Gravia by ZEOUR LTDGravia Cloud · Privacy
Back to platform

Privacy Policy

Explore details and stay informed.

Version: 1.2.0

Last updated: 1 Jan 2026

This Privacy Policy describes how ZEOUR LTD and Veloxis L.L.C-FZ handle information across the Gravia Cloud website, proxy API, and backend applications in line with EU/UK GDPR.

Who We Are

  • Controller: ZEOUR LTD (UK) and Veloxis L.L.C-FZ (Dubai, UAE) operating the Gravia Cloud signage platform.
  • Contact: info@zeour.co.uk for privacy enquiries and DPA requests.

Information We Collect

  • Account & registration: organization name, admin name, email, phone.
  • Billing: plan, totals, Stripe session/reference (card PAN/CVV handled only by Stripe).
  • Contact enquiries: message content and reply details.
  • Operational data: minimal request metadata/logs to secure and improve the service.
  • Optional AI chat: user prompts/context relayed to OpenAI strictly to fulfil the request.

How We Use Information

  • Provision and operation of Gravia Cloud, including account creation and subscription management.
  • Processing payments via Stripe and sending transactional communications.
  • Maintaining security, preventing fraud/abuse, monitoring availability and performance.
  • Responding to enquiries and providing customer support.
  • Delivering AI chat responses (where you opt in) via our OpenAI relay.
  • Complying with legal obligations such as tax and accounting.

Legal Bases (EU/UK GDPR)

  • Performance of a contract (Art. 6(1)(b)) for accounts, subscriptions, payments.
  • Legitimate interests (Art. 6(1)(f)) for security, reliability, and service improvement.
  • Consent (Art. 6(1)(a)) for marketing communications and optional AI chat where required.
  • Legal obligation (Art. 6(1)(c)) for record-keeping and compliance.

Cookies & Local Storage

  • Strictly necessary: `proxy_digest` (httpOnly, first-party) plus minimal operational cookies for security.
  • Preferences: `selectedLanguage` and similar keys to remember locale and UI choices.
  • Third-party (with consent): Stripe cookies for secure checkout and fraud prevention.
  • We present a cookie banner so you can accept all or reject non-essential cookies; you can revisit choices by clearing site data or using the banner when shown again.

Sharing & Sub-processors

  • Stripe (payments; EU/US) for checkout, subscriptions, receipts—card data is handled solely by Stripe.
  • Email/SMTP provider (UK/EU) for transactional communications.
  • Hosting/CDN that serves the public site, proxy API, and backend.
  • ipapi.co (GeoIP, optional, consent-based) for localization.
  • open.er-api.com (exchange rates, optional, consent-based) for estimated currency displays.
  • OpenAI (optional AI relay) for chat prompts—API data is not used to train models by default.
  • We sign appropriate data protection terms and SCCs/UK addenda where applicable.

International Transfers

  • Some vendors process data outside the UK/EU (e.g., Stripe, OpenAI). We rely on SCCs/IDTA where needed and encrypt data in transit. Card data is handled by Stripe.

Retention

  • Contact enquiries: typically up to 24 months.
  • Operational logs: typically 30–90 days unless required longer for security/legal reasons.
  • Orders/billing: retained as required by tax and accounting laws.
  • Limited information may be retained to comply with legal obligations or resolve disputes.

Your Rights

  • Access, rectification, erasure, restriction, objection, and data portability.
  • Withdraw consent where processing relies on consent.
  • Complain to your supervisory authority.
  • Exercise rights by emailing info@zeour.co.uk; we respond within one month and may request verification.

Controller & Processor Roles

  • We act as a controller for website accounts, marketing, and operational data.
  • We act as a processor where we handle personal data on behalf of business customers within Gravia Cloud.
  • A Data Processing Addendum (DPA) is available via info@zeour.co.uk.

Children

  • Gravia services are not directed to children under 16. If you believe a child provided personal data, contact us to delete it.

Changes to This Policy

  • We may update this Privacy Policy and will adjust the “Last updated” date. For significant changes, we will provide additional notice.

Questions

  • Reach out anytime at info@zeour.co.uk.

Questions? Email info@zeour.co.uk.