When you create a Zetta account, we collect information you provide: your display name, email address, date of birth (to verify you are 18 years of age or older), profile photo, country of residence, and any bio you choose to add. If you register via Apple Sign-In or Google, we receive a limited profile dataset authorized by you and that provider.
The core function of Zetta is building a personal insect growth journal. When you create an observation record, we collect the information you manually enter: species name or description, developmental stage (egg, larva, pupa, adult, etc.), observation notes and behavior descriptions, date and time of observation, and any custom tags or categories you assign. See Section 3 for full details on how observation data is handled.
You may upload one or multiple photos per observation to document insect growth stages. These photos are stored on our secure cloud servers and associated with your observation records. EXIF metadata embedded in uploaded photos (including location data) is handled as described in Sections 3 and 4.
You may optionally attach a location to each observation to document where a sighting occurred. Location data is collected only with your permission and only when you choose to add it to a specific observation. See Section 4 for full details.
We automatically collect device model, operating system version, unique device identifiers, IP address, mobile carrier, app version, crash logs, and performance diagnostics to maintain service quality and diagnose technical issues.
We record how you use the Service: features accessed, observation frequency and patterns, content you interact with, and session duration. This data informs product improvements and optional personalization.
If you contact our support team, submit a content report, or complete a survey, we retain the content and metadata of those communications for the purpose of resolving your inquiry and improving the Service.
All payments are processed exclusively by Apple App Store or Google Play. We do not store your payment card details. We receive only anonymized transaction confirmation tokens and purchase entitlement data to activate in-app features such as expanded storage or premium journal tools.
We use your information to authenticate your account, store and display your observation records, manage your photo journals, sync data across devices, enforce content policies, process purchases, and deliver all core Service functions.
Your observation records, photos, notes, and location tags are used to build and display your personal insect field journal, generate growth timelines across linked observations, and enable search and filtering within your journal. This data is yours and is not shared with third parties for commercial purposes without your explicit consent.
Where you choose to share observations publicly, your submitted content populates community feeds, enables discovery by other users, and fosters connection between naturalist enthusiasts. Public observation data may be aggregated to display species distribution trends within the community.
Aggregated and de-identified usage data and observation patterns are analyzed to improve journal features, community tools, and overall platform performance. Individual personal data is not shared externally for research without your consent.
We process behavioral signals and user reports to detect and prevent prohibited content, harassment, and policy violations within community features.
With your consent where required by applicable law, we may send promotional communications about new features, seasonal observation challenges, and platform updates. You may withdraw consent at any time via in-app settings or the unsubscribe link in any email.
We process personal data as necessary to comply with applicable laws, respond to valid legal process, enforce our Terms of Service, and protect the safety of our users and the public.
Your insect observation records — including written notes, developmental stage logs, growth timelines, and all uploaded photos — constitute your personal field journal on Zetta. This data is yours. We store it on your behalf to deliver the journaling experience, and we do not sell, license, or otherwise transfer your personal observation data to third parties for their independent commercial use.
Photos you upload are stored on our secure cloud infrastructure. They may contain embedded EXIF metadata including GPS coordinates, device model, and capture timestamp. Zetta handles EXIF data as follows:
Zetta allows you to link multiple observation records of the same specimen across time to build a visual growth timeline. This linking is performed manually by you and linked observation data remains within your private journal unless you explicitly choose to share it publicly.
Each observation record can be set to Private (visible only to you) or Public (visible in the community feed). You may change the visibility of any observation at any time from record settings. The default visibility for new observations is configurable in your account preferences.
You may request an export of all your observation records in a structured, portable format from your account settings or by contacting us at service@zettas.net. We strongly encourage regular exports as a backup practice.
Attaching a location to an observation is entirely optional. Zetta does not require location access to function. You may log observations with no location information, or with a manually typed label (e.g., "Back garden") rather than GPS coordinates.
If you use the GPS feature to auto-tag an observation, Zetta requests "While Using the App" access only — never background location access. You may revoke location permission at any time via device settings without affecting your ability to log observations.
When sharing publicly, you control location display: exact coordinates, approximate area (district or city level), or hidden. GPS EXIF data is always stripped from publicly shared photos regardless of your location display setting.
Where users choose to share location data publicly, Zetta may aggregate this to display community species distribution maps. These maps display aggregated, anonymized data and do not identify individual users or precise observation locations unless you explicitly set location visibility to "exact."
Observation notes, photos, species descriptions, and growth logs you create constitute User-Generated Content (UGC). UGC is stored on our secure cloud servers associated with your account. You retain full ownership of all original content you create and submit to Zetta.
By publishing UGC publicly, you grant us a non-exclusive, worldwide, royalty-free, sublicensable license to host, store, reproduce, display, and distribute your content within the Service and in connection with promoting Zetta, subject to your visibility settings. This license does not grant Zetta any right to sell your observations or photos to third parties for their independent commercial use.
Community-shared UGC is subject to automated screening and human review for compliance with our Community Guidelines. Violations will result in content removal and may lead to account suspension or termination.
You may delete any observation record or photo at any time. Deleted content is removed from public view within 48 hours, from production servers within 30 days, and from backup archives within 90 days.
Public observations appear in Zetta's community feed for other users to discover and engage with. Public observations include your display name, photos (EXIF location stripped), species information, developmental stage, and observation notes you have not marked as private.
Other users may comment on or react to your public observations. Comments are associated with the commenter's display name. You may moderate comments on your own observations and delete them at any time.
Where Zetta offers species-specific discussion spaces or community forums, your display name and post content are visible to all participants. Forum posts are subject to our Community Guidelines.
Zetta may use your observation history, species interests, and engagement patterns to surface relevant content in the community feed, suggest related species, and highlight seasonal observation opportunities relevant to your documented interests.
Your observation data, species interests, and location history are not used to build an advertising profile or shared with advertising networks. Personalization on Zetta is used solely to improve your in-app journaling and discovery experience.
You may disable personalized content suggestions at any time in Settings > Privacy > Personalization. Core journaling features are unaffected.
We share personal information with trusted third-party service providers: cloud infrastructure, CDN services for photo delivery, payment processors, analytics platforms, customer support tools, and content moderation systems. All are contractually bound to process your data only on our instructions and in compliance with applicable data protection law.
We do not sell your personal information, observation records, photos, or location data to any third party, including research institutions, entomology databases, ecological data brokers, or advertising networks.
In the event of a merger, acquisition, or asset sale, your data may transfer to the acquiring entity. We will notify you in advance before your data becomes subject to a materially different privacy policy, giving you the opportunity to request account deletion.
We may disclose your information to law enforcement or government authorities when required by applicable law, valid legal process, or where necessary to protect the safety of any person. Where legally permitted, we will notify affected users prior to such disclosure.
Where Zetta displays observation locations on maps, third-party mapping services process location data to render map tiles. These providers are governed by their own privacy policies and process only the data necessary for mapping functionality.
Mobile analytics SDKs measure app performance and feature engagement, configured with privacy-preserving settings including anonymized event collection and suppression of advertising identifiers absent your consent.
Observation photos are stored on cloud infrastructure and delivered via CDN providers to ensure fast, reliable loading. These providers process delivery metadata as technical intermediaries under data processing agreements.
Apple Sign-In and Google authentication are governed by their own terms and privacy policies. Our use of data from these services is limited to account creation and basic profile population.
We retain your personal information and observation journal for as long as your account is active. Accounts with no login activity for 24 consecutive months will receive a dormancy notice; following the notice period, inactive data may be anonymized or deleted.
Your observation records and photos are retained for the life of your account to preserve your field journal. You may delete individual observations or your entire journal at any time. Deleted observation data is removed from production servers within 30 days and from backup archives within 90 days.
Financial transaction records are retained for a minimum of seven years to comply with applicable accounting, tax, and consumer protection obligations.
Records of content moderation actions, user reports, and enforcement decisions are retained for up to 36 months after account closure.
Aggregate, irreversibly anonymized usage data may be retained indefinitely for product research and development.
We implement TLS 1.2+ encryption for all data in transit, AES-256 encryption for stored data at rest, strict role-based access controls, and automated anomaly detection. Photo uploads and observation data are transmitted and stored over encrypted channels.
Data access is restricted on a need-to-know basis, requires multi-factor authentication, and is comprehensively audit-logged. All personnel with data access receive data protection training and sign confidentiality agreements.
We conduct regular security assessments and third-party penetration testing. Report security vulnerabilities responsibly to service@zettas.net.
In the event of a personal data breach posing risk to your rights and freedoms, we will notify relevant supervisory authorities within 72 hours where required by law and inform affected users without undue delay.
Zetta uses session tokens, local storage, and analytics SDKs (not traditional browser cookies) to maintain your authenticated session, remember preferences, and sync observation data across devices.
On iOS, we request ATT consent before accessing your IDFA. On Android, we respect your opt-out via device advertising settings. Advertising identifiers are used only to measure our own user acquisition campaigns and are not shared for third-party behavioral advertising.
Our website may use standard browser cookies for session management and analytics, manageable via your browser settings.
Zetta operates cloud infrastructure across multiple regions. Your personal data and observation records may be stored and processed in countries other than your country of residence, which may have different data protection standards.
For transfers from the EEA, UK, or Switzerland to countries lacking an adequacy decision, we rely on EU Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Addendum (IDTA). Equivalent safeguards apply to other cross-border transfers.
Where applicable national laws impose mandatory data localization requirements, we take reasonable steps to store and process the required data categories within the mandated territory.
Request a copy of personal data we hold, including your full observation journal metadata, via in-app settings or by emailing service@zettas.net with subject "Data Access Request."
Correct inaccurate personal information directly in account settings. For data that cannot be self-corrected, contact us and we will action the correction within 30 days.
Request deletion via Settings > Account > Delete Account or by emailing us. See Section 20 for full account deletion details.
Request your complete observation journal — including all records, notes, and photo metadata — in a structured, machine-readable format (JSON or CSV) suitable for archiving or transfer to another platform.
Object to or request restriction of processing in certain circumstances. We pause relevant processing while assessing your objection.
Withdraw consent for marketing, personalization, or citizen science data sharing at any time via in-app settings or by contacting us, without affecting prior lawful processing.
Email service@zettas.net with "Privacy Rights Request" in the subject, your registered email, and a description of your request. We verify your identity and respond within applicable legal timeframes.
For EEA and UK users, Zetta acts as the data controller of your personal information under the GDPR and UK GDPR respectively.
We process your data under: (a) contractual necessity (to provide the Service); (b) legal obligation (regulatory compliance); (c) legitimate interests (safety, service improvement, fraud prevention), where not overridden by your rights; and (d) consent (for marketing, personalization, and citizen science data sharing).
You may lodge a complaint with your national data protection supervisory authority if you believe your data has not been handled lawfully. We encourage you to contact us first to attempt direct resolution.
California residents have rights under the CCPA as amended by the CPRA, including the right to know, delete, correct, and opt out of the sale or sharing of personal information. Zetta does not sell personal information and does not share it for cross-context behavioral advertising.
Exercising your California privacy rights will not result in denial of services, different pricing, or reduced quality of experience.
California residents may designate an authorized agent by providing written proof of authorization. We verify both agent and resident identity before processing any request.
Brazilian users have rights under the Lei Geral de Protecao de Dados (LGPD) including confirmation, access, correction, anonymization, deletion, portability, and withdrawal of consent.
We process Brazilian users' data based on contract performance, legal obligation, and consent where applicable.
Brazilian users may lodge complaints with the Autoridade Nacional de Protecao de Dados (ANPD) where they believe data processing violates the LGPD.
Zetta is designed for users who are 18 years of age or older. We implement date-of-birth verification at registration and apply additional detection measures to accounts suspected of being operated by minors. Confirmed underage accounts are immediately and permanently terminated with all associated data deleted.
If you are a parent or guardian and believe a minor has created a Zetta account, contact us immediately at service@zettas.net. We will investigate and, where confirmed, permanently delete the account and all associated data without delay.
All in-app purchases are processed exclusively through Apple App Store or Google Play. Zetta does not store your payment card details. We receive only anonymized transaction confirmation tokens and entitlement data.
If Zetta offers premium features (such as expanded photo storage, unlimited observation records, or advanced journal tools): access is non-transferable between accounts; non-refundable except as required by applicable law or app store policy; and may be forfeited upon account termination for cause.
Transaction records are retained for a minimum of seven years to satisfy applicable accounting, tax, and consumer protection requirements.
Delete your account at any time via Settings > Account > Delete Account, or by emailing service@zettas.net with subject "Account Deletion Request."
Upon confirmed account deletion, your profile, all observation records, uploaded photos, growth timelines, community posts, and comments are removed from public view within 48 hours and from production servers within 30 days. Backup archives are purged within 90 days.
Certain data is retained where required by law: transaction records (up to 7 years); safety and moderation records (up to 3 years); data subject to a legal hold. All retained data is isolated and processed only for the specific legal purpose requiring its retention.
This Policy is governed by applicable international data protection law and the laws of the jurisdiction in which Zetta is incorporated, except where mandatory local law in your country of residence imposes higher standards that cannot be contractually excluded.
If our response to a direct complaint has not resolved your concern, you retain the right to escalate to the relevant data protection supervisory authority in your country of residence.
Material changes are communicated at least 14 days before taking effect via in-app notice, push notification, and/or email to your registered address. Non-material corrections may be made without advance notice.
Continued use of Zetta after any revised Policy's effective date constitutes acceptance. If you do not agree, delete your account before the changes take effect.
Prior versions are available upon request at service@zettas.net.
For questions, data rights requests, or privacy concerns:
We acknowledge inquiries within 5 business days and respond within 30 days.
Use the in-app Report function on any content or user profile, or email service@zettas.net immediately with subject "CSAE Report." These are our highest-priority safety matter, actioned without delay.