Zing.gg Limited (“zing.gg”, “us”, “we”, or “our”) operates the business known as Zing.gg which offers its customers products and services relating to electronic payment transactions, e-invoicing and billing orchestration. The objective is to allow our merchant clients and their customers worldwide to process electronic payment transactions smoothly and securely. Our services are fully described on our websites (the “Sites”) and with website URLs https://zing.gg and https://billing.gg (hereinafter referred to as the “Services”).
Security and data privacy is one of the most important aspects in the context of handling and processing payments. Zing.gg cares deeply about the privacy of visitors and users and would like to communicate the steps taken to protect your personal information in compliance with data security and privacy laws. We operate this service in accordance with the provisions of the European General Data Protection Regulation 2106/679 (GDPR”) and all other provisions of relevance in the area of data protection law. This Privacy Policy informs you of 1) our policies regarding the collection, 2) our use and disclosure of Personal Data when you use our Service and 3) the rights as a visitor or user regarding that data.
We use your data to deliver and enhance the Services, to advise you of changes to the Services, to prevent illegal or potentially prohibited conduct, and to enforce our Terms and Conditions, which include this Privacy Policy by reference. By using the Services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as our Terms and Conditions, accessible from https://zing.gg and https://billing.gg
Before you access or use the Services we encourage you to read this entire Privacy Policy. A short summary is below:
Services. Means the services described and/or offered on the Sites https://zing.gg and https://billing.gg by zIng.gg.
Activate Payments. Means the optional, Client-selectable function of the Services where Client indicates their request for zing.gg to obtain a Merchant Account for Client so that Client may accept Payment Transactions through the facilities of the Services.
Billing Platform. Means the technical platform that receives, stores and transfers Client Customer data collected through the Services and passed to the Payment Gateway technical systems during Billing Transactions.
Billing Transaction. An electronic billing transaction involving use of the Billing Platform.
Business and Financial Data. Means the data about a Client business which can be identified from those data (or from other information either in our possession or likely to come into our possession).
Card Schemes. Means Visa, Mastercard, Discover, American Express, Diners Club, UnionPay, JCB and any of their sub-brands.
Client. Means a customer of Zing.gg
Client Customer. Means a customer of Client.
Client Data. Means business and financial data, personal data, reports, names, phone numbers, email addresses, addresses, files, folders or documents in electronic form that the User of the Services stores within the Service which may include Client Customer Data.
Client Customer Data. Means personal data, reports, names, phone numbers, email addresses, addresses, files, folders or documents in electronic form submitted by the Client Customer through their interactions with Client through the Public Areas of the Service or through Payment forms in relation to Payment Transactions for the goods or services offered by Client.
Cookies. Cookies small files stored on your device (computer or mobile device)
Data Controller. Means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purposes of this Privacy Policy, we are the Data Controller of your Personal Data.
Data Processor. Means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
Data Subject. Means a living individual who is using our Service and is the subject of Personal Data.
Merchant Account. Means Card Payment acceptance account issued to a Client by a Zing.gg partner Payment Processor for purposes of accepting Payment Transactions.
Payment Card. Means a debit or credit card issued by the Card Schemes used by a Client Customer the affect a Payment Transaction.
Payment Gateway. Means the technical platform that receives, stores and transfers Payment Card and Client Customer Data collected through the Services and passed to the Payment Processor technical systems during Payment Transactions.
Payment Processor. Means a duly licensed and authorized Payment Institution and Principal Member of the Card Schemes.
Payment Transaction. Means an electronic payment transaction involving the use of a Payment Card.
Personal Data. Means the data about a living individual who can be identified from those data (or from other information either in our possession or likely to come into our possession.
Public Area. Means the area of the Sites that can be accessed both by Users and Visitors without needing to log in.
Restricted Area. Means the area of the Sites that can be accessed only by Users, and where access requires logging in.
Usage Data. Usage Data is the data collected automatically either generated by the use of the Services from the Services infrastructure itself (for example, the duration of a page visit).
User. Means an employee, agent or representative of a Client, who primarily uses the restricted areas of the Sites for the purpose of accessing the Service in such a Capacity.
Visitor. Means an individual other than a User, who uses the public area, but has no access to the restricted areas of the Sites or Services.
We collect several different types of information for various purposes to provide and improve our Services to you. The legal basis for Zing.gg’s processing of business, financial and personal data are primarily that the processing is necessary for providing the Services in accordance with Zing.gg’s Terms of Service and that the processing is carried out it Zing.gg’s legitimate interests, which are further explained in the section “Use of Data” of this Policy. We may also process data with your consent, asking for it as appropriate.
When you use our Services, you will provide and we will collect certain business and financial data associated with your business operations, financial arrangements, tax and financial records and your history of business and financial transactions including your historical card processing data and other data that can be used to contact you or identify you and which may be proprietary and confidential (“Business and Financial Data”). Business and Financial data may include but is not limited to:
We use your Business and Financial Data to provide our service to you, which may include sharing your Business and Financial Data with third parties essential to providing our Services, including our Affiliates, our Payment Processors and our Service Providers.
We may use your Business and Financial Data to contact you with information that may be of interest to you including marketing or promotional materials. You may opt out of receiving any, or all, of these communications from us by following the instructions provided or by using the unsubscribe link in the email we send.
When you use our Services, you will provide and we will collect certain personally identifiable information meaning information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include but is not limited to:
We may use your Personal Data to contact you with information that may be of interest to you including marketing or promotional materials. You may opt out of receiving any, or all, of these communications from us by following the instructions provided or by using the unsubscribe link in the email we send.
A Client or User may store or upload Client Customer Data into the Service. Zing.gg has no direct relationship with the individuals whose Personal Data it hosts as part of Client Customer Data. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Services as part of Client Customer Data.
A Client may provide data including Business and Financial Data Personal Data when they supply us with information requested to complete a Merchant Account application on their behalf and submit it to our partner Payment Processors. Each Client is responsible for providing notice to its Users and third persons including, but not limited to, it’s Directors, Ultimate Beneficial Owners (“UBOs”) and others who exercise management control over the operations of Client, concerning the purpose for which Client collects and submits their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data. In addition to User Provided Personal Data, Merchant Account Application Data may include, but is not limited to:
Providing you have given us your specific consent for processing your data then the lawfulness of such processing is based on that consent. You have the right to revoke your consent at any time. However, any processing of Merchant Account Application Data including Personal Data prior to the receipt of your revocation will not be affected.
A Client Customer or Visitor will become a Data Subject when they provide and we collect certain personally identifiable information through the course of their engagement with Client, either through the Public Areas of the Services and/or when submitting personal information associated with Payment Transactions made through the facilities of the Services or when submitting personally identifiable information through the payment and registration facilities of Client website which may pass details to the Services via API integration. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Services as part of Client Data.
We may also collect information on how the Services are accessed and used (“Usage Data”). This Usage Data may include usage session details such your computer’s IP Address, geo-location, browser type, browser version, device unique device identifiers, your actions while your browse our site including the pages of our Service that you visit, the time, date and duration of your visit, the time spent on each of those pages, and other diagnostic data.
We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to enable and enhance the features of our Services and to improve and customize the Services. When you use our Services you can enable or disable location services at any time by modifying your device settings.
We use cookies and similar tracking technologies to track the activity on our Services and we hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyse our Services. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some or all of our Services.
We use the data we collect for various purposes:
To provide you with news, special offers and general information about our Services and about other goods, services and events which we offer that are similar to those that you have already purchased or inquired about unless you have opted not to receive such information.
If you are located in the European Economic Area (EEA) the collection and storage of your Personal Data falls within the scope of the General Data Protection Regulation (“GDPR”). Our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.
Zing.gg may process your Personal Data because:
If you are a resident of the European Economic Area (EEA), you have certain data protection rights guaranteed by law. Zing.gg aims to take commercially reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data. If you wish to be informed about what Personal Data we hold about you and if you want to be removed from our systems, please contact our Data Protection Officer at privacy@zing.gg.
In certain circumstances, you have the following data protection rights:
Zing.gg strives to provide these rights to all visitors and users. Please email us at privacy@zing.gg with any requests, questions or concerns. Please note that we may ask you to verify your identify before responding to such requests. For more information about your rights under the GDPR in the European Economic Area (EEA), please contact your local data protection authority.
Zing.gg maintains, processes and stores your information including your Personal Data on servers owned and maintained by Amazon Web Services (AWS), a leading global provider. For Card Payment Transactions processed our Payment Gateway Provider, Client Customer Data and Payment Transaction Data is stored at our Payment Gateway Provider’s data centres in the United Kingdom and Ireland. The distributed, redundant nature of server and hosting architecture means that your data may be transfer to – and maintained on – computers located outside your state, province, country or other governmental jurisdiction where the data protection laws may differ from your jurisdiction. If you are located outside of Germany (where the AWS servers we use are located) and you choose to provide information to us, please note that we transfer the data, including Personal Data, to Germany and process it there. Your consent to this Privacy Policy followed by the submission of such information represents your agreement to that transfer. Zing.gg will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and as required by law and no transfer of your Personal Data will take place to an organization or country unless there are adequate controls in place including the security of your data and other personal information.
Zing.gg does not sell, license or rent your Business and Financial Data or your Personal data to third parties. However, we may share your Business and Financial Data and Personal Data with third parties for or under the following stated reasons and conditions:
Where we are doing so in the good faith belief that such action is necessary to:
We may share your personal data with our affiliates, by which we mean a person or entity that directly or indirectly controls, is controlled by, or is under common control with Zing.gg. “Control”, for purposes of this definition, means direct or indirect ownership control of more than 50% of the voting interests of the subject entity.
Zing.gg offers its Clients products or services relating to e-invoicing and billing orchestration and access to facilities to accept electronic Payment Transactions. Payment Processing is a regulated financial activity; accordingly, Merchant Accounts may only be issued by duly licensed Payment Processors. Zing.gg partners with third-party Payment Processors to provide Merchant Accounts to our Clients. To accept Payment Transactions and specifically Card Payments, Client must apply and be approved for a Merchant Account issued by one of our partner Payment Processors. This process is facilitated through the Services when Client selects the function “Activate Payments”, an available service option, or otherwise indicates to us that they would like us to proceed with a Merchant Account application for their business. When Client selects the Activate Payments option we assess eligibility for a Merchant Account. If we determine that Client is a suitable candidate, we proceed to collect Merchant Account Application Data. The Data is collected for the express purpose of sharing such data with one or more of our partner Payment Processors by submitting your Merchant Account application for Payment Processor’s review and assessment. When you choose the Activate Payments option we will obtain confirmation of your consent to collect and share your Data. Provided that you have given us your consent then the lawfulness of processing and sharing such data is based on that consent. By providing your consent you accept and agree that you are supplying the data for the express purpose of our sharing it with our partner Payment Processors and you instruct us to do so on your behalf.
We may disclose information about you to organizations that provide a service to us, on the understanding that they will keep the information private and confidential and will comply with the GDPR and other relevant data protection laws. We may share information with the following types of service providers:
We may transfer your Business and Financial Data and your Personal Data to potential purchasers and their advisors, subject to appropriate confidentiality obligations, in the event we decide to dispose of all or parts of our business. Furthermore, information about Users & Visitors, including Client Data, Client Customer Data, Merchant Account Application Data and Usage Data may be disclosed and otherwise transferred to any acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets and only if the recipient of such Data commits to a Privacy Policy that has terms substantially consistent with this Privacy Policy.
We use industry standard technologies to safeguard your information, including your Business and Financial Data and your Personal Data, from unauthorized use and disclosure and to prohibit possible security breaches of the Service. Where the acceptance of Card Payments is involved, we do not collect or store Payment Card details. That information is provided directly to our third-party Payment Processors via our Payment Gateway, which is provided by one of our Service Providers. Our Data Storage and Hosted Serviced Provider, our Payment Processors and our Payment Gateway Provider adhere to the standards set by the Payment Card Industry Security Standards Council (PCI-DSS), which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. Unfortunately, no website, computer system or online communication system is completely secure. We cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. You use the Service at your own risk.
Zing.gg will retain your Business and Financial Data and your Personal Data only for as long as is necessary for the purposes set forth in this Privacy Policy. We will retain and use your Personal Data to the extend necessary to comply with our legal obligations (for example, if we are required to retain your data to company with applicable laws), resolve disputes and enforce our legal agreements and policies. Zing.gg will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.
As set forth in this Privacy Policy, when you use the Services we may receive Data including Business and Financial Data and Personal Data related to Data Subjects falling into several different categories. Depending on the source, the intended use and the reason for processing the Data, in certain situations we may act as either Data Processor or as Data Controller as follows:
Zing.gg does not own, control or direct the use of any of the Client Customer Data collected, uploaded, stored or otherwise processed by a Client or User via the Services. Zing.gg is largely unaware of what Client Customer Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as necessary to provide Services to the Client and its Users or in response to a request from the Client Customer directly. Because Zing.gg does not collect or determine the use of any Personal Data contained in the Client Customer Data and because we do not determine the purposes for which Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, Zing.gg is not acting the capacity of Data Controller in terms of the EU’s General Data Protection Regulation (“GDPR”) and does not have the associated responsibilities under the GDPR. Zing.gg should be considered only as a processor on behalf of its Clients and Users as to any Client Customer Data containing Personal Data stored in connection with the Service to be transferred or otherwise made available to third party Service Providers who may process data on behalf of Zing.gg in connection with Zing.gg’s provision of the Services to Clients. Such actions are performed or authorized only by the applicable Client or User. The Client or the User is the Data Controller under Regulation for any Client Customer Data containing Personal Data, meaning that such party controls the manner that such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data. Zing.gg is not responsible for the content of the Personal Data contained in the Client Customer Data or other information stored on its servers (or its Service Provider’s servers) at the discretion of the Client or the User nor is Zing.gg responsible for the manner in which the Client or User notifies, collects, handles disclosure, distributes or otherwise processes such information.
Where a Client Customer submits Personal Data and Payment Card Data to the Payment Gateway for purposes of affecting Payment Transactions, the submitted Data is collected directly by the secure facilities of the Payment Gateway and transmitted to the Payment Processor for authorization and/or stored in an encrypted manner by the Payment Gateway. The Payment Card Data and other Personal Information including Personal Data are subjected to risk and plausibility checks and other anti-fraud measures consistence with Payment Card Industry best practice and all stored Data is fully encrypted and held according to the PCI-DSS Level 1 standard. In this case Zing.gg is the Data Processor of the Client Customer Data and the Payment Card data as Zing.gg does not control the relationship between the Client and Client Customer and does not determine the reason or purpose for which the Data was collected. Zing.gg is not responsible for the manner in which the Client or User notifies and handles disclosure and consent concerning the collection, storage, distribution or other processes concerning such information.
Where Zing.gg collects Business and Financial Data and Personal Information including Personal Data from Clients or Users of the Services including Merchant Account Application Data collected when a Client selects the Activate Payments function, Zing.gg is both the Data Processor and the Data Controller. In such cases Zing.gg’s Data collection is limited to such information as is necessary to perform our business operations and to provide our Services to you or information which you have consented to providing. Specifically, when a Client selects the Activate Payments function we obtain the Client’s consent and approval to collect the Merchant Account Application Data and share it with our partner Payment Processors for purposes of obtaining a Merchant Account approval from the Payment Processor. The scope of Data collected in the Merchant Account Application Data includes Personal Data relating to the Beneficial Owners, Directors and Employees and Users of the Client, each such potential person a Data Subject within the scope and meaning of this Policy. The Client certifies that, prior to submitting such Personal Information including Personal Data of such Data Subjects, they have notified and obtained consent concerning the collection, storage, distribution concerning such Personal information from each Data Subject.
We may employ third party companies and individuals to facilitate our Services (“Service Providers”), provide the Services on our behalf, perform Service-related services or assist is in analysing how our service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Merchant Accounts are issued under direct contract with our partner Payment Processor, whose use of your Personal Information is governed by their Privacy Policy.
We will provide a list of our payment processor partners and links to their privacy policies under a valid privacy request.
We may use third-party Service Providers to monitor and analyse the use of our Services.
Google Analytics
We may use third-party Service Providers to show advertisements to you to help support and maintain our Services.
Google Ads
Google Ads is an advertising service provided by Google Inc.
We may use remarketing services to advertise on third party websites to you after you have visited our Services. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Services.
Google Ads Remarketing
Our Services may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Our Services are not directed towards anyone under the age of 18 (“Children”). Zing.gg recognizes the importance of maintaining the privacy of Children, particularly those under the age of 18. We are committed to complying with all applicable laws and regulations regarding Children, including the Children’s Online Privacy Protection Act (“COPPA”). Except in limited circumstances permitted by law, we do not knowingly collect, store, maintain or share personally identifiable information from Children under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we do become aware that we have collected Personal Data from Children without verification or parental consent, please send us an email at [58.1] and we take steps to remove that information from our servers.
Zing.gg may at any time, and at our sole discretion, add, modify, or remove any feature, function or portion the Service, the Terms, and/or the Privacy Policy, in whole or in part, with or without notice to you, prior or otherwise. Any changes to the Privacy Policy will be effective as of the posting date at the top of this Privacy Policy. Zing.gg will provide prominent notice on the site of any major changes posted on the Site. Your continued use of the Service after Zing.gg posts any modifications to the Privacy Policy shall be deemed your explicit acceptance of these modifications and shall constitute your agreement to comply with Privacy Policy, as modified.
If you have any questions about this Privacy Policy, please contact us: