Zenedu stands with Ukraine and its people
Join us
1. Introduction
Welcome to Zenedu. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information in compliance with the General Data Protection Regulation (GDPR).
2. Our Role: Controller and Processor
Zenedu has two roles, depending on whose data we handle.
We are the Data Controller for data about our own clients — the creators and merchants who use the platform — and our website visitors. This covers account, billing, security, and product analytics data.
We are a Data Processor for data about our clients' subscribers — the end users who access a client's content through the platform, such as their Telegram ID, name, email, and progress. Here the client is the Controller, and we process this data only on the client's instructions.
As the Controller of their subscribers' data, the client is responsible for informing those subscribers and obtaining any consent needed. Subscriber data is kept for as long as the client requires, and we delete or return it when the client asks or when their account ends.
3. Data We Collect
We collect and process the following types of personal data:
— Account Information: Name, email, Telegram ID
— Subscription Data: Information about your plan, activation, and renewal dates
— Usage Data: Logs of user activity on our platform
— Referral Data: Information on who referred a user
— Technical Data: IP address, browser type, and device information.
— Analytics & Tracking: We use cookies and tracking tools such as Google Analytics, Mixpanel and Meta Pixel
4. Purpose of Data Collection
We use personal data for which we are the Controller to:
— Provide access to our platform and services
— Process payments and manage subscriptions
— Improve user experience through analytics and tracking
— Ensure security and prevent fraud
— Provide customer support and communication
— Enable referral programs and marketing campaigns
— Allow users to request data export and deletion
5. Data Storage and Security
— All user data is stored on AWS servers located in Germany
— We implement protection against DDoS attacks and restrict unauthorized access
— Data transmission is secured using TLS encryption
— Access to sensitive data is restricted to authorized personnel
— Logs of security events are monitored to detect potential threats
— Users can request two-factor authentication (2FA) for additional security
— Regular encrypted backups are maintained to ensure data recovery in case of system failure
6. Third-Party Data Sharing
We integrate third-party services, including but not limited to analytics, payment processing, customer support, and marketing platforms, which may process user data in accordance with their respective privacy policies.
Where we act as a Processor, we use trusted third-party sub-processors to help run the platform, each bound by contracts requiring data protection consistent with this Policy.
7. Google User Data (Google Sheets Integration)
Zenedu offers an optional integration that lets you connect your Google account to export data into your own Google Sheets. This section explains how we handle data obtained through Google APIs. Scopes we request and why:
— https://www.googleapis.com/auth/spreadsheets — to write and update rows in the Google Sheets you choose, so your subscriber and order data can be exported automatically.
— https://www.googleapis.com/auth/drive.file — used only with the Google Picker, so you can select which specific spreadsheets Zenedu may write to. We access only the files you explicitly select; we
cannot see or access any other files in your Google Drive.
— https://www.googleapis.com/auth/userinfo.email — to identify the connected Google account and display it to you. How we use this data:
— We use the access granted solely to write the data you configure (such as subscriber name, email, and order status) into the spreadsheets you select.
— We do not use Google user data for advertising, profiling, or any purpose unrelated to providing the Sheets integration. Storage:
— We store OAuth access and refresh tokens in encrypted form, used only to perform the export actions you set up.
— We do not store the contents of your spreadsheets on our servers.
— You can revoke Zenedu's access at any time from your Google Account security settings (https://myaccount.google.com/permissions) or by disconnecting the integration in Zenedu. Sharing:
— We do not transfer Google user data to third parties, and we do not use it to train any AI or machine learning models. Limited Use:
Zenedu's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy
(https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements.
8. Data Retention and Deletion
— User data is retained as long as necessary to fulfill the purposes outlined above
— Inactive accounts are automatically deleted after 6 months of inactivity
— Users may request deletion of their data by contacting support
— Users can request an export of their data for transfer to another service
9. User Rights under GDPR
Under GDPR, users have the following rights:
— Right to Access: Request a copy of the data we hold
— Right to Rectification: Correct inaccurate or incomplete data
— Right to Erasure (“Right to be Forgotten”): Request deletion of personal data
— Right to Data Portability: Export your data for transfer to another service.
— Right to Restriction of Processing: Limit how we process your data.
— Right to Object: Object to data processing for marketing or profiling purposes
To exercise these rights, contact our support team at support@zenedu.io.
10. Data Breach Notification
In the event of a data breach that poses a risk to user rights and freedoms, we will:
— Notify affected users within 72 hours
— Inform relevant regulatory authorities, if required
— Provide details on the breach and mitigation measures
— Take immediate action to minimize any further risks and secure the system
11. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to improve user experience. Users can manage or disable cookies in their browser settings.
12. International Data Transfers
While we do not directly transfer data outside the EU, some third-party services may process data in other jurisdictions. We rely on Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure data protection.
13. Changes to this Policy
We may update this Privacy Policy periodically. Users will be notified of significant changes.
For any questions, please contact us at support@zenedu.io.
