zoomment.com

Privacy Policy

This Privacy Policy describes how Zoomment ("we", "us", or "our") collects, uses, and protects your personal data when you use our open-source commenting widget and related services at zoomment.com.

Owner and Data Controller

Zoomment — zoomment.com
Contact email: [email protected]

What is Zoomment

Zoomment is an open-source commenting platform that allows website owners to embed a commenting widget on their websites. Visitors can leave comments, reply to existing comments, and react with emojis. Website owners can manage comments through an admin dashboard.

Types of Data Collected

Data collected from website administrators (account holders)

  • Email address — used for authentication (magic link login), account management, and notifications when new comments are posted on your website.
  • Name — used for display purposes in the dashboard and comment responses.
  • Website domain — used to associate your commenting widget with your website.
  • Gravatar hash — derived from your email address to display your avatar.

Data collected from comment authors (website visitors)

  • Author name — provided voluntarily when posting a comment, displayed publicly alongside the comment.
  • Comment text — the content of the comment, displayed publicly on the website.
  • Gravatar hash — used to display an avatar next to the comment.
  • Page URL — the page where the comment was posted.

Automatically collected data

  • Page view data — we track page views on websites using the Zoomment widget to provide analytics to website owners.
  • IP address — collected automatically for security, spam prevention, and system operation purposes.
  • Browser and device information — collected via system logs for maintenance and troubleshooting purposes.

How We Use Your Data

  • Providing the commenting service — displaying comments, replies, and emoji reactions on websites.
  • Authentication — sending magic link emails to verify website administrator accounts.
  • Notifications — sending email notifications to website owners when new comments are posted.
  • Admin dashboard — enabling website owners to moderate, approve, and respond to comments.
  • Analytics — providing page view statistics to website owners.
  • RSS feeds — generating comment feeds for websites that use this feature.
  • Security and spam prevention — protecting the service from abuse.
  • System maintenance — monitoring and improving the performance and reliability of the service.

Third-Party Services

We use the following third-party services:
  • Gravatar — to display user avatars based on email hashes. Gravatar is operated by Automattic Inc. See their privacy policy.
  • Email service providers — to send authentication and notification emails to website administrators.

Cookies

Zoomment uses cookies strictly for authentication and session management purposes. We do not use cookies for advertising or tracking. Cookies are set when website administrators log in to the Zoomment dashboard.

Mode and Place of Processing the Data

Methods of processing

We take appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of your data. Data processing is carried out using computers and IT tools, following organizational procedures strictly related to the purposes indicated in this policy.

Retention time

Personal data is processed and stored for as long as required by the purpose it was collected for:
  • Account data — retained for as long as you maintain an active Zoomment account. You may request deletion of your account at any time.
  • Comments — retained for as long as the website owner keeps them. Website owners can delete comments through the admin dashboard.
  • System logs — retained for a limited period necessary for maintenance and security purposes.

Open Source

Zoomment is an open-source project. You can review our source code on GitHub to verify how we handle your data. Transparency is a core principle of our project.

Your Rights (GDPR)

If you are located in the European Union, you have the following rights regarding your personal data:
  • Right to access — you have the right to know what personal data we hold about you and obtain a copy.
  • Right to rectification — you can request correction of inaccurate personal data.
  • Right to erasure — you can request deletion of your personal data.
  • Right to restrict processing — you can request that we limit how we use your data.
  • Right to data portability — you can request your data in a structured, machine-readable format.
  • Right to object — you can object to the processing of your personal data.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.
  • Right to lodge a complaint — you have the right to file a complaint with your local data protection authority.
To exercise any of these rights, contact us at [email protected]. We will respond within one month.

Changes to This Privacy Policy

We reserve the right to update this privacy policy at any time. Changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.
Last updated: March 12, 2026