Data & Privacy Policy

This Privacy & Data Protection Policy explains how Zenith Grove (“we”, “our”, “us”) handles personal information on this website.

We operate under the UK GDPR and the Swiss Federal Act on Data Protection (revDSG). This website does not target residents of the EU or other foreign jurisdictions, and all data processing takes place in the UK, Switzerland, or through trusted service providers.

Last updated: November 20th, 2025

1. Who We Are

Zenith Grove Ltd. is a company registered in England & Wales (No. 15141544). Registered office: 71–75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom. 

Zenith Grove Ltd. is the data controller for data collected through this website. Registration reference with Information Commissioner's Office: ZB741281

Email for privacy & data protection inquiries: 
contact@zenithgrove.com

2. What Data We Collect

We collect only minimal personal information, limited to what is necessary to operate the website and manage voluntary membership access.

2.1 Information you provide voluntarily

  • Email address (if you request membership or contact us)
  • Name (optional, if included in your communication)

2.2 Information collected automatically

Our hosting provider (Ghost) automatically collects:

  • IP address
  • Browser type/version
  • Date and time of access
  • Basic device information

These logs are for security, server operation, and preventing misuse.

2.3 No additional data collection

We do not collect:

  • marketing data
  • tracking or behavioural data
  • demographic or financial data
  • sensitive personal data

We do not run ads, analytics, tracking scripts, or profiling tools.

3. How We Use Your Data

We use personal information only for the following purposes:

  • To operate the website securely
  • To manage and approve membership requests (invite-only)
  • To communicate with you if you contact us
  • To comply with legal obligations applicable to our business

We do not sell, trade, or share your data with advertisers or unrelated third parties.

Under UK GDPR and Swiss revDSG, we process personal data based on:

  • Your consent (when you voluntarily provide contact or membership details)
  • Our legitimate interests (operating the website, ensuring security)
  • Performance of a request (providing access to members-only pages, if applicable)

You may withdraw your consent at any time by contacting us at [Insert email].

5. Where Your Data Is Stored

Data is stored and processed through:

Ghost(Pro) – website hosting

Primary hosting is located in the EU (Netherlands), with additional secure infrastructure operated by Cloudflare for content delivery.

Mailgun – transactional email

Used only for membership-related emails or direct communication initiated by you.

These providers implement strong security measures and comply with recognised international data-transfer mechanisms.

We do not store personal data on local systems unless required to fulfil a specific request (e.g., responding to your email).

6. Sharing of Data

We only share data with the service providers necessary to operate the website:

  • Ghost Foundation (hosting)
  • Mailgun (email delivery)
  • Cloudflare (security and content delivery)

We may disclose information if legally required.

We do not share data with marketers, advertisers, or unrelated third parties.

7. International Transfers

If data is transferred outside the UK or Switzerland (for example, via Mailgun’s infrastructure), it is protected using:

  • Standard Contractual Clauses (SCCs), or
  • Other recognised safeguards

We ensure an appropriate level of protection consistent with UK and Swiss law.

8. Retention Periods

We keep personal data only as long as necessary, including:

  • Membership email → until your account is deleted or access is withdrawn
  • Contact emails → until your inquiry is resolved
  • Server logs → short-term retention for security (managed by Ghost)

You may request deletion at any time.

9. Your Rights

Depending on your location (UK or Switzerland), you may have the right to:

  • Access your data
  • Correct inaccurate information
  • Request deletion (“right to be forgotten”)
  • Withdraw consent
  • Receive a copy of your data
  • Object to certain types of processing

To exercise these rights, contact us at: [Insert email]

We will respond within 30 days.

10. Cookies

We use only strictly necessary cookies, such as:

  • Login/session cookies (for approved members)
  • Security-related cookies set by Ghost or Cloudflare

We do not use:

  • analytics cookies
  • advertising cookies
  • tracking cookies

If optional cookies are added in the future, a consent mechanism will be provided.

11. Children’s Privacy

This website is not intended for individuals under the age of 16.
We do not knowingly collect data from minors.

12. International Visitors

This website does not actively target residents of the EU, EEA, or other specific countries outside the UK and Switzerland.

Visitors from other jurisdictions who voluntarily provide information do so under the terms of this policy.

13. Changes to This Policy

We may update this policy from time to time.
Changes will be posted on this page with a revised “Last updated” date.