Zitpy

Legal

ZITPY - PRIVACY POLICY

(UK GDPR Compliant - Client & Website Use)

This Privacy Policy applies to all services provided by Media N Screen Ltd trading as Zitpy ("Zitpy", "we", "us", "our").

1. WHO WE ARE

Data Controller:

Media N Screen Ltd (trading as Zitpy)

Registered Office: The Mille, 1st Floor, 1000 Great West Road, London, TW8 9DW

Email: info@zitpy.co.uk

2. WHAT DATA WE COLLECT

We may collect and process:

  • Name, email, phone number
  • Business details
  • Social media account access
  • Google Business Profile access
  • Customer reviews and messages
  • Website usage data
  • Payment and invoicing details

3. HOW WE USE YOUR DATA

We use data to:

  • Provide contracted services
  • Manage accounts and content
  • Respond to enquiries
  • Send service communications
  • Meet legal and tax obligations

4. LEGAL BASIS FOR PROCESSING

We process data under:

  • Contractual necessity
  • Legal obligation
  • Legitimate business interests
  • Consent (where required)

5. DATA SHARING

We may share data with:

  • Hosting providers
  • Payment processors
  • Analytics tools
  • Social media platforms
  • Legal or regulatory bodies

All third parties are contractually bound to protect data.

6. DATA STORAGE & SECURITY

We use appropriate technical and organisational measures to protect personal data against loss, misuse, or unauthorised access.

7. DATA RETENTION

We retain data only for as long as necessary to:

  • Provide services
  • Comply with legal requirements
  • Resolve disputes

8. YOUR RIGHTS

Under UK GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Data portability
  • Object to processing
  • Lodge a complaint with the ICO

9. INTERNATIONAL TRANSFERS

Some platforms may store data outside the UK. Zitpy ensures appropriate safeguards are in place.

10. COOKIES

Our website uses cookies. See our Cookie Policy for details.

11. CONTACT

Email: info@zitpy.co.uk

Registered Office: The Mille, 1st Floor, 1000 Great West Road, London, TW8 9DW

12. UPDATES

This policy may be updated. Continued use of Zitpy services constitutes acceptance.

Legal

ZITPY - COOKIE POLICY

(UK GDPR & PECR Compliant)

This Cookie Policy applies to all users of the Zitpy website and services operated by Media N Screen Ltd trading as Zitpy.

1. WHAT ARE COOKIES?

Cookies are small text files stored on your device that help websites function, improve performance, and analyse usage.

2. TYPES OF COOKIES WE USE

Zitpy uses the following categories of cookies:

a) Strictly Necessary Cookies

Required for website operation, including:

  • Security
  • Form submission
  • Page navigation

These cannot be disabled.

b) Performance & Analytics Cookies

Used to understand how visitors use our website, including:

  • Page visits
  • Clicks
  • Traffic sources

This helps us improve performance.

c) Functionality Cookies

Used to remember:

  • Preferences
  • Login settings

d) Marketing Cookies

May be used to:

  • Display relevant advertising
  • Track marketing effectiveness

3. COOKIE CONSENT

You will be asked to consent to non-essential cookies when visiting our website.

You may withdraw or modify consent at any time.

4. THIRD-PARTY COOKIES

Zitpy may use services such as:

  • Google Analytics
  • Social media platforms
  • Advertising platforms

These providers may place cookies in accordance with their own policies.

5. MANAGING COOKIES

You can control or delete cookies via your browser settings.

Disabling cookies may affect website functionality.

6. CONTACT

For questions about cookies or privacy:

Email: info@zitpy.co.uk

Address: The Mille, 1st Floor, 1000 Great West Road, London, TW8 9DW

7. UPDATES

This Cookie Policy may be updated at any time.

Legal

ZITPY - DATA PROCESSING AGREEMENT (DPA)

This Data Processing Agreement ("DPA") forms part of the Zitpy Master Services Agreement (MSA) between Media N Screen Ltd trading as Zitpy ("Zitpy") and the Client.

1. DEFINITIONS

"Personal Data", "Processing", "Controller", and "Processor" have the meanings given in the UK GDPR. The Client is the Data Controller. Zitpy is the Data Processor.

2. PURPOSE

Zitpy processes Personal Data only to provide contracted services, including:

  • Managing social media accounts
  • Responding to messages
  • Managing Google reviews
  • Producing and publishing content

3. CLIENT OBLIGATIONS

The Client confirms:

  • It has lawful authority to provide data to Zitpy
  • It has obtained necessary consents
  • It complies with UK GDPR

The Client indemnifies Zitpy against data protection breaches arising from Client-provided data.

4. ZITPY’S OBLIGATIONS

Zitpy shall:

  • Process data only on written instructions
  • Keep data confidential
  • Use appropriate security measures
  • Notify the Client of any data breach without undue delay

5. SUB-PROCESSORS

Zitpy may use:

  • Hosting providers
  • Analytics tools
  • Cloud services
  • Platform APIs

All sub-processors are contractually bound by GDPR obligations.

6. DATA BREACH

Zitpy will notify the Client without undue delay after becoming aware of a breach and provide reasonable assistance.

7. DATA RETENTION

Data will be retained only as long as required to provide services or comply with law.

8. DATA SUBJECT RIGHTS

Zitpy will assist the Client in responding to subject access requests, deletion requests, or data corrections.

9. AUDITS

The Client may request reasonable confirmation of GDPR compliance.

10. TERMINATION

Upon termination, Zitpy shall:

  • Return or delete personal data unless legally required to retain it

11. GOVERNING LAW

This DPA is governed by the laws of England and Wales.

Legal

ZITPY - DATA BREACH RESPONSE POLICY

This Data Breach Response Policy applies to Media N Screen Ltd trading as Zitpy.

1. PURPOSE

This policy sets out how Zitpy identifies, manages, and reports personal data breaches in compliance with the UK GDPR and Data Protection Act 2018.

2. WHAT IS A DATA BREACH?

A data breach includes:

  • Loss of personal data
  • Unauthorised access
  • Accidental deletion
  • Disclosure of data
  • Cyberattack or hacking

3. BREACH IDENTIFICATION

All staff, contractors, and partners must immediately report any suspected data breach to management.

4. INITIAL RESPONSE

Zitpy will:

  • Secure systems
  • Prevent further loss
  • Identify affected data
  • Assess severity

5. CLIENT NOTIFICATION

If client data is affected, Zitpy will notify the Client without undue delay.

6. ICO NOTIFICATION

If the breach is likely to result in risk to individuals, Zitpy will notify the Information Commissioner’s Office (ICO) within 72 hours.

7. RECORD KEEPING

All breaches will be logged with:

  • Date
  • Nature of breach
  • Data affected
  • Remedial action

8. CORRECTIVE ACTION

Zitpy will:

  • Improve security
  • Train staff
  • Update systems

9. CONFIDENTIALITY

All breach investigations are confidential.

10. GOVERNING LAW

This policy is governed by the laws of England and Wales.