Privacy Policy

This Privacy Policy describes how ZF Inc. (“we,” “us,” or “our”) collects, uses, and shares personal data of users (“you” or “users”) of our website www.zfinc.co (the “Website”) globally. We are committed to protecting your privacy and ensuring the security of your personal data in accordance with applicable data protection laws, including but not limited to the European Union General Data Protection Regulation (EU GDPR), the UK General Data Protection Regulation (UK GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and the Privacy Act 1988 (as amended) in Australia.

1. Data Controller/Responsible Entity

ZF Inc.
Ka/11/2a, Bashundhara R/A Main Gate Road
Haveily Center, Level-6, Flat-6B
Dhaka- 1245.

Depending on your location and the nature of the processing, we may be considered the data controller under the EU GDPR and UK GDPR, or a comparable responsible entity under other applicable laws.

2. Personal Data We Collect

We may collect the following types of personal data from you:

  • Information you provide directly:
    • Contact Information: Name, email address, phone number, postal address, etc., when you contact us through the Website, subscribe to newsletters, or request information.
    • Account Information: If you create an account on our Website (if applicable), we may collect your username, password, and other registration details.
    • Communications: Records of your correspondence with us, including emails and other messages.
    • Order Information: If you make purchases through our Website (if applicable), we may collect your billing and shipping information, order details, and payment information (please note that payment processing may be handled by third-party providers with their own privacy policies).
    • Feedback and Surveys: Information you provide in surveys or feedback forms.
    • Job Applications: If you apply for a job through our Website, we may collect the information you provide in your application, including your CV and cover letter.
  • Information we collect automatically:
    • Log Data: Your IP address, browser type, operating system, referring URLs, pages visited, and the dates/times of your visits.
    • Cookies and Similar Technologies: We may use cookies, web beacons, and other tracking technologies to collect information about your browsing activities on our Website. Please refer to our separate Cookie Policy (if applicable) for more details, including how to manage your preferences which may vary by region.
    • Device Information: Information about your device, including device model, unique device identifiers, and mobile network information.

3. Purposes of Processing Your Personal Data

We may process your personal data for the following purposes:

  • To provide and maintain our Website and its services.
  • To respond to your inquiries and requests.
  • To personalize your experience on our Website.
  • To send you newsletters, marketing communications, and other information that may be of interest to you (where you have provided consent or as otherwise permitted by applicable law, including providing clear opt-out mechanisms where required).
  • To process and fulfill your orders (if applicable).
  • To manage your account (if applicable).
  • To improve our Website and services.
  • To monitor and analyze Website usage and trends.
  • To detect, prevent, and address technical issues and security incidents.
  • To comply with legal obligations in various jurisdictions.
  • To process job applications (if applicable).

4. Legal Basis for Processing

Our legal basis for processing your personal data will depend on the specific context and the applicable laws in your jurisdiction. These may include:

  • Consent: Where you have given us explicit consent to process your personal data for a specific purpose (e.g., sending marketing emails in the EU, UK, and other regions requiring consent). You have the right to withdraw your consent at any time.
  • Contract: Where processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract (e.g., processing your order).
  • Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided that your interests and fundamental rights do not override those interests (e.g., improving our Website and services, ensuring network and information security). We will ensure these interests are balanced with your privacy rights and will document these interests.
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject in a particular jurisdiction.

  • Other Bases: Other legal bases as permitted by applicable laws in North America and Australia, such as for our legitimate business purposes with appropriate safeguards, or as required by specific legislation.

5. Sharing Your Personal Data

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party companies that provide services on our behalf, such as website hosting, data analysis, email delivery, payment processing, and customer service. We will ensure appropriate contractual safeguards are in place, consistent with applicable legal requirements, including data processing agreements where required (e.g., under GDPR and UK GDPR).
  • Business Partners: With your consent or as otherwise permitted by law, we may share your data with business partners for specific purposes, such as joint marketing efforts. We will be transparent about such sharing.
  • Legal Authorities: We may disclose your personal data to law enforcement agencies, regulatory bodies, or other governmental authorities if required by law or legal process in any applicable jurisdiction, or if we believe in good faith that such disclosure is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity, consistent with applicable legal requirements. We will provide notice to you before your personal data is transferred and becomes subject to a different privacy policy.

6. International Transfers of Personal Data

Your personal data may be transferred to and processed in countries outside of your country of residence, which may have different data protection laws. When we transfer your personal data internationally, we will implement appropriate safeguards to protect your data as required by applicable law, such as:

  • Using Standard Contractual Clauses approved by the European Commission (for transfers out of the EEA) and the UK Information Commissioner’s Office (ICO) for transfers out of the UK.
  • Transferring to countries that have been deemed to provide an adequate level of data protection by relevant authorities (e.g., the EU and UK recognizing certain countries as adequate).
  • Implementing other legally recognized transfer mechanisms, such as Binding Corporate Rules (if applicable) or relying on the APEC Cross-Border Privacy Rules System where relevant.
  • Ensuring that any third-party service providers we use have adequate safeguards in place for international data transfers as required by applicable laws.

7. Data Security

We have implemented reasonable and appropriate technical and organizational measures designed to protect your personal data against unauthorized access, use, disclosure, alteration, or destruction. These measures include [mention specific security measures you have in place, e.g., encryption, firewalls, access controls, regular security audits, pseudonymization/anonymization where appropriate]. However, please note that no method of transmission over the internet or method of electronic storage is completely secure.

8. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with applicable legal, accounting, or reporting requirements in various jurisdictions. The specific retention periods may vary depending on the type of data and the applicable laws. We will have data retention policies that outline these periods, aiming to minimize retention where possible.

9. Your Rights

Depending on your location, you may have certain rights regarding your personal data under applicable laws. These rights may include:

  • The right to access: To request access to the personal data we hold about you and to be informed about the processing.
  • The right to rectification: To request that we correct any inaccurate or incomplete personal data.
  • The right to erasure/deletion (right to be forgotten): To request the deletion of your personal data under certain circumstances.
  • The right to restriction of processing: To request that we restrict the processing of your personal data under certain circumstances.
  • The right to data portability: To receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
  • The right to object: To object to the processing of your personal data under certain circumstances, including for direct marketing purposes and processing based on legitimate interests.
  • Rights related to automated decision-making: To not be subject to decisions based solely on automated processing that produce legal or similarly significant effects, subject to applicable legal exceptions and the right to human intervention.
  • The right to withdraw consent: To withdraw your consent at any time if we are processing your data based on consent.
  • Rights under the CCPA/CPRA (for California residents): The right to know what personal information is collected, the right to request deletion, the right to opt-out of the sale or sharing of personal information (if applicable), and the right to non-discrimination for exercising these rights.
  • Rights under PIPEDA (for Canadian residents): The right to access their personal information, the right to challenge the accuracy of their personal information, and the right to have it amended as appropriate.
  • Rights under the Privacy Act (for Australian residents): The right to access and correct their personal information, and in some cases, the right to erasure.

10. Exercising Your Rights

To exercise any of your rights under applicable data protection laws, please contact us using the contact details provided in Section 1. We will respond to your request in accordance with applicable legal requirements and timeframes. We may need to verify your identity before processing your request.

11. Complaints

If you have any concerns about our processing of your personal data, you may have the right to lodge a complaint with a relevant supervisory authority or data protection authority in your jurisdiction. We encourage you to contact us first to allow us the opportunity to address your concerns.

  • For the EU: You have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement. A list of EU supervisory authorities is available.
  • For the UK: You have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
  • For California residents: You have the right to lodge a complaint with the California Privacy Protection Agency (CPPA).
  • For Canadian residents: You have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC).
  • For Australian residents: You have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

12. Links to Other Websites

Our Website may contain links to other websites that are not operated by us. We are not responsible for the privacy practices of these third-party websites. We encourage you to review the privacy policies of any website you visit.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements in various jurisdictions. We will post any changes on this page and update the “Last Updated” date at the top of the policy. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
info@zfinc.co