General provisions
Zadarma corporate group strives to protect your personal data privacy in accordance with applicable laws and regulations.
By visiting our website on your device or mobile app, also by filling in web-forms that include your personal data and registering as a User and/or by transferring your personal data in another way, you provide your freely given, specific, informed and unambiguous consent to collecting, processing, storing, using and possibly further transferring your personal data, entered when registering on the website, and the use of the website on the conditions described in this Personal data processing and protection policy (further – Policy).
This Policy effect applies to personal data processing by Zadarma corporate group using automation tools, including information and telecommunication networks, or without using such tools.
Zadarma corporate group provides recording, systemization, accumulating, storing, altering (update, change), extraction of personal data of EU and other countries citizens using databases located in the European Union in accordance with GDPR. The initial data collection and storing happens on the EU territory.
Operators apply necessary security measures to provide users’ personal data confidentiality, also to protect personal data from loss, theft, unauthorized access, misuse, alteration or destruction.
Attention! Zadarma corporate group assumes that the User acts in good faith, prudently, provides reliable and sufficient personal information and makes all necessary efforts to keep such information up to date.
Used terms
Personal data – any information directly or indirectly relating to an identified or identifiable natural person (‘data subject’).
Personal data subject – an individual (service user, subscriber, Zadarma website visitor, Zadarma app user) to whom personal data in process is related to.
Operator - Zadarma corporate group.
UK representative:
SMARTVOICE LTD, 63-66 Hatton Garden, London, United Kingdom, EC1N 8LE.
EU representatives:
IP Telecom Bulgaria LTD: office 211, 16 Vasil Levski Str., Burgas, Bulgaria - 8000.;
VOICE CLOUD S.L., av/Cortes Valencianas, 58-1003, Valencia, Spain - 46015.
Kazakhstan representative
SMARTVOICE KZ LLP 43 Markov str., Almaty, 050040, Kazakhstan
USA representative :
Kosmaz Technologies LLC, 80W Sierra Madre Blvd #130, Sierra Madre, CA 91024, United States
Website – Zadarma website located at https://zadarma.com.
Personal data processing – any action (operation) or a set of actions (operations), performed using automation tools or without using such tools on personal data, including collection, recording, systemization, accumulation, storing, alteration (update, change), retraction, usage, transfer (distribution, provision, access), depersonalization, blockage, removal, personal data destruction.
Automated processing – personal data processing using processing tools.
Non-automated processing – human processing of information included in personal data or retracted such information from the system.
Cross-border transfer – transferring personal data to a foreign country territory to a foreign government, a foreign individual or a foreign legal entity.
Application – Zadarma app for iPhone (iOS), Android or Windows.
Applicable Law
This Policy is drawn up in accordance with the requirements of the applicable law and ensures that personal data processing complies with the legislation in the field of personal data. The Policy defines the goals of data collection, the process and conditions for it processing, and establishes the procedure for working with personal data and the rules for their protection.
Main principles of personal data processing
- The legitimacy of the purposes and methods of personal data processing;
- The integrity of the Zadarma corporate group personal data processing, which is achieved by fulfilling the requirements of applicable law regarding personal data;
- Achievement of specific personal data processing goals predetermined by this Policy;
- The accordance of the purposes of personal data processing to the goals previously determined and declared during personal data collection;
- The accordance of the composition and volume of processed personal data, as well as the methods of personal data processing to the declared processing purposes;
- The consistency of personal data, its sufficiency for the purposes of processing, the inadmissibility of processing personal data that is excessive in relation to the purposes of personal data processing;
- Ensuring the accuracy of personal data, its sufficiency, and, if necessary, relevance in relation to the purposes of personal data processing;
- The inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
- Storing personal data in a form that allows to determine the subject of personal data, no longer than the purpose of its processing requires.
The processed personal data is subject to destruction or depersonalization to achieve the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by the applicable law.
The processing of personal data is carried out for statistical or other research purposes with the mandatory depersonalization of personal data.
Zadarma corporate group does not process personal data regarding race, nationality, political views, religious, philosophical and other beliefs, intimate life, membership in societies, associations, including trade unions.
Please note that in accordance with the national legislation of each country in which Zadarma communication services are provided, the group of companies, as a telecommunications operator, is required to store subscriber data regulated by law for the duration specified in the law.
The purpose of user’s personal data collection
In order to provide telecommunication services, Zadarma requests your personal data with a purpose of providing services to you as a User of communication services and the data is used by the Operator to:
- Identify the user within services provided by Zadarma;
- Provide telecommunication services;
- Provide User with website’s personalized resources;
- Establish a two-way communication with User, including making calls, sending notifications, requests, as well as processing requests and tickets from User;
- Verify accuracy and extensiveness of personal data provided by User;
- Create User personal account;
- Process and receive payments from User;
- Provide User with an effective client and technical support when facing problems with Website, App and/or Services usage;
- Perform marketing activities with User’s consent;
- Target promotional materials (does not apply to Gmail user data);
- Perform statistical and other researched based on depersonalized data.
Your personal data can be processed with a separate agreement in other cases at your discretion and discretion of Zadarma.
Requested personal data categories
In order to provide telecommunication services, Zadarma requests the following personal data:
- Full name, date of birth, sex;
- Registration address;
- Contact information (phone number, email address);
- Main ID data;
- In certain cases, data that is specified as special category personal data by the EU;
- Financial information, including credit or debit card number (only the last four digits), or other financial data;
- In situations when national legislation requires it, Zadarma has the right to request additional user information: documents proving residence; scanned copies of identity card; user's photo with a document in hand (with a sample of the handwriting) and other data at your discretion and discretion of Zadarma.
- User's Gmail message bodies (including attachments), metadata, or headers.
Rights of data subject
- Know about the sources, location of their personal data and the purpose of its processing.
- Receive information about the conditions for providing access to personal data, including information about third parties to whom his personal data is transferred to, if applicable. Please note that the transfer of personal data to a third party without the written consent of the subject of personal data, with the exception of cases established by law, is not allowed. The transfer of subject’s personal data for commercial purposes without the written consent is excluded.
- Access their personal data.
- Receive a response to an inquiry regarding the status and specificity of processing of their personal data in less than 30 days from the request, except for the cases specified by law.
- Submit a reasoned objection to Zadarma to object to personal data processing.
- Submit a reasoned request to change or destroy their personal data if the data is processed illegally or is unreliable.
- Protect their personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision thereof, as well as to protect against the provision of information that is unreliable or defaming the person’s honor, dignity and business reputation.
- File complaints with the competent authorities regarding their personal data processing.
- Use legal remedies in case of violation of legislation regarding personal data protection.
- Make reservations on restricting the right to process their personal data when providing consent.
- Withdraw consent to process their personal data.
- Familiarize themselves with the mechanism of automatic personal data processing.
- Protect themselves from automated solution that has legal implications.
- Zadarma corporate group has the right to entrust the processing of personal data to a third party with the consent of the subject of personal data, unless otherwise provided by applicable law, on the basis of an agreement concluded with a third party, the condition of which is confidentiality of non-disclosure of personal data.
- Representatives of state authorities (including regulatory, supervisory, law enforcement and others) get access to personal data processed by Zadarma in the amount and manner determined by applicable law.
European Union law defines the legal rights in relation to the personal data of data subjects from the EU, which are regulated by the GDPR.
Other rights of data subjects in accordance with GDPR:
- Right to be informed: Zadarma website gives User an ability to access and update personal information in the personal account settings. You have a right to request of Zadarma has your personal data, receive access to your personal data (including in a structured and portable form), by emailing us at privacy@zadarma.com.
- Right to rectify: if you find that some of the personal data that we process is incorrect or outdated, please let us know at privacy@zadarma.com. Please note that you can adjust the data yourself by logging into your personal account on the Website.
- Right to withdraw consent on personal data processing and right to erasure: in the event that the Zadarma corporate group processes your personal data on the basis of consent to personal data processing (in particular, for the purpose of marketing/advertising activities), further processing can be stopped at any time. It is enough to withdraw consent to such processing in User’s personal account or via e-mail. You can also exercise your right to erasure. In the cases provided in Article 17 of the GDPR, we will destroy your personal data, which is processed, with the exception of personal data, which we will be obliged to store in accordance with the requirements of applicable law.
Attention! Zadarma Corporate Group reserves the right to verify the identity of the data subject before exercising their rights by requesting ID documentations.
It is not allowed to provide personal data belonging to another individual without their consent. You are responsible for consequences that could result in failure to fulfill the requirement above.
Your data may be transferred to the territory of a foreign country in cases and in the manner stipulated by applicable law (cross-border transfer).
Responsibilities of data subject
Data subject is obliged to provide reliable personal data necessary to achieve the processing goals, as well as confirm the authenticity of personal data by presenting the original documents. In the event of a change in personal data necessary to achieve processing goals, provide updated personal data and confirm the changes with the original documents, as well as comply with the requirements of applicable law.
Personal data processing time
Personal data processing time is determined based on the purposes of the processing, but no longer than is determined by applicable law. Personal data which processing (storage) period has expired must be destroyed or depersonalized unless otherwise states by applicable law. Personal data storage is performed in a way that allows determining the subject of personal data, no longer than it is required by the purpose of personal data processing. The processed personal data is subject to destruction or depersonalization upon achievement of the processing goals or in case of loss of the need to achieve these goals unless otherwise provided by law.
Cookies and other online-identifications
In order to improve our Website and ensure the best possible service provided on a computer or mobile device, as well as to provide you with quick and easy navigation on our website, we process data such as IP address, information about your browser and operating system, data from Cookies and other similar information.
Such data is transmitted by your device, which you use to open our website, and are automatically used by us exclusively for statistical purposes, to analyze ways to improve the quality of the services provided by Zadarma.
Learn more about Cookies Policy
Zadarma Applications
Personal data (including User Contacts) received outside Zadarma mobile app for devices operating on iOS, Android or Windows software are not transferred to Zadarma servers. We collect your contacts: your contacts are integrated only with the application, not stored in Zadarma databases, and are not transferred to third parties. The term Collect, indicated in Data Safety Form, is used for integrating your contacts inside the application but not for their storage on Zadarma servers.
Google Limited Use Requirements
Zadarma CRM use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Data is required to integrate Gmail mailing services with Zadarma CRM.
Phone calls
Calls to Zadarma Customer Support may be recorded with a purpose to monitor and train employees. By making a call to the support department and continuing the conversation with a Zadarma employee, you agree to the processing of the data provided by you on the terms of this Policy.
Age restrictions
Zadarma does not provide communication services to users under the age of 18.
Final provisions
This Policy comes into force from the moment of its publication on the Zadarma website and is valid indefinitely until it is replaced by a new version of the Policy. Zadarma reviews this Policy and updates it as necessary, in particular:
- When changing the processing order;
- According to the results of inspections by the body of the protection of the rights of data subjects;
- When changing the applicable legislation in the field of personal data;
- In case of other violations.
When making changes to this Policy, the date of the last update is indicated. If you continue to interact with Zadarma in any way, including (not limited to) through the Website and/or you have not withdrawn your consent to data processing, you agree to the current version of the Policy, including consent to your data processing.
Users can direct any suggestions and/or questions regarding this Policy to Zadarma support via email: privacy@zadarma.com
Date of this document and its entry into force: 18.02.2020
Previous versions: