ZZRO LABS← BACK
LEGAL · POLARE GROUP SÀRL

Privacy Policy

Last updated: 1 May 2026 · Polare Group Sàrl, Geneva, Switzerland

This Privacy Policy describes how Polare Group Sàrl ("we", "us", or "our") collects, uses, and protects personal data when you use ZRO Labs products and services, including ZRO Trace, ZRO Site, ZRO Vault, and this website (zrolab.com).

Polare Group Sàrl is registered in Switzerland (UID: CHE-221.062.769, CH-ID: CH-660-0133026-7), with registered address c/o Russell Bedford Fiduciaire Genève SA, Rue Jean-Petitot 7, 1204 Genève.

1. Data Controller

The data controller for all ZRO Labs products is Polare Group Sàrl. You may contact us regarding privacy matters at: privacy@zrolab.com

2. What Data We Collect

Depending on which ZRO Labs product you use, we may collect:

  • Account data: email address, name, and authentication provider (Apple, Google, or email/password) when you create a ZRO Labs account via auth.zrolab.com.
  • Usage data: anonymised logs of product interactions, feature usage, and error reports to improve service quality.
  • Technical data: IP address, browser type, operating system, and referring URL, collected automatically when you visit our websites.
  • Content data: files, documents, or configurations you upload or create within ZRO Labs products, stored solely to provide the service.

3. ZRO Ghost — Zero Data Collection

ZRO Ghost (available at usezro.app) is a standalone desktop application. It requires no account, stores zero user data, and operates entirely on your local device. No data is transmitted to Polare Group Sàrl or any third party. ZRO Ghost is 100% anonymous by design and is excluded from this Privacy Policy.

4. Legal Basis for Processing (GDPR & Swiss nFADP)

  • Contract performance (Art. 6(1)(b) GDPR): processing your account data to provide services you have subscribed to.
  • Legitimate interests (Art. 6(1)(f) GDPR): anonymised analytics to maintain and improve our services.
  • Legal obligation (Art. 6(1)(c) GDPR): retaining billing and contractual records as required by Swiss law.
  • Consent (Art. 6(1)(a) GDPR): for optional cookies and marketing communications, where separately obtained.

5. How We Use Your Data

  • To create and manage your ZRO Labs account
  • To provide, operate, and improve ZRO Labs products
  • To send transactional communications (account confirmations, security alerts)
  • To comply with legal obligations under Swiss law and EU regulations
  • To detect and prevent fraud, abuse, or security incidents

6. Data Sharing

We do not sell personal data. We may share data with:

  • Infrastructure providers: cloud hosting providers operating under data processing agreements, with servers located in the EU/EEA or Switzerland.
  • Authentication providers: Apple and Google, when you choose to sign in via those providers. Their respective privacy policies govern data processed during authentication.
  • Legal authorities: where required by applicable law, court order, or to protect our legal rights.

7. Data Retention

Account data is retained for the duration of your account and for up to 3 years thereafter to comply with legal obligations. You may request deletion of your account at any time. Anonymised analytics data is retained for up to 24 months.

8. Your Rights

Under GDPR and the Swiss nFADP, you have the right to:

  • Access: request a copy of the personal data we hold about you
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion of your personal data ("right to be forgotten")
  • Restriction: limit how we process your data in certain circumstances
  • Portability: receive your data in a structured, machine-readable format
  • Objection: object to processing based on legitimate interests
  • Withdrawal of consent: where processing is based on consent, withdraw at any time

To exercise any of these rights, contact us at privacy@zrolab.com. You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or the supervisory authority in your EU member state.

9. International Data Transfers

Our primary operations are based in Switzerland, which the EU Commission recognises as providing adequate data protection. Where data is transferred outside Switzerland or the EEA, we implement Standard Contractual Clauses or other appropriate safeguards.

10. Security

We implement technical and organisational measures appropriate to the risk, including encryption in transit (TLS 1.3), encryption at rest, access controls, and regular security assessments. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

11. Children

ZRO Labs products are not directed at persons under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified by email or prominent notice on our website. Continued use of our services after the effective date constitutes acceptance of the updated policy.

13. Contact

Polare Group Sàrl
c/o Russell Bedford Fiduciaire Genève SA
Rue Jean-Petitot 7, 1204 Genève, Switzerland
UID: CHE-221.062.769
Email: privacy@zrolab.com