PRIVACY AND COOKIES POLICY APPLICABLE TO THE WEBSITE AND SOCIAL MEDIA

PREAMBLE

This policy applies to our website www.zerokaysports.com and all related social media platforms: Facebook, Instagram, YouTube, Twitter, LinkedIn — all managed by ZEROKAY SPORTS Sàrl (“ZEROKAY,” “we,” “our”), whose registered office is located at route de Jussy 330, 1254- Jussy,  Switzerland.

We are committed to protecting your personal data and respecting your privacy. This document outlines how we collect, use, and safeguard your information. We encourage you to read it carefully to understand our practices and your rights concerning your personal data.

When you visit our social media pages or access third-party websites via our site, your information is governed by the privacy policies of those respective third parties. By using our Website, you consent to the handling of your Personal Data as outlined in this Privacy Policy. If you disagree with the way we process your Personal Data as per this policy, please refrain from using our Website and social media pages.

References to the GDPR in this policy should be understood to include both the EU General Data Protection Regulation and the UK GDPR, as incorporated into UK law by the Data Protection Act 2018. Our practices are designed to comply with data protection requirements in the EU, Switzerland, Norway, the United Kingdom, Australia, and Japan.

EU REPRESENTATIVE EXEMPTION

As our processing of personal data from EU residents is occasional, does not involve large-scale processing, and does not include special categories of data, we are exempt from the requirement to appoint an EU representative under Article 27(2) GDPR. We do not process sensitive data (as defined in Article 9 GDPR), nor do we engage in large-scale data processing.

DATA CONTROLLER

ZEROKAY SPORTS Sàrl, located in Switzerland, is the Data Controller responsible for processing your Personal Data. We ensure that your data is handled in compliance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP), the UK GDPR, the Australian Privacy Act 1988, the Japanese Act on the Protection of Personal Information (APPI), and Norwegian data protection laws.

GENERAL INFORMATION

Our Website and associated social media pages offer a comprehensive range of services and information. These include details about our company and products, collaboration highlights, online sales, various contact options (like contact forms and newsletter subscriptions), and links to third-party websites and social media pages for payment processing and more. This Privacy Policy governs how we handle your Personal Data across these platforms. Please note that when you interact with our social media pages, their respective privacy policies also apply. This policy is specific to our online services and does not cover offline activities.

PERSONAL DATA COLLECTION AND USAGE OBJECTIVES

A. Data Sources

We collect Personal Data through two primary sources on our Website and social media platforms: Cookies (detailed in section B) and data you provide directly (detailed in section C).

B. Cookies and Similar Technologies

What They Are & What They Collect:
Cookies are small data files stored on your device by our Website. Together with Similar Technologies like beacons and scripts, they collect information to enhance and analyze your experience on our site. This includes your device’s IP address, connection times, location (if enabled), accessed resources, and browser details.

Controlling Cookies:
You can manage Cookies through your browser settings, either by rejecting them or receiving usage alerts. Deleting Cookies may affect website functionality. You may also change your cookie preferences at any time through the cookie banner accessible on our website footer.

Purpose of Cookies:
We use Cookies to enable website functionalities, improve our services, ensure security, and generate usage statistics.

Legal Basis for Cookies:
Operational Cookies are processed based on our legitimate interests in maintaining the site (Art. 6(1)(f) GDPR). For all non-essential cookies (analytics, advertising), we request your explicit prior consent via our cookie banner in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time.

Consent Management:
We use a GDPR-compliant cookie consent management tool that blocks all non-essential cookies unless you provide prior consent. This tool allows you to:

• Accept or reject cookies by category (e.g., analytics, marketing)
• Access or modify your preferences at any time via the banner in the footer
• View the full cookie list including purpose, duration, and provider

Our use of cookies also complies with applicable national legislation, including the Swiss Federal Act on Data Protection, Norwegian Electronic Communications Act (§ 2-7b Ekomloven), the UK Privacy and Electronic Communications Regulations (PECR), and related cookie requirements under the Australian Privacy Act and Japan’s APPI.

C. What Data Do You Provide?

When interacting with our site – like filling forms, creating accounts, subscribing to newsletters, placing orders, or leaving reviews – you provide Personal Data including names, email addresses, account details, and sometimes banking information for purchases.

Data Usage Purposes:

• Order processing, billing, and delivery
• Enabling interactive features
• Sending newsletters and updates (with consent)
• Responding to your inquiries
• Informing you about service or policy changes
• Delivering targeted content and ads, and measuring effectiveness
• Conducting internal data analytics

Legal Basis for Processing:

• Consent (Art. 6(1)(a) GDPR): newsletters, reviews, or marketing communication
• Contractual necessity (Art. 6(1)(b) GDPR): order processing, account creation, customer service
• Legitimate interest (Art. 6(1)(f) GDPR): internal analytics, site improvement, customer communications
• Legal obligation (Art. 6(1)(c) GDPR): compliance with applicable law

DATA COLLECTION BY THIRD PARTIES

When you connect to social networks or other websites through our site, your browser directly links to their servers. This connection transmits data, including your IP address, to the third-party provider. Interactions like clicking “Like” or “Share” on our social media pages also send data directly to these networks.

Our Privacy Policy does not extend to third-party sites. We recommend reviewing their privacy policies for details on their data collection, usage, and protection practices.

JOINT CONTROLLERSHIP WITH SOCIAL MEDIA PLATFORMS

In accordance with the ruling of the Court of Justice of the European Union (CJEU) regarding Facebook fan pages, we and each respective social media platform (e.g., Meta for Facebook and Instagram) may act as joint controllers for certain processing activities such as page analytics. This applies when you visit or interact with our company pages on those platforms. For more details on how your data is handled in these contexts, please refer to the privacy policies of the relevant platforms.

SHARING YOUR PERSONAL DATA WITH THIRD PARTIES

We may share your data with certain partners and service providers who help us deliver services. These include:

• Hostpoint SA (Switzerland) – Web hosting
• STAR Logistique / RDV SA (Switzerland) – Fulfillment
• Intuit Inc. (USA) – Email marketing (Mailchimp), only with your consent
• Worldline Suisse SA – Payment processing

We ensure that appropriate safeguards are in place for international transfers, including the use of Standard Contractual Clauses (Art. 46 GDPR) when required. Your personal information is shared only with your consent or for our legitimate business needs.

SHARING YOUR PERSONAL INFORMATION WITH AUTHORITIES

We may disclose personal information if:

• Required by law (Art. 6(1)(c) GDPR)
• Needed to investigate or respond to legal claims
• Necessary to protect rights, property, or safety

We aim to notify you unless prohibited by law. We reserve the right to challenge any requests that are excessive, vague, or legally unfounded.

WE DO NOT SELL YOUR PERSONAL INFORMATION

We never sell your data. We only share your personal information as described in this policy.

SENDING YOUR PERSONAL INFORMATION ACROSS BORDERS

We transfer personal data to third countries only with appropriate safeguards, including Standard Contractual Clauses (Art. 46 GDPR) or other legal mechanisms recognized by Swiss, EU, UK, Australian, and Japanese law.

PROTECTION OF YOUR PERSONAL DATA AND BREACH NOTIFICATION

We implement administrative, technical, and physical security measures to protect your data. In the event of a personal data breach, we will notify affected users and the relevant authorities without undue delay in accordance with Articles 33 and 34 GDPR.

YOUR RIGHTS UNDER DATA PROTECTION LAWS

You have the following rights under the GDPR:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR), including for direct marketing
• Right to withdraw consent at any time (Art. 7(3) GDPR)
• Right to lodge a complaint with your national supervisory authority (Art. 77 GDPR)

You may withdraw consent by clicking “unsubscribe” in newsletters or contacting us at info@zerokaysports.com. We may request verification of identity before acting on your request.

For EU residents: https://edpb.europa.eu/about-edpb/about-edpb/members_en
For Swiss residents: https://www.edoeb.admin.ch/edoeb/en/home.html
For Norwegian residents: https://www.datatilsynet.no/
For UK residents: https://ico.org.uk/make-a-complaint/
For Australian residents: https://www.oaic.gov.au/privacy/privacy-complaints
For Japanese residents: https://www.ppc.go.jp/en/

DATA RETENTION

We retain your personal data:

• For as long as necessary to provide our services, respond to inquiries, and maintain customer relationships
• For 10 years for billing and tax-related data in compliance with legal obligations
• Until you withdraw your consent (where applicable)
• In anonymized form, indefinitely, for internal analytics and performance evaluation

SECURITY AND CHILDREN’S DATA

While we take strong measures to protect your data, no transmission method is 100% secure. Our site is not intended for children under the age of 16, or under the age of digital consent as defined by the laws of your country (ranging from 13 to 16 under Article 8 GDPR). We do not knowingly collect data from minors.

UPDATES TO THIS POLICY

This Privacy Policy may be updated periodically. Continued use of our website and services after changes are posted indicates your acceptance of the new terms.

We aim to comply with applicable data protection laws in all jurisdictions where we operate, including the Australian Privacy Act 1988 (Cth) and the Japanese Act on the Protection of Personal Information (APPI) when processing data from residents of Australia or Japan.

CONTACT

Questions or requests?
📧 Email: info@zerokaysports.com
📬 Mail: ZEROKAY SPORTS Sàrl, rue du Rhône 114, 1204 Geneva, Switzerland

ANNEX 1: COOKIES AND SIMILAR TECHNOLOGIES

The table below provides information on the cookies and similar technologies used on our Website, including their names, purposes, providers, retention periods, and legal basis for processing. Only essential cookies are active by default. All others (analytics, advertising) require your explicit prior consent through our cookie banner.