ZIVV – PRIVACY POLICY

Effective Date: January 1st, 2026

Company: NAC Media Group Inc. (“Zivv”, “we”, “us”, or “our”)

1. Introduction

Zivv is committed to protecting the privacy and security of personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you access or use the Zivv platform (“Platform”).

This Policy applies to:

  • Customers (organizations subscribing to Zivv)
  • Authorized users of customer accounts
  • Website visitors

2. Role of Zivv

Zivv operates as:

  • A Data Processor for customer data processed within the Platform
  • A Data Controller for account, billing, and operational data

Customers are responsible for determining how and why personal data is used within their organization.

3. Information We Collect

3.1 Account & Identity Information

  • Name
  • Email address
  • Job title and organization
  • Account credentials

3.2 Customer Data (Processed on Your Behalf)

  • Workflow data, approvals, and submissions
  • Internal communications and comments
  • Files, documents, and attachments
  • Project and initiative data

3.3 Billing & Transaction Information

  • Payment details (processed via third-party providers)
  • Billing address
  • Transaction history

3.4 Technical & Usage Data

  • IP address
  • Device type, browser, and operating system
  • Log files and timestamps
  • Platform usage activity

3.5 Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Authenticate sessions
  • Improve platform performance
  • Analyze usage patterns
  • You may manage cookies through your browser settings.

4. How We Use Information

We use information to:

  • Provide and operate the Platform
  • Manage subscriptions and billing
  • Facilitate workflows, approvals, and collaboration
  • Provide customer support
  • Improve performance, reliability, and user experience
  • Detect, prevent, and respond to security threats
  • Comply with legal obligations

5. Legal Basis for Processing (Where Applicable)

We process personal data under the following bases:

  • Performance of a contract
  • Legitimate business interests
  • Consent (where required)
  • Compliance with legal obligations

6. Data Sharing & Disclosure

We do not sell personal information.

We may share information with:

6.1 Service Providers (Subprocessors)

Including but not limited to:

  • Cloud hosting providers (e.g., AWS, Google Cloud)
  • Payment processors (e.g., Stripe)
  • Analytics and monitoring tools

6.2 Business Transfers

In connection with a merger, acquisition, or sale of assets.

6.3 Legal Requirements

When required by law, regulation, or legal process.

7. International Data Transfers

Data may be processed in Canada, the United States, or other jurisdictions where our service providers operate.

We take reasonable steps to ensure appropriate safeguards are in place for cross-border data transfers.

8. Data Retention

We retain data based on the following principles:

  • Data is retained during the active subscription period
  • Retention periods may vary by subscription tier
  • Lower-tier plans may have limited or no post-termination retention

Important:

  • Zivv is not responsible for data loss following termination or expiration of retention periods
  • Customers are responsible for exporting their data prior to cancellation

9. Data Security

We implement industry-standard safeguards, including:

  • Encryption in transit (HTTPS/TLS)
  • Access controls and authentication
  • Secure cloud infrastructure
  • Monitoring and logging

Despite these measures, no system is completely secure.

10. Incident & Breach Response

In the event of a security incident involving personal data, Zivv will:

  • Investigate and contain the incident
  • Notify affected customers where required by law
  • Take reasonable steps to mitigate harm

11. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent

Requests may be submitted via the contact details below.

12. Customer Responsibilities

Customers using Zivv are responsible for:

  • Ensuring lawful collection and use of personal data
  • Configuring access controls appropriately
  • Managing internal approval workflows and permissions
  • Complying with applicable privacy laws

13. Third-Party Services

Zivv may integrate with third-party services. We are not responsible for their privacy practices or policies.

14. Children’s Privacy

Zivv is not intended for individuals under the age of 18 (or applicable age in your jurisdiction), and we do not knowingly collect personal information from children.

15. Changes to This Policy

We may update this Privacy Policy periodically. Continued use of the Platform constitutes acceptance of the updated Policy.

16. Contact Information

For privacy-related inquiries:

info@nacmedia.com

www.nacmedia.com