This Data & Cookie Policy explains how Zishes (“we”, “us”, “our”) uses cookies and similar technologies (collectively, “cookies”) and how we process related data. It should be read together with our Privacy Policy and Terms & Conditions. By using Zishes, you agree to the practices described here, subject to your preferences and regional consent requirements.
1) What Are Cookies & Similar Technologies?
Cookies are small text files placed on your device when you visit a site or use an app. We also use SDKs, pixels, local storage, session storage, device identifiers, and similar technologies to keep you logged in, remember preferences, measure performance, prevent fraud, and personalize experiences.
2) Why We Use Them (Purposes)
Essential (Strictly Necessary): Authentication, session management, load balancing, security, fraud prevention, consent storage. These are required for core functionality and cannot be turned off in our systems.
Advertising & Attribution (where permitted): Measuring conversions, capping frequency, and showing relevant promotions. We do not sell personal data; where law requires consent, we obtain it before setting these cookies.
3) Categories of Cookies We Set
Session cookies: expire when you close your browser or app instance.
Persistent cookies: remain until expiry or manual deletion; used for preferences, analytics, and consent state.
First-party cookies: set by Zishes.
Third-party cookies/SDKs: set by service providers (e.g., analytics, payments, fraud tools). We contract them to process data only for our purposes and under strict safeguards.
4) Examples of Technologies We May Use
(Exact vendors can change; we keep this list reasonably up-to-date.)
Security/Fraud: device fingerprinting, bot detection, anti-abuse tools to protect competitions and payments.
Payments: payment gateways and PSP SDKs may set cookies to prevent fraud and comply with regulatory checks.
Attribution/Advertising (where applicable): ad-attribution pixels and mobile install measurement tools; used only with consent in regions that require it.
5) Legal Bases & Regional Rules
EU/UK (GDPR + ePrivacy): We obtain your consent for non-essential cookies via a Consent Management Platform (CMP). Essential cookies rely on legitimate interests or necessity to perform a contract. You can change your settings anytime via the control.
UAE (PDPL): We use a consent or legitimate-interest approach consistent with PDPL guidance; you may manage preferences and object where applicable.
India (DPDP): We follow consent and notice standards for non-essential tracking and minimize data collection.
US (CPRA/State Laws): We honor “Limit/Opt-Out of Sale/Sharing” where required and recognize Global Privacy Control (GPC) signals where feasible.
6) How to Manage Your Preferences
Use our in-product to accept/decline categories (where required).
Browser settings allow you to block or delete cookies. Note that disabling essential cookies may break core features (login, payments, competitions).
Mobile OS settings can reset advertising IDs and control app tracking permissions.
We reasonably honor supported browser signals (e.g., Global Privacy Control) where applicable.
7) Data Collected Through Cookies
Depending on your settings and region, cookies may collect device identifiers, IP address, app/browser type, language, referrer URLs, session timestamps, feature usage, crash logs, coarse location, and consent choices. We do not collect sensitive categories via cookies. We minimize and aggregate analytics wherever feasible.
8) Retention & Expiry
Essential cookies typically last only for the session or a short period (e.g., up to 12 months) to remember security and preferences.
Analytics/functional cookies may persist up to 24 months unless you delete them or withdraw consent; we review lifetimes periodically to ensure necessity.
We store consent records to demonstrate compliance for as long as legally required.
9) Third Parties & International Transfers
Service providers acting on our behalf may process cookie data under data-processing agreements and security obligations. Where data is transferred internationally, we use appropriate safeguards (e.g., SCCs for EU/UK, contractual and technical measures). We require vendors to limit use to our instructions and purposes only.
10) Children
Zishes is intended for adults (18+). We do not knowingly set non-essential cookies for users identified as under the age of majority in their jurisdiction.
11) Your Rights
Depending on your region, you may have rights to access, correct, delete, port, or object/restrict processing of personal data collected via cookies.
You can withdraw consent to non-essential cookies at any time via .
Contact privacy@zishes.com to exercise rights; we’ll respond within applicable legal timeframes.
12) Do Not Track & Global Privacy Control
Some browsers offer “Do Not Track” and GPC signals. Industry standards are evolving; we endeavor to respect recognized signals in jurisdictions where required and will update this Policy as standards mature.
13) Security
We implement technical and organizational measures to protect cookie data, including encryption in transit, strict access controls, logging, and vendor due diligence. No method is 100% secure; we continuously improve our safeguards.
14) Changes to This Policy
We review this Policy regularly and update it to reflect technology, legal, and business changes. Material updates will be highlighted in the app/website. Continued use of Zishes after an update constitutes acceptance of the revised Policy.
