Privacy Policy

Zintro Privacy Policy

Last updated June 14, 2025

LANGUAGES
- Deutsch
- Francais
- Italiano
- Español

GENERAL PRIVACY POLICY

Zintro, Inc. (“Zintro,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data, including information provided by research participants, clients, experts, and visitors to our websites (including www.zintro.com).

By visiting our Website, using our Services, or participating in research activities through Zintro, you consent to the practices described in this Privacy Policy.

DATA TRANSFERS

If you are located outside of the United States, you should be aware that the Personal Data you provide to us is being transmitted to us and processed in the United States, and will be protected subject to this privacy policy and United States laws, which may not be as protective as the laws in your country.

We may need to transfer your personal information to be processed or accessed by third parties in other countries for the limited purpose of providing you service.

PERSONAL DATA WE COLLECT

We may collect the following categories of personal data:

  • General contact details: Name, email, phone number, mailing address.

  • Professional details: Employer, job title, biography, areas of expertise, tools used, work experiences

  • Financial and payment details: Banking information, payment preferences, tax information.

  • Research participant data: Audio/video recordings, transcripts, survey responses, demographic information, and related research materials.

  • Technical information: IP address, browser type, device type, operating system, cookies, and analytics data.

  • Verification data: IDs or documents used to confirm your identity for compliance purposes.

We collect personal data directly from you, through our platform, via communications with our staff, or from trusted third parties (such as background check providers).

HOW WE USE YOUR PERSONAL DATA

We use personal data to:

  • Provide and improve our Services.

  • Match experts and participants with project opportunities.

  • Communicate updates and opportunities.

  • Process payments and administer honoraria.

  • Facilitate research activities on behalf of our clients.

  • Ensure legal and regulatory compliance.

  • Prevent, detect, and investigate fraud or illegal activity.

  • Conduct marketing (with your consent where required).

For research participants: We use your data solely for the purposes disclosed at the time of consent. This may include sharing anonymized or aggregated findings with clients. We do not sell participant data.

HOW WE DISCLOSE PERSONAL DATA

We may share your personal data:

  • With clients for project matching or research participation, as agreed in your consent.

  • With third-party service providers (subprocessors) who support our operations, including:

    • Hosting & infrastructure (e.g., Amazon Web Services)

    • Payment processing

    • Survey and interview tools

    • Analytics providers

    • Communication platforms

  • With legal or regulatory authorities when required by law.

  • In connection with business transfers (e.g., merger, acquisition).

All subprocessors are contractually required to handle your data securely and only for authorized purposes.

DATA SUBJECT REQUESTS PROCESS

You have the right to request access, correction, deletion, portability, or restriction of your personal data.

Process:

  1. Submit a request via Support@Zintro.com or compliance@zintro.com.

  2. Verification: We confirm your identity (e.g., by matching known account information or requesting proof of ID).

  3. Response timeframe:

    • GDPR: within 30 days

    • CCPA: within 45 days (with one possible 45-day extension)

  4. Confirmation: You will receive a written response confirming the action taken.

DATA RETENTION

We retain data only as long as necessary for the purposes described above or as required by law.

Client contact details: Duration of client relationship + 3 years

Expert profiles: Duration of platform membership + 5 years

Research participant data: 3 years after project completion (then anonymized or deleted)

Payment & financial records: 7 years (for tax and accounting)

Web analytics & cookies: 24 months

INFORMATION SECURITY

We use administrative, technical, and physical safeguards to protect personal data, including:

  • Encryption at rest and in transit.

  • Role-based access controls.

  • Secure hosting on Amazon Web Services (AWS).

  • Regular vulnerability scanning and monitoring.

  • Incident response protocols for security breaches.

COOKIES & TRACKING

We use cookies, pixels, and similar technologies for site functionality, analytics, and marketing. You can manage cookies via your browser settings or by using the cookie preferences tool on our website.

INTERNATIONAL DATA TRANSFERS

If you are located outside the United States, your data may be transferred to and processed in the U.S. We use appropriate safeguards (such as Standard Contractual Clauses) when transferring data internationally.

UPDATES TO THE POLICY

We may update this Privacy Policy from time to time. Changes will be posted on our website, with the “Last Updated” date revised accordingly.

CONTACT ZINTRO

For general inquiries and data rights requests:
Email: Support@Zintro.com
Phone: (617) 936-0140
Mail: Zintro, Inc., 68 Harrison Ave #605, PMB 27193, Boston, MA 02111.

SPECIFIC DISCLOSURES FOR THE EUROPEAN ECONOMIC AREA

This section applies to data processing activities of data subjects residing in the European Economic Area as well as, regardless of residence, the processing of any Personal Data in the European Economic Area. In the event there is a conflict between this section and other parts of the Privacy Policy, this section shall control with respect to residents of the European Economic Area. Please also refer to the separate addendum for additional privacy matters related to European Union General Data Protection Regulation and Data Transfer.

“Personal Data,” for purposes of this section, means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Services” means any of our products, services, or deliverables. “Site” means any website operated and controlled by us.

Pursuant to the European Union General Data Protection Regulation (GDPR), we function in the capacity of a “processor” both for the Services we offer to our Clients as well as for the services Experts and other persons offer to our Clients through our platform. The scope of applicable data protections and processing for those Services are set forth in contractual agreements covering the relevant data processing.

Controller versus Processor. We may process certain Personal Data in order to maintain and provide the Services to our Clients, such as names, addresses, email addresses, and other contact information for designated Client representatives or personnel (“Client Relationship Data”). In addition, we may send marketing materials or communications to potential or existing Clients (“Marketing Activities”). For purposes of Client Relationship Data and Marketing Activities, we function as a “data processor” under GDPR. Our disclosures with respect to our processing of data as a data processor are set forth in this Privacy Policy.

1. HOW WE COLLECT AND USE PERSONAL DATA

We describe how we collect and use Personal Data in the “The Personal Data We Collect from You” section of this Privacy Policy.

2. HOW WE DISCLOSE PERSONAL DATA

Our disclosure is limited to circumstances where we are permitted to do so under applicable European and national data protection laws and regulations. We share data with certain types of companies, for purposes of providing Services to Clients and marketing our Services to potential and existing Clients, such as cloud computing companies, cloud communications platform as a service (PaaS), web analytics services, employment-related social networking services, and mailing and emailing services.

3. LEGAL BASIS FOR PROCESSING

We collect and process your Personal Data for a variety of different purposes which are set out in further detail in this section.

In some cases, we will ask for your consent so that we may process your Personal Data. However, in certain circumstances, applicable data protection laws allow us to process your Personal Data without needing to obtain your consent.

3.1. PROCESSING PERSONAL DATA WHERE CONSENT IS NOT REQUIRED

In certain cases, separate consent is not required, including:

  • For the performance of a contract. To perform our contractual obligations to you, including our fulfilling orders or requests you have made, contacting you in relation to any issues with your order or use of our Services, or where we need to provide your Personal Data to our service providers related to the provision of the Services.

  • To comply with legal obligations. To comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process.

  • Legitimate Interests. To operate our business and provide our Services (other than in performing our contractual obligations to you) for our “legitimate interests” and for the purposes of applicable law, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Legitimate interests may include:

    • To communicate with you regarding the Services, including providing you important notices regarding changes to our operations and to address and respond to your requests, inquiries, and complaints.

    • For our direct marketing purposes.

    • To send you surveys in connection with our Services.

    • To assist in the investigation of suspected illegal or wrongful activity, and to protect

    and defend our rights and property, or the rights or safety of third parties.

  • To develop, provide, and improve our Services.

  • To enforce our Terms of Use, License Agreements, or this Privacy Notice, or

    agreements with third parties.

3.2. CONSENT FOR PROCESSING

In cases where we are not already authorized to process the Personal Data under applicable law, we may ask for your consent to process your Personal Data, including:

  • Marketing. We may ask for your consent for Zintro or our partners or vendors to contact you by telephone, SMS, post, and/or email about other offers, products, promotions, developments, or Services which we think may be of interest to you and for other marketing purposes.

  • Use of Cookies. Our Site uses cookies and similar technologies to improve user experience and for analytics. We also use cookies and similar technologies for purposes of including social network sharing capabilities on our main site, analytics, marketing, and session control.

    • A “cookie” is a small text file that a web server stores in browser software. A browser sends cookies to a server when the browser makes a connection to the server (for example, when requesting a web page from the same domain that created the cookie). The purpose of cookies is to remember the browser over time and distinguish one browser instance (or user) from all others. Some cookies and other technologies may serve to track Personal Data previously entered by a web user on our site. Most browsers allow visitors to the website to control cookies, including whether or not to accept them, and how to remove them. Cookies can remember login information, preferences, and similar information.

    • Cookies, as well as other tracking technologies such as HTML5 local storage, Local Shared Objects (such as “Flash” cookies), and similar mechanisms, may record information such as a unique identifier, information visitors to the website enter in a form, IP address, and other categories of data.

    • We also use web beacons or “pixels,” and in certain circumstances may collect IP address, screen resolution and browser software and operating system types; clickstream patterns; dates and times that our site is accessed, and other categories of data.

    • If visitors to the site want to block the use and saving of cookies from the Site onto their computer’s hard drives, he or they should take the necessary steps within your web browser’s settings to block all cookies from the Site and its external serving vendors, or use the cookie control system, if available upon first visit. Please note that if visitors to the website choose to erase or block your cookies, certain parts of our Site may not function correctly. For information on how to disable cookies, refer to your browser’s documentation.

4. INTEREST-BASED ADVERTISING

Interest-based advertising is advertising that is targeted to you based on your web browsing and app usage over time and across websites or apps. You have the option to restrict the use of information for interest-based advertising and to opt out of receiving interest-based ads. Depending on where you access our Site, you may also be asked to consent to our use of cookies, including advertising cookies.

The opt-outs for interest-based advertising require that strictly necessary cookies are not blocked by the settings in your web browser. We support the Self-Regulatory Principles for Online Behavioral Advertising of the Digital Advertising Alliance in the U.S., the Canadian Digital Advertising Alliance in Canada, and the European Digital Advertising Alliance in the EU. If you live in the United States, Canada, or the European Union, you can visit Ad Choices (US), Your Ad Choices (Canada), or Your Online Choices (EU) to find a convenient place to opt out of interest-based advertising with participating entities for each region. These websites also provide detailed information about how interest-based advertising works. Opting out does not mean that you will no longer receive advertising from us, or when you use the Internet. It just means that the data collected from our Website will not be used for interest-based advertising and that the advertising you see displayed on Websites will not be customized to your interests.

5. WITHDRAWING YOUR CONSENT

You may at any time withdraw the consent you provide for the processing of your Personal Data for the purposes set forth in this Privacy Notice by contacting us at Support@Zintro.com, provided that we are not required by applicable law or professional standards to retain such information.

If you want to stop receiving future marketing messages and materials, you can do so by clicking the “unsubscribe” link included in our email marketing messages or by contacting us at Support@Zintro.com.

6. DATA SUBJECT RIGHTS

You have the right in certain circumstances to request confirmation from us as to whether or not we are processing your Personal Data in our capacity as a Controller. Where we are processing your Personal Data as a Controller, you also have the right to request access to, modification of, or deletion of such Personal Data.

You also have the right in certain circumstances to receive the Personal Data concerning you that you provided to us, to restrict processing of your Personal Data, or to transmit such data to another controller.

To exercise your rights with respect to your Personal Data, please contact us at Support@Zintro.com.

7. DE-IDENTIFIED OR ANONYMIZED DATA

We may create de-identified or anonymous data from Personal Data by removing data components (such as your name, email address, or linkable tracking ID) that make the data personally identifiable to you or through obfuscation or through other means. Our use of anonymized data is not subject to this Privacy Notice.

8. DATA RETENTION

We will retain your Personal Data for as long as you remain a Client or an employee of a Client, an Expert in our Network, or maintain an account or agreement or as otherwise necessary. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, comply with applicable industry standards, and be in accordance with disaster recovery procedures.

9. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

You may have a right to lodge a complaint with a supervisory authority.

10. CONTACT ZINTRO

For questions regarding this Privacy Notice, please contact us at: Support@Zintro.com.

SPECIFIC DISCLOSURES FOR CALIFORNIA

Under the California Consumer Privacy Act (CCPA), you have the following rights involving your personal data and information:
1. THE RIGHT TO BE INFORMED

You have the right to know that your personal data and information will be processed or have been processed.


2. THE RIGHT TO ACCESS
You have the right to have access to personal data and information we have about you.

3. THE RIGHT TO OBJECT
You have the right to stop further processing of your personal data and information.


4. THE RIGHT TO ERASURE OR BLOCKING
Also known as the right to be forgotten, you have the right to suspend, withdraw or order the blocking, removal, or destruction of your personal data and information.


5. THE RIGHT TO DAMAGES
You have the right to be indemnified for any damage suffered from the unauthorized processing of your personal data and information.


6. THE RIGHT TO RECTIFY

You have the right to correct inaccuracies or errors and demand correction of your personal data and information.


7. THE RIGHT TO DATA PORTABILITY

You have the right to get a copy of personal data and information that is processed by electronic means and in a structured and commonly used format.

Zintro adopts this notice to comply with the California Consumer Privacy Act (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this CCPA Notice.

If you are located in California, you may contact us at compliance@zintro.com or by phone at 617-936-0140 regarding your privacy rights under the California Consumer Privacy Act (CCPA).