Zipline Policies

Privacy Notice

Last updated: 30 January 2025

Last updated: 30 January 2025


This privacy notice for Retail Zipline Inc. (“we,” “us,” or “our”) explains how and why we might collect, store, use, and/or share (“process”) your information when you use our services (“Services”), such as when you:

  • Visit our website at https://getzipline.com or any website of ours that links to this privacy notice.
  • Download and use our mobile application (Zipline) or any other application that links to this privacy notice.
  • Engage with us in other related ways, including any sales, marketing, or events.

Questions or Concerns?

Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have questions or concerns, contact us at [email protected].


1. Compliance with Data Privacy Frameworks (DPF)

Retail Zipline Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Retail Zipline Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles with regard to the processing of personal data received from the European Union, the United Kingdom, and Switzerland.


Zipline is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC), which ensures our compliance with the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. The FTC may take enforcement action if we fail to meet our obligations under these frameworks.


If there is any conflict between this privacy notice and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework and to view our certification, visit https://www.dataprivacyframework.gov.


2. Handling of HR Data

In compliance with the EU-U.S. DPF and its UK and Swiss extensions, Retail Zipline Inc. commits to cooperate with the panel established by the EU Data Protection Authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) to address and resolve complaints regarding our handling of HR data in the context of employment.


3. Alternative Dispute Resolution

Retail Zipline Inc. refers unresolved complaints about our handling of personal data to JAMS, an independent dispute resolution provider based in the United States. If you have not received a timely response or are unsatisfied with our resolution, visit https://www.jamsadr.com/DPF-Dispute-Resolution to learn more or file a complaint. This service is provided at no cost to you.


4. Inquiries or Complaints

If you have questions or complaints about our collection and use of your personal data under the DPF, contact us at [email protected].


5. Data Sharing and Onward Transfers

Retail Zipline Inc. may disclose personal data to trusted third-party service providers for specific purposes, such as maintaining our services, ensuring security, and supporting compliance with applicable laws. In cases of onward transfers, we remain accountable if third-party processors fail to uphold these principles unless we can demonstrate that we are not responsible for the event giving rise to the damage.


6. Individual Rights

You have the following rights regarding your personal data:

  • Access: Request details of the personal data we hold about you.
  • Correction: Request corrections to your personal data.
  • Deletion: Request deletion of your personal data, subject to legal exceptions.
  • Limit Use and Disclosure: Specify limitations on the use or sharing of your data.
  • Binding Arbitration: Under certain conditions, invoke binding arbitration for unresolved disputes following Annex I of the DPF Principles.

To exercise these rights, submit a Data Subject Access Request Form. Please contact us at [email protected] with any questions.

 

7. Government Access and Compliance

Retail Zipline Inc. may disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

 

8. Security

We implement reasonable safeguards to protect personal data and process personal data in compliance with applicable privacy laws. However, no internet transmission is entirely secure, and we cannot guarantee absolute security.


For applicable customers, we may process Protected Health Information (PHI) in compliance with applicable privacy laws. We implement reasonable safeguards to protect PHI.


9. Updates to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or posted on our website. Please review the policy regularly for updates.