This section is intended to help you understand:

  1. What information is collected about you
  2. How we use the information collected
  3. How information we collect is disclosed
  4. How we store and keep secure the information we collect
  5. How to access and control your information
  6. How we transfer information collected internationally
  7. Other important privacy information

Legal basis of the processing
Our Privacy Policy covers the information we collect about you when you use our products or services, or otherwise interact with us. We offer a wide range of products including cloud, server, email, newsletter software and data center products. We will refer to all of these products as “Services” within this statement.

The processing of your data is carried out only and exclusively if you give your consent, or if it is necessary for the execution of a contract signed by you or to fulfill a legal obligation (Article 6 par. 1 letters a, b, c) .

Identification of the owner
The owner of the processing of personal data is:

HAPPY BRAIN S.R.L.
Registered office address: Vicolo Ghiaia, 7 – 37122 Verona VR
PEC address: [email protected]
Tax code and VAT number: 04118300237
Verona Company Register
REA number: VR – 393606
Share capital: € 10,000.00 i.v.

Identification of the DPO
Happy Brain is not required to appoint a Data Protection Officer pursuant to art. 37 of the GDPR.

1. TYPE OF DATA PROCESSED


We collect information about you and your company when you use our services.

a) Registration for the service: We collect information about you when you create an account or register to make purchases or payments for our Services. For example, you need to provide your contact information and, in some cases, billing information when signing up for a Service.

b) Payment information:
To accept payments and make refunds in accordance with the stipulated contract. To prevent and detect fraud against you or our company (not pleasant, but absolutely essential).

c) Contact history:
We save information about you to provide support and assistance so when you contact us you receive the best possible assistance and our customer care has access to your previous inquiries.

d) Cookies and other tracking technologies:
We use cookies on our website. For more information on cookies visit the section dedicated to this link.

2. PURPOSE OF THE TREATMENT


Listed below are the specific purposes for which we use the information collected about you.

a) To provide the Services and personalize your experience:
We use information about you to provide the Services to you, such as processing transactions, logging into a dashboard, providing customer support, using and maintaining the Services.

b) For research and development:
We are always looking for ways to make our services smarter, faster, safer, more integrated and useful. We use collective analysis on how people use our services and the feedback provided directly to us to solve problems or identify trends, use, business models and areas for integration and improvement of services.

c) To communicate with you about the Services:
We use contact information to send transactional communications via email and in services, including purchase confirmations, subscription expiration reminders, updates, security alerts, or administrative messages.

d) For marketing and promotion purposes:
We use contact information and information about how you are using the services to send promotional communications that may be of specific interest to you.

e) Customer support:
We use your data to solve technical problems, to respond to requests for assistance, to analyze information and to repair and improve services. This includes any information about you that you choose to include such as: the summary and description added to an issue when opening a support ticket, or a discussion about our task manager, messages exchanged in the progress of the request, and all the answers you give us. Saved content may also include files and links added to those conversations.

f) For safety:
We use information about you and the use of the service to monitor suspicious or fraudulent activity and to identify violations of the service policies.

g) To protect our legitimate business interests and legal rights:
Where required by law or where we believe it is necessary to protect our legal rights, the interests and interests of others, we use information about you in connection with legal claims, compliance, regulatory and audit functions, and disclosure in relationship with the acquisition, merger or sale of a business.

h) Further additional consents:
We may use your information following further explicit consent for other purposes not listed above. For example, we may post testimonials or customer stories featured to promote the services, with your permission. If you have consented to the use of information about yourself for one of these specific purposes, you will still have the right to change your mind.
For example, you can choose not to receive promotional communications by using the “unsubscribe” link within each e-mail. However, you will continue to receive transactional messages regarding the services.

3. SUBJECTS TO WHOM DATA MAY BE TRANSFERRED


We do not sell your personal data to third parties (including your name, residential address, e-mail address and other data). However, in some cases we need to share your information.
We share information with third parties who help us operate, provide, improve, integrate, personalize, support and market our services.
We work with third party service providers such as hosting, maintenance, backup, archiving, payment processing, analysis. If a service provider needs to access information about you, they do so under strict control and we impose policies and procedures on them to protect your information.
The administrator, you or other users of the service can choose to add new features or change the behavior of the services by installing third-party applications within the Services.
This could give third-party applications access to your account and information about you such as your name and e-mail address and any content you choose to use in connection with such applications. We encourage you to review the privacy policies of third parties before linking or using their applications or services to learn more about their privacy and practical information management. The same goes for third-party links or widgets.

4. HOW WE STORE AND KEEP THE DATA SECURE


We use data from various hosting providers to host the collected information, and we use technical measures to protect the data.
All Webmail, POP, IMAP, SMTP services are accessible by default via SSL / TLS. We recommend configuring SSL on your projects to prevent the interception of data transmitted over networks and to limit access to databases and other storage points used.
To detect any software vulnerabilities, we use internally developed tools, as well as periodic tests to check for possible violations. No security system is impenetrable and due to the intrinsic nature of the Internet, we cannot guarantee that the data, during transmission over the Internet or during storage on our systems or in our care, is absolutely safe from intrusion by others.Transfer of data to non-EU countries:
We transfer, process and store information outside of our country of residence, wherever we or our third party service providers operate for the purpose of providing the services. Whenever we transfer information, we take steps to protect it.

5. HOW TO CHECK THE DATA IN OUR POSSESSION


Rights of the interested party:
You have the right to request a copy of the information, to object to our use of the information (including for marketing purposes), to request the deletion or limitation of the information.
Some of our services give you the opportunity to access and update some information about you within the Service. For example, you can access profile information from your account and search for content containing information about you in our task manager, ticketing system, Mail2Go platform.Retention period:
We keep your personal information as long as your account exists or for the period necessary to provide the services or (in the event that you contact Customer Service) for the time necessary to generate exclusively the trend analyzes and reports relating to assistance. Additionally, if reasonably necessary or required to comply with legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or to enforce our terms and conditions, we may retain some of your personal information even after your account or our services are closed. they are no longer required.Cancellation policy:
If you no longer wish to use our Services, you can send a cancellation within the terms indicated in the Service activation contract.

6. TRANSFER OF DATA


We transfer, process and store information outside of our country of residence, wherever we or our third party service providers operate for the purpose of providing the services. Whenever we transfer information, we take steps to protect it. Some of the third parties described in this privacy policy, who provide services to us under contract, are based in other countries that may not have privacy and data protection laws equivalent to the country in which you reside.
We make sure that our suppliers are GDPR compliant and, if they are located outside the European Union, we periodically check that their countries are present on the Guarantor’s website and / or have an active certification on https://www.privacyshield.gov / welcome.

7. OTHER INFORMATION


1. Our policy towards children
The Services are aimed at adults. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that one or more services have been activated for minors, we will take steps to delete this information. If you become aware that a minor has provided us with personal data, please contact our support services.2. Changes to privacy protection
In the event of significant changes to the following information, we will take care to highlight them on the website or by other means of contact such as e-mail, so that you can review these changes before continuing to use our site.3. Automatic processes for profiling
We collect information about you (anonymously) when you use our services, for example we track your behavior and the content browsing flow through Google Analytics, Google AdWords, Facebook ADS.This information includes the functions used; the links clicked; the type, size and names of the attached files uploaded to the services; your search terms.We do not use automatic desecration systems to determine your preferences or your behaviors.

During the provision of our services, Happy Brain may manage customer data on behalf of the customer. For this both parties undertake to respect the following provisions.

Data processing


This DPA applies where and only to the extent that Happy Brain processes Personal Data on behalf of the Customer in the course of providing the Services and such Personal Data is subject to the data protection laws of the European Union, the European Economic Area and / or their member states, Switzerland and / or the United Kingdom (hereinafter referred to as “Customer Data”).

This DPA forms part of the Agreement, the Privacy Policy and other relevant policies and documents announced on our website.

This DPA will be valid and legally binding only for the physical / legal entity indicated in the User Area account and only for the Services purchased directly from Happy Brain within the respective account.

This DPA will be effective and will replace all terms previously applicable to privacy, data processing and / or data security.

Each party will comply with the obligations applicable to it under the European Data Protection Legislation in relation to the processing of such Customer data.

Type of data


The Customer may send Customer Data in the course of its use of the Services, the extent of which is determined and controlled by the Customer in its sole discretion and which may include, by way of example but not limited to, the Personal Data relating to the following categories of subjects of the data:

  • prospectuses, customers, business partners and suppliers of the Customer (who are natural persons and legal persons);
  • employees or contact persons of customers, customers, business partners and suppliers;
    employees, agents, consultants, freelancers of the Client (who are natural persons);
  • Customer users authorized by the Customer to use the Services;
  • subjects who transmit data through the Services, including people who collaborate and communicate with the Customer or the Customer’s end users;
  • subjects whose data is provided to Happy Brain through the Services by or on behalf of the Customer or by the Customer’s end users.

Roles


The parties acknowledge and accept that:

Happy Brain is a Customer Data Processor under the European Data Protection Legislation;
The Customer is a Data Controller or Data Processor, if applicable, of the Customer Data under the European Data Protection Legislation; and has obtained all necessary consents and rights under the Data Protection Laws for Happy Brain to process Customer Data and provide the services in accordance with this Agreement and this DPA;
Happy Brain (Data Processor) will operate solely and exclusively on the basis of written requests sent by the Customer (Data Controller). Happy Brain may act differently only and exclusively when required by Italian and / or European legislation.

Instructions for data processing


The Customer instructs Happy Brain to process the Customer Data only in accordance with the applicable law:
provide the Services and related technical and other support;
as initiated by the Client and end users in their use of the Services;
as specified in the Agreement, Terms of Service, Privacy Policy and other relevant policies governing the provision of the Services and related technical and other support.

Access


Happy Brain cannot access or use Customer Data, except as necessary to provide the Services and related technical support to the Customer in accordance with the DPA, the Agreement and other relevant policies.
Happy Brain will only process Client Data on behalf of and in accordance with Client’s documented instructions for the following purposes:
Provide the Services and related technical support in accordance with this DPA and with the Orders to which it applies;
Process the data provided by Users in accordance with our terms of Service;
Process the data in order to maintain and improve the services.

Customer Processing


The Customer, in his use of the Services, will process his Data in accordance with the requirements of the Data Protection laws and regulations applicable to them. The Customer is solely responsible for the accuracy, quality and legality of their Data and the means by which the Customer has acquired this Data.

Access, rectification, portability and cancellation


During the Applicable Term, Happy Brain, in a manner consistent with the functionality of the Services, allows the Customer to access, rectify and limit the processing of the Customer Data, including by deleting all or some of the Customer Data under their account or deletion of the entire account.

Happy Brain will allow the Client to delete the Client Data during the applicable duration in a manner consistent with the functionality of the Services and the characteristics according to the respective Order. If the Client uses the Services to recover or delete the Client Data and the Client Data cannot be recovered, this will constitute an instruction to Happy Brain to erase the Client Data stored on the backup systems in accordance with applicable law and within a maximum period of 60 calendar days.

The deactivation of the Services or the expiry of the applicable Term will constitute an instruction to Happy Brain for the deletion of the Customer Data stored on the backup systems within a maximum period of 60 calendar days.

Disclosure of data


Happy Brain will not disclose Customer Data to any government, law enforcement or other authority, except as necessary to comply with law or a valid and binding order from a law enforcement agency (such as a subpoena or injunction of the court).

Happy Brain restricts its staff from processing customer data without authorization from Happy Brain. Access to customer data is limited to personnel who perform a role and responsibility in accordance with the Agreement. It imposes adequate contractual obligations on its staff, including obligations relating to confidentiality, data protection and data security. Happy Brain guarantees that these confidentiality obligations survive the termination of the personal assignment.

Sub-Distributors


The customer acknowledges and accepts that:
Happy Brain Partners could be considered Sub-processors;
Happy Brain and Happy Brain partners may employ sub-processors to be able to provide their respective Services. Happy Brain has made a written agreement with each Sub-processor containing the obligations for data protection, no less restrictive than what is contained in this DPA

Location of treatment


In the event that the Customer has specified a Data Center outside the European Economic Area and in the event that Happy Brain provides the Service and related support of a technical or other nature, the Customer accepts that Happy Brain could access and process data in the EEA, United States and other countries where Happy Brain and / or its Partners and Sub-processors own Data Centers, offices or perform data processing operations.

To the extent that Happy Brain processes or transfers (directly or by onward transfer) Personal Data under this DPA from the European Union, the European Economic Area and / or their member states and from Switzerland (“EU Data”) to countries o to countries that do not ensure an adequate level of data protection under the applicable data protection laws of the aforementioned territories, the parties agree that Happy Brain is deemed to provide adequate safeguards for such data by virtue of the certification of compliance with the Privacy Shield . The customer authorizes any transfer of EU data to, or access to EU data, from such destinations outside the EU provided that such measures have been taken.

Treatment of archives


The customer acknowledges that Happy Brain is required, subject to the GDPR, to:

(a) collect and maintain records of certain information, including the name and contact details of any processor and / or controller on whose behalf Happy Brain is acting and, where applicable, the local and official data protection representatives of such processors / controllers;

(b) make such information available to supervisory authorities. Consequently, if the GDPR applies to the processing of Customer data, the Customer may, when requested, provide such information to Happy Brain through the Site or other means provided by Happy Brain, and may use the Site or such other means to ensure that all information provided is kept accurate and up to date.

Responsibility and safety


Happy Brain will implement and maintain technical and organizational measures to protect Customer Data from destruction, loss, alteration, unauthorized disclosure or access, accidental or illegal as described in Appendix 2 (“Security Measures). The Security Measures include measures to provide the encrypted transmission of customer data outside the Service environment; to help ensure the ongoing confidentiality, integrity, availability and resilience of Happy Brain systems and services; to assist in the timely restoration of access to Customer Data from an available backup copy provided by the Happy Brain Backup Services or from a private copy of the Customer following an accident; and for regular efficacy tests.
Happy Brain may update or modify the Security Measures from time to time, provided that these updates and changes do not result in the degradation of the general security of the Services. Happy Brain will reasonably assist the customer in compliance with the obligations established by the GDPR in relation to the security of processing, notification in the event of a data breach and on the assessment of the impact on the protection of personal data.

The Client is solely responsible for his own use of its Services, including:

  1. make appropriate use of the Services to ensure a level of security appropriate to the risk towards Customer Data;
  2. protect the authentication credentials of the account, systems and devices that the customer uses to access the Service;
  3. make sure that all programs, scripts, addons, plugins and other software installed on the account are safe and that their use does not pose a security risk with respect to the Customer’s data and the account itself;
  4. protect all programs, scripts, addons, plugins and other installed software, their configuration and their regular maintenance;
  5. any contents of the account;
  6. any action and activity on the account;
  7. backup your data;
  8. Happy Brain has no obligation to protect the Customer Data that the Customer decides to store or transfer outside the systems of Happy Brain and its sub-processors (for example, offline or on on-premise storage), or to protect the Customer Data implementing or maintaining Additional Security Controls except to the extent that the Customer has chosen to use.
  9. The Client acknowledges and agrees that (taking into consideration the implementation costs and the nature, purpose, context and purpose of the Client Data processing and the risk to individuals) the Security Measures implemented and maintained by Happy Brain as described in the Section 7.1 provide a level of security appropriate to the risk in compliance with Customer Data.
  10. It is the Customer’s responsibility to backup Customer Data and any data and consent stored in the account to prevent any possible loss of data.

Security breach notifications


Happy Brain maintains security incident management policies and procedures and will notify Customers without delay upon learning of destruction, loss, alteration, unauthorized, accidental or illegal disclosure, or access to Customer Data, including transmitted Customer Data. , stored or Processed in any way by Happy Brain or by the Sub-processors of which Happy Brain is made aware (a “Customer Data Incident”). Happy Brain shall make reasonable efforts to identify the cause of such Incident and do what Happy Brain deems necessary and reasonable to remedy the cause of such Customer Data Incident to the extent that the remedy is within Happy Brain’s reasonable control. . The duties mentioned herein do not apply to accidents caused by the Customer, the use of the Customer’s Services, the Customer’s actions or the Customer’s activities or Users.

The notification of or response to a Data Incident by Happy Brain under section 10 should not be construed as an admission by Happy Brain of guilt or responsibility towards the Data Incident.

Liability and Indemnity


10.1. The Client should indemnify and keep Happy Brain indemnified against all data protection breaches and losses suffered or caused by, arising from or in connection with:
(a) any non-compliance by the Client with data protection laws and regulations;
(b) any breach arising from the Client or its data protection duties under this Agreement;
10.2. Happy Brain will be responsible for data protection flaws and losses caused by the Processing of Customer Data only to the extent directly resulting from Happy Brain’s failure to fulfill its duties as Data Processor under the Data Protection laws and regulations.

Conclusion


This DPA will take effect from the Effective Date until the end of the provision of the Services by Happy Brain under the applicable Agreement, including, if applicable, any period during which the Services have been suspended and any post-termination period (in this case 60 Calendar days) during which Happy Brain may continue to provide Services for Transition purposes. The DPA will automatically expire upon deletion of all Customer Data from Happy Brain. Upon expiration of the contract Happy Brain will remove or return all personal information to the Customer should this be requested. In no way when stated by this DPA does it relieve Happy Brain from its direct responsibilities under the GDPR

Welcome to our agreement on Terms and Conditions relating to our hosting plans.
Acceptance of these Terms is mandatory and binding in order to activate and use the services you have chosen.

1. REGISTRATION


You must be at least 16 years old to use our service.
By registering with your information, you guarantee that the services offered are exclusively for your use and not for the use of third parties and that all information provided is true and accurate. Make sure you keep all your data up-to-date in case of changes by contacting us promptly at [email protected]

2. CONTENTS


We cannot be responsible for the content you create or the content you access while using our hosting plans. Be careful how you use our services.
If you are violating the laws, posting obscene content or abusing our infrastructure, we have the right to prevent you from making this use. You are also responsible for actions committed by other people or collaborators who use your access to our services, as we have no way of distinguishing your actions from the actions of your sub-users. Be careful who you give your information to – it’s to protect us and you!

3. THIRD PARTY SERVICES


When you access third party resources on the Internet, you do so at your own risk.
These other resources are not under our control and therefore we are not responsible for the content, functions, accuracy, legality, adequacy or any other aspect of such websites or resources.
The inclusion of these components does not imply our approval or any association between us and their operators.
For this you acknowledge and agree that we will not be liable, directly or indirectly, for any damage or loss caused in connection with the use or reliance on such content, goods or services available on or through any website or resource of this type.
It is your responsibility to protect the system from elements such as viruses, worms and other elements of a destructive nature.

4. PAYMENT


We currently accept payment via PayPal and bank transfer.
However, it is possible to contact us at [email protected] to discuss potential alternative payment methods. The service is billed annually (approximately the first of the month prior to expiration) and tacitly renewed upon expiration.

5. RENEWAL


All hosting plans provide for tacit renewal upon expiration. In the event that it is your intention to interrupt the service, send an email within 30 days before the deadline to [email protected]

6. SUSPENSION OF THE SERVICE


If you violate these Terms of Service, we have the right to suspend your account. These actions are reserved for the most drastic offenses; you will most likely receive a warning and can continue using our services until the unwanted behavior ceases.

7. OTHER EXCEPTIONS


Neither you nor we can be held responsible for failure to comply with these terms, given circumstances beyond reasonable control (e.g. extreme weather conditions, natural disasters, telecommunications outages, internet disturbances, etc.).

8. DISPUTES


We really hope that we never have to get into litigation with our subscribers and imagine that most people feel the same way. If it gets to that point, we will agree to discuss it and find a solution. You can send any complaint to [email protected]
If we do not find an agreement, the resolution will take place in arbitration at the court of Verona.

9. SECURITY


We use data encryption for which we believe we must guarantee an adequate level of security to the risk of their loss or theft.
We keep the logs in accordance with the law for the period prescribed by Italian law.
To detect any software vulnerabilities, we use internally developed tools, as well as periodic tests to check for possible violations.
We have always made encryption available to protect data in transit. All Webmail, POP, IMAP, SMTP services are accessible by default via SSL.
REQUEST A COPY OF THE EXTENDED CONDITIONS