TKM Group FZE (“TKM,” “we,” “us,” or “our”) is committed to safeguarding the privacy of all visitors to our public website (https://zelkoncrm.com) and users of our CRM application (https://app.zelkoncrm.com). We recognize the importance of personal data and comply with the European Union’s General Data Protection Regulation (GDPR), the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL), and any other applicable privacy laws. This Privacy Policy describes in detail the categories of personal data we collect, the purposes and legal bases for processing, how we secure and share that data, your rights as a data subject, and how to contact us regarding privacy matters. If you provide information about other individuals, you warrant that you have obtained their permission and informed them of this policy.
When TKM designs the purpose and methods of processing personal data—such as when you sign up for a trial account, receive marketing communications directly from us, or correspond with our support team—we act as the data controller. In contrast, when our corporate customers use our CRM platform to collect and manage data about their own end-users, TKM functions as a data processor and processes personal data only in accordance with our customers’ documented instructions and the terms of our customer agreements.
TKM Group FZE is the data controller for all processing activities described in this policy. Our principal place of business is Business Centre, Sharjah Publishing City, Sharjah, United Arab Emirates. If you have questions about how we handle your personal data, wish to exercise your rights under applicable privacy laws, or need assistance with any privacy-related matter, please email our Data Protection Officer at info@zelkoncrm.com or send a letter to the address above.
We collect the following categories of personal data: identity data such as your full name and job title; contact data including email address, telephone number and company address; technical data covering your IP address, device identifiers, browser type, operating system and login timestamps; usage data on how you interact with our website and services, including pages visited, features used and session duration; marketing and communication preferences; support and correspondence records when you contact our helpdesk; and any other information you choose to submit in free-form fields, such as messages, feedback or survey responses.
Personal data is obtained directly from you when you register for a demo, open an account, request support, subscribe to newsletters, apply for a job or otherwise fill out forms on our website or CRM application. We also collect certain data automatically through cookies and similar tracking technologies when you visit our landing page or use our application. In limited cases, we may receive information from third parties such as analytics providers, advertising partners or publicly available sources in order to enhance our service delivery.
We rely on one or more of the following legal grounds whenever we process your personal data: performance of a contract (for example, to provide you access to our CRM platform and fulfill your service requests), compliance with a legal obligation (such as record-keeping requirements), consent (where you have affirmatively agreed to receive marketing communications or non-essential cookies), and our legitimate interests (including improving our website and services, preventing fraud and protecting the security of our systems), provided those interests are not overridden by your rights and freedoms.
We process your personal data to deliver and manage our services, respond to your inquiries, operate and maintain our website and CRM platform, personalize your experience, troubleshoot technical issues, conduct marketing and promotional activities (with your consent), enforce our terms of service, detect and prevent security incidents, comply with legal requirements, and support our internal business operations such as billing, accounting and auditing.
Our websites employ session cookies necessary for core functionality, persistent cookies to remember your preferences, and third-party cookies for analytics and marketing purposes. We use industry-standard tools to measure site performance, understand how users navigate our pages, and serve relevant advertisements. You can manage or disable non-essential cookies through our cookie-consent banner or via your browser’s privacy settings, though some features may cease to function properly if cookies are fully disabled.
Google Services Integrations
If you connect your ZelkonCRM account to Google services via OAuth, certain Customer Data may be collected by Google through their API services, and may include:
– The contents, metadata and related information of your emails when you sync your account with Gmail
– The contents, metadata and related information of your calendar events when you sync your account with Google Calendar
– Email addresses in your Inbox and Sent folders, if you choose to sync your address book
Customer Data that you send from ZelkonCRM to Google, or data that you request from Google’s APIs, may also be transmitted. As a security precaution, authentication tokens and identifiers (such as user-ID or device-ID) may be sent to authenticate those requests. You can revoke our access at any time through your Google Account’s Security settings.
ZelkonCRM’s use of information received from Google APIs will adhere to Google’s Limited Use Requirements for Gmail and Calendar APIs.
Microsoft (Outlook) Services Integrations
If you connect your ZelkonCRM account to Microsoft services via OAuth, certain Customer Data may be collected by Microsoft through Microsoft Graph, and may include:
– The contents, metadata and related information of your emails when you sync your account with Outlook/Exchange
– The contents, metadata and related information of your calendar events when you sync your account with Outlook Calendar
– Email addresses in your Inbox and Sent folders, if you choose to sync your address book
Customer Data that you send from ZelkonCRM to Microsoft, or data that you request from Microsoft’s APIs, may also be transmitted. As a security precaution, authentication tokens and identifiers (such as user-ID or device-ID) may be sent to authenticate those requests. You can revoke our access at any time through your Microsoft Account’s Security settings.
ZelkonCRM’s use of information received from Microsoft Graph APIs will adhere to Microsoft’s API Terms.
We may share your personal data with carefully selected third-party service providers that help us operate our business, including cloud hosting providers, payment processors, customer-relationship management tools, email-marketing platforms, analytics services and professional advisors such as auditors and legal counsel. Each provider is contractually bound to keep your data secure and to process it only on our instructions. We may also disclose data if required by law, to respond to lawful requests from public authorities, to protect our rights or property, or in connection with a merger, acquisition or sale of assets, provided that the acquirer agrees to adhere to the terms of this Privacy Policy.
We retain personal data for no longer than is necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting or reporting obligations. As a general rule, user account data is retained for the duration of the active subscription plus a reasonable period thereafter to address any contractual or legal claims. Support records and call-recording logs are retained for up to twelve months. Marketing opt-in and opt-out records are preserved for as long as you maintain an active relationship with us or until you withdraw consent. Once data is no longer required, we securely delete or irreversibly anonymize it.
TKM has implemented robust administrative, technical and physical safeguards designed to protect personal data against unauthorized access, alteration, disclosure or destruction. Our data centers employ state-of-the-art security controls, access to personal data is restricted on a need-to-know basis, and encryption is used both in transit and at rest. We regularly conduct security assessments and penetration tests to detect and remediate vulnerabilities. Nevertheless, no system is completely impervious, so we urge you to inform us immediately if you suspect any compromise of your data.
Under GDPR and PDPL, you may have the right to request access to the personal data we hold about you, to correct or update inaccurate information, to erase data when processing is no longer necessary, to restrict or object to certain types of processing, to receive your data in a structured, machine-readable format (data portability), and to withdraw consent if processing is based on consent. To exercise any of these rights, please send your request to info@zelkoncrm.com. We will verify your identity and respond within the timeframe required by law, typically within one month.
Our website and application may contain links to external sites or embed content from third parties. This Privacy Policy does not apply to those external sites, and we encourage you to review their own privacy notices before providing any personal data. We are not responsible for the privacy practices of third parties.
Our services are intended for adult users and are not directed at children under the age of sixteen. We do not knowingly collect personal data from minors. If you become aware that a minor has provided us with personal data, please contact us immediately so that we can delete the information without undue delay.
We may update this Privacy Policy to reflect changes in our data-handling practices, new legal obligations or enhancements to our services. Material changes will be highlighted by updating the “Last updated” date and, where appropriate, by notifying you via email or through a banner on our website. We recommend that you revisit this page periodically to stay informed about how we collect, use and protect your personal data.
If you have any questions about this Privacy Policy or our privacy practices, or if you wish to lodge a complaint with a supervisory authority, please reach out to:
TKM Group FZE
Business Centre, Sharjah Publishing City
Sharjah, United Arab Emirates
Email: info@zelkoncrm.com