Privacy Policy

1. Introduction

Terranav Ltd, trading as Zivlo ("we", "us", "our"), is the data controller responsible for your personal data. We are committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Zivlo service, including our website, web application, and any associated services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect your first name, last name, date of birth, email address, phone number, and postal address. If you subscribe to a paid plan, we collect billing information including your payment card details (processed securely through our payment provider, Stripe).

2.2 Call Metadata

We collect metadata related to incoming calls, including the caller's phone number, call start and end times, call duration, and whether a guardian joined or ended the call. This data is used to provide call history, analytics, and guardian alert functionality.

2.3 Usage Data

We automatically collect certain information when you access the Service, including your IP address, browser type, operating system, referring URLs, pages viewed, and the dates and times of your visits. We use this information to improve the Service and diagnose technical issues.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Send real-time call alerts to designated guardians
• Enable guardian features including silent listening and call ending
• Process subscription payments and manage your billing account
• Provide customer support and respond to your enquiries
• Send transactional emails (account confirmations, billing receipts, security alerts)
• Analyse usage patterns to improve and optimise the Service
• Detect, investigate, and prevent fraudulent or unauthorised activity

4. Call Recording Policy

We do not record, store, or transcribe any phone call audio. Guardian listening occurs through a real-time, encrypted audio stream that is not persisted in any form. When a call ends, the audio stream is terminated and no recording exists. We collect only call metadata (as described in Section 2.2), never the content of conversations.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share information in the following limited circumstances:

• Service Providers: We share data with trusted third-party providers who help us operate the Service (e.g., Stripe for payment processing, cloud hosting providers). These providers are contractually bound to protect your data and use it only for the purposes we specify.
• Legal Obligations: We may disclose information if required to do so by law, or if we believe in good faith that disclosure is necessary to comply with a legal obligation, protect our rights, protect your safety or the safety of others, or investigate fraud.
• Guardians: By design, guardian users on your account can see incoming call information (caller number and caller ID) and join live calls. Subscribers consent to this when setting up their account and inviting guardians.

6. Data Retention

We retain your personal information and call metadata for as long as your account is active, plus 30 days following account deletion to allow for reactivation. After this period, all personal data and call metadata are permanently and irreversibly deleted from our systems. Billing records may be retained for up to 7 years as required by UK tax and financial regulations.

7. Data Security

We implement industry-standard security measures to protect your data. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Access to personal data is restricted to authorised personnel on a need-to-know basis. We conduct regular security audits and penetration testing to identify and address vulnerabilities.

8. Your Rights Under GDPR

If you are located in the United Kingdom or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR) and the UK GDPR:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request that we correct any inaccurate or incomplete personal data.
• Right to Erasure: You may request that we delete your personal data, subject to legal retention obligations.
• Right to Restrict Processing: You may request that we limit how we use your personal data.
• Right to Data Portability: You may request a machine-readable copy of your personal data to transfer to another service.
• Right to Object: You may object to our processing of your personal data in certain circumstances.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Cookies

We use essential cookies to maintain your session and authentication state. We do not use advertising or tracking cookies. We use anonymous analytics cookies to understand how visitors use our website, which helps us improve the Service. You can disable cookies through your browser settings, but this may affect the functionality of the Service.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice on the Service. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: