Privacy Policy

Privacy Policy

In this section, in compliance with the European legislation introduced by EU Regulation 679/2016 and by Italian law (Legislative Decree no. 196/2003), information is provided on the processing of personal data of users who browse the pages of the website bythatsoft.com or who use the purchasing services made available on it (hereinafter "Users" or "Interested Parties").

This information is provided solely for the Website and not for other websites that may be reached by the user through links within the Website.

Data Controller

The Data Controller of the personal data of users of the bythatsoft.com website is ThatSoft, registration number: 08974150727, with registered office in Italy, Altamura, via dei Mille 88f. Email address: info @bythatsoft .com

Email to contact the owner and request the deletion of data, if collected, after obtaining consent: info @bythatsoft .com

A – Types of Data Processed

Identification Data
In accordance with European legislation introduced by EU Regulation 679/2016, browsing the Website and purchasing products on the Website may involve the processing of data capable of directly or indirectly identifying a natural person, such as: name, surname, residential address, email address, telephone number, IP address.

The Website does not require the Data Subject to provide data so-called "special categories" of data, i.e., according to the GDPR (Art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a person's sex life or sexual orientation. If the requested service involves the processing of such data, the Data Subject will receive specific information in advance and will be asked to provide explicit consent.

Bank details
When purchasing products on the Website, banking data such as the card number or bank account used for payment, the cardholder and the account holder are also processed.

This data can only be processed by third-party companies that manage the payment methods used on the site.

The Website uses the following payment services, and their privacy policies regarding data processing are reported below:

Navigation Data
Navigation data is acquired automatically by the systems and programs used to manage the Website and is necessary for access to web services [e.g. IP addresses, browser used, domain names of the systems used by users to connect to the web portal, URI (Uniform Resource Identifier) ​​addresses of the requested resources, time of the request, method used to send the request to the server, size of the file obtained in response, numeric code indicating the status of the server's response (success, error, etc.), and other parameters relating to the operating system and the user's IT environment].

This data is acquired even without registration on the Website or a request for information.

The navigation data are used exclusively in aggregate form to process anonymous statistics on the use of the Website and to ensure its correct functioning. They do not allow the identification of the users involved and are deleted immediately after being processed anonymously.

However, they can be used to determine liability in the event of computer crimes committed against the site.

Data Provided Voluntarily by the User
The personal data provided voluntarily by the user (such as name, surname, telephone number, email address) in order to send messages to the Website and/or purchase products are used exclusively to respond to the requests of the interested party and to fulfill legal obligations.

The legal basis for this processing is the fulfillment of services related to requests made and purchases made, as well as compliance with legal obligations.

The information that the user chooses to make public through the services and tools made available by the Website is provided by the user knowingly and voluntarily, exonerating the Website from any liability for any violations of the law.

It is your responsibility to ensure that you have permission to enter personal data of third parties or content protected by national and international laws.

Data Collected Through Analytical Cookies
The Website also collects user data through the use of cookies.

For more information on the data processed through cookies, the types of cookies active and how to disable them, please consult the cookie policy.

These cookies are used to track user browsing preferences and to collect statistical data. Users can disable these cookies by accessing their browser settings, as indicated in the Website's cookie policy.

B – Purpose of Data Processing

The personal data collected are used for:

  • Send purchased products to the user via email;
  • Respond to contact requests sent by the user;
  • Allow the user to access Customer Service;
  • Obtain anonymous statistical information on the use of the website;
  • Ensure the correct functioning of the website;
  • Send communications and newsletters, both in paper and electronic format, to the email address provided by the user: if the user decides to subscribe to the bythatsoft.com newsletter only after providing explicit consent, the personal data will be processed by the Data Controller to send commercial or promotional communications, updates on exclusive offers, special events and promotions. To unsubscribe from the newsletter, simply click on the unsubscribe link at the bottom of the emails received or write to info @bythatsoft .com .
  • Determine liability in the event of potential cybercrime against the website;
  • Comply with other legal obligations not included in the purposes mentioned above.

The data may be communicated only following a request from the judicial authorities, in accordance with the law.

C – Legal Basis for Data Processing

The legal basis for the processing of personal data is the fulfillment of the obligations relating to the contract established through the acceptance of the Terms and Conditions, the consent of the Data Subject, compliance with legal obligations and the legitimate interest of the Owner in carrying out the processing necessary for these purposes.

Execution of the Contract
The Data Controller processes the user's personal data when the processing is necessary for the performance of a contract with the user and/or for the implementation of pre-contractual measures.

Consent of the interested party
The optional, explicit and voluntary sending of emails, messages or any type of communication addressed to the contacts indicated on this Website involves the subsequent acquisition of the sender's address, telephone number or any other personal data that will be used to respond to requests. This processing is based on the consent of the interested party.

It is guaranteed that such processing will be carried out in accordance with the principles of lawfulness, correctness, transparency, adequacy, relevance and necessity referred to in art. 5, par. 1 of the GDPR. Specific summary information will be progressively displayed or provided on the pages of the sites intended for certain requested services.

III. Compliance with Legal Obligations
The processing of personal data may occur without the consent of the interested party if the Data Controller is required to fulfill a legal obligation.

Legitimate Interest of the Data Controller
The Data Controller processes the user's personal data when the processing is necessary to pursue the legitimate interest of the Data Controller or third parties.

Optional Nature of Data Provision
Apart from what is specified for the fulfillment of the contract or legal obligations, cookies and navigation data, the user is free to provide or not his/her personal data. However, failure to provide such data could make it impossible to obtain the requested service.

D – Methods and Duration of Data Processing

Personal data are processed using electronic means and in compliance with EU Regulation 679/2016.

The storage of the processed data will last for the time necessary for the purposes described in this information and, therefore, for the minimum time necessary, or until an explicit request is made by the interested party, in any case, within the time limits imposed by law.

The Owner undertakes to adopt all appropriate security measures to prevent the loss and alteration of personal data, as well as any illicit or unauthorized use.

The data will be processed exclusively by persons authorized by the Data Controller, including any data controllers, representatives and public bodies to fulfill the obligations established by law, who will carry out the respective processing activities as independent data controllers.

Among the persons authorized by the Owner who may process the data are, for example: collaborators of the commercial and legal departments, as well as third-party service providers, hosting providers and IT companies (this list is not exhaustive). However, the processed data will not be disclosed to unspecified recipients.

Among the persons authorised by the Data Controller who may process data for profiling purposes are the online marketing platforms "Shopify" ( https ://www .shopify .com /legal /privacy ).

The security of the information collected cannot be guaranteed in the event of hacker attacks and, in general, violations of the security measures implemented for data protection.

In case of attacks or violations, these will be communicated to the interested parties and the competent authorities in accordance with the legal provisions.

E – Place of Processing

The processing relating to the services of the web portal is carried out by identified and specifically designated personnel for the specific purposes of the services requested and subscribed to.

Collections