Privacy Policy
Last updated: April 2026 · Effective: April 2026
1. Who We Are
Zen360Life ("we", "us", "our") operates zen360life.com. We are the data controller for personal data collected through this website. For privacy enquiries contact us at privacy@zen360life.com.
2. Data We Collect
| Category | Examples | Purpose |
|---|---|---|
| Account data | Name, email address, password (hashed) | Account creation & authentication |
| Subscription data | Plan type, billing status, subscription dates | Service delivery & billing |
| Payment data | Transaction ID, customer ID | Payment processing via Paddle (MoR) |
| Referral data | Referral code, click events, commission amounts | Referral programme operation |
| Usage data | IP address, browser type, pages visited, session data | Security, fraud prevention, analytics |
| Communications | Email open/bounce/complaint events | Email delivery quality & suppression management |
| Withdrawal data | Payment method details (encrypted), bank/PayPal info | Processing commission withdrawals |
We do not store full card numbers. All payment card data is processed and held by Paddle as Merchant of Record.
3. Legal Bases for Processing (GDPR)
- Contract performance: Processing necessary to deliver your subscription and manage your account
- Legitimate interests: Fraud prevention, security monitoring, improving our service
- Legal obligation: Compliance with applicable laws (e.g. tax, anti-money laundering)
- Consent: Marketing emails (you may withdraw consent at any time)
4. How We Use Your Data
- Deliver newsletter content to your inbox and provide web portal access
- Process subscription payments and manage billing via Paddle
- Calculate, hold, and release referral commissions
- Detect and prevent fraud and abuse
- Send transactional emails (welcome, commission notifications, billing alerts)
- Respond to support requests and account queries
- Comply with legal and regulatory obligations
5. Third-Party Services
| Provider | Purpose | Data shared |
|---|---|---|
| Paddle.com Market Ltd. | Payment processing & tax compliance (Merchant of Record) | Name, email, billing info |
| Amazon Web Services (SES) | Transactional email delivery | Email address, message content |
We do not sell your personal data to third parties.
6. Data Retention
- Account data: Retained while your account is active and for 2 years after closure, unless a shorter period is requested
- Financial records: Retained for 7 years to comply with tax and accounting obligations
- Audit logs: Retained for 2 years
- Email bounce/complaint records: Retained indefinitely to prevent re-sending to suppressed addresses
7. Your Rights (GDPR)
If you are in the EEA or UK, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your personal data (subject to legal retention obligations). You can initiate this from your account settings.
- Restriction — request we limit processing of your data
- Portability — receive your data in a structured, machine-readable format
- Object — object to processing based on legitimate interests
- Withdraw consent — unsubscribe from marketing emails at any time
To exercise any right, contact privacy@zen360life.com. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
8. Cookies
We use essential cookies for session management and CSRF protection. We do not use third-party tracking or advertising cookies. See our Cookie Policy for details.
9. Security
We use industry-standard security measures including HTTPS (TLS), encrypted storage for sensitive data, hashed passwords (bcrypt), and access controls. However, no method of transmission over the internet is 100% secure.
10. International Transfers
Our email infrastructure uses Amazon Web Services (US East region). Transfers to the USA are covered by AWS's Standard Contractual Clauses and compliance with applicable data transfer mechanisms.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you by email of material changes. The effective date at the top of this page will always reflect the most recent revision.