🔥 Lite Plan for just €19.00/month! 🔥

SupportFast

Privacy Policy

This Policy describes the ways in which Supportfast (hereinafter, the “ Company ” or the “ Owner ”), owned by Elia Semprebon, with registered office in Via 8 Marzo n. 2 – CAP: 37012, Bussolengo (VR), VAT number 04921160232, processes the personal data (“ Personal Data ”) of customers (“ Customers ”) who purchase access to the “Supportfast” Software and Services, as governed by the relevant General Conditions (“ Agreement ”), of which this Policy is an integral part.

1. Data Controller

The Data Controller is Supportfast , Via 8 Marzo n. 2 – CAP: 37012, Bussolengo (VR), VAT number 04921160232. For any information or request regarding the processing of Personal Data, you can contact the Data Controller at the email address: [email protected] .

2. Categories of interested parties and type of data processed

This Notice concerns the processing of Personal Data:

  • Of the Customers (natural persons) who enter into the Contract with the Company.
  • Of subjects related to the Clients (e.g. attorneys, managing directors, founders, employees and/or collaborators), who are authorized by the Client to use the Software and the “Supportfast” Services.

The Personal Data processed includes, but is not limited to:

  • Identification and contact data (name, surname, email, telephone number).
  • Bank and tax details (IBAN, billing details).
  • Data relating to your use of the “Supportfast” Software and Services (for example, login information and activity log).

3. Purpose of processing and legal basis

  1. Software and Services Delivery
    • Purpose: to allow the conclusion and execution of the Contract with the Customer, and to fulfill the related legal obligations.
    • Legal basis:
      • Performance of the Contract and/or pre-contractual measures (art. 6(1)(b) GDPR).
      • Compliance with legal obligations (art. 6(1)(c) GDPR).
    • Consequence of failure to provide data : the impossibility of concluding the Contract and using the “Supportfast” Software and Services.
  2. Answers to Customer Requests
    • Purpose: to manage and respond to requests for information and/or assistance that the Customer sends to the Data Controller’s contact details or via the Software’s functions.
    • Legal basis: performance of the Contract and/or pre-contractual measures (art. 6(1)(b) GDPR).
    • Mandatory : processing is necessary to respond to customer requests.
  3. Extraordinary operations
    • Purpose: to evaluate and/or participate in extraordinary transactions (merger, acquisition, sale, spin-off).
    • Legal basis: legitimate interest of the Data Controller (art. 6(1)(f) GDPR).
  4. Right of defense
    • Purpose: to guarantee the Company’s right of defense in court or arbitration, in relation to any disputes arising from the Contract or from commercial relations with the Customer.
    • Legal basis: legitimate interest of the Data Controller (art. 6(1)(f) GDPR).
  5. Customer satisfaction surveys
    • Purpose: to collect voluntary feedback from Customers on the “Supportfast” Software and Services, in order to improve the Owner’s offering.
    • Legal basis: legitimate interest of the Data Controller in evaluating Customer satisfaction.
    • Voluntary nature : participation in these surveys is always voluntary.
  6. “Soft marketing” communications
    • Purpose: to send commercial, promotional and advertising communications via email regarding products or services similar to those already purchased by the Customer.
    • Legal basis: legitimate interest of the Data Controller (art. 130 co. 4 Privacy Code).
    • Right to object : the Customer may object at any time, without charge, by following the instructions provided in each communication or by contacting the Owner.
  7. Marketing (Newsletters and other non-similar communications)
    • Purpose: sending, via email and/or SMS, promotional and advertising material relating to the Data Controller’s products and services, even if not similar to those already purchased.
    • Legal basis: explicit, free and informed consent (art. 6(1)(a) GDPR).
    • Optionality : failure to consent does not affect the possibility of concluding the Contract or using the Software and “Supportfast” Services.
    • Revocation of consent : the Customer may revoke consent at any time by writing to the Owner or using the link present in each commercial communication. The revocation does not affect the lawfulness of the processing carried out before the revocation itself.

4. Processing methods and storage period

The Data Controller processes Personal Data using both paper and digital methods, in compliance with the principles of correctness, lawfulness, transparency and minimization (art. 5 GDPR). Personal Data is stored for the time strictly necessary for the purposes for which it is collected and, in any case, in compliance with applicable legal obligations (e.g. tax and accounting obligations).

5. Security measures

Taking into account the nature, scope, context and purposes of the processing, as well as the risks to the rights and freedoms of Customers, the Data Controller adopts appropriate technical and organizational measures to ensure the security, integrity and confidentiality of Personal Data, in accordance with art. 32 GDPR and industry best practices.

6. Recipients of Personal Data

Personal Data may be communicated, where necessary and in relation to the purposes described, to the following categories of recipients:

  • Persons authorized to process data (employees and/or collaborators of the Data Controller, trained pursuant to art. 29 GDPR), within the limits of their respective duties.
  • External consultants (e.g. legal, tax, labor, banking, insurance consultants), to the extent strictly necessary for the performance of their services.
  • Third-party companies or consultants involved in extraordinary transactions (merger, acquisition, sale, spin-off), subject to the signing of adequate confidentiality agreements.
  • Administrative, supervisory and/or judicial authorities, in cases provided for by law.

7. International Transfers of Personal Data

As a rule, Personal Data is not transferred outside the European Economic Area (EEA). If a transfer to third countries is necessary, this will occur:

  • Towards countries with an adequacy decision from the European Commission, or
  • After using the tools provided for by Articles 46 et seq. GDPR (e.g. standard contractual clauses), ensuring an adequate level of protection.

8. Rights of the interested party

At any time, the Customer may exercise the rights provided for by articles 15 et seq. GDPR by contacting the Data Controller at the email address [email protected] . In particular, the Customer may:

  • Obtain confirmation as to whether or not personal data concerning you exists (right of access ).
  • Request the correction of inaccurate data or the integration of incomplete data.
  • Request the deletion of data (so-called “right to be forgotten”).
  • Obtain restriction of processing.
  • Exercise the right to data portability to another owner.
  • Object to data processing.
  • File a complaint with the Data Protection Authority if you believe your rights have been violated.

Having read the above, the interested party consents to the processing of his/her Personal Data for marketing purposes (sending commercial and promotional communications, including the newsletter).

Supportfast

Via 8 Marzo n. 2 – ZIP: 37012, Bussolengo (VR)

VAT 04921160232

Email: [email protected]

Last revision date: 10/01/2025