At SmartArTool, your privacy is our priority. This Privacy Policy explains how we handle your personal data, detailing how we collect, store, process, and protect it. It also informs you of your privacy rights and how they are upheld under applicable data protection laws.

Table of contents

1. The Data We Collect: We collect several categories of personal data to provide and improve our services. This includes, but is not limited to:

• Personal Identification Data: Your name, username, and date of birth.
• Contact Information: Email addresses, phone numbers, and physical addresses.
• Financial Information: Payment method details, billing information, and transaction histories.
• Technical Data: IP address, device type, browser settings, and interaction data.
• Profile Data: Login credentials and preferences set within your account.
• Usage Data: Information on how you use our website, apps, and services.
• Marketing Data: Your preferences for receiving promotional materials from us and third parties.

Some of this data is gathered automatically, such as through cookies, while other information is provided by you directly.

2. How We Collect and Use Your Data: We collect your personal data in several ways:

• Direct Interaction: When you subscribe, register, or use our services, we collect personal details like your name, email, and payment information.
• Automated Collection: We use cookies, analytics, and tracking technologies to gather information about your online activity.
• Third-Party Sources: We may obtain additional data from third-party sources, such as social media platforms or partners.

Your data is used primarily for the following purposes:

• Account Management: To manage your account, process payments, and facilitate your access to our services.
• Service Improvement: To analyze your usage data, improve our services, and personalize your experience.
• Communication: To send you updates, promotions, or information about your orders or services.
• Legal Compliance: To comply with legal obligations or enforce our terms and conditions.

3. Data Controller and Processor: In accordance with the General Data Protection Regulation (GDPR), SmartArTool is the data controller responsible for your personal data. This means we decide how and why your data is processed. However, in some instances, we may act as a data processor, for example, when processing data on behalf of third-party service providers.

When we process data as a controller, we ensure that it is handled according to legal and contractual requirements. You are entitled to certain protections regarding your personal data under applicable EU law. We handle and process personal information, including electronic communications, in accordance with the GDPR (EU 2016/679) and the ePrivacy Directive (2002/58/EC), which establish requirements for collection, usage, storage, security, and management of personal data and related technologies.

4. Security and Retention of Data: SmartArTool implements robust security protocols to prevent your personal information from being lost, accessed without permission, misused, modified, or disclosed. It adheres to PCI security standards to ensure confidentiality, and all payment transactions are encrypted. You understand that your personal data might be stored outside the European Economic Area.

We take appropriate measures to protect your data from unauthorized access, loss, or misuse, including:

• Data Encryption: Sensitive personal data is encrypted to ensure secure transmission.
• Access Controls: Only authorized personnel have access to your data.
• Regular Audits: We conduct regular security assessments to ensure compliance with privacy standards.

Your data is retained only as long as necessary for the purpose for which it was collected:

• Account Information: Retained as long as your account is active.
• Financial Data: Retained for up to 10 years for compliance and audit purposes.
• Customer Service Data: Retained for up to 3 years to improve our support services.

Once the retention period expires, your data is securely deleted or anonymized.

5. Data Disclosure and Rights: We may share your data in the following situations:

• With Service Providers: We may share your data with third-party providers to assist with payment processing, customer support, or marketing efforts.
• For Legal Obligations: We may disclose your data if required by law, such as for regulatory compliance or legal processes.
• With Your Consent: We may share your data with partners or affiliates if you consent to such sharing.

We ensure that any third parties handling your data follow strict privacy and security protocols.

You have several rights concerning your personal data, including:

• Right to Access: You can request access to the data we hold about you.
• Right to Rectification: If your data is inaccurate, you can request corrections.
• Right to Deletion: You can request the deletion of your data if it is no longer necessary for us to retain it.
• Right to Object: You can object to certain processing activities, such as marketing communications.

To exercise these rights, please contact us at [email protected].

6. Policy Updates: We may tweak this Policy every once in a while. When we do, we’ll post the updated version here.

7. Contact Us: Reach out to us anytime:

• Email: [email protected]
• Phone: +35722272250 (Mon–Fri, 08:00–23:00 GMT+2)
• TARSEM LIMITED, Riga Feraiou 14, 1087, Nicosia, Cyprus.