Legal
Privacy Policy
Last updated: 8 May 2026
This Privacy Policy describes what personal data Zamok World collects, why we collect it, who we share it with, how long we keep it and what rights you have over it.
1. Who is the controller
Zamok World is the data controller for the personal data you provide while using the platform. You can reach our privacy team at privacy@zamok.world.
2. What data we collect
Account data: name, email, phone, password (hashed), role. Profile data: profile photo, headline, bio, languages, hourly rate, education, work history, portfolio. Transaction data: posted tasks, offers, contracts, messages, reviews, payment and withdrawal records (including IBAN and account holder name for payouts). Device and usage data: IP address, device type, browser, pages visited, approximate location derived from IP, cookies and similar identifiers.
3. Why we use it
We use your data to operate the platform — match Clients and Specialists, process payments and withdrawals, deliver notifications, prevent fraud, comply with legal obligations (including tax and anti-money-laundering rules), respond to support requests, and improve the service. Where required by law we also use it to send service-related communications.
4. Legal basis (GDPR)
We rely on contract performance for delivering the service you requested, on our legitimate interests for fraud prevention and product improvement, on your consent for optional marketing emails (which you can withdraw at any time), and on legal obligation for record-keeping mandated by law.
5. Who we share it with
Other users see only what your role and your privacy settings expose — for Specialists this typically includes your name, photo, headline, public reviews and portfolio. We use trusted processors for hosting, email delivery, analytics and payment rails; these processors act on our instructions only. We do not sell your data to third parties.
6. International transfers
Some of our processors are located outside the EU/EEA. Where this is the case we rely on Standard Contractual Clauses or equivalent safeguards to ensure your data receives an adequate level of protection.
7. How long we keep it
Active account data is retained while your account is open. After you close your account we retain financial and contract records for up to 7 years where required by tax and accounting law, and otherwise delete or anonymise personal data within 90 days.
8. Your rights
You have the right to access, correct, delete, export or restrict the processing of your personal data, and to object to processing based on our legitimate interests. To exercise any of these rights, write to privacy@zamok.world. You also have the right to lodge a complaint with your local data protection authority.
9. Cookies
We use a small number of strictly necessary cookies (for login and security), and — with your consent — analytics cookies that help us understand how the platform is used. You can change your preferences at any time from the cookie banner or your account settings.
10. Security
We protect your data with industry-standard measures: TLS in transit, encryption at rest for sensitive fields, password hashing with bcrypt, role-based access controls, audit logging, and regular security reviews. No system is perfectly secure — please choose a strong password and report suspicious activity to security@zamok.world.
11. Children
The platform is not directed at children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us so we can remove it.
12. Changes to this policy
When we materially change this policy we will notify you in-product or by email before the change takes effect. The "Last updated" date at the top of this page always reflects the current version.