General Data Protection Regulation (GDPR)

Zyllio platform

At Zyllio, we prioritize the protection of user privacy and data rights. We understand the significance of complying with the General Data Protection Regulation (GDPR) and ensuring that personal data is handled securely and responsibly. This page outlines our commitment to GDPR compliance and how we protect user data while providing our services that may involve the use of personal data

Data Minimization

We prioritize data minimization as a fundamental principle when developing and maintaining our application. We collect and process only the necessary data required to provide our services effectively

Lawful Basis for Processing

To comply with the GDPR, we ensure that we have a valid lawful basis for processing personal data. When collecting and using personal data, we rely on the lawful bases outlined in Article 6 of the GDPR, such as the necessity of processing for the performance of a contract or the legitimate interests pursued by our company. We are transparent about the data we collect and the purposes for which we process it

Data Collection and Consent

We collect personal data with the explicit consent of our users. Before gathering such data, we provide clear and concise information about the types of data collected, the purposes of processing, and any third parties involved. Users have the option to provide consent or withdraw it at any time. We respect user preferences and ensure that data collection is limited to what is necessary for providing our services

Data Security

Protecting user data is of paramount importance to us. We have implemented robust technical and organizational measures to ensure the security, confidentiality, and integrity of the personal data we collect. These measures include encryption, access controls, regular security assessments, and employee training on data protection practices. We strive to prevent unauthorized access, disclosure, or alteration of user data

User Rights

We recognize and respect the rights of individuals as outlined in the GDPR. Users have the right to access, rectify, restrict processing, and delete their personal data. They can also request the portability of their data in a commonly used format. We have established processes and mechanisms to facilitate the exercise of these rights, and we promptly respond to any user requests related to their personal data

Data Sharing and Third Parties

We do not share personal data with any third party without explicit user consent, except when required by law. We prioritize the confidentiality and security of user data and ensure that any third parties we engage with meet the requirements of the GDPR. We have contractual agreements in place with these third parties to ensure the lawful and secure processing of personal data, if applicable

Data Breach Notification

In the unlikely event of a data breach involving personal data, we have processes in place to detect, investigate, and respond promptly. We remain vigilant to ensure the security and integrity of all data associated with our application

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by legal obligations. We have implemented data retention policies and procedures to ensure compliance with the GDPR's principles of storage limitation and data minimization. When data is no longer needed, it is securely deleted to prevent identification

Privacy by Design

Privacy by design is a core principle we adhere to during the development and maintenance of our application. We implement privacy-enhancing technologies and follow best practices to protect user data. Our development team incorporates privacy considerations from the early stages of product development to ensure privacy is embedded within our application's architecture

Data Protection Officer

As a responsible software company, we have appointed a Data Protection Officer (DPO) who oversees our data protection practices and ensures compliance with the GDPR. The DPO can be reached at for any inquiries or concerns related to GDPR compliance and data protection

At Zyllio, we are committed to upholding the highest standards of data protection and privacy. We adhere to the GDPR requirements when processing personal data. Our data handling practices are designed to safeguard user privacy, ensure data security, and provide transparency

Data collected

User Email

To uniquely identify users and facilitate communication, we collect user email addresses. This information allows us to create and manage user accounts, provide access to our services, and deliver important notifications or updates related to the user's account or projects. We use the user's email address as a means of legitimate correspondence, including responding to inquiries, providing technical support, and delivering important service-related information

User Provided Data in Zyllio Studio

Our tool allows users to configure their mobile apps according to their specific requirements. In this context, users have the freedom to provide additional data relevant to their projects.

The nature and extent of the data provided by the user during project configuration depend entirely on the user's discretion. This data can include but is not limited to text, images, media files, configurations, settings, and other project-specific information: API Account numbers, API Keys, Database Ids, Tokens, ... We emphasize that the user has full control over the data provided. It is the user's responsibility to ensure that any personal data or sensitive information they choose to include complies with applicable data protection laws and regulations, including the GDPR.

We do not access or use the user-provided data for any purposes other than facilitating the user's mobile app configuration and providing the requested services


By refraining from using analytics tools, we ensure that our users' activities and interactions within the app remain completely anonymous. We do not collect or store any information related to users' browsing behavior, IP addresses, or other identifiable data.

Our focus is solely on providing a secure and efficient platform for users to configure their projects without compromising their privacy. We believe in empowering our users without intruding upon their personal information or monitoring their actions within the app.

By omitting analytics and user tracking, we respect user privacy and strive to create a trusted environment where users can confidently engage with our services while maintaining control over their own data

App. Builders

Empowering Mobile App Builders

At Zyllio, we believe in empowering mobile app builders to create GDPR-compliant applications. While Zyllio Studio allows users to build mobile apps, it is essential to emphasize that the responsibility for ensuring GDPR compliance lies with the individual app builders. Our app provides a framework and tools that enable app builders to design and develop applications in line with GDPR principles

Transparency and Education

We are committed to promoting transparency and providing educational resources to app builders regarding GDPR compliance. Through our documentation, guides, and support channels, we strive to equip app builders with the knowledge and understanding necessary to make informed decisions and build GDPR-compliant mobile applications. We encourage app builders to familiarize themselves with the GDPR requirements and implement appropriate measures to protect user data

Privacy Features and Controls

Within Zyllio Studio, we offer privacy features and controls that enable app builders to implement privacy-conscious functionalities. These features include options for obtaining user consent, managing data collection and storage, and implementing privacy policies within the created mobile applications. By utilizing these features, app builders can enhance the privacy protection of their applications and ensure compliance with GDPR regulations

Data Processing Agreements

We encourage app builders to enter into data processing agreements with their users when applicable. App builders may incorporate additional functionalities or third-party services within their applications that involve data processing. It is the app builder's responsibility to establish appropriate data processing agreements and ensure compliance with the GDPR when such data processing activities occur

Ongoing Support and Updates

We are committed to providing ongoing support and updates to our app to ensure it aligns with evolving GDPR requirements. We stay informed about changes in privacy regulations and strive to update Zyllio Studio accordingly, incorporating features and functionalities that facilitate GDPR compliance for app builders. We encourage app builders to regularly update their apps and leverage the latest version of our software to benefit from these enhancements

Collaboration with App Builders

We value the feedback and input of our app builders in shaping our Zyllio Studio's features and compliance capabilities. We actively seek and consider app builders' suggestions and concerns regarding GDPR compliance. By fostering an open and collaborative relationship, we aim to create a platform that enables app builders to build GDPR-compliant mobile applications effectively

Please note that while we provide tools and resources to support GDPR compliance, it is ultimately the app builder's responsibility to ensure compliance with applicable data protection laws, including the GDPR. We recommend seeking legal counsel or consulting privacy professionals to address any specific requirements or concerns related to GDPR compliance in the context of the mobile applications developed using Zyllio Studio

Contact Us

If you have any questions or require further information about our GDPR compliance, please contact our Data Protection Officer at