Data Protection Summary – UK GDPR • CCPA/CPRA • POPIA • Global

Last updated: 10 December 2025

This page summarizes how Zinga Labs approaches data protection and privacy across multiple jurisdictions, including the EU/UK, United States, and African countries. It complements our main Privacy Policy.

1. Key Principles

• Lawfulness, fairness, and transparency.
• Purpose limitation and data minimization.
• Accuracy and storage limitation.
• Integrity, confidentiality, and security.
• Accountability and documentation.

2. Your Rights by Region

EU/UK (GDPR / UK GDPR): access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.

California (CCPA/CPRA): right to know, deletion, correction, non-discrimination, and opting-out of certain data sharing or “sale” when applicable.

South Africa (POPIA) & other African regimes: broadly similar rights regarding access, correction, objection, and security safeguards.

3. Security Measures

• Encrypted transmission via HTTPS/TLS.
• Access control and role-based permissions.
• Logging, monitoring, and periodic reviews.
• Vendor due diligence for third-party processors.

4. International Transfers

When we transfer personal data across borders, we apply appropriate safeguards, such as Standard Contractual Clauses (SCCs), data minimization, and contractual commitments with partners and processors.

5. Exercising Your Rights

To exercise your data protection rights or ask questions about our compliance approach, please contact our data protection contact point at: dpo@zingalabs.org.