0
image English
image English
Home / GDPR Privacy Policy

GDPR Privacy Policy

Last Updated: 10-02-2026

This GDPR Privacy Policy (“Policy”) explains how Zexlo (previously Jangras Web Services / Jangras Host) (“Zexlo”, “we”, “our”, or “us”) collects, processes, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection laws.

By using our services, you acknowledge and agree to this Policy.

1. Scope and Applicability

  • This Policy applies to individuals located in the European Economic Area (EEA), United Kingdom, and Switzerland

  • Covers personal data processed through Zexlo’s website, services, and infrastructure

  • Applies whether Zexlo acts as:

    • Data Controller (for its own operations)

    • Data Processor (on behalf of customers)

2. Definitions

  • Personal Data: Information identifying an individual

  • Processing: Any operation on personal data

  • Data Subject: Individual whose data is processed

  • Controller / Processor: As defined under GDPR

  • Sub-processor: Third-party service providers

3. Categories of Personal Data

We may process the following categories:

  • Identity Data (name, company name)

  • Contact Data (email, phone number, address)

  • Financial Data (billing and payment information)

  • Technical Data (IP address, device information)

  • Usage Data (logs, interactions, analytics)

  • Derived Data (performance insights, analytics outputs)

4. Lawful Basis for Processing

We process personal data based on:

  • Contractual necessity (service delivery)

  • Legal obligations (regulatory compliance)

  • Legitimate interests (security, improvements)

  • Consent (marketing and optional processing)

5. Purpose of Processing

Personal data is used for:

  • Service provisioning and account management

  • Billing and payment processing

  • Infrastructure operation and optimization

  • Security monitoring and fraud prevention

  • Customer support and communication

  • Compliance with legal obligations

  • Marketing (with consent where required)

6. Data Sharing and Disclosure

We may share data with:

  • Cloud infrastructure providers (e.g., AWS, Google Cloud)

  • Payment processors and financial institutions

  • Analytics, monitoring, and security vendors

  • Legal and regulatory authorities

  • Business partners for service delivery

Zexlo does not sell personal data.

7. Sub-Processors

  • Zexlo may engage third-party sub-processors

  • All sub-processors are bound by:

    • Data Processing Agreements (DPA)

    • Confidentiality obligations

    • GDPR-compliant safeguards

8. International Data Transfers

  • Personal data may be transferred outside the EEA

  • Safeguards include:

    • Standard Contractual Clauses (SCCs)

    • Data protection agreements

    • Compliance with GDPR transfer requirements

9. Data Retention

  • Data is retained only as long as necessary

  • Retention depends on:

    • Contractual obligations

    • Legal requirements

    • Business purposes

  • Data may be deleted or anonymized when no longer required

10. Data Security

Zexlo implements appropriate technical and organizational measures:

  • Encryption (in transit and at rest)

  • Access control and identity management

  • Network security (firewalls, monitoring)

  • Regular audits and vulnerability assessments

  • Employee training and compliance controls

11. Data Subject Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (“Right to be Forgotten”)

  • Restrict processing

  • Object to processing

  • Data portability

  • Withdraw consent at any time

Requests can be submitted via email and will be processed within statutory timelines.

12. Automated Decision-Making

  • Zexlo may use automated tools for analytics and optimization

  • No decisions with legal or significant impact are made without human involvement

13. Data Breach Notification

  • In case of a personal data breach:

    • Immediate internal investigation

    • Notification to authorities within 72 hours (where applicable)

    • Notification to affected users if required

14. Cookies and Tracking

  • Use of cookies and similar technologies

  • Categories include:

    • Essential

    • Functional

    • Analytics

    • Marketing

  • Consent is obtained where required

15. Children’s Data

  • Zexlo does not knowingly process data of individuals under 18

  • Requires parental or guardian consent

16. Data Protection Officer (DPO)

Where applicable, Zexlo may appoint a Data Protection Officer responsible for GDPR compliance and data protection oversight.

17. Complaints and Supervisory Authority

  • Users have the right to lodge complaints with a supervisory authority in their jurisdiction

  • We encourage contacting us first to resolve concerns

18. Non-Discrimination

  • Users will not be discriminated against for exercising GDPR rights

19. Changes to Policy

  • This Policy may be updated periodically

  • Updates will be published with revised date

  • Continued use constitutes acceptance

20. Contact Information

For GDPR-related queries or requests:

Email: support@zexlo.in

We use cookies to enhance your experience, analyze traffic, and improve our services. By continuing to use our website, you consent to our use of cookies in accordance with GDPR. learn more