Privacy Policy
Privacy Policy, Consent to the Use of Data, and Use of Cookies
Updated 05.24.2018 (GDPR)
In this document (web page) you will find all the information on how we apply the privacy rules, on consent to the use of your data, and on the use of cookies within our websites.
The entry into force of EU Regulation 2016/79 has required us to change some conditions on the processing of personal data and security. The way in which our users' personal data was processed already reflected most of the rules in force under EU Regulation 2016/79, the remainder have been aligned.
You will find the information necessary to use the services provided by BasicApp, in order to know what data we collect, the reason, for how long and where they are stored.
When you use our services and/or software you have the right to decide, at any time and in complete transparency, whether or not to accept the way in which your data is processed. If at any time you do not agree with what is written in this document you have every right to refuse, to request the deletion of your data, and to cancel and no longer use the services.
Also with regards to cookies you have the possibility at any time to accept or refuse their use in part or in full. Remember that the use of cookies is necessary for the functioning of the site you are using. By not accepting cookies, the site and related services may not function properly.
We invite you to carefully read the following instructions and check what may interest you.
Basic information.
Who we are.
BasicApp is an Italy-based company that builds and sells software products, web applications, and internet services worldwide.
BasicApp
Via Della Rinascita
61122 Pesaro (PU)
P.IVA 02058680410
Extension of EU-compliant privacy and security regulations
The headquarters of BasicApp is located in Italy, therefore our company is subject to Italian and European laws, also with regards to safety conditions and privacy legislation.
We are always attentive to the privacy and security of our users, therefore we have taken measures to ensure the safest and most transparent service possible, including the extension of the policy to EU Regulation 2016/79 (known as GDPR).
By using our websites and our services, you consent to the collection, storage, processing and transfer of your information to our servers in Italy and abroad, with which it is shared in the terms and ways described in this information.
Users of free versions, subscribers to services, or holders of BasicApp software licenses must necessarily adhere to our contracts and accept this information to continue using our applications and services.
Data Controller
We become data controllers of your personal data when we collect them during the provision of the services purchased by you.
As data controllers we guarantee compliance with the rules regarding the protection of personal data, giving you all the useful information regarding the processing of the data that you have voluntarily communicated to us, or when the system collects them during navigation on the site and while using the our services.
Specifically, the data controller for BasicApp is the owner of the company, who guarantees compliance with the rules imposed by the GDPR.
The owner can always be contacted via email at privacy@basicapp.net.
Data Processor
We collect your personal information only for administrative purposes, to generate software licenses and to allow the provision of purchased services. With regards to personal information that you collect with the desktop software we provide, or with the services we provide, for example your subscribers to mailing lists, or contacts found on the Internet, it will be your responsibility to ensure that you have the appropriate authorization for the collection and processing of information relating to various subjects. We have no direct relationship with your subscribers or people other than you and therefore, for this very reason, you are the data controller.
Data Collected by Our Applications During Your Activities on the Site or While You Use Our Services
When you use our services or browse one of our websites, we may collect information about you, such as your IP address.
There are also external services such as Google Analytics or similar on our website, used to analyze trends and understand how our sites are used.
When we send an email to those who subscribe to a service or to those who purchase a software license, or a notification email for any updates, we can check whether the email has been read or not and collect the IP address at the time of reading. This is thanks to an image inserted in the email which is connected to one of our servers. This allows us to measure the effectiveness of the emails sent and improve the features offered for specific users.
This technology allows us to collect information about when you open the email, your IP address, if possible your location to which your IP corresponds, and other similar details.
When you actively interact with us we also collect the data you have shared with support, while you use our support services (online chat, email, telephone). This information is collected on our PCs or on third-party servers (e.g. online chat).
For your peace of mind, we specify that this data is not accompanied by any additional personal information and is used to:
- obtain anonymous statistical information
- assessment of responsibility in case of fraud or hypothetical computer crimes
- keep track of your requests for more effective assistance
Data Provided Voluntarily for the Use of the Services
In many cases you voluntarily provide us with information that we collect, in order to provide you with what you request, specifically when:
- you sign up and use our services, applications and software;
- request support from our customer support team;
- send us a communication via email;
- fill out a contact form (or forms);
- integrate the services with another website or web service;
- communicate with us in any way (including by telephone).
This information may include your first and last name, physical address, email address, telephone number, as well as location details, purchase history and other demographic information.
By providing us with this information, you consent to it being collected, used, and stored by us as described in this Privacy Policy.
Consent to the processing of data
We have provided a declaration of consent to the processing of data, prepared in an understandable and easily accessible form, without oppressive clauses. You will always be able to make a truly free choice.
When expressing or denying consent you must take into account:
- the need to comply with the legal obligation to which BasicApp is also subject as data controller;
- the need to execute a contract to provide a service you are interested in;
- possible pre-contractual measures, to execute requests for quotes or the use of demo versions.
You will always have the possibility to give your consent through a positive and unequivocal act, with which you express your free, specific and informed intention in accepting the processing of personal data concerning you.
Depending on the case, "positive and unequivocal act" is meant
- a written declaration on paper;
- communication through electronic means, such as in the forms to be filled in online before purchasing a BasicApp service;
- an oral communication with a recorded procedure.
If the communication takes place via a form on one of our websites, you will have to actively select a specific box: with this choice you clearly indicate that you have intentionally accepted the proposed treatment.
You can decide at any time to avoid data processing, based on the rules of the GDPR.
Data Retention - Times and Methods of Processing
We at BasicApp do our best to keep your data accurate and up-to-date, limited to the information you provide. We will retain your information for as long as your account is active or as long as necessary to provide you with our services.
We may also retain and use your information to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.
The data we collect to meet the needs of performing contractual obligations and information on how and when you use our services we store in databases on our servers or other types of data storage systems duly protected and encrypted.
In particular:
- personal data to fulfill the contractual conditions will be stored in protected management databases on our servers, for the entire period envisaged by the agreement
- the personal data collected and relating to contractual and billing obligations are stored via protected backup on our servers, for a period of 5 years after the termination of the contractual relationship: termination of the contractual relationship means the explicit termination of the contract by part of the user or the expiration of the service itself
- the personal data collected to access our services, applications and software, both for purchase and demo and consultable, with access via username and password of the individual account, will be stored on our servers via a database accessible from an active account and, subsequently , by means of a protected backup on our servers for the entire time you use the service, or archived and retained for 12 months in the event of cancellation.
BasicApp is not required to store all your data forever: you will be able to access some of them as long as you have an active contract, whether paid or free, and for a period that varies depending on the type of data in question and the plan subscribed to.
Data Present During the Use of Our Services
When you use our services, such as the SMTP service, we have access to the information contained in the emails you send, as well as the subject and content of the emails you send.
This data is stored on secure servers and only a limited number of people are authorized to access it, specifically to provide support services.
This data is stored only to ensure the operation and calculate the consumption of the service.
This data is deleted after 12 months.
Remember that you decide who to send and the content of the messages, therefore you are considered the data controller pursuant to the GDPR.
How BasicApp Uses Your Information
Purpose and Purpose of Data Processing - Legal Basis as Data Controller
We process your information to pursue our objectives and those of third parties, applying appropriate safeguards to protect your privacy.
The main purpose of collecting personal data is to offer a safe, optimal, efficient and personalized experience. To achieve this objective we inform you that we pursue legitimate interests, as required by art. 6 of the GDPR on the lawfulness of the processing: «It is also a legitimate interest of the data controller concerned to process personal data strictly necessary for the purposes of fraud prevention. It may be considered legitimate interest to process personal data for direct marketing purposes."
We assure you that your data will only be used for the following purposes:
- Promote the use of our services. When you ask us for information or register for free services, leaving us your details, we may contact you via email to ask for feedback or to offer you any discounts on future renewals.
- To invoice or send you payment advice. We may use your data to send you emails with invoices, receipts, insolvency notices. We use third parties to securely process credit card transactions and send your billing information to those third parties to process your orders and payments.
- To send you system alert messages. You may receive communications regarding BasicApp services, applications or software that you use. The purpose is to notify you in the event of: temporary or permanent changes to our services, applications or software; change of conditions of use; new features; version updates; notices of abuse or data breach (also called data breach); updates and changes to our Privacy Policy.
- To provide assistance. We may communicate with you to provide assistance and support regarding the services, applications and software used.
- For legal matters. You may receive legal communications, such as complying with court orders.
- To provide information to representatives and consultants, including lawyers and accountants. In order to comply with legal, accounting or security requirements established by law, your information may be used.
- To respond to legitimate requests from public authorities. If a public authority makes a legitimate request, motivated by compliance with national security needs or law enforcement, your data may be used.
- To transfer your information in the event of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In such case, any purchaser will be subject to our obligations under this Privacy Policy, including rights of access and choice. We will notify you of the change by sending you an email or by posting a notice on our website.
When BasicApp Shares Your Information - Data Recipients
The data collected of a personal nature are intended for commercial, accounting and technical assistance services of BasicApp, furthermore they could be transmitted to contracting companies that BasicApp has contacted in the context of the execution of the services.
Personal data cannot be transferred to third parties for marketing purposes without your explicit consent. The disclosure of personal data, which you have provided to us, to third parties may only occur in the following cases:
- with your authorization;
- at the request of competent legal authorities, by judicial indictment or in the context of a judicial dispute.
Purpose and Purpose of Data Processing as Manager - B2B User
We have no direct relationship with anyone other than you, so it is your responsibility to ensure that you have the appropriate authorization to collect and process data relating to them.
Consistent with the relevant provisions of the GDPR, we may transfer your or your subscribers' personal information to companies that support us and help us provide our services.
Access, Export, Edit, and Remove Information
Right of Access, Rectification, Opposition
We have set up mechanisms and methods that at any time and for legitimate reasons guarantee you the possibility to:
- object to the processing of data;
- request the deletion, modification or updating of all your personal information in our possession.
BasicApp allows you to modify your data whenever you want by contacting us at the email address privacy@basicapp.net.
You can unsubscribe from our newsletter or choose to no longer receive commercial communications via email: just use the unsubscribe link in each of them.
Such requests will be processed within a maximum of 30 days, without unjustified delay, and justifying our possible intention not to accept them.
Right to be forgotten
We guarantee you your right to be forgotten, which allows you to obtain the rectification of your personal data.
By sending your legitimate request to privacy@basicapp.net we will delete your data, which will no longer be subjected to any type of processing, nor will they be necessary for the purposes for which they were previously collected or processed.
You have the possibility to withdraw consent or oppose the processing of data if you believe that the latter does not comply with this regulation.
To make use of this right you will have to demonstrate that you are the one making the request by sending us documents that prove your identity. Furthermore, remember to justify your decision.
Once we have received your communication, we will provide you with confirmation and proof of the deletion of your data as soon as possible.
Right to Withdraw Consent to Data Processing
If you no longer wish to receive our promotional emails, follow the unsubscribe instructions from our contact list contained in each email.
Remember: by revoking your consent to data processing, we will no longer be able to offer you the chosen service.
Safety
Technical Measures
BasicApp gives the utmost importance to the security and integrity of your personal data.
In compliance with the GDPR, we are committed on a daily basis to taking all the necessary precautions to preserve the security of your data and, in particular, to protect it from:
- accidental or illicit destruction;
- accidental or illicit loss;
- accidental or illicit corruption;
- circulation or disclosure to unauthorized persons;
- unauthorized access;
- illicit treatment.
To this end we have adopted industry standard technical security measures:
- multilevel firewall;
- proven antivirus and detection of intrusion attempts;
- encrypted data transmission through SSL/https/VPN technology.
To protect personal data from unauthorized disclosure, we have used specially developed encryption methods, in addition to algorithms that ensure the security of transactions, accesses and data backups.
We ensure the accuracy and correct use of data:
- with appropriate electronic, physical and managerial procedures in order to safeguard and preserve the data collected through our services;
- with the adequate training of our staff, who have obtained specific instructions for accessing the data, in compliance with the provisions of the GPDR.
Remember, however, that today there is no absolute defense against piracy attacks or hackers. In the event that a security breach (data breach) occurs, we undertake to inform you without undue delay, while we will work to the best of our ability to neutralize the intrusion and minimize the impact. In the event that you suffer a loss due to a security breach, we are committed to providing you with all the assistance necessary to assert your rights.
If in an exceptional case the loss suffered was due to a serious failure of BasicApp, we will provide compensation within the limit of liability provided for in our General Conditions of Use.
If a user, contact list subscriber or hacker discovers and takes advantage of a security breach, you are liable for criminal prosecution. BasicApp will take all measures, including filing a complaint and/or legal action, to preserve the data and rights of its users and ourselves, and to limit any impacts.
The above measures are those that we adopt to protect your data, but, as you are the user of our services, applications or software, you will have to carry out the following actions:
- check the authentication of people accessing the data;
- use an individual and sufficiently secure password, remembering to change it regularly without leaving it unattended;
- make sure you take security measures for the data that you pass through unprotected communication channels and which are processed by BasicApp.
The purpose of these technical measures is to make your data incomprehensible or inaccessible to unauthorized persons.
For any questions regarding the security of our services, applications and software, we invite you to contact our technical support staff, available on our official channels: email, online chat and telephone.
Data Breach Management
The art. 33 of the GDPR requires the data controller to notify the supervisory authority of the violation of personal data (data breach) within seventy-two hours of becoming aware of it.
Three types of violations can be distinguished:
- breach of confidentiality, i.e. when unauthorized or accidental disclosure or access to personal data occurs;
- violation of integrity, i.e. when an unauthorized or accidental alteration of personal data occurs;
- violation of availability, or when the accidental or unauthorized loss, inaccessibility or destruction of personal data occurs.
If the possible violation also concerns your data, BasicApp, as data controller, will notify you in the following ways:
- personally and directly;
- by means of public communication or a similar and effective measure, in the event that direct and personal communication involves disproportionate efforts.
Authorized Data Access for Customer Care and Technical Assistance
The data collected will be used if it is necessary or instrumental for the execution of the purposes of:
- technical assistance to users, for the services provided by BasicApp which interest the data controllers
- telephone calls or emails, to conclude commercial negotiations
- direct or indirect commercial consultancy
Your data may be processed by BasicApp employees or third parties, who will be appointed external data controllers as appropriate. The owner or controller of the personal data will be informed from time to time regarding the methods of processing.
Minimization of Data Processed and Storage
We have prepared the technical and organizational measures to guarantee the principle of minimization of the data processed, which will always be adequate, relevant and limited to what is necessary for the pursuit of the declared purposes.
The processing of data for statistical purposes, archiving in the public interest, scientific or historical research is subject to guarantees appropriate to the rights and freedoms of the interested party, in compliance with the provisions of the GDPR.
Data Transfer
We operate servers around the world, but mainly in Europe, so your information may be processed on servers located outside the country where you live. Laws regarding the protection of personal data vary from country to country, specifically some provide more protection than others.
Regardless of where your data is processed, we apply the same protections described in this policy.
Interventions
Complaints
If we receive formal written complaints, we will respond by contacting the individuals who made them. We will cooperate with relevant regulatory authorities, including local data protection authorities, to resolve any complaints relating to the transfer of your personal data, which cannot be resolved directly with you.
Application of the Rules
These Privacy Policy apply to all services offered by BasicApp and to the websites of the applications developed and sold by BasicApp. Each service, application and specific software collects and processes only the data necessary for correct functioning.
Use of Cookies
To ensure the best experience of our site and make our services efficient, this site uses cookies. Therefore, when you visit it, some portions of code are saved in special Cookie files resident in the User's browser directory which assist the owner in providing the service.
Below are the types of cookies that can be used on the Site with a description of the purpose linked to their use.
Technical Cookies
Cookies of this type are necessary for the correct functioning of some sections of the site. They can be persistent or session. In the absence of these cookies, the site or some sections of it may not function properly.
Therefore, they are always used, regardless of user preferences. These cookies are always sent from our domain.
The Owner is not required to request user consent for technical cookies, as these are strictly necessary for the provision of the service.
Analytical Cookies
Cookies of this type are used to monitor the use of the Site. The Owner has this information for statistical analysis in order to improve the use, enjoyment and functioning of the Site. The activities of users on the Site and the sources of access to the Site are collected anonymously. These cookies are sent from the Site itself or from third-party domains.
Third Party Tracking Cookies
Cookies of this type are used to collect information on the use of the Site by visitors, the keywords used to reach the Site and the sources of traffic from which visitors come for marketing campaigns. The owner can use this information to compile reports and improve the Site. Cookies collect information anonymously and are sent from the Site itself or from third-party domains.
Cookies for Integration of Third Party Functionality
Cookies of this type are used to integrate third-party functions into the Site: for example comment forms or for sharing on social networks. These cookies can be sent from the domains of partner sites or which in any case offer the functions present on the site.
Third Party Websites
The site contains links to other websites that have their own privacy policy. These privacy policies may be different from the one adopted by the Owner, who therefore is not responsible for third-party sites.
Pursuant to art. 122 second paragraph of the Legislative Decree. 196/2003, consent to the use of these cookies is expressed by the interested party through the individual configuration that he has freely chosen for the browser used for browsing the Site, without prejudice to the user's right to communicate at any time to the Data Controller your will regarding data managed through cookies that the browser itself has accepted.
Cookie Management
The user can decide whether or not to accept cookies using their browser settings.
Warning: total or partial disabling of technical cookies may compromise the use of the site features reserved for registered users. On the contrary, the usability of public content is also possible by completely disabling cookies.
Disabling "third party" cookies does not affect navigability in any way.
The setting can be defined specifically for different websites and web applications. Furthermore, the best browsers allow you to define different settings for "proprietary" cookies and "third party" cookies.
By way of example, in Firefox, through the Tools->Options ->Privacy menu, it is possible to access a control panel where it is possible to define whether or not to accept the different types of cookies and proceed with their removal.
How to disable cookies from third-party services:
Cookies Currently Accepted And Used
You are free to choose which cookies to use and which not. Your choice will be valid for one year from your last change. Remember that the use of cookies is necessary for the functioning of the site you are using. By not accepting cookies, the site and related services may not function properly.
Yes No ASP/PHP Session
Yes No Google Analytics/Api Maps/Counter
Yes No Trust Pilot
Yes No Facebook Counter