COOKIE POLICY FOR ZOUL ESG FZCO
Effective Date: November 14, 2025
Version: 1.2
Entity: Zoul ESG FZCO, Dubai Silicon Oasis, United Arab Emirates (“Zoul,” “we,” “our,” “us”)
This Cookie Policy explains how Zoul uses cookies and similar technologies on our websites and mobile services (“Services”). It is written to comply with EU ePrivacy Directive, GDPR, UK-GDPR, UAE PDPL, CCPA/CPRA, LGPD (Brazil), DPDP (India), Privacy Act (Australia) and other global requirements.
By using the Services, you consent to cookies as described in this Policy unless you disable them.
1. Definitions
Cookies
Small text files stored on your device to recognize your browser, maintain sessions, preferences, and security.
Similar Technologies
Web beacons, pixels, SDKs, local storage, device IDs (IDFA/AAID).
Third-Party Cookies
Cookies set by providers integrated into our Services (analytics, ads, performance).
Consent Banner
The interface allowing acceptance, rejection, or customization of cookies in compliance with global law.
2. What Technologies We Use
We use the following categories of technologies:
2.1 Essential Cookies
Necessary for core functions:
• Login and session authentication
• App security (anti-bot, fraud prevention)
• Account management
• Subscription and checkout flow
Cannot be disabled.
2.2 Performance & Analytics Cookies
Used to understand usage and improve product quality.
Examples:
• Google Analytics / GA4
• Mixpanel
• Amplitude
Data processed:
• Device type
• Interaction logs
• Crash analytics
• Page or screen views
Used only with consent (EU/UK).
2.3 Personalization Cookies
Used to:
• Save your language
• Save meditation/sleep preferences
• Remember audio settings
• Customize recommended content
2.4 Advertising & Retargeting Cookies
Used only with explicit consent.
Examples:
• Facebook Pixel
• Google Ads Cookies
• TikTok Pixel
Purpose:
• Deliver relevant ads
• Measure advertising performance
• Avoid repeating ads
2.5 Mobile App Identifiers (SDKs)
For mobile app compliance:
• IDFA (iOS) — requires ATT consent
• GAID/AAID (Android)
• Firebase Analytics
• Expo/React Native identifiers
Used for:
• Firebase push notifications
• Crashlytics
• Performance monitoring
• Payment verification
SDKs follow Apple ATT, Google Privacy Sandbox.
3. Why We Use Cookies
Cookies and tracking technologies help us:
• Provide secure login
• Maintain subscription status
• Personalize meditation and sleep content
• Improve app stability and performance
• Analyze product usage
• Deliver relevant and safe ads
• Enable B2B usage, team analytics, and enterprise dashboards
We only deploy non-essential cookies after you provide explicit consent.
4. How Long We Retain Cookies
Retention aligns with global law:
• Essential Cookies: session-based or up to 12 months
• Analytics Cookies: max 13 months
• Advertising Cookies: 13 months or per platform rules
• Local Storage: until manually cleared
After expiry, cookies auto-delete or require renewed consent.
5. Cookie Banner (Global Requirement)
Our banner includes:
• Accept All
• Reject Non-Essential
• Manage Preferences
• Link: “Cookie Policy”
• Link: “Privacy Policy”
For EU/UK users:
• Consent must be freely given, specific, informed, and granular
• No pre-ticked boxes
• No forced consent
6. Managing Your Preferences
You may:
• Accept all cookies
• Reject non-essential cookies
• Customize categories
• Withdraw consent anytime
Access:
• Cookie Settings link on our website
• Browser settings
• Device privacy controls (IDFA/AAID)
7. Third-Party Cookies & Providers
We partner with trusted service providers. These include:
Analytics
Provider Examples: Google Analytics, Mixpanel
Purpose: Usage analytics
Ads
Provider Examples: Meta, Google Ads, TikTok Ads
Purpose: Performance & attribution
Cloud/CDN
Provider Examples: AWS, Cloudflare
Purpose: Security & delivery
Support
Provider Examples: Intercom, Zendesk
Purpose: Chat support
App SDKs
Provider Examples: Firebase, Expo
Purpose: Crash + performance
All providers must meet SCCs/adequate safeguards for cross-border transfers.
Where applicable (e.g., Facebook), we may be joint controllers under GDPR Art. 26.
8. Global Privacy Control (GPC) & Do-Not-Sell
For California (CPRA), Colorado, Virginia, and other US states:
• We honor Global Privacy Control (GPC) signals
• We do not sell or share personal data for monetary value
• Users can opt-out of targeted advertising via “Your Privacy Choices”
For minors under 18:
• No targeted advertising
• No profiling
For children under 13:
• No behavioral tracking
• No analytics
9. Sensitive Mental-Health Data
Zoul treats meditation, emotional logs, sleep data, and wellness usage as Sensitive Personal Data.
Therefore:
• No use in advertising
• No sale or cross-context behavioral advertising
• No sharing with third parties except analytics under strict contracts
• Explicit consent required where applicable
10. International Data Transfers
Cross-border transfers use:
• Standard Contractual Clauses (EU SCCs)
• UK Addendum
• UAE PDPL adequacy rules
• Brazil LGPD contractual clauses
• India DPDP cross-border mechanism (when in force)
Our processors cannot train AI models on identifiable user data.
11. Data Security
We maintain:
• Encryption in transit and rest
• Network segregation (AWS)
• Access controls
• Audit logs
• Incident response per ISO 27001
• Breach notifications within legally required timelines
12. User Rights
Depending on your region, you may:
• Access your data
• Correct inaccurate data
• Delete data
• Restrict processing
• Opt out of ads
• Withdraw cookie consent
• Request portability (EU/UK)
• File complaints with authorities
Contact: support@zoul.app
13. Children’s Cookies
We do not knowingly place cookies on children:
• Under 13 (COPPA – US)
• Under 16 (EU and UK)
• Under local age thresholds (UAE, India, etc.)
If found, we delete them promptly.
14. Updates to This Cookie Policy
We may update this Policy periodically to reflect legal, technical, or business changes.
Material updates may be communicated via:
• Banner
• In-app notice
• Email (where legally required)
Continued use after updates = acceptance.
15. Contact Information
Zoul ESG FZCO
Dubai Silicon Oasis, United Arab Emirates
support@zoul.app
WhatsApp: +44 7301426350
Line: @zoul