1. Data Controller
Bienterra SL, operating under the trading name “Boxcurve,” located in La Matanza de Acentejo, Santa Cruz de Tenerife, Spain, is the data controller responsible for your personal data. If you have any questions or concerns about our data practices, you can contact our Data Protection Officer at gdpr@bienterra.com.
We collect minimal personal data necessary to manage your subscription and provide our services. The information we collect includes:
a) Personal Identification Information: (e.g., name, email address, phone number)
b) Professional Details: (e.g., job title, company name)
c) Technical Data: (e.g., IP addresses, browser type, device information)
Note: We do not collect or process any operational data that you generate or store while using our Software within your Microsoft environment. All such data remains fully within your control.
Your personal data is processed for the following purposes:
a) To provide, manage, and improve our services to you.
b) To communicate with you, respond to your inquiries, and offer customer support.
c) To comply with our legal obligations, such as tax and regulatory requirements.
d) To analyze trends and improve our products and services.
We process your personal data based on one or more of the following legal grounds:
a) Where required, we will obtain your express consent before processing your data. You may withdraw this consent at any time by contacting us.
b) To fulfill our contractual obligations to you, such as providing the services you have requested.
c) To pursue our legitimate business interests, such as improving our services, provided these interests are not overridden by your rights.
d) To comply with legal obligations, such as accounting or regulatory requirements.
We do not sell your personal data. However, we may share your data with:
a) Service Providers We may share your data with service providers, such as accountants or legal advisors, who assist us in fulfilling our legal, accounting, or regulatory obligations. These providers are bound by confidentiality and data protection agreements to ensure your data is handled securely and in compliance with applicable laws.
b) Legal and Regulatory Authorities: When required by law, we may disclose your data to governmental authorities or other entities as necessary to comply with legal obligations or to protect our rights.
c) Third Parties in Business Transactions: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will ensure that your privacy rights are upheld during such events.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. The criteria we use to determine retention periods include:
a) The nature of the data and the purpose for which it was collected.
b) Legal obligations to retain data.
c) The likelihood of the data being relevant to potential future legal claims.
7. Your Rights
Under the General Data Protection Regulation (GDPR), you have several rights concerning your personal data:
a) Right of Access: You can request access to the personal data we hold about you.
b) Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
c) Right to Erasure: You can request the deletion of your data, subject to certain conditions.
d) Right to Restriction of Processing: You can request that we limit the processing of your data in certain circumstances.
e) Right to Data Portability:You can request that your data be provided to you in a structured, commonly used, and machine-readable format.
f) Right to Object: You can object to the processing of your data based on legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us at gdpr@boxcurve.com. We may need to verify your identity before fulfilling your request.
Your data is stored and processed within the European Union. If, in the future, we need to transfer your data outside the EU, we will ensure that it is protected with appropriate safeguards, such as Standard Contractual Clauses or an adequacy decision by the European Commission.
We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security audits.
We may update this privacy policy from time to time to reflect changes in our data practices or legal requirements. If we make significant changes, we will notify you by email or through our website at least 30 days before the changes take effect. Your continued use of our services after the changes are implemented will signify your acceptance of the revised policy.
11. Contact Information
If you have any questions or concerns about this policy or our data practices, please contact our Data Protection Officer at gdpr@boxcurve.com.