Z22U is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at z22u.com.

Z22U is operated by Z2LIVE, INC., a company incorporated in Washington State, USA, with principal offices at 1601 2nd Avenue, Suite 800, Seattle, WA 98101, United States.

By using Z22U, you consent to the data practices described in this Privacy Policy. If you do not agree with these practices, please do not use our platform.

This Privacy Policy applies to all users of Z22U, including buyers, sellers, and visitors.

Information You Provide Directly

• Account registration information including your name, email address, username, and password.
• Profile information including display name, profile picture, and bio.
• Identity verification documents for sellers including government-issued ID, proof of address, and phone number.
• Payment information including billing address, payment method details, and transaction history.
• Communication data including messages with other users, support tickets, and feedback submissions.
• Product listing information provided by sellers including descriptions, images, pricing, and delivery terms.

Information Collected Automatically

• Device information including IP address, browser type and version, operating system, and device identifiers.
• Usage data including pages visited, features used, time spent on platform, click patterns, and referral sources.
• Location data including approximate geographic location based on IP address.
• Cookies and similar tracking technologies as described in Section 7 of this Privacy Policy.
• Log data including access times, error logs, and system activity.

Information From Third Parties

• Payment processors provide transaction confirmation, payment status, and fraud prevention data.
• Identity verification services provide document validation results and verification status.
• Analytics providers provide aggregated usage statistics and performance metrics.
• Social media platforms provide profile information if you choose to connect accounts.

Platform Operations

• To create, manage, and secure your account.
• To process transactions between buyers and sellers.
• To facilitate communication between users through our messaging system.
• To provide customer support and respond to your inquiries.
• To verify seller identities and maintain marketplace integrity.
• To deliver products and services you request.
• To manage your account preferences and settings.

Safety and Security

• To detect, prevent, and investigate fraud, abuse, and security threats.
• To enforce our Terms of Service, Seller Rules, and other platform policies.
• To verify user identities and prevent unauthorized account access.
• To protect the rights, property, and safety of Z22U, our users, and the public.
• To comply with legal obligations, court orders, and law enforcement requests.
• To monitor for violations of our policies and applicable laws.

Platform Improvement

• To analyze usage patterns and improve platform features and functionality.
• To develop new products, services, and features.
• To conduct research, analytics, and performance measurement.
• To personalize user experience and product recommendations.
• To test and implement new technologies and processes.

Communications

• To send transactional emails including order confirmations, delivery updates, and dispute notifications.
• To send service announcements, maintenance notices, and platform updates.
• To send marketing and promotional communications with your consent.
• To respond to your inquiries, feedback, and support requests.
• To notify you of changes to our policies or services.

With Other Users

• Buyers see seller display names, ratings, reviews, and listing information.
• Sellers see buyer usernames and delivery information necessary to complete transactions.
• Users see each other's messages within the Z22U messaging system.
• Public profile information is visible to other users as configured in your settings.

With Service Providers

• Payment processors to process transactions securely and prevent fraud.
• Identity verification services to validate seller documents and verify identities.
• Cloud hosting and infrastructure providers to store and manage platform data.
• Analytics providers to understand platform usage and improve services.
• Customer support tools and providers to manage inquiries and tickets.
• Email and communication service providers to send notifications and messages.
• Security providers to protect against threats and unauthorized access.

All service providers are contractually required to protect your data, use it only for specified purposes, and maintain confidentiality.

For Legal and Safety Reasons

• To comply with applicable laws, regulations, legal processes, and governmental requests.
• To respond to lawful requests from law enforcement and government authorities.
• To enforce our Terms of Service, Privacy Policy, and other agreements.
• To protect the rights, property, safety, and security of Z22U, our users, and the public.
• To detect, prevent, and address fraud, security threats, and illegal activities.
• To establish, exercise, or defend legal claims.

Business Transfers

In connection with a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring or successor entity. You will be notified of any such transfer via email and platform notification. Any successor entity will be bound by this Privacy Policy until updated with proper notice.

Account Information

• Active account data is retained while your account remains open and active.
• After account closure, basic account records are retained for 3 years for legal compliance, dispute resolution, and fraud prevention.

Transaction Records

Transaction data including purchase history, payment records, and order details is retained for 7 years to comply with financial regulations, tax requirements, and legal obligations.

Identity Verification Documents

• Seller verification documents are retained for 5 years after account closure or last transaction, whichever is later.
• Documents are stored securely with encryption and access controls.

Communication Records

• Messages between users are retained for 2 years after account closure.
• Support tickets and correspondence are retained for 3 years.

Usage Data

• Anonymized and aggregated usage data may be retained indefinitely for analytics and platform improvement.
• Identifiable usage logs and access records are retained for 1 year.

Deletion Requests

• You may request deletion of your data subject to legal retention requirements and legitimate business needs.
• Some data may be retained in anonymized form for analytics purposes.
• We will confirm completion of deletion requests within 30 days.

Technical Safeguards

• Encryption of data in transit using TLS 1.3 and SSL protocols.
• Encryption of sensitive data at rest using AES-256 encryption standards.
• Secure password hashing using bcrypt and industry-standard algorithms.
• Regular security audits, penetration testing, and vulnerability assessments.
• Firewalls, intrusion detection, and intrusion prevention systems.

Access Controls

• Role-based access controls limit employee access to user data on a need-to-know basis.
• Multi-factor authentication required for administrative and privileged access.
• Regular access reviews, permission audits, and access revocation procedures.
• Unique credentials and audit logging for all system access.

Payment Security

• PCI-DSS Level 1 compliant payment processing through certified providers.
• We do not store full credit card numbers, CVV codes, or sensitive payment data on our servers.
• Payment information is tokenized and processed by certified payment service providers.

Types of Cookies We Use

• Essential Cookies are required for platform functionality including login, session management, security features, and user preferences. These cannot be disabled without affecting platform operation.
• Analytics Cookies help us understand how users interact with the platform. They collect anonymized usage data. These cookies can be disabled through your preferences.
• Functional Cookies remember your preferences, settings, and choices to enable personalized features.
• Advertising Cookies are used to deliver relevant advertisements and measure campaign effectiveness. These can be disabled through your preferences or browser settings.

Cookie Management

• You can manage cookie preferences through our cookie consent banner displayed on first visit.
• Browser settings allow you to block, delete, or manage cookies for individual websites.
• You can reset your cookie preferences at any time through the Privacy Settings in your account.

We honor Do Not Track browser signals by disabling non-essential tracking and analytics cookies when detected.

• Right to Access: You have the right to request a copy of the personal information we hold about you. We will provide this within 30 days.
• Right to Correction: You have the right to request correction of inaccurate, incomplete, or outdated personal information.
• Right to Deletion: You have the right to request deletion of your personal information, subject to legal retention requirements. Requests will be processed within 30 days.
• Right to Data Portability: You have the right to receive your personal information in a structured, machine-readable format.
• Right to Restriction: You have the right to request restriction of processing in certain circumstances.
• Right to Object: You have the right to object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.
• Right to Lodge Complaint: You have the right to lodge a complaint with a data protection supervisory authority in your jurisdiction.

• We use Standard Contractual Clauses approved by the European Commission for transfers from the EU/EEA/UK to countries without adequate data protection.
• We implement supplementary measures where required to ensure adequate protection.
• We ensure all service providers in other countries provide contractually adequate data protection.

By using Z22U, you consent to the transfer of your information to the United States where US federal and state laws apply.

Legal Basis for Processing

• Contract: Processing necessary to perform our contract with you and provide our services.
• Legitimate Interests: Processing necessary for fraud prevention, security, platform improvement, and marketing, where not overridden by your rights.
• Consent: Processing based on your freely given consent, such as for marketing communications and non-essential cookies.
• Legal Obligation: Processing necessary to comply with legal obligations to which we are subject.

Key Contacts

• Data Controller: Z2LIVE, INC., 1601 2nd Avenue, Suite 800, Seattle, WA 98101, United States.
• EU/UK Representative: eu-representative@z22u.com
• Data Protection Officer: dpo@z22u.com

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your data protection rights.

Your CCPA Rights

• Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Information: You have the right to limit the use and disclosure of sensitive personal information.
• Right to Non-Discrimination: You have the right to not receive discriminatory treatment for exercising your CCPA rights.

Exercising CCPA Rights

Submit requests at privacy@z22u.com or through your account privacy settings. We will respond to verified requests within 45 days, with extensions up to 90 days when necessary.

• Virginia Consumer Data Protection Act (VCDPA)
• Colorado Privacy Act (CPA)
• Connecticut Data Privacy Act (CTDPA)
• Utah Consumer Privacy Act (UCPA)

If you are a resident of these states, you may have similar rights to those described in Sections 8 and 11. Contact us at privacy@z22u.com to exercise your rights.

• We do not knowingly collect personal information from children under 18.
• We do not knowingly allow children under 18 to register for accounts or use our services.
• If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

If you believe a child under 18 has provided us with personal information, please contact us immediately at privacy@z22u.com.

• We are not responsible for the privacy practices, content, or security of third-party services.
• This Privacy Policy does not apply to any third-party services you access through Z22U.
• We encourage you to review the privacy policies of any third-party services before providing personal information.
• Inclusion of third-party links does not imply endorsement of those services.

Transactional Communications

We send transactional emails for essential purposes including order confirmations, delivery notifications, payment receipts, dispute updates, account security alerts, and policy changes. These communications are necessary for platform operation and cannot be opted out of while maintaining an active account.

Marketing Communications

You may receive marketing emails about promotions, new features, and platform updates with your consent. You can opt out of marketing communications at any time through account settings, unsubscribe links in emails, or by contacting us. Opting out of marketing does not affect transactional communications.

Push Notifications & SMS

• Mobile app users may receive push notifications for orders, messages, and alerts. These can be managed through your device settings or app preferences.
• We may send SMS messages for security verification codes, critical account alerts, and delivery notifications. You can opt out of non-essential SMS through account settings.

• Use a strong, unique password for your Z22U account containing letters, numbers, and special characters.
• Enable two-factor authentication when available for additional security.
• Do not share your account credentials, verification codes, or login information with others.
• Log out of your account when using shared or public devices.
• Keep your email account secure as it is used for account recovery.
• Be cautious of phishing attempts and suspicious emails claiming to be from Z22U.
• Verify you are on the official z22u.com website before entering credentials.
• Report any suspicious activity, unauthorized access, or security concerns to support@z22u.com immediately.
• Regularly review your account activity and transaction history.
• Keep your contact information current so we can reach you about security issues.

• We will investigate the incident promptly and take steps to contain and remediate the breach.
• We will notify affected users without undue delay and within timeframes required by applicable law.
• Notification will include the nature of the breach, types of information affected, steps we are taking, and steps you can take to protect yourself.
• We will notify relevant supervisory authorities as required by law.
• We maintain incident response procedures and conduct regular security assessments to minimize breach risks.

• Fraud detection and prevention based on transaction patterns and risk signals.
• Account security monitoring for suspicious activity.
• Content moderation for policy violations.
• Product recommendations based on browsing history.

You have the right to request human review of significant automated decisions that affect you. Contact us to inquire about automated processing affecting your account.

• We will notify you of material changes via email notification to your registered email address, platform notification upon login, and prominent announcement on the Z22U website.
• Material changes will be notified at least 30 days before taking effect unless circumstances require more immediate changes.
• Continued use of Z22U after the effective date of changes constitutes acceptance of the updated Privacy Policy.
• If you do not agree with the changes, you should discontinue use before the effective date and may request account deletion.
• Previous versions of this Privacy Policy are available upon request by contacting privacy@z22u.com.

• Z2LIVE, INC.
• 1601 2nd Avenue, Suite 800, Seattle, WA 98101, United States
• Privacy Inquiries: privacy@z22u.com
• Data Protection Officer: dpo@z22u.com
• EU/UK Representative: eu-representative@z22u.com
• General Support: support@z22u.com

We will acknowledge receipt of your inquiry within 5 business days and respond to privacy requests within 30 days or as required by applicable law.