Privacy Policy
Last Updated: July 21, 2025
Table of Contents
Notice: This Privacy Policy describes how Pyzit ("we", "us", or "our") collects, uses, and discloses your information when you use our website (pyzit.com), mobile applications, and related services (collectively, "Services"). By using our Services, you agree to this policy.
1. Information We Collect
We collect several types of information from and about users of our Services:
- Account Data: Name, email, username, password, profile picture
- Payment Data: Billing address, payment method details, transaction history
- Contact Data: Email address, phone number, mailing address
- Demographic Data: Age, gender, language preferences
- Log Data: IP address, browser type, pages visited, access times
- Device Data: Device type, operating system, unique device identifiers
- Location Data: Approximate geographic location (derived from IP)
- Cookies/Similar Tech: As detailed in our Cookie Policy
- Credit balance and transaction history
- Referral program participation
- Reward and promotional credit earnings
- Credit redemption patterns
Third-Party Data Collection
We may receive information about you from other sources, including:
- Social media platforms when you connect your account
- Payment processors when you make transactions
- Analytics providers like Google Analytics
2. How We Use Your Information
| Purpose | Legal Basis | Data Types Used |
|---|---|---|
| Provide and maintain our Services | Contractual necessity | Account, Payment, Usage |
| Process transactions and credits | Contractual necessity, Legal obligation | Payment, Credit System |
| Personalize user experience | Legitimate interest | Usage, Device, Demographic |
| Improve our Services | Legitimate interest | Usage, Device, Cookies |
| Marketing and promotions | Consent (where required) | Contact, Demographic, Usage |
| Security and fraud prevention | Legitimate interest, Legal obligation | All categories as needed |
| Comply with legal obligations | Legal obligation | As required by law |
Automated Decision Making
We may use automated processes to detect fraudulent activities, assess credit risk for certain transactions, and personalize content recommendations. You may request human intervention or contest decisions by contacting us.
3. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal data under the following legal bases:
Contractual Necessity
When processing is necessary to fulfill our contractual obligations to you (e.g., providing purchased services).
Consent
When you've given clear consent (e.g., for marketing emails). You may withdraw consent anytime.
Legal Obligation
When processing is required to comply with applicable laws (e.g., tax reporting).
Legitimate Interest
When processing is necessary for our legitimate business interests (balanced against your rights).
4. Data Sharing and Disclosure
Service Providers
We share information with third-party vendors who perform services on our behalf:
Payment Processors
Stripe, PayPal for transaction processing
Cloud Services
AWS, Google Cloud for hosting
Analytics
Google Analytics, Mixpanel
Other Disclosures
We may disclose your information in these cases:
- Business Transfers: If we're involved in a merger, acquisition, or asset sale
- Legal Requirements: To comply with laws or respond to valid legal requests
- Protection of Rights: To protect our rights, property, or safety
- With Your Consent: For other purposes with your explicit consent
Do Not Sell My Information
Pyzit does not sell personal information as defined under CCPA. However, we may share information with advertising partners in ways that may constitute a "sale" under some laws.
Opt-Out of Sharing5. International Data Transfers
Your information may be transferred to โ and maintained on โ computers located outside of your country where data protection laws may differ.
Transfer Mechanisms
-
EEA Transfers
For transfers from the EEA, we use Standard Contractual Clauses and other approved mechanisms.
-
US Privacy Shield
For US-based services, we ensure providers participate in the EU-US and Swiss-US Privacy Shield Frameworks where applicable.
-
Other Jurisdictions
For other countries, we implement appropriate safeguards as required by local laws.
6. Data Security
We implement appropriate technical and organizational measures to protect your data:
Technical Measures
- Encryption in transit (TLS 1.2+) and at rest
- Regular security audits and penetration testing
- Access controls and least-privilege principles
- Secure coding practices
Organizational Measures
- Employee privacy and security training
- Data protection impact assessments
- Incident response plan
- Vendor security assessments
Data Breach Notification
In the event of a data breach that risks your rights and freedoms, we will notify you and relevant authorities as required by applicable law (typically within 72 hours for GDPR).
7. Your Data Protection Rights
Depending on your location, you may have the following rights regarding your personal data:
Right to Access
Request copies of your personal data we hold
Right to Rectification
Request correction of inaccurate data
Right to Erasure
Request deletion under certain circumstances
Right to Restrict
Request restriction of processing
Right to Portability
Request transfer of your data to another service
Right to Object
Object to certain processing activities
Right to Opt-Out (CCPA)
Opt-out of "sales" of personal information
Right to Withdraw
Withdraw consent where processing is based on consent
Exercising Your Rights
To exercise these rights, please contact us at [email protected]. We may need to verify your identity before processing requests.
For CCPA requests, you may also use our Do Not Sell My Personal Information page.
9. Children's Privacy
COPPA Compliance
Our Services are not directed to children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children.
If we learn we've collected information from a child without parental consent, we'll delete it immediately. Parents may contact us to review or delete their child's information.
10. Policy Changes
We may update this Privacy Policy periodically. The "Last Updated" date at the top indicates when changes were made.
Notification of Changes
For material changes, we'll notify you through:
- Email to your registered address
- Notice on our website
- In-app notifications (where applicable)
We encourage you to review this policy periodically.
11. Dispute Resolution
If you have concerns about our privacy practices, please contact us first at [email protected].
Other Jurisdictions
Contact the relevant privacy regulator in your country.
For California residents, see our CCPA Notice.
12. Contact Us
Privacy Inquiries
EU Representative
As required under GDPR Article 27, our EU representative is:
[EU Representative Name][Address]
E: [email protected]
