ZEERODIGITAL LLC Privacy Policy

Effective Starting: January 1, 2025
Effective Until: January 1, 2030

1. INTRODUCTION AND POLICY APPLICATION
This SMS, Messaging, and Phone Privacy Policy ("Mobile Communication Privacy Policy") establishes the comprehensive framework governing the collection, processing, storage, transmission, security, and retention of all mobile communication data associated with ZEERODIGITAL LLC, operating under the registered trade name ZeeroDigital. The policy provisions apply universally across all operational jurisdictions, communication channels, technological platforms, and service offerings without exception or limitation.

The scope of this policy extends to encompass all forms of electronic communications transmitted via mobile devices, including but not limited to: Short Message Service (SMS) communications, Multimedia Messaging Service (MMS) transmissions, Rich Communication Services (RCS), interactive voice response (IVR) systems, voice call recordings, voicemail messages, mobile application notifications, and any associated metadata or ancillary communication data generated through these interaction modalities. The policy remains equally applicable to current communication technologies and any future mobile communication platforms or protocols that may be developed and implemented during the effective period of this policy.

2. FOUNDATIONAL DATA PROTECTION PRINCIPLES
The operational philosophy governing our mobile communication practices is rooted in three inviolable principles that form the bedrock of all data processing activities:

2.1 Absolute Non-Disclosure Principle
We do not share, sell, rent, or otherwise disclose any customer information, including mobile numbers, with unaffiliated third parties for any purpose, including marketing or promotional use — even if consent has been provided.

Information may be shared only with internal service providers or subcontractors who perform essential support functions, such as customer service, and only to the extent necessary to fulfill those functions. These parties are contractually obligated to maintain strict confidentiality and data security.

Text messaging originator opt-in data and consent will not be shared with any third parties or affiliates under any circumstances. This restriction applies permanently and continues to be enforced even after termination of any business relationships or service agreements.

2.2 Minimal Data Collection Doctrine
We adhere strictly to the principle of data minimization, collecting only the precise categories of mobile information absolutely necessary for service delivery. This limitation applies to both the scope of data collected and the duration of its retention, ensuring we never maintain mobile communication data beyond its functional necessity.

2.3 Purpose Limitation Covenant
All collected mobile information serves explicitly defined, legitimate business purposes that are communicated transparently to users at the point of collection. We implement rigorous technical and organizational controls to prevent any secondary processing or repurposing of mobile communication data beyond these original, disclosed intentions.

3. DETAILED DATA COLLECTION SPECIFICATIONS
The mobile information we collect falls into discrete categories, each governed by specific collection protocols and usage restrictions:

3.1 Contact Information

  • Mobile telephone numbers provided during opt-in processes

  • Network routing information required for message delivery

  • Device identifiers associated with message receipt/transmission

3.2 Communication Content

  • Message bodies for SMS/MMS communications

  • Call recordings where explicitly consented

  • Voicemail audio files and transcripts

  • Interactive voice response selections

3.3 Technical Metadata

  • Transmission timestamps and delivery confirmations

  • Network routing logs

  • Device capability indicators

  • Message length metrics

3.4 Consent Documentation

  • Opt-in timestamps and verification records

  • Confirmation message logs

  • Opt-out request documentation

  • Preference management history

4. COMPREHENSIVE DATA PROCESSING FRAMEWORK
All mobile information undergoes strict processing protocols designed to maximize privacy protection:

4.1 Transmission Security
All mobile communications transit through encrypted channels utilizing TLS 1.2 or higher protocols. We maintain multiple redundant encryption pathways to ensure uninterrupted security during message transmission.

4.2 Storage Protocols
At-rest data encryption meets AES-256 standards. Storage infrastructure undergoes quarterly security validation by independent auditors. Geographic storage locations are selected based on optimal security conditions.

4.3 Access Controls
Role-based access systems with multi-factor authentication restrict data access to authorized personnel only. All access attempts generate audit logs reviewed biweekly by security personnel. Privileged accounts require executive approval and additional verification layers.

5. DATA RETENTION AND DESTRUCTION
Our retention schedule reflects the most stringent applicable requirements:

5.1 Standard Operational Data

  • Message content: 90 days post-transmission

  • Call recordings: 120 days post-call

  • Transmission logs: 1 year from generation

5.2 Compliance Records

  • Opt-in/opt-out documentation: 5 years

  • Consent verification: 5 years

  • Legal holds: Duration of requirement

5.3 Destruction Protocols
Secure deletion processes meet NIST SP 800-88 standards. Physical media undergoes degaussing before disposal. Destruction certificates are maintained for all data purges.

6. SECURITY ARCHITECTURE
Our defense-in-depth strategy incorporates:

6.1 Perimeter Security

  • Next-generation firewalls with intrusion prevention

  • DDoS mitigation systems

  • Continuous vulnerability scanning

6.2 Internal Protections

  • Microsegmented network architecture

  • Endpoint detection and response systems

  • Behavioral anomaly monitoring

6.3 Personnel Safeguards

  • Mandatory background checks

  • Annual security training

  • Principle of least privilege enforcement

7. THIRD-PARTY MANAGEMENT
All vendors handling mobile information must:

7.1 Contractual Requirements

  • Sign data protection addenda

  • Maintain equivalent security standards

  • Submit to annual compliance audits

7.2 Operational Restrictions

  • Prohibited from secondary data use

  • Required to implement access logging

  • Mandated breach notification timelines

8. USER RIGHTS IMPLEMENTATION
We facilitate comprehensive user control through:

8.1 Access Mechanisms

  • Secure online portals for data review

  • Verified email request systems

  • Toll-free access line for records requests

8.2 Rectification Procedures

  • 72-hour response timeline

  • Multi-point verification

  • Change confirmation notices

8.3 Erasure Protocols

  • Cascading deletion across systems

  • Backup purification processes

  • Confirmation of complete removal

9. COMPLIANCE OVERSIGHT
Our governance structure includes:

9.1 Monitoring Systems

  • Real-time compliance dashboards

  • Automated policy enforcement tools

  • Regular gap assessments

9.2 Training Programs

  • New hire orientation

  • Quarterly refresher courses

  • Role-specific certification

9.3 Audit Framework

  • Internal quarterly reviews

  • Biannual third-party assessments

  • Regulatory examination preparation

10. POLICY ADMINISTRATION


10.1 Version Control

  • Centralized document management

  • Change tracking systems

  • Archive preservation

10.2 Dissemination

  • Employee acknowledgement records

  • Public accessibility requirements

  • Translation protocols

10.3 Exception Handling

  • Documented approval process

  • Temporary waiver procedures

  • Compensating controls

11. LEGAL ENTITY GOVERNANCE
ZeeroDigital operates exclusively as the registered Doing Business As (DBA) designation of ZEERODIGITAL LLC. All policy provisions, protections, and obligations apply fully to the complete legal entity regardless of nomenclature used in specific communications or representations. The DBA designation creates no separate legal identity nor diminishes any policy requirements in any operational context.

This policy represents our comprehensive commitment to mobile communication privacy through industry-leading standards, transparent practices, and rigorous enforcement mechanisms. We maintain continuous vigilance in policy implementation and regularly enhance our protections to address evolving technological landscapes and regulatory requirements while maintaining unwavering adherence to our core privacy principles.

12. Information We Collect

We collect personal information that you voluntarily provide through an online opt-in form on our website. This may include your name and phone number (optional).

13. How We Use Your Information

We use your personal information to:

  • Identify you as a user

  • Provide SMS-based account alerts, customer care, and service-related updates

  • Respond to your questions or support requests

14. Sharing of Personal Information

We do not sell, trade, or share your personal information with third parties for marketing or promotional purposes. We may share your information only in the following situations:

  • Service Providers: We use third-party platforms, such as GoHighLevel, to send SMS messages and manage customer communications. These providers are required to keep your information secure and confidential.

  • Legal Compliance: We may share your information if required to do so by law or to protect our rights, safety, or users.

Mobile information, including text messaging opt-in data and consent, will not be shared with third parties or affiliates for marketing or promotional purposes. Mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

15. Opt-In Consent

We only collect and use your information after you have explicitly opted in through our website form. By submitting your information, you consent to receiving SMS communications for the purposes described in this policy.

16. Your Choices

You can manage your personal information in the following ways:

  • Access or Update: Email us at alihamad@zeerodigital.com to update or request deletion of your personal info.

  • SMS Opt-Out: To stop receiving text messages, simply reply STOP to any message you receive from us.

  • Need Help?: Reply HELP to any message for assistance.

17. Data Retention

We retain your personal information only as long as necessary to provide our services and meet legal or operational requirements. In general, we keep opt-in records and related data for no longer than 2 years, unless a longer retention period is required by law.

18. Data Security

We take reasonable steps to protect your personal information from unauthorized access, disclosure, or misuse. However, no method of electronic communication is 100% secure.

19. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children.

20. Changes to This Policy

We may update this policy as needed. When we do, we will post the updated version on our website with the new effective date.

21. CONTACT AND COMMUNICATION
For all inquiries regarding mobile data practices:

ZEERODIGITAL LLC - otherwise known as, "ZeeroDigital", "ZEERODIGTIAL", "Zeerodigital", or "zeerodigital".
Email: alihamad@zeerodigital.com
Phone: +1 (515) 505-5050 and/or +1 (844) 425-1428
Address: 3437 Scenic Valley Drive, West Des Moines, IA

ZEERODIGITAL LLC values your privacy. This Privacy Policy explains how we collect, use, and protect your information.

This Privacy Policy Is Effective From 01/30/2020 until 01/30/2028

Contact ZEERODIGITAL LLC

REcEIve email updates

alihamad@zeerodigital.com

+1 (515) 505-5050 and/ or +1 (844) 425-1428

PRIVACY POLICY | TERMS & CONDITIONS