Version 1.0 - February 29, 2020
The React Bricks CMS service (from now on referred also as "we") may collect some personal data from its users (from now on referred as "you").
We are committed to protecting your personal data and to be very transparent about personal data collecting and processing.
This Privacy Notice, in compliance with the General Data Protection Regulation EU 2016/679 (GDPR), explains clearly what data we process, why we need them and how we collect and process them.
F2 .net engineering s.r.l.
Via Tasso, 50 - 24121 Bergamo (BG) - Italy
2.1 Personal information you provide to us
Upon registration we collect your first name, last name, company name and e-mail address.
In React Bricks Dashboard you can provide further information, such as an image for you profile (avatar) and an account name.
When you contact us for support or other customer service requests, we collect any information provided by you related to such support or service requests.
We don't collect financial information from you (such as your payment card number, expiration date or security code). All payments to us are handled via a third party, Paddle Ltd (https://paddle.com). You may find their Privacy notice at https://paddle.com/gdpr.
2.2 Personal information we collect automatically when you use our services
When you access or use our Services we automatically collect information about your use of the Services, including the type and version of your browser, machine and device you use, access time, usage time, pages viewed, debug information, your IP address, the page you visited before navigating to our Services and other statistics.
We collect your Personal Information to:
3.2 Legal basis
For individuals in the European Economic Area, our processing of your Personal Information is justified on the following legal basis:
We take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of your personal data. The data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated.
Your personal data is processed at our operating offices in Italy and in any other place where the parties involved in the processing are located. For a full list of third parties involved, see point 6 ("Data processed by third parties").
In addition to all of our company's personnel, your data may be disclosed to third parties in order to correctly fulfil the mentioned processing purposes (such as hosting services, administration, sales, marketing, legal). These third parties are appointed, if necessary, as third party data processors. Here we list the main third party processors. You may request us the updated list of these parties at any time.
6.1 Payment processing
6.2 Hosting and backend infrastructure
Our Services are not for use by children under the age of 16 years and we do not knowingly collect, store, share or use Personal data of children under 16 years. If you are under the age of 16 years, please do not provide any Personal data, even if prompted by the Services to do so. If you are under the age of 16 years and you have provided Personal data, please ask your parent(s) or guardian(s) to notify us and we will delete all such Personal data.
Personal data shall be processed and stored for as long as required by the purpose they have been collected for. We may be obliged to retain Personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority. Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Sometimes it could be an unbearable effort to delete only your data from a compressed backup, so they will be permanently deleted as soon as a new backup replaces the preceding one. Your personal data will not be restored to production systems except in certain rare instances, for example the need to recover from a natural disaster, serious technical or security problem. In such cases, your personal data may be restored from backups, but we will take the necessary steps to erase your data again as soon as possible.
We want to make sure that you are fully aware of all of your data protection rights in accordance to GDPR, which are the following: