Book a demo →
privacy policy

Privacy Policy

How Zojo Ltd handles personal data of website visitors, prospects and business contacts.

Version: 1.2 · Effective date: 1 January 2026 · Last reviewed: 1 January 2026.

This Privacy Policy explains how Zojo Ltd ("Zojo", "we", "us") collects, uses and protects personal data relating to visitors to our website, prospective customers, business contacts and users of our marketing and sales communications. It is written to meet our obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy does not cover personal data that Zojo processes on behalf of its subscribers as part of the Zojo Service (for example, sales call recordings, transcripts and related analytics). That processing is governed separately by the Master Subscription Agreement and the Data Processing Agreement entered into with each subscriber.

1. Who we are

Zojo Ltd is a company incorporated in England and Wales (company number 16671002) with its registered office at 20 Wenlock Road, London, N1 7GU. Zojo is the data controller in respect of the personal data described in this policy.

You can contact us about this policy at privacy@zojo.io.

2. What personal data we collect

We collect personal data in the following circumstances:

  • When you visit our website, we collect technical information such as IP address, browser type, device type, referring URL, pages visited, and interactions with our content. This is collected through cookies and similar technologies.
  • When you fill in a form on our website, request a demo, download content, or otherwise contact us, we collect the information you provide, typically your name, work email address, company name, job title, and the content of your message.
  • When you meet with our team or communicate with us by email, phone or video call, we collect the information shared during those interactions, including meeting notes and correspondence history.
  • When we engage with you as a prospective customer, we may collect publicly available business information from sources such as LinkedIn, company websites and business directories to support our outreach.
  • When you become a customer, we collect contact and billing information for the individuals at your organisation who administer or are billed for the Zojo Service.

3. How we use personal data

We use personal data for the following purposes:

  • To operate and improve our website and respond to enquiries.
  • To provide information about Zojo's products and services that you have requested.
  • To engage in business-to-business marketing and sales outreach where we have a legitimate interest in doing so.
  • To onboard, support, bill and communicate with customers and their designated contacts.
  • To comply with legal, accounting and regulatory obligations.
  • To protect the security and integrity of our systems and to prevent fraud.

4. Lawful basis for processing

We rely on the following lawful bases under Article 6 of the UK GDPR:

  • Legitimate interests. For business-to-business marketing, sales outreach to corporate contacts, website analytics, and the security of our systems. Where we rely on legitimate interests, we have carried out a balancing test to ensure that our interests are not overridden by your rights.
  • Contract. Where processing is necessary to enter into or perform a contract with you or the organisation you represent.
  • Legal obligation. Where we are required to process personal data to comply with applicable laws, including tax, accounting and anti-fraud obligations.
  • Consent. Where you have given consent, such as subscribing to a marketing newsletter or accepting non-essential cookies. You may withdraw consent at any time.
  • PECR soft opt-in. For business-to-business email marketing to corporate contacts, we may rely on the soft opt-in available under the Privacy and Electronic Communications Regulations (PECR), with a clear unsubscribe option in every message.

We do not make decisions producing legal or similarly significant effects about visitors, prospects or business contacts based solely on automated processing. The Zojo Service includes automated analysis and scoring of sales calls, but that processing is carried out on behalf of our customers as part of their use of the Zojo Service and is governed by their Data Processing Agreement, not this policy.

5. Who we share personal data with

We share personal data with the following categories of recipients:

  • Service providers who process personal data on our behalf, including our hosting provider, email and marketing platforms, CRM, analytics providers, and professional advisers. Each service provider is bound by a written contract that restricts their use of personal data to the purposes for which it was shared.
  • Our group companies and technology partners where necessary for the operation of our business.
  • Competent authorities, regulators and law enforcement where we are required to do so by law or where it is necessary to protect our rights or the rights of others.
  • A successor entity in the event of a merger, acquisition, reorganisation or sale of all or part of our business.

6. International transfers

Zojo is based in the United Kingdom and we primarily process personal data within the UK and the European Economic Area. Where we transfer personal data outside of the UK, we do so only where an appropriate safeguard is in place, such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or a valid adequacy decision.

7. How long we keep personal data

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. In practice:

  • Website analytics data is retained for up to 26 months.
  • Prospect and marketing contact data is retained for as long as it remains relevant to our business and you have not opted out.
  • Customer account and billing data is retained for the duration of the customer relationship and for up to seven years thereafter to meet accounting and legal obligations.
  • Correspondence is retained for as long as necessary to maintain the business relationship and to resolve any disputes.

8. Your rights

Under the UK GDPR, you have the following rights in relation to your personal data:

  • The right to be informed about how your personal data is processed.
  • The right to access the personal data we hold about you.
  • The right to rectification of inaccurate personal data.
  • The right to erasure in certain circumstances.
  • The right to restrict processing in certain circumstances.
  • The right to data portability where processing is carried out by automated means on the basis of consent or contract.
  • The right to object to processing based on legitimate interests, including direct marketing.
  • The right not to be subject to a decision based solely on automated processing that produces legal effects.
  • The right to withdraw consent at any time where we rely on consent.

To exercise any of these rights, please contact privacy@zojo.io. We will respond within one month of receiving a valid request.

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection, at ico.org.uk.

If we have collected your business contact details from a third-party source rather than from you directly, you can ask us about the source and request removal of your details by contacting privacy@zojo.io.

9. Cookies

Our website uses cookies and similar technologies to operate the site, understand how it is used, and (where you consent) deliver marketing content. You can manage your cookie preferences through the cookie banner on our website or by adjusting your browser settings. Essential cookies required for the operation of the website cannot be disabled. For full details of the cookies we use and to manage your preferences, see our Cookie policy, or open cookie preferences here.

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration or disclosure. These measures include encryption in transit and at rest, access controls, secure development practices, regular backups, and staff training. Further detail is available in our Security overview, available on request or via our Trust Centre.

11. Changes to this policy

We may update this Privacy Policy from time to time. Where we make material changes, we will update the effective date at the top of this document and, where appropriate, notify you directly. We encourage you to review this policy periodically.

12. Contact us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact:

Zojo Ltd
20 Wenlock Road, London, N1 7GU, United Kingdom
Email: privacy@zojo.io
ICO registration number: C1844310