate interests, including direct marketing.
• Withdraw consent — where processing is based on your consent, withdraw it at any time.
• California residents (CCPA) — you have the right to know what personal information we collect, to request deletion, and to opt out of any sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at privacy@zyene.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Our website and services are directed at businesses and professionals. We do not knowingly collect personal data from individuals under the age of 16. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policy of any third-party site you visit.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we do, we will update the "Last updated" date at the bottom of this page. Continued use of our website or services after changes are posted constitutes acceptance of the updated policy.

For material changes that significantly affect how we use your data, we will make reasonable efforts to notify you directly (e.g., by email if we hold your contact details).

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us: