Privacy

Privacy Policy

This page explains the current privacy and cookie behavior in Zivi.

Essential cookies

Zivi uses essential cookies for secure sessions, CSRF protection, authentication, and booking flows. These cookies are required for the service to work and cannot be disabled in the app.

Functional cookies

Zivi stores language and city preferences so pages can open in the right language and city context. These preferences are part of the core user experience.

Analytics and marketing

Zivi uses analytics and marketing cookies to improve the service and show relevant content. This includes Google Tag Manager for analytics and Meta Pixel (Facebook Pixel) for marketing purposes. These cookies are only activated after you give explicit consent through the cookie banner or settings. You can withdraw your consent at any time from the privacy settings.

Third-party services

We share data with trusted third-party services to provide analytics and marketing features. Google Tag Manager helps us track site usage, understand popular features, and improve user experience. It collects data such as page views, clicks, and session duration. Meta Pixel (Facebook Pixel) enables conversion tracking and remarketing. It tracks page visits, booking events, and user interests to show you relevant advertisements. These services only receive data after you consent to analytics and marketing cookies.

Managing your cookie preferences

You have full control over cookies. Most web browsers allow you to manage cookies through their settings. You can set your browser to reject cookies or delete existing cookies. Note that disabling essential or functional cookies may affect core features like login and language preferences. You can manage analytics and marketing cookie consent through the cookie banner or by visiting this privacy page at any time. Mobile users can disable location services through their device settings (contact your device manufacturer for instructions).

Data retention

We retain your data only as long as necessary. Account and booking data is kept until account deletion or 3 years after your last activity. Analytics cookies are stored for up to 2 years or until you withdraw consent. Marketing cookies are stored for up to 1 year or until you withdraw consent. Essential and functional cookies follow their specified expiration periods (e.g., 1 year for the cookie notice acknowledgement). Session cookies expire when you close your browser.

Your privacy rights

You have the right to access, edit, and delete your personal data. You can view and edit your profile information in Account Settings at any time. To delete your account or request a copy of your data, contact us at privacy@zivi.co.il. You can manage marketing email preferences in your Account Settings. You can withdraw cookie consent at any time through the cookie banner.

Security measures

We take reasonable steps to protect your information. All data transmitted between your device and our servers is encrypted using SSL/TLS (HTTPS). We do not store credit card numbers; payment data is handled by certified PCI-compliant payment processors. User passwords are hashed and salted; they are never stored in plain text. CSRF tokens protect against unauthorized state-changing actions. While we implement industry-standard security measures, no internet transmission is 100% secure. You play an important role in security by keeping your password confidential and contacting us immediately if you suspect unauthorized access to your account.

Contact us

For questions about your privacy, data access, data deletion, or this policy, contact us at privacy@zivi.co.il. For general support inquiries, contact customer support. We will respond to privacy requests within 30 days.

Current cookie inventory

zivi_cookie_notice_v1: Stores that the cookie notice was acknowledged. First-party functional cookie, 1 year.
zivi_lang: Stores the selected language for localized routing. First-party functional cookie.
zivi_city: Stores the selected city for city-aware public pages. First-party functional cookie, 7 days.
zivi_return_to: Stores a safe local redirect target during login or registration. First-party functional cookie, short-lived.
XSRF-TOKEN and session cookies: Backend-managed security and session cookies used for authenticated and state-changing requests.