Last Updated: February 15, 2026
1. Introduction
Zypply Inc. ("Zypply," "we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, APIs, and related services (collectively, the "Services").
By accessing or using the Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Services.
2. Information We Collect
2.1 Information You Provide
We collect information that you voluntarily provide when you register, use our Services, or communicate with us, including:
- Account Information: Name, email address, phone number, company name, job title, and password
- Business Information: Business registration details, tax identification numbers, business address, and industry type
- Identity Verification: Government-issued ID, proof of address, and other KYC/KYB documentation
- Financial Information: Bank account details, payment card information, and billing address
- Transaction Data: Purchase orders, invoices, payment records, and escrow transaction details
- Communications: Messages sent through our platform, support inquiries, and feedback
2.2 Information Collected Automatically
When you access the Services, we automatically collect certain information, including:
- Device Information: Device type, operating system, browser type, screen resolution, and unique device identifiers
- Usage Data: Pages visited, features used, time spent on pages, click patterns, and navigation paths
- Log Data: IP address, access times, referring URLs, and error logs
- Location Data: Approximate location derived from IP address
- Cookies & Tracking: Data collected through cookies, web beacons, and similar technologies (see Section 7)
2.3 Information from Third Parties
We may receive information about you from third-party sources, including:
- Identity verification and fraud prevention services
- Business credit reporting agencies
- Payment processors and financial institutions
- Social login providers (e.g., Google) when you choose to sign in with a third-party account
- Publicly available business registries and databases
3. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose |
Examples |
| Provide Services |
Process transactions, manage escrow, facilitate payments, match buyers with suppliers |
| Account Management |
Create and maintain your account, verify identity, manage subscriptions |
| Security & Fraud Prevention |
Detect and prevent fraud, monitor for suspicious activity, enforce our Terms |
| Communication |
Send transaction updates, service announcements, and respond to inquiries |
| Improvement |
Analyze usage patterns, conduct research, and improve our platform |
| Legal Compliance |
Comply with applicable laws, regulations, and legal processes |
| Marketing |
Send promotional content (with your consent), personalize your experience |
4. How We Share Your Information
We do not sell your personal information. We may share your information in the following circumstances:
- Transaction Counterparties: When you engage in a transaction, we share relevant information (business name, shipping details) with the other party to facilitate the transaction
- Service Providers: Third-party vendors who help us operate our platform, including payment processors, cloud hosting providers, identity verification services, and customer support tools
- Financial Partners: Banks, payment networks, and escrow custodians involved in processing your transactions
- Legal Requirements: When required by law, regulation, legal process, or governmental request
- Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets
- With Your Consent: When you explicitly authorize us to share your information
5. Data Security
We implement industry-standard security measures to protect your information, including:
- AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Multi-factor authentication and role-based access controls
- Regular security audits and penetration testing
- SOC 2 Type II compliance and ongoing monitoring
- Secure data centers with physical access controls
- Employee security training and strict access policies
While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to continuously improving our safeguards.
6. Data Retention
We retain your information for as long as necessary to provide the Services and fulfill the purposes described in this Privacy Policy. Specifically:
- Account Data: Retained for the duration of your account and up to 30 days after deletion request
- Transaction Records: Retained for 7 years to comply with financial regulations and tax requirements
- KYC/KYB Documentation: Retained for 5 years after the end of the business relationship, as required by anti-money laundering regulations
- Usage & Analytics Data: Retained in anonymized form for up to 3 years
- Communications: Retained for 2 years after the last interaction
7. Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your experience. The types of cookies we use include:
- Essential Cookies: Required for the platform to function (authentication, security, session management)
- Functional Cookies: Remember your preferences and settings (language, theme, layout)
- Analytics Cookies: Help us understand how you use the platform to improve our Services
- Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness (only with your consent)
You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Services.
8. Your Rights & Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request that we correct inaccurate or incomplete information
- Deletion: Request that we delete your personal information, subject to legal retention requirements
- Portability: Request a machine-readable copy of your data
- Opt-Out: Unsubscribe from marketing communications at any time
- Restrict Processing: Request that we limit how we use your information
- Withdraw Consent: Where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, please contact us at privacy@zypply.com. We will respond to your request within 30 days.
9. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:
- The right to know what personal information is collected, used, and shared
- The right to delete personal information held by us
- The right to opt-out of the sale of personal information (we do not sell personal information)
- The right to non-discrimination for exercising your privacy rights
10. International Data Transfers
As a global platform, your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:
- Standard Contractual Clauses (SCCs) approved by relevant authorities
- Data processing agreements with all service providers
- Compliance with applicable cross-border data transfer regulations
11. Children's Privacy
The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.
12. Third-Party Links
The Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be effective upon posting the revised policy with an updated "Last Updated" date. We will notify you of material changes via email or through an in-platform notification. Your continued use of the Services after changes constitutes acceptance of the updated Privacy Policy.
14. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal information, please contact us:
For data protection inquiries in the EU, you may also contact our Data Protection Officer at dpo@zypply.com.
