Zengobi Privacy Policy

Last updated on June 6, 2018

Your Privacy

Your privacy is important to Zengobi. This Privacy Policy details how we collect, use, and store your information. If you have questions or concerns please contact us.

In this document, personal information is data that can be used to identify or contact a single person, while non-personal information is data in a form that does not, on its own, permit direct association with any specific individual.

Purchasing via Paddle

For our online sales, we rely on Paddle to act as our Merchant of Record. When you purchase a Zengobi product, they handle the checkout process, including payment processing, fraud detection, handling of taxes, and compliance with local laws and regulations. You can view Paddle’s privacy policy here and their GDPR statement here.

Once Paddle authorizes payment for a Zengobi product, it establishes a direct, secure connection to our server so we can process the order and return a generated product license key. Via this connection we receive your email address, along with non-personal information such as country of purchase, price paid, and quantity ordered. Zengobi does not receive payment details such as your credit card number, nor do we have access to that information via Paddle’s vendor interface.

We also receive the state of the Paddle opt-in checkbox which asks if you’d like to receive product updates and offers from Zengobi via email. This option is unchecked by default and is completely optional. If you do opt-in, it is possible to opt-out at any time.

Some orders may involve supplemental information that you fill out at the beginning of the order process, which will also be sent over that same secure connection. For example, to offer discounted upgrade pricing and appropriate upgrade options, we request your current license key and registered email. To offer discounted academic pricing, we request your academic credentials.

We collect and store the following information:
  • Your email address and license key, both of which are considered personal information as they uniquely identify you.
  • Your email address is also stored in a separate mailing list table, if you opted-in to our mailing list.
  • Non-personal information including your country and, if an academic order, your school type (e.g., university or secondary school) and academic affiliation (e.g., student or instructor). No other academic credentials are stored.
We use the information we collect for the following:
  • Your email address and license key are used so we can retrieve lost license keys, to verify prior purchases so we can offer discounted upgrade pricing, and to send complimentary upgrade keys if you purchased within a major release grace period.
  • If you opted-in to our mailing list, your email address will be used to send you product updates and offers regarding your purchased product via email. You may opt-out of these emailings at any time, and each email we send includes an unsubscribe link in the footer which you can use to instantly unsubscribe from future emails. See below for more details on Mailing List Subscriptions.
  • We use non-personal information such as country and school type for analytics and to improve our product features and offerings.

Purchasing via Apple

We may also rely on Apple to sell or provide products or services. You can view Apple’s privacy policy here. We receive no personal details from Apple regarding a sale, only that a financial transaction of a specified value has occurred.

Extended Trials

While initial product trials ask for no information, requesting an optional extended trial requires you to submit your email address so you can receive an extended trial license key via email. You can optionally sign up for our mailing list, as described below, although this is not required to extend your trial.

We collect and store the following information:
  • An obfuscated, one-way hash of your email address. It is impossible to turn a hash back into the original email address.
We use the information we collect for the following:
  • We use that hash value to track trial-to-purchase conversion analytics and so we can enforce the restriction of only a single trial extension per major version release per individual.

Mailing List Subscriptions

Anyone can subscribe to Zengobi’s mailing list to learn more about our products and offers. No purchase is necessary. When you sign up, you must (1) opt-in to the emailings and, (2) indicate that you agree to our Terms and Conditions and this Privacy Policy. Both of these options are unchecked by default.

After submitting your email address, we will send you a confirmation email to verify your email address and allow you to confirm the subscription by clicking a confirmation link. Only after clicking the confirmation link will your email address be added to our mailing list. We use this double opt-in mechanism as a stronger verification of opt-in as these are submitted from our general mailing list subscription page, as opposed to the single opt-in required during the product purchase process.

We collect and store the following information:
  • We store your email address.
We use the information we collect for the following:
  • To send you product updates and offers via email. You may opt-out of these emailings at any time, and each email we send includes an unsubscribe link in the footer which you can use to instantly unsubscribe from future emails. If you decide to opt-out, we mark that entry in our database as opt-out, and replace your email address with an obfuscated, one-way hash which we can use for analytics. It is impossible to turn a hash back into the original email address.

Zengobi Forums

The Zengobi Forums discussion forums are managed using the Discourse software service running on one of our servers. We provide these forums so existing users and potential users of Zengobi’s products can post questions and share information about our products.

We collect and store the following information:
  • When you visit a forum, whether you have a registered account or not, the forum uses cookies, server logs, and other methods to collect data about what pages you visit and when.
  • When registering on our forums, you will be asked to enter a user name, which is visible to the public, and an email address, which is visible only to forum administrators. Your email address will be verified by an email containing a unique link. If that link is visited, we know that you control the email address. You may, however, visit our forums without registering.
  • We collect the content of your posts, plus data about bookmarks, likes, and links you follow in order to share that data with others through the forum. If the forum is public, this activity is public. If the forum is access-restricted, or access restrictions apply to the specific post, your activity is available only to users permitted to see it. We also collect data about private messages that you send through the forum. We make private messages available to senders and their recipients, and also to forum administrators. We store your posts and other activity as long as your account remains open.
  • You may provide additional data for your account on the profile settings page for your account. This data is available to others who can access the forum. You don’t have to provide this additional information and you can erase it at any time.
We use the information we collect for the following:
  • The information we collect is used to personalize your experience; optimize, diagnose, and defend the forums; compile statistics on forum and topic popularity; and improve customer service.
  • We use your email address to notify you about posts and other activity on the forum; reset your password and help keep your account secure; contact you in special circumstances related to your account; and contact you about legal requests, like DMCA takedown requests.
  • We use data about your posts and activity to make automated decisions about you such as awarding you badges and calculating a trust level for your account. Your trust level may affect how you can participate in the forum, such as whether you can upload images, as well as give you access to moderation and management powers in the forum. Your trust level therefore reflects forum administrators’ confidence in you, and their willingness to delegate community management functions, like moderation. If you think your trust level has been set incorrectly, contact us and we can manually adjust the trust level of your account.
  • We reserve the right to enable Discourse’s Akismet spam detection integration if the need arises. Akismet uses data about your posts and other activity to make automated decisions about whether a post is spam, and the post will be refused. If you think a post has been wrongly blocked or removed, contact us and we can override that decision.
We share your forums data with third parties:
  • We use Google Analytics to compile visitor statistics as described in detail below.
  • If enabled, Discourse’s Akismet integration will be used for spam detection. Akismet’s privacy policy is here.
You can access, change, and erase your forums data:
  • You can see your account data at any time by visiting your account page on the forum. Your account page also lists your posts and other activity on the forum. Your account activity page also includes a link to download all of your activity in standard comma-separated values format.
  • You are able to edit and delete your posts. When you edit posts, we will keep all versions of your posts. Forum administrators can view old versions of posts, and optionally make them visible to other forum visitors.
  • You can change your account data at any time by visiting the profile settings page for your account. You can contact us to request us to anonymize or delete your forums account and posts.

Cookies and Other Technologies

Through the use of browser cookies, our website uses the Google Analytics service to monitor performance, determine site and marketing effectiveness, diagnose problems, and analyze trends. Details on the Google Analytics EU-US Privacy Shield certification can be viewed here. We have enabled its IP anonymization feature to ensure an anonymized collection of IP addresses. You may refuse the use of cookies by selecting the appropriate settings on your browser, or disable all use of Google Analytics in your browser by installing the Google Analytics browser add-on.

As is true of most internet services, our web server automatically gathers and records industry-standard logs of web page visits, including IP addresses, browser type and language, Internet service provider, referring and exit websites and applications, operating system, date/time stamp, and clickstream data. We automatically rotate these logs frequently, securely removing older logs, while still giving time for automated log analyzing tools (e.g., fail2ban) to scan and impose automatic security measures. We use this information primarily to administer the site and assist with troubleshooting.

Application Update Checks

Our Mac applications sold outside the Apple Mac App Store will periodically check our server for product updates (via the open source Sparkle framework) and any in-app announcements. These secure queries to our server transmit no personal information, and you can disable these checks in the update dialog.

Application Access to Contacts, Calendar, and Reminders

Our product Curio can provide additional functionality if you give it permission to access your Contacts, Calendar, and/or Reminders.

  • With access to Contacts, if you double-click a dragged-in contact, Curio can launch Contacts and show that contact to you.
  • With access to Calendar and Reminders, Curio can sync your project tasks with a specified calendar and reminder list.

macOS will automatically ask you the first time you attempt to use a feature in Curio that requests this access. You can refuse and Curio will not have access. You can also enable or disable Curio’s access to the individual applications via System Preferences > Security & Privacy > Privacy.

Curio does not send any information from those applications to Zengobi’s servers.

Children’s Online Privacy Protection Act Compliance

Our site, products, and services are all directed to people who are at least 13 years old or older. If you are under the age of 13, per the requirements of COPPA (Children’s Online Privacy Protection Act), do not use this site.

Questions

If you have questions or concerns regarding this Privacy Policy please contact us.

Zengobi may update its Privacy Policy from time to time. When we change the policy in a material way, a notice will be posted on our website along with the updated Privacy Policy.

Revision History

  • June 6, 2018 - new Zengobi Forums section with more details on how Discourse works.
  • April 23, 2018 - detailed rewrite for GDPR rollout.
  • July 12, 2013 - removed unnecessary SSL details.
  • January 9, 2008 - initial version.