ZenZen Privacy Notice

Effective Date: 01.05.2025

1. Introduction

ZenZen Diabetes Support UG (haftungsbeschränkt), located at Richard Sorge Straße 27, 10249 Berlin, Germany, ("ZenZen," "we," "us," or "our") is committed to protecting your personal data. As the data controller under the General Data Protection Regulation (GDPR), we determine the purposes and means of processing your personal data ("User Data").

This Privacy Notice outlines how we collect, use, and protect your User Data when you use our products and services. Additional information may be provided within our products to supplement this notice.

2. Legal Basis for Processing

Our processing of your personal data is based on:

  • Consent: For processing health-related data and for marketing purposes.
  • Contractual Necessity: To fulfill our obligations in providing our services.
  • Legal Obligations: Compliance with applicable laws and regulations.

3. Categories of Personal Data We Process

3.1. Identity Information

  • Name (first name, last name, initials)
  • Date of birth
  • Gender
  • Contact details (email address, phone number)

3.2. Health Data

  • Blood glucose levels
  • Carbohydrate intake
  • Physical activity
  • Sleep patterns
  • Pregnancy-related information

3.3. Usage Data

  • App usage statistics
  • Interaction with app features
  • Device information (e.g., device ID, operating system)

3.4. Communication Data

  • Messages sent through the app
  • Feedback and survey responses

4. Purposes of Data Processing

4.1. Necessary Processing of Personal Data

Required to provide our services, including:

  • Account creation and management
  • Personalized support and recommendations
  • Monitoring and improving app functionality

Without this processing, we cannot offer our services.

4.2. Processing for Product Improvement (Optional)

With your consent, we use your data to:

  • Develop algorithms for therapy management
  • Enhance product features
  • Conduct research and analysis

This processing is optional.

4.3. Processing for Marketing Purposes (Optional)

With your consent, we may:

  • Send information about our products and services
  • Notify you of new features or updates
  • Provide offers from partner organizations

This processing is optional.

5. Data Sharing and Transfers

We may share your personal data with:

  • Service Providers: For hosting, analytics, and app support
  • Partner Platforms: If you choose to link your account
  • Authorities: When required by law or to protect rights

We ensure data protection compliance when sharing data.

6. Data Security

We implement strong technical and organizational safeguards, including:

  • Encryption of data during transmission
  • Secure storage systems
  • Access control and authentication

7. Data Retention

We retain data only as long as necessary for service provision or legal compliance. Once no longer needed, data is securely deleted or anonymized.

8. Your Rights

Under GDPR, you have the right to:

  • Access your data
  • Rectify inaccurate data
  • Erase data
  • Restrict processing
  • Port your data
  • Object to processing
  • Withdraw consent at any time

Contact us at support@zenzen.me to exercise these rights.

9. International Data Transfers

If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses.

10. Changes to This Privacy Notice

We may update this Privacy Notice periodically. Material changes will be communicated, and consent obtained if necessary. The latest version is always available in the app and on our website.

11. Country-Specific Provisions

11.1. Germany

  • Health data is processed based on explicit consent under Article 9(2)(a) GDPR.
  • Personal data may also be processed to comply with German legal obligations, such as those under medical device, commercial, or tax law.
  • You may lodge a complaint with the data protection authority of your federal state.

11.2. United States

Patient Information

In accordance with the Health Insurance Portability and Accountability Act (HIPAA), any use or disclosure of protected health information by ZenZen or its subcontractors is governed by the applicable service agreement and a Business Associate Agreement (BAA) executed between you and ZenZen.

California Residents – Your Rights under CCPA

If you are a California resident as defined by the California Consumer Privacy Act (CCPA):

  • Your rights are described in the California Supplemental Privacy Notice, including how to exercise those rights.
  • Under California Civil Code Section 1798.83, you may request details about our disclosure of personal data to third parties for direct marketing purposes.
  • To make such a request, please refer to the contact details provided in the California Supplemental Privacy Notice.

Minors

We are committed to protecting the privacy of children. We do not intentionally collect data from users under 13 years of age on our websites, apps, or services.
If you are a parent or guardian of a child under 13 who has submitted information, please contact us at privacy@zenzen.me to request deletion of that data.

12. Contact Information

ZenZen Diabetes Support UG (haftungsbeschränkt)
Richard Sorge Straße 27
10249 Berlin, Germany
Email: support@zenzen.me
Privacy Email (USA/Minors): privacy@zenzen.me