Privacy Policy – Zen Immersive

Last updated: October 22, 2025

This global policy explains how Zen Immersive collects, uses, protects, and shares your personal data, in accordance with international privacy laws, including the General Data Protection Regulation (GDPR – Europe), the California Consumer Privacy Act (CCPA – USA), Lei Geral de Proteção de Dados (LGPD – Brazil), PIPEDA (Canada), and the Privacy Act (Australia).

1. Data Controller

Zen Immersive (Immersiva Productions)
SIREN: 978 472 702
SIRET (registered office): 978 472 702 00023
E-mail: contact@zenimmersive.com
Form: zenimmersive.com/contact-zen-immersive

The full postal address is provided above; it was previously communicated upon legitimate request to protect the privacy of the data controller. Legal information comes from the company registry on Societe.com.

2. Data We Collect

2.1 Personal data

First and last name, e-mail address, profile photo or alias.
Account information, device identifier, language preferences.
Payment and subscription data (via App Store / Google Play).

2.2 Technical data

IP address, browser type and version, device, logs and diagnostics.
Audio/video/light sync (non-personal technical data).

2.3 Usage data

Content listened to or viewed, meditation history or immersive experience history.
Interactions with connected lighting systems (Philips Hue, Ambilight, etc.).
Aggregated performance, crash, and analytics data.

2.4 Third-party data (if you authorize it)

Information from social logins (Facebook, Google, Apple, etc.).
Usage statistics via Google Analytics, Meta Pixel, or equivalent.

We do not collect sensitive data (health, religion, sexual orientation, etc.) without explicit consent.

3. Purposes of Processing

To provide Zen Immersive services (playback, guidance, synchronized lighting).
To manage accounts, subscriptions, payments, and user support.
To improve app content, performance, and security.
To comply with legal, tax, and regulatory obligations (GDPR, CCPA, etc.).
To enable integration with partner platforms (Meta, Google, Philips Hue, etc.).

4. Legal Bases

Consent (explicit opt-in upon sign-up or social login).
Contract performance (use of the service and subscriptions).
Legitimate interest (security, statistics, product improvement).
Legal obligations (accounting, protection of rights).

5. Hosting & International Transfers

Data are hosted within the European Union with Hostinger (EU-based servers) and Wazabi for media storage. They are protected by secure protocols (HTTPS/TLS, restricted access). International transfers may occur for certain services: Firebase (Google), Meta (Facebook/Instagram), Stripe (payments).

These transfers are governed by the European Commission’s Standard Contractual Clauses and comply with APEC/OECD Cross-Border Privacy frameworks.

6. Retention Periods

Accounts and preferences: until deleted by the user.
Logs and analytics: up to 12–24 months.
Billing data: 10 years (legal requirement).

7. Cookies & Similar Technologies

We use cookies that are strictly necessary for the service to function, and statistical or advertising cookies subject to your consent. You can manage or withdraw consent via the cookie banner or your browser settings.

8. Sharing & Sub-processors

We share certain data only with providers essential to operating the service:

Hosting: Hostinger (EU) and Wazabi storage.
Storage & CDN: Cloudflare / AWS (depending on user location).
Authentication: Firebase, Apple, Google.
Payments: Apple Pay, Google Play Billing.
Analytics: Google Analytics / PostHog.

These providers act as processors pursuant to GDPR Article 28 and equivalent agreements outside the EU.

9. Your Rights by Region

Europe (GDPR)

Right of access, rectification, erasure, portability, and objection.
Contact: contact@zenimmersive.com

United States (CCPA / CPRA)

Right to know, correct, or delete collected data.
Zen Immersive does not sell or resell your personal data.

Brazil (LGPD)

Right of access, rectification, anonymization, and portability.
DPO contact: contact@zenimmersive.com

Canada (PIPEDA)

Data are processed fairly and transparently. You may request deletion at any time.

Australia (Privacy Act)

Zen Immersive complies with the Australian Privacy Principles (APP).

10. Data Deletion

You can request deletion of all your data, including those linked to social logins (Facebook, Google, Apple), using our secure form:

Request deletion of my data

11. Security & Compliance

End-to-end encryption (HTTPS/TLS 1.3).
Intrusion monitoring, encrypted backups, regular audits.
Access restricted to authorized personnel only.

12. Minors

Zen Immersive services are not intended for children under 16 without parental authorization. We delete any data related to a minor as soon as we become aware of it.

13. Consumer Mediation & Disputes (France/EU)

In accordance with Articles L612-1 et seq. of the French Consumer Code, you may use a consumer mediator free of charge in the event of a dispute. We have chosen the following mediator:

CNPM Médiation Consommation
Centre d’Affaires Stéphanois, Immeuble l’Horizon – Esplanade de France,
3 rue J. Constant Milleret, 42000 Saint-Étienne, France.
Phone: +33 (0)4 77 42 10 58
Website: cnpm-mediation-consommation.eu

14. Changes to This Policy

This policy may be updated to remain compliant with local and international laws. Any material change will be notified via the app or by e-mail. The online version is authoritative.

15. Global Contact

For any privacy question or to exercise your rights:
E-mail: contact@zenimmersive.com
Form: zenimmersive.com/contact-zen-immersive
Country of establishment: France – European Union