Introduction
This Privacy Policy explains what information BITSoftware s.r.l. a company registered Romania with number J08/3704/1993 (“BITSoftware”, “we”, “us” or “our”) collects about you, how we may use it, and the steps we take to ensure that it is kept secure. It also explains your rights and how to contact us.
This privacy policy gives you information about the types of personal data we collect from you and how we use this personal information. The terms used in this privacy policy have the same meaning as those assigned to them in the SocrateCloud contract.
Please note that not BITSoftware, but the Customer is the data controller with respect to the personal data contained in or related to the exploitation of BITSoftware products. Issues related to this personal data must be addressed directly to or by the BITSoftware Customer.
What information do we collect ?
The personal data we hold about you in our capacity as a data controller may include some or all of the following:
We also process data of which the Customer is the controller, namely:
Together we call this Customer Personal Data. Our processing of Customer Personal Data is governed by the Customer Data Processing Terms. The provisions below do not relate to Customer Personal Data, the processing of which is exclusively dealt with in the Customer Data Processing Terms.
Some of your personal data may be shared with us by third parties such as:
We also collect, use and share Aggregated Data such as statistical or demographic data. Aggregated Data may be derived from your personal data but is put together in an aggregated and anonymous manner (so that it cannot be associated with any of your Identity and Contact Data or other personal data) and does not constitute personal data for legal purposes. For example, we may anonymise and aggregate Profile Data and/or Technical Data with that of others and (a) use it for internal management purposes, (b) share it with current or prospective business partners, and (c) use it to target offers that are made through BITSoftware.
When we collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data) we will do this only with your explicit consent.
How do we use your personal data, and what is our legal basis for doing so ?
These are the legal bases we have for holding and processing your personal data:
And here is how we use your personal data, and our relevant legal basis (Our basis) for doing so:
If you register with us, you provide us with Identity and Contact Data. That Identity and Contact Data may be supplemented over time with other information. We use this information to maintain your registration with BITSoftware and administer our relationship with you. Our basis: Consent and Legitimate Interest (to remind you of matters relating to your account with us).
If you provide us with Payment Data, we will use your Identity and Contact Data, Payment Data and the related Transaction Data, to process your transaction and receive the relevant payment. Our basis: Contract and Legitimate Interest (to receive payment of sums owed to us). [Note that we do not store your complete Payment Data – this is held by payment service providers. We do, however, store the last four digits of your payment card number, which are retained to assist in the resolution of queries concerning deliveries of Incentives.]
From time to time, you may provide us with feedback or otherwise engage with us in ways that, in combination with other data we hold, may be included in your Profile Data. In using BITSoftware, we and our service providers will also collect Technical Data. We use Profile Data and Technical Data to analyse your use of BITSoftware and combine it with similar data for other users like you, with the object of making BITSoftware better and more relevant to you, to enable us to create content that is more suited to you and to send you more relevant communications. Our basis: Legitimate Interest (making our services and their marketing more specific to you).
Where you opt to receive marketing communications from BITSoftware, we will use your relevant Marketing and Communications Data to communicate that marketing to you. Our basis: Consent.
We will use your Marketing and Communications Data and Identity and Contact Data to keep you informed of important changes to our relationship with you, such as by notifying you of changes to this Privacy Policy. Our basis: Obligation and Legitimate Interest (in maintain a compliant relationship with you).
Whom will we share your personal data with ?
We will share your personal data with various third parties, but always for the uses referred to above. These third parties are businesses (and in some cases charities) of the following types:
We may also share your personal data with others where to do so is mandated by applicable law.
Your Marketing and Communications Data will only be shared with a third party for the purpose of them directly marketing to you where you have consented to that marketing.
If we transfer your personal data outside the European Economic Area (EEA) to a country that does not provide a similar level of legal protection to that provided by the European’s data protection laws, we put in place legally appropriate safeguards to require the protection of your personal data. You can request details of those safeguards by contacting our Information Officer.
If we sell our business or assets, your personal data may be provided to the prospective purchaser’s advisers with appropriate legal protections and will be passed to the new owners of the business.
How long will be keep your personal data for ?
We keep your personal data for as long as is necessary:
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of that data, the purposes for which we process it, whether we can achieve those purposes through other means, as well as legal, taxation and accounting requirements.
You can request more details of how we apply these criteria by contacting our Information Officer
When the need to keep your personal data ends, we either delete or anonymise it.
How do we keep your personal data secure?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your legal rights
Under the law, you have the right to:
If you wish to exercise any of the rights set out above, please contact our Information Officer by email to the address specified below. You will not have to pay a fee to exercise any of your legal rights as specified above. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the relevant your personal data (or to exercise any of your other legal rights). This is a security measure we take to help avoid your personal data being disclosed to a person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to help speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Contacting us
We have appointed an Information Officer who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact our Information Officer using the details set out below.
Email address of Information Officer: privacy@bitsoftware.ro
Postal address of Information Officer: BIT Software s.r.l, 1 Rozelor St. 500331 Brasov Romania
You have the right to make a complaint at any time to the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP). We would, however, appreciate the chance to deal with your concerns before you approach the (ANSPDCP).