Zyntral Privacy Policy

The controller responsible for the personal data described in this Policy is ZYNTRAL LLC.

Where Zyntral processes personal data on behalf of a client within an operation, Zyntral may act as a processor with respect to that data and the client will be the controller, as defined in the applicable contract or processing addendum.

This Policy explains how Zyntral collects, uses, retains, shares and protects personal data when a person visits the website, requests information, contracts services, uses client accounts, participates in logistics operations or communicates with Zyntral.

It does not apply to third-party sites, platforms, warehouses, carriers, payment gateways, marketplaces, social networks or services that have their own privacy policies.

Data may come directly from the data subject, from the client company, from authorized users, suppliers, factories, warehouses, carriers, agents, marketplaces, technology integrations, support tools, public sources or authorities when necessary for the operation.

We may share strictly necessary data with technology service providers, hosting, email, CRM, ticketing, WMS/OMS, analytics, cybersecurity, legal/accounting advisors, suppliers, factories, warehouses, carriers, freight forwarders, customs agents, brokers, insurers, banks, payment gateways, authorities and other third parties required to execute the service or comply with the law.

Zyntral requires third parties to process data in accordance with instructions, contracts, security measures and confidentiality obligations where applicable.

Given the international nature of the services, data may be processed or transferred to the United States, China, destination countries and other countries where suppliers, warehouses, systems or operational partners are located.

Where GDPR/UK GDPR applies and data is transferred outside the EEA/UK to countries without an adequacy decision, Zyntral will endeavor to apply appropriate safeguards, such as standard contractual clauses, processing agreements, technical and organizational measures, and assessments where necessary.

The client acknowledges that some transfers are necessary to execute the international operations requested by the client.

We will retain data for as long as necessary to fulfill the described purposes, execute contracts, resolve incidents, maintain operational records, comply with legal/tax/customs obligations, respond to claims and protect rights.

Specific periods may vary depending on the type of document, country, legal obligation, statute of limitations and operational need. When data is no longer necessary, it will be deleted, anonymized or archived.

Zyntral will apply reasonable administrative, technical and organizational security measures to protect data against unauthorized access, loss, alteration, disclosure or destruction. Measures may include access controls, role-based permissions, passwords, activity logs, encryption where applicable, backups, confidentiality agreements, provider selection and internal reviews.

No system is completely secure. The client must protect their credentials, limit sub-users, review permissions and report unauthorized access or data errors.

The website may use technically necessary technologies to function correctly, maintain security and enable navigation.

If tools such as Google Analytics, Meta Pixel, LinkedIn Insight Tag or similar are incorporated in the future, Zyntral will update this Policy and enable the appropriate information or consent mechanisms.

Zyntral may send B2B communications about services, news, content, proposals or commercial follow-up when there is a prior relationship, legitimate interest or consent.

The recipient may unsubscribe or request to stop receiving promotional communications using the link or contact indicated in each communication.

Depending on applicable law, individuals may have the right to access, rectify, update, delete, object, restrict processing, request portability, withdraw consent and file a complaint with the competent authority.

If a U.S. state privacy law applies to Zyntral, covered residents may have additional rights, such as knowing the categories of data collected, requesting deletion, correcting data, obtaining information about disclosures, limiting certain uses or opting out of the sale/sharing of data for behavioral advertising.

Zyntral does not intend to sell personal data. If technologies that legally qualify as a sale or sharing are used in the future, this Policy will be updated and opt-out mechanisms will be enabled where appropriate.

If you are in a Latin American country with applicable data protection law, you may have rights of access, rectification, cancellation, objection, consent withdrawal or other equivalent local rights.

Zyntral will evaluate each request in accordance with applicable law, the corresponding contract and the B2B nature of the relationship.

Zyntral's services are directed at businesses and professionals. They are not intended for minors. If Zyntral detects that it has received data from a minor without valid authorization, it will take reasonable steps to delete it.

Zyntral does not make automated decisions with legal or significantly similar effects on natural persons unless expressly informed and there is a legal basis. Some tools may assist in classifying tickets, analyzing queries, detecting errors or prioritizing operations, always under human review or control when necessary.

Zyntral's platforms may contain links or integrations with third-party platforms. Zyntral does not control their privacy, security practices or content. Users should review their policies before providing data to third parties.

Zyntral may update this Policy to reflect legal, technological, operational or commercial changes. The current version will be the one published on the website with the last updated date.

When the change is material, Zyntral may communicate it by reasonable means.