Privacy Policy

Last updated: September 4, 2024

ZP Pay, the official payment solution of Universidade Zumbi dos Palmares, is committed to protecting your privacy and personal data. This Privacy Policy describes how we collect, use, store, and protect your information when you use our services.

1. Information We Collect

1.1 Personal Information

We collect the following personal information when you:

Create a ZP Pay account
Make transactions
Contact us
Use our services

The information collected may include:

Full name
Email address
Phone number
Tax ID number (CPF)
Residential address
Academic information (student ID, course)
Banking data for payment processing

1.2 Usage Information

We automatically collect information about how you use our services:

IP address
Device type and operating system
Browser used
Pages visited and time spent
Date and time of access
Geographic location (with your consent)

1.3 Mobile App Information

When you use our mobile app, we may collect:

Device identifier (UDID, advertising ID)
App usage statistics
Push notification preferences
Crash logs and performance data
Location data (if permitted)

2. How We Use Your Information

We use your information to:

Process payments and transactions
Verify your identity and prevent fraud
Provide customer support
Improve our services
Send important notifications about your account
Comply with legal and regulatory obligations
Personalize your user experience
Send push notifications (with your consent)

3. Information Sharing

We do not sell, rent, or share your personal information with third parties, except in the following situations:

3.1 Universidade Zumbi dos Palmares

We share necessary information with Universidade Zumbi dos Palmares to:

Process tuition and fee payments
Verify academic status
Provide integrated services

3.2 Service Providers

We may share information with trusted service providers who help us operate our services:

Payment processors
Cloud hosting and storage services
Data analytics providers
Customer service platforms
Mobile app analytics services

3.3 Legal Requirements

We may disclose your information when required by law or to:

Comply with a court order
Protect our legal rights
Prevent fraudulent activities
Protect the safety of our users

4. Data Security

We implement technical and organizational security measures to protect your information:

Encryption of data in transit and at rest
Strict access controls
Continuous security monitoring
Regular security audits
Employee privacy training
PCI DSS compliance for card data
Secure mobile app architecture

5. Your Rights

Under applicable data protection laws, including LGPD and GDPR, you have the following rights:

Access: Request information about your personal data
Correction: Correct incomplete or inaccurate data
Deletion: Request deletion of your data
Portability: Receive your data in a structured format
Objection: Object to the processing of your data
Restriction: Request limitation of processing
Information: Be informed about data treatment

6. Data Retention

We retain your personal information for as long as necessary to:

Fulfill the purposes for which it was collected
Comply with legal obligations
Resolve disputes
Enforce our agreements

After this period, data is securely deleted or anonymized.

7. Cookies and Similar Technologies

We use cookies and similar technologies to:

Improve website functionality
Personalize your experience
Analyze service usage
Provide security features
Track app performance

You can manage your cookie preferences through your browser settings.

8. International Transfers

Your data may be transferred and processed on servers located outside Brazil. When this occurs, we ensure that:

The destination country has adequate protection levels
We implement appropriate contractual safeguards
We obtain your consent when necessary

9. Children's Privacy

Our services are intended for users aged 18 and over. We do not knowingly collect information from children under 18 without parental or legal guardian consent.

9.1 Apple App Store Compliance

For iOS users:

Our app is rated for users 17+ in the App Store
We do not target or knowingly collect data from minors
Parental controls are available through iOS settings

9.2 Google Play Store Compliance

For Android users:

Our app is designed for mature audiences
We comply with Google Play's Families Policy
Age verification is required for account creation

10. Changes to This Policy

We may update this Privacy Policy periodically. When we make significant changes:

We will notify you by email
We will post a notice on our website
We will update the "last updated" date
We will notify through in-app notifications

We recommend that you review this policy regularly.

11. Mobile App Specific Terms

11.1 iOS Specific Terms

For users of our iOS app:

Data collection complies with Apple's App Store guidelines
You can manage permissions through iOS Settings > Privacy
Push notifications can be disabled in app settings
Data is not shared with Apple unless required for app functionality

11.2 Android Specific Terms

For users of our Android app:

Data collection complies with Google Play policies
Permissions are requested before data collection
You can revoke permissions in Android Settings > Apps
Google Play Services may collect additional data as per Google's policy

12. Third-Party Services

Our app may integrate with third-party services:

Analytics: Firebase Analytics, Google Analytics
Crash Reporting: Firebase Crashlytics
Push Notifications: Firebase Cloud Messaging
Payment Processing: Certified payment gateways

These services have their own privacy policies that govern their data collection and use.

13. Contact Information

For privacy questions or to exercise your rights, contact us:

Email: privacy@zppay.com.br

Customer Service: sac@zppay.com.br

WhatsApp: +55 11 98493-9348

Business Hours: Monday to Friday, 8 AM to 6 PM (BRT)

Address: Universidade Zumbi dos Palmares
São Paulo, SP - Brazil

14. Data Protection Officer

Our Data Protection Officer (DPO) is available to clarify questions about the processing of your personal data:

Email: dpo@zppay.com.br

15. Regulatory Authorities

If you are not satisfied with our responses, you may contact the relevant data protection authority:

Brazil: ANPD - National Data Protection Authority - www.gov.br/anpd
EU: Your local data protection authority if you are in the European Union

App Store Compliance Statement: This privacy policy complies with Apple App Store Review Guidelines 5.1.1 and Google Play Developer Policy requirements. We are committed to transparency in our data practices and protecting user privacy.