At SpanSoft (“we”, “us” or “our”) we are committed to protecting your personal information and your right to privacy. Here we explain to you what information we collect, how we use it and what rights you have in relation to it. If you have any questions about our policy please contact us. This privacy policy applies to all information collected via our website. If there are any terms in this policy which you do not agree with, please discontinue use of our website. Our website address is: https://www.spansoft.org

What personal data we collect and why we collect it

We collect personal information which you voluntarily provide to us such as name, address and email address. This information is passed to us when you place an order via our online shop. We also collect credentials such as usernames and passwords for account access on our forums.

We do not collect payment data – payments, invoicing and billing are securely handled off-site by PayPal.

Information automatically collected

Some non-personal information such as IP address and/or browser and device characteristics is collected automatically when you visit our site. This information is primarily needed to maintain the security and operation of the website and for internal analytics and reporting purposes.

How we use your data

We use personal information gathered via our website for a variety of legitimate business purposes.

  • To facilitate account creation and login process This only applies to our forums
  • Fulfil and manage your orders
  • For other business purposes This may include data analysis, identifying usage trends and to evaluate and improve our website or products.

Who we share your data with

We only share and disclose your information with the following third parties.

  • PayPal for invoicing and billing
  • Google Analytics for web and mobile analytics

How long we retain your data

We will only keep your personal information for as long as is necessary for the purposes of our legitimate business interests. When we no longer have any need to process your personal information, we will either delete or anonymise it, or, if this is not possible (for example your information has been stored in backup archives) then we will securely store your information and isolate it from further processing until deletion is possible.

What rights you have over your data

  • Right of access. This is your right to know whether data we hold concerning you are being processed and if so, the right of reasonable access to it (GDPR Article 15).
  • Right to rectification. When personal data we hold are inaccurate you have the right to request that they be corrected (GDPR Article 16).
  • Right to erasure or right to be forgotten. You may request that your personal information is deleted (GDPR Article 17).
  • Right to restriction of processing. Simply said, your right to limit the processing of your personal data (GDPR Article 18).
  • The right to be informed. If your personal data have undergone an action as a result of one of the other “rights” mentioned here, then you must be informed (GDPR Article 19).
  • The right to data portability. This allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability (GDPR Article 20).
  • The right to object. You have the right to object to the processing of your personal data in certain circumstances. You have an absolute right to stop your data from being used for direct marketing (GDPR Article 22).
  • The right not to be subject to a decision based solely on automated processing. This includes profiling, which produces legal effects concerning you. You are protected when IT systems are carrying out solely automated decision-making that has legal or similarly significant effects on you (GDPR Article 22).

See also