Privacy Policy
How Zoiko Foods Corp collects, uses, protects, and respects your personal data.
EFFECTIVE DATE
January 1, 2025
LAST UPDATED
January 30, 2026
JURISDICTION
Applies to our websites and digital services
EFFECTIVE DATE
January 1, 2025
LAST UPDATED
January 30, 2026
We collect only what we need to operate our services and improve your experience. You can review, manage, or request deletion of your data at any time, subject to applicable law.
Your Privacy, Simplified
What we collect:Contact details, device data, and usage analytics (if enabled) to deliver and improve
our services.
Why we collect it: To deliver services, improve performance, protect security, and comply with legal obligations.
How we share it: With service providers who help us operate. We do not sell your personal information.
Cookies: You control optional cookies via your preferences. Essential cookies ensure site functionality.
Your rights:Access, delete, correct, and opt-out rights available (where applicable by law).
Security: We implement appropriate safeguards and incident response practices to protect your data.
Contact: Reach our privacy team at [email protected]
Your Privacy, Simplified
What we collect: Contact details, device data, and usage analytics (if enabled)
to deliver and improve our services.
Why we collect it: To deliver services,improve performance, protect security, and comply with legal obligations.
How we share it: With service providers who help us operate. We do not sell your personal information.
Your rights: Access, delete, correct, and
opt-out rights available (where applicable by
law).
1. Who We Are
Legal Name: Zoiko Foods Corp
2. Scope of This Policy
What This Covers
- Our corporate websites and web applications
- Online forms and inquiry submissions
- Newsletter subscriptions (if applicable)
- Business-to-business engagement platforms
What This Does Not Cover
- Third-party websites linked from our sites
- Partner platforms and external services
- Employment applications (covered by separate recruitment privacy notice)
- Employee data (covered by internal HR policies)
3. Information We Collect
We collect different categories of information depending on how you interact with our services. The table below outlines what we collect, how we get it, and why.
| Category | Examples | Source | Purpose |
|---|---|---|---|
| Identifiers | Name, email address, phone number (if provided) | Provided by you | Respond to inquiries; account/service delivery |
| Commercial/B2B | Company name, role, business contact information | Provided by you | B2B engagement and fulfillment |
| Technical Data | IP address, device type, browser, operating system | Collected automatically | Security, diagnostics, performance optimization |
| Usage Data | Pages viewed, clicks, session duration, referral source | Collected automatically | Analytics and service improvements |
| Cookies | Cookie IDs, preference flags, analytics identifiers | Device/browser | Remember settings; analytics (optional) |
Note: We only collect data categories that are necessary for the purposes described. We do not collect sensitive personal information such as health data, financial account details, or precise geolocation unless explicitly required and disclosed for a specific service.
4. How We Use Your Information
We process your personal information for the following purposes:
- Provide and operate our services: To deliver the functionality you request and maintain service quality
- Respond to inquiries and requests: To answer questions, provide support, and fulfill business communications
- Improve website performance and user experience: To analyze usage patterns, identify issues, and optimize our digital services
- Prevent fraud, abuse, and security incidents: To protect our systems, prevent unauthorized access, and maintain platform integrity
- Comply with legal obligations: To meet regulatory requirements, enforce our terms, and respond to lawful requests
- Business operations: For internal reporting, governance, auditing, and strategic planning
5. Legal Bases for Processing (GDPR)
For users in the European Economic Area (EEA) and United Kingdom, we process your personal data based on the following legal grounds:
| Purpose | Legal Basis | Plain English Explanation |
|---|---|---|
| Provide services / respond to inquiries | Contract / Steps at request of data subject | We use your data to do what you asked us to do |
| Security and fraud prevention | Legitimate interests | We protect our site, services, and users from harm |
| Compliance obligations | Legal obligation | We keep records required by law |
| Optional analytics cookies | Consent | You choose whether analytics cookies are enabled |
| Service improvements | Legitimate interests | We analyze usage to make our services better |
| Purpose | Legal Basis | Plain English Explanation |
|---|---|---|
| Provide services / respond to inquiries | Contract / Steps at request of data subject | We use your data to do what you asked us to do |
| Security and fraud prevention | Legitimate interests | We protect our site, services, and users from harm |
| Compliance obligations | Legal obligation | We keep records required by law |
| Optional analytics cookies | Consent | You choose whether analytics cookies are enabled |
| Service improvements | Legitimate interests | We analyze usage to make our services better |
6. Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your experience and understand how our services are used.
Cookie Categories
- Strictly Necessary: Essential for site functionality (cannot be disabled)
- Functional: Remember your preferences and settings
- Analytics: Help us understand site usage and performance (optional, requires consent)
- Marketing: Not currently used on our corporate sites
Do Not Track: Our systems do not currently respond to Do Not Track (DNT) browser signals. You can control cookies through your browser settings or our preference center.
7. Data Sharing & Disclosure
We may share your personal information with the following categories of recipients:
Service Providers & Processors
- Cloud hosting and infrastructure providers
- Analytics and performance monitoring services
- Customer support and communication platforms
- Email delivery and marketing automation tools (if applicable)
Professional Advisers
- Legal counsel, auditors, and consultants where necessary for professional advice
Legal & Regulatory
- Government authorities, regulators, and law enforcement when required by law
- Courts and dispute resolution bodies in legal proceedings
Business Transfers
- In connection with mergers, acquisitions, or asset sales, with appropriate safeguards
8. International Data Transfers
Safeguards We Use
- Standard Contractual Clauses (SCCs): We use European Commission-approved SCCs when transferring data from the EEA
- Supplementary Measures: We implement additional technical and organizational safeguards as required
- Supplementary Measures: We implement additional technical and organizational safeguards as required
If you are located in the EEA or UK and would like more information about the safeguards we use for international transfers, please contact our privacy team.
9. Data Retention
We retain personal information only as long as necessary for the purposes described in this policy, or as required by law.
Retention Principles
- We keep data only as long as needed to provide services and fulfill legitimate business purposes
- We keep data only as long as needed to provide services and fulfill legitimate business purposes
- We maintain records necessary to resolve disputes or enforce our terms
- We securely delete or anonymize data when retention is no longer required
Typical Retention Periods
- Inquiry data: Retained for the duration of the business relationship or inquiry resolution, plus applicable statutory periods
- Technical logs: Typically retained for 12-24 months for security and diagnostic purposes
- Marketing consent: Until consent is withdrawn or contact becomes inactive
- Legal compliance records: Retained for periods required by applicable law (typically 6-7 years for business records)
10. Your Rights & Controls
Depending on your location and applicable law, you may have the following rights regarding your personal information:
GDPR Rights (EEA & UK)
- Right of Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data (subject to legal limitations)
- Legal compliance records: Retained for periods required by applicable law (typically 6-7 years for business records)
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time
CCPA/CPRA Rights (California)
- Right to Know: Request disclosure of categories and specific pieces of personal information collected
- Right to Delete: Request deletion of your personal information (subject to exceptions)
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out: Opt-out of "sale" or "sharing" of personal information (not applicable as we don't sell data)
- Right to Limit: Limit use of sensitive personal information (if applicable)
- Right to Non-Discrimination: Exercise rights without receiving discriminatory treatment
Exercise Your Privacy Rights
You can submit a privacy request to access, correct, delete, or manage your personal data. We’ll verify your identity and respond within the timeframes required by law.
Verification & Processing
- GDPR: One month (extendable to three months for complex requests)
- CCPA: 45 days (extendable by 45 additional days if needed)
Authorized Agents (CCPA)
California residents may use an authorized agent to submit requests on their behalf. We may require written proof of
authorization and verification of your identity.
11. Security & Safeguards
We implement appropriate technical and organizational security measures to protect your personal information from
unauthorized access, disclosure, alteration, and destruction.
Security Practices
- Access Controls: Role-based access and least privilege principles
- Encryption: Data encryption in transit (TLS) and at rest where appropriate
- Monitoring: Security monitoring, logging, and incident detection systems
- Vendor Management: Due diligence and contractual safeguards for service providers
- Incident Response: Procedures for identifying, responding to, and reporting security incidents
- Regular Reviews: Periodic security assessments and updates
12. Children's Privacy
13. Automated Decision-Making & Profiling
We do not use automated decision-making processes (including profiling) that produce legal effects or similarly significant effects on individuals.
If this changes in the future, we will update this policy and provide clear information about the logic involved, the significance, and your rights regarding such processing.
14. Policy Updates & Version Control
We do not use automated decision-making processes (including profiling) that produce legal effects or similarly significant effects on individuals.
How We Communicate Changes
- Material Changes: We will notify you via email (if we have your contact information) or prominent notice on our website
- Minor Updates: Reflected in the "Last Updated" date at the top of this policy
- Continued Use: Your continued use of our services after updates constitutes acceptance of the revised policy
15. Contact, Complaints & Escalation
Privacy Contact Information
.local
Postal Address
Zoiko Foods Corp
[Corporate Address]
[City, State, Postal Code]
[Country]
CCPA Toll-Free Number (California Residents)
[To be provided if required]
Supervisory Authority (GDPR)
If you are located in the EEA or UK and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local dataprotection supervisory authority.
- UK: Information Commissioner's Office (ICO) - ico.org.uk
- EU Member States: Find your local authority at edpb.europa.eu