Privacy Policy
Effective Date: April 2026
Last Updated: April 2026
1. Introduction
Z22U is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at z22u.com.
Z22U is operated by Z2LIVE, INC., a company incorporated in Washington State, USA, with principal offices at 1601 2nd Avenue, Suite 800, Seattle, WA 98101, United States.
By using Z22U, you consent to the data practices described in this Privacy Policy. If you do not agree with these practices, please do not use our platform.
This Privacy Policy applies to all users of Z22U, including buyers, sellers, and visitors.
2. Information We Collect
We collect information in several ways when you use Z22U.
Information You Provide Directly
Account registration information including your name, email address, username, and password.
Profile information including display name, profile picture, and bio.
Identity verification documents for sellers including government-issued ID, proof of address, and phone number.
Payment information including billing address, payment method details, and transaction history.
Communication data including messages with other users, support tickets, and feedback submissions.
Product listing information provided by sellers including descriptions, images, pricing, and delivery terms.
Information Collected Automatically
Device information including IP address, browser type and version, operating system, and device identifiers.
Usage data including pages visited, features used, time spent on platform, click patterns, and referral sources.
Location data including approximate geographic location based on IP address.
Cookies and similar tracking technologies as described in Section 7 of this Privacy Policy.
Log data including access times, error logs, and system activity.
Information From Third Parties
Payment processors provide transaction confirmation, payment status, and fraud prevention data.
Identity verification services provide document validation results and verification status.
Analytics providers provide aggregated usage statistics and performance metrics.
Social media platforms provide profile information if you choose to connect accounts.
3. How We Use Your Information
We use collected information for the following purposes.
Platform Operations
To create, manage, and secure your account.
To process transactions between buyers and sellers.
To facilitate communication between users through our messaging system.
To provide customer support and respond to your inquiries.
To verify seller identities and maintain marketplace integrity.
To deliver products and services you request.
To manage your account preferences and settings.
Safety and Security
To detect, prevent, and investigate fraud, abuse, and security threats.
To enforce our Terms of Service, Seller Rules, and other platform policies.
To verify user identities and prevent unauthorized account access.
To protect the rights, property, and safety of Z22U, our users, and the public.
To comply with legal obligations, court orders, and law enforcement requests.
To monitor for violations of our policies and applicable laws.
Platform Improvement
To analyze usage patterns and improve platform features and functionality.
To develop new products, services, and features.
To conduct research, analytics, and performance measurement.
To personalize user experience and product recommendations.
To test and implement new technologies and processes.
Communications
To send transactional emails including order confirmations, delivery updates, and dispute notifications.
To send service announcements, maintenance notices, and platform updates.
To send marketing and promotional communications with your consent.
To respond to your inquiries, feedback, and support requests.
To notify you of changes to our policies or services.
4. How We Share Your Information
We share your information in the following circumstances.
With Other Users
Buyers see seller display names, ratings, reviews, and listing information.
Sellers see buyer usernames and delivery information necessary to complete transactions.
Users see each other’s messages within the Z22U messaging system.
Public profile information is visible to other users as configured in your settings.
We never share full identity verification documents, payment details, or private contact information with other users.
With Service Providers
Payment processors to process transactions securely and prevent fraud.
Identity verification services to validate seller documents and verify identities.
Cloud hosting and infrastructure providers to store and manage platform data.
Analytics providers to understand platform usage and improve services.
Customer support tools and providers to manage inquiries and tickets.
Email and communication service providers to send notifications and messages.
Security providers to protect against threats and unauthorized access.
All service providers are contractually required to protect your data, use it only for specified purposes, and maintain confidentiality.
For Legal and Safety Reasons
To comply with applicable laws, regulations, legal processes, and governmental requests.
To respond to lawful requests from law enforcement and government authorities.
To enforce our Terms of Service, Privacy Policy, and other agreements.
To protect the rights, property, safety, and security of Z22U, our users, and the public.
To detect, prevent, and address fraud, security threats, and illegal activities.
To establish, exercise, or defend legal claims.
Business Transfers
In connection with a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring or successor entity.
You will be notified of any such transfer via email and platform notification.
Any successor entity will be bound by this Privacy Policy until updated with proper notice.
With Your Consent
We may share your information for other purposes with your explicit consent.
You may grant or revoke consent through your account settings or by contacting us.
5. Data Retention
We retain your information for as long as necessary to fulfill the purposes described in this Privacy Policy and as required by law.
Account Information
Active account data is retained while your account remains open and active.
After account closure, basic account records are retained for 3 years for legal compliance, dispute resolution, and fraud prevention.
Transaction Records
Transaction data including purchase history, payment records, and order details is retained for 7 years to comply with financial regulations, tax requirements, and legal obligations.
Identity Verification Documents
Seller verification documents are retained for 5 years after account closure or last transaction, whichever is later.
Documents are stored securely with encryption and access controls.
Communication Records
Messages between users are retained for 2 years after account closure.
Support tickets and correspondence are retained for 3 years.
Usage Data
Anonymized and aggregated usage data may be retained indefinitely for analytics and platform improvement.
Identifiable usage logs and access records are retained for 1 year.
Deletion Requests
You may request deletion of your data subject to legal retention requirements and legitimate business needs.
Some data may be retained in anonymized form for analytics purposes.
We will confirm completion of deletion requests within 30 days.
6. Data Security
We implement comprehensive security measures to protect your information from unauthorized access, disclosure, alteration, and destruction.
Technical Safeguards
Encryption of data in transit using TLS 1.3 and SSL protocols.
Encryption of sensitive data at rest using AES-256 encryption standards.
Secure password hashing using bcrypt and industry-standard algorithms.
Regular security audits, penetration testing, and vulnerability assessments.
Firewalls, intrusion detection, and intrusion prevention systems.
Secure development practices and code review processes.
Access Controls
Role-based access controls limit employee access to user data on a need-to-know basis.
Multi-factor authentication required for administrative and privileged access.
Regular access reviews, permission audits, and access revocation procedures.
Unique credentials and audit logging for all system access.
Operational Security
Comprehensive employee security training and awareness programs.
Confidentiality agreements and background checks for employees with data access.
Incident response procedures and breach notification protocols.
Regular backup, disaster recovery testing, and business continuity planning.
Vendor security assessments and contractual security requirements for third-party providers.
Payment Security
PCI-DSS Level 1 compliant payment processing through certified providers.
We do not store full credit card numbers, CVV codes, or sensitive payment data on our servers.
Payment information is tokenized and processed by certified payment service providers.
Security Limitations
No system can guarantee absolute security. While we implement strong safeguards, we cannot guarantee that unauthorized access, disclosure, or breach will never occur.
Users are responsible for maintaining the confidentiality of their account credentials and reporting any suspected unauthorized access immediately.
7. Cookies and Tracking Technologies
We use cookies and similar technologies to operate, improve, and personalize our platform.
What Are Cookies
Cookies are small text files stored on your device when you visit a website. They help websites remember information about your visit and preferences.
Types of Cookies We Use
Essential Cookies are required for platform functionality including login, session management, security features, and user preferences. These cookies cannot be disabled without affecting platform operation and do not require consent.
Analytics Cookies help us understand how users interact with the platform. They collect anonymized usage data including pages visited, time on site, and navigation patterns. Providers include Google Analytics and similar services. These cookies can be disabled through your preferences.
Functional Cookies remember your preferences, settings, and choices. They enable personalized features, language preferences, and recent activity. These cookies enhance user experience but are not strictly necessary.
Advertising Cookies are used to deliver relevant advertisements and measure campaign effectiveness. They may track activity across websites to build interest profiles. These cookies can be disabled through your preferences or browser settings.
Cookie Management
You can manage cookie preferences through our cookie consent banner displayed on first visit.
Browser settings allow you to block, delete, or manage cookies for individual websites.
Disabling essential cookies may significantly affect platform functionality.
You can reset your cookie preferences at any time through the Privacy Settings in your account.
Do Not Track Signals
We honor Do Not Track browser signals by disabling non-essential tracking and analytics cookies when detected.
Other Tracking Technologies
We may also use web beacons, pixel tags, and similar technologies for analytics and email tracking purposes.
8. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information.
Right to Access
You have the right to request a copy of the personal information we hold about you.
We will provide this information in a commonly used electronic format within 30 days.
Right to Correction
You have the right to request correction of inaccurate, incomplete, or outdated personal information.
You can update most information directly through your account settings.
Right to Deletion
You have the right to request deletion of your personal information, subject to legal retention requirements and legitimate business needs.
Deletion requests will be processed within 30 days of verification.
Right to Data Portability
You have the right to receive your personal information in a structured, commonly used, machine-readable format.
You may request transfer of your data to another service provider where technically feasible.
Right to Restriction
You have the right to request restriction of processing in certain circumstances, such as when you contest data accuracy or object to processing.
Right to Object
You have the right to object to processing based on legitimate interests.
You have the right to object to processing for direct marketing purposes at any time.
Right to Withdraw Consent
Where processing is based on your consent, you have the right to withdraw that consent at any time.
Withdrawal does not affect the lawfulness of processing before withdrawal.
Right to Lodge Complaint
You have the right to lodge a complaint with a data protection supervisory authority in your jurisdiction.
Exercising Your Rights
To exercise these rights, contact us at privacy@z22u.com with your request.
We will verify your identity before processing requests to protect your information.
We will respond to requests within 30 days or as required by applicable law.
We may request additional information to verify your identity or clarify your request.
There is no fee for exercising your rights, except in cases of manifestly unfounded or excessive requests.
9. International Data Transfers
Z22U is operated from the United States. Your information may be transferred to, stored, and processed in the United States and other countries where we or our service providers operate.
Transfer Safeguards
We use Standard Contractual Clauses approved by the European Commission for transfers from the EU/EEA/UK to countries without adequate data protection.
We implement supplementary measures where required to ensure adequate protection.
We ensure all service providers in other countries provide contractually adequate data protection.
United States Law
Data transferred to and processed in the United States is subject to US federal and state laws.
US law may differ from data protection laws in your home country.
By using Z22U, you consent to the transfer of your information to the United States.
10. GDPR Compliance (European Users)
If you are located in the European Economic Area, United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and related laws apply to our processing of your personal information.
Legal Basis for Processing
Contract: Processing necessary to perform our contract with you and provide our services.
Legitimate Interests: Processing necessary for our legitimate interests including fraud prevention, security, platform improvement, and marketing, where these interests are not overridden by your rights.
Consent: Processing based on your freely given, specific, informed consent, such as for marketing communications and non-essential cookies.
Legal Obligation: Processing necessary to comply with legal obligations to which we are subject.
Data Controller
Z2LIVE, INC. is the data controller responsible for your personal information.
Address: 1601 2nd Avenue, Suite 800, Seattle, WA 98101, United States.
EU/UK Representative
For users in the EU, EEA, and UK, our designated representative can be contacted at eu-representative@z22u.com.
Data Protection Officer
Our Data Protection Officer oversees our data protection compliance and can be contacted at dpo@z22u.com.
Supervisory Authority
You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your data protection rights.
11. CCPA Compliance (California Users)
If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide additional rights regarding your personal information.
Categories of Personal Information Collected
Identifiers such as name, email address, username, IP address, and device identifiers.
Commercial information such as transaction history, purchase records, and account activity.
Internet and network activity such as browsing history, search queries, and usage data.
Geolocation data based on IP address.
Professional and employment information for seller verification.
Inferences drawn from the above to create profiles.
Sources of Personal Information
Directly from you when you provide information.
Automatically through your use of our platform.
From third-party service providers and partners.
Purposes for Collection
As described in Section 3 of this Privacy Policy.
Your CCPA Rights
Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collection, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
Right to Limit Use of Sensitive Information: You have the right to limit the use and disclosure of sensitive personal information.
Right to Non-Discrimination: You have the right to not receive discriminatory treatment for exercising your CCPA rights.
Sale of Personal Information
Z22U does not sell personal information as defined by CCPA.
We do not exchange personal information for monetary or other valuable consideration.
We do not share personal information for cross-context behavioral advertising.
Sensitive Personal Information
We may collect sensitive personal information including government identifiers for seller verification. This information is used only for verification purposes and is not used for profiling or advertising.
Exercising CCPA Rights
Submit requests at privacy@z22u.com or through your account privacy settings.
You may also call us at our toll-free number (available upon request).
We will verify your identity before processing requests using information you have previously provided.
Authorized agents may submit requests on your behalf with proper written authorization and identity verification.
We will respond to verified requests within 45 days, with extensions up to 90 days when necessary.
12. Other State Privacy Laws
We comply with applicable state privacy laws including:
Virginia Consumer Data Protection Act (VCDPA)
Colorado Privacy Act (CPA)
Connecticut Data Privacy Act (CTDPA)
Utah Consumer Privacy Act (UCPA)
If you are a resident of these states, you may have similar rights to those described in Section 8 and Section 11. Contact us at privacy@z22u.com to exercise your rights.
13. Children’s Privacy
Z22U is not intended for users under the age of 18.
We do not knowingly collect personal information from children under 18.
We do not knowingly allow children under 18 to register for accounts or use our services.
If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
If you believe a child under 18 has provided us with personal information, please contact us immediately at privacy@z22u.com.
Parents or guardians who believe their child has provided personal information may request deletion by contacting us.
14. Third-Party Links and Services
Z22U may contain links to third-party websites, applications, or services that are not operated by us.
We are not responsible for the privacy practices, content, or security of third-party services.
This Privacy Policy does not apply to any third-party services you access through Z22U.
We encourage you to review the privacy policies of any third-party services before providing personal information.
Inclusion of third-party links does not imply endorsement of those services.
15. Communication Preferences
Transactional Communications
We send transactional emails for essential purposes including order confirmations, delivery notifications, payment receipts, dispute updates, account security alerts, and policy changes.
These communications are necessary for platform operation and cannot be opted out of while maintaining an active account.
Marketing Communications
You may receive marketing emails about promotions, new features, and platform updates with your consent.
You can opt out of marketing communications at any time through account settings, unsubscribe links in emails, or by contacting us.
Opting out of marketing does not affect transactional communications.
Push Notifications
Mobile app users may receive push notifications for orders, messages, and alerts.
Push notifications can be managed through your device settings or app preferences.
SMS Communications
We may send SMS messages for security verification codes, critical account alerts, and delivery notifications.
You can opt out of non-essential SMS through account settings.
Security-related SMS cannot be disabled for account protection.
16. Account Security Recommendations
To help protect your account and personal information, we recommend:
Use a strong, unique password for your Z22U account containing letters, numbers, and special characters.
Enable two-factor authentication when available for additional security.
Do not share your account credentials, verification codes, or login information with others.
Log out of your account when using shared or public devices.
Keep your email account secure as it is used for account recovery.
Be cautious of phishing attempts and suspicious emails claiming to be from Z22U.
Verify you are on the official z22u.com website before entering credentials.
Report any suspicious activity, unauthorized access, or security concerns to support@z22u.com immediately.
Regularly review your account activity and transaction history.
Keep your contact information current so we can reach you about security issues.
17. Data Breach Notification
In the event of a data breach that affects your personal information:
We will investigate the incident promptly and take steps to contain and remediate the breach.
We will notify affected users without undue delay and within timeframes required by applicable law.
Notification will include the nature of the breach, types of information affected, steps we are taking, and steps you can take to protect yourself.
We will notify relevant supervisory authorities as required by law.
We maintain incident response procedures and conduct regular security assessments to minimize breach risks.
18. Automated Decision-Making
We may use automated systems and algorithms in limited circumstances:
Fraud detection and prevention based on transaction patterns and risk signals.
Account security monitoring for suspicious activity.
Content moderation for policy violations.
Product recommendations based on browsing history.
You have the right to request human review of significant automated decisions that affect you.
You may contact us to inquire about automated processing affecting your account.
19. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons.
Notification of Changes
We will notify you of material changes via email notification to your registered email address, platform notification upon login, prominent announcement on the Z22U website, and updated effective date at the top of this page.
Review Period
Material changes will be notified at least 30 days before taking effect unless circumstances require more immediate changes.
Acceptance of Changes
Continued use of Z22U after the effective date of changes constitutes acceptance of the updated Privacy Policy.
If you do not agree with the changes, you should discontinue use before the effective date and may request account deletion.
Previous Versions
Previous versions of this Privacy Policy are available upon request by contacting privacy@z22u.com.
20. Contact Us
If you have questions, concerns, requests, or complaints regarding this Privacy Policy or our data practices, contact us:
Z2LIVE, INC.
1601 2nd Avenue, Suite 800
Seattle, WA 98101
United States
Privacy Inquiries: privacy@z22u.com
Data Protection Officer: dpo@z22u.com
EU/UK Representative: eu-representative@z22u.com
General Support: support@z22u.com
Website: z22u.com/contact
We will acknowledge receipt of your inquiry within 5 business days.
We will respond to privacy requests within 30 days or as required by applicable law.
For complex requests, we may extend the response period and will notify you of any extension.
Summary of Key Points
|Topic |Summary |
|---------------------|------------------------------------------------------------------------|
|Data Controller |Z2LIVE, INC., Seattle, WA, USA |
|Information Collected|Account data, transaction data, usage data, verification documents |
|How We Use Data |Platform operations, security, improvement, communications |
|Data Sharing |Service providers, legal requirements, with user consent |
|Data Retention |Varies by data type from 1 to 7 years depending on category |
|Security Measures |Encryption, access controls, PCI compliance, regular audits |
|User Rights |Access, correction, deletion, portability, objection, consent withdrawal|
|GDPR Compliance |Full compliance for EU/EEA/UK users |
|CCPA Compliance |Full compliance for California residents |
|No Data Sales |We do not sell personal information |
|Children |Not intended for users under 18 |
|Contact |[privacy@z22u.com](mailto:privacy@z22u.com) |
