BTA’s Privacy Policy

BTA ("BTA", "we" and "us") refers to BTA Commerce, Inc, a Delaware corporation.

This policy regarding our privacy practices (the "Privacy Policy") describes how we treat the information we collect when you visit and use bookthatapp.com (the "Site") and/or BTA’s other domains, products, services, and/or content, including all applications (collectively with the Site, the "Services"). When you use the Services, you also consent to the collection, transfer, manipulation, storage, disclosure, and other uses of your information as described in this Privacy Policy.

BTA respects the privacy of individuals, and thereby we want to give individuals using our services information concerning our data processing activities in a transparent manner. To achieve this goal, the information presented in this BTA Privacy Policy is provided using as clear and plain language as possible. However, should you have any inquiries or questions regarding our data processing activities or the information presented in this Privacy Policy, please feel free to contact us at the "Contact Us" page on our website or by sending an email to [email protected].

This Privacy Policy has been prepared in order to meet the requirements set out in the EU General Data Protection Regulation ("GDPR"), which is directly applicable in all Member States in the European Union as of 25 May 2018. BTA is committed to comply with the obligations related to the processing of personal data under the applicable data protection legislation.

This Privacy Policy does not apply to the practices of third parties that we do not own, control, or manage, including but not limited to any third-party websites, services, applications, or businesses ("Third Party Services"). We encourage you to carefully review the privacy policies of all Third Party Services you access.

This Privacy Policy doesn’t govern what our users do on their BTA Sites, and we aren’t responsible for the information collection and use practices of our individual users.

What this Privacy Policy covers

This Privacy Policy covers our treatment of information gathered when you are using or accessing the Services. This Privacy Policy also covers our treatment of any information about you that our partners share with us or that we share with our partners.

When BTA is providing Services, depending on the circumstances, BTA may process personal data either as a data controller or as a data processor.

BTA as a data controller - Individual Users

BTA acts as a data controller within the meaning of the GDPR when it processes personal data related to individuals who have used and accessed and therefore provided their personal data to Services. Such individuals are data subjects within the meaning of the GDPR and are called Individual Users in this Privacy Policy.

The collection of Individual User Information, as well as the related processing activities, are described in the section "What we collect and how we use it" of this Privacy Policy.

Legal basis for the processing of Individual User Information

The legal basis for the processing of Individual User Information is consent from the Individual User. Before submitting any personal data to BTA, the Individual User is asked to give their voluntary, informed, and explicit consent to the processing of personal data during the Sign-Up process, as well as a link to visit this Privacy Policy for further information.

If you do not agree with the terms of this Privacy Policy or BTA’s Terms of Use related to Services, then we ask you not to provide us with your personal data.

By signing up to Services, the Individual User expressly consents to BTA’s collection, use, disclosure, and storage of Individual User Information as described in this Privacy Policy.

As a data subject, the Individual User has the right to withdraw their consent at any time. The Individual User may easily withdraw their consent by choosing to do so in BTA’s service.

Storage and deletion of Individual User Information

As a basic principle, BTA will not store Individual User Information any longer than is necessary to fulfill the purposes for which the Individual User Information was collected unless longer storage is required by applicable laws or regulations.

BTA’s current storage practice for Individual User Information is that such personal data will be deleted within ninety (90) days after the end of the subscription period. Thereafter, BTA maintains backups for a period of sixty (60) days before permanent deletion.

BTA as a data processor – Customer Users

BTA acts as a data processor within the meaning of the GDPR when it processes personal data related to individuals who have used and accessed Services on behalf of our Customers. Such individuals are called Customer Users in this Privacy Policy.

The collection of Customer User Information, as well as the related processing activities, are described in the section "What we collect and how we use it" of this Privacy Policy.

Legal basis for the processing of Customer User Information

The legal basis for the processing of Customer User Information is the legitimate interests of BTA and its Customers to provide BTA's Services to fulfill the contractual obligations.

Storage and deletion of Customer User Information

As a basic principle, BTA will not store Customer User Information any longer than is necessary to fulfill the purposes for which the Customer User Information was collected unless longer storage is required by applicable laws or regulations.

BTA’s current storage practice for Customer User Information is that such personal data will be deleted within ninety (90) days after the end of the subscription period. Thereafter, BTA maintains backups for a period of sixty (60) days before permanent deletion.

What we collect and how we use it

BTA collects and processes personal data when you use our Services, including when you sign up for an account, visit or use our websites, use our mobile applications, or communicate with us. We may also collect information when you interact with our partners.

Information You Provide to Us

When you sign up for an account, we may collect your name, email address, phone number, company name, and other contact or demographic information you choose to provide.

When you use our Services, we may collect the information you provide in relation to that use, such as billing and shipping information, transaction and payment details, as well as information about the products you buy, sell, or rent.

Information We Collect Automatically

We may automatically collect certain information about how you use our Services, such as your Internet Protocol (IP) address, operating system, browser type, device identifiers, device settings, and cookie information.

We may receive and store information about your location as provided by your device or browser.

Information We Collect from Third Parties

We may receive information about you from our partners, such as payment processors or advertising partners. We may also receive information about you from public sources, such as social media platforms or regulatory authorities.

Cookies and Other Tracking Technologies

We may use cookies and other tracking technologies to track your activity on our websites, mobile applications, and Services. Cookies are small data files that are stored on your device and allow us to remember your preferences, track your activity, and improve our Services.

Information Shared with the Public Through the Services

Content published through the Services and many actions you take on the Services are shared with the public. Because this kind of information can be seen by anyone and may be indexed by search engines (like Google Search), you should be careful about what you choose to disclose publicly and make sure it’s information you want to share with everyone. The content you create on BTA is, by default, public.

Information Shared Between the Services

We may, if possible, aggregate information about your use of multiple Services and use that consolidated information to enhance and improve the Services and to develop new Services.

Information Shared with Our Agents in Order to Operate and Improve the Services

In some cases, we share information that we store (such as IP Addresses) with third parties, such as service providers, consultants, and other agents ("Agents"), for the purposes of operating, enhancing, and improving the Services and developing new products and services. Our Agents do not have any right to use the information we share with them beyond the scope and duration of what is necessary to assist us. BTA will not sell personal data to third parties nor make personal data available to them for other purposes than to enable the use of the Services. BTA may utilize third-party processors to perform data processing on BTA’s behalf. In this case, such third-party service providers are required to comply with this BTA’s Privacy Policy, data processing agreement, and any other appropriate technical and organizational measures. Should BTA transfer any personal data collected or processed via Services to any third party, BTA will ensure at all times that the third-party service provider will be bound by appropriate contractual guarantees with respect to such third party’s obligations in accordance with applicable data protection law and ensuring all times that personal data will remain protected in accordance with at least the same standards as under this Privacy Policy.

Transfers of Personal Data

BTA processes and stores personal data primarily within the European Union. However, personal data may be transferred, in compliance with applicable regulations, to the United States and/or other third countries that do not have similar laws providing protection for personal data or that have different legal rules on data protection. Should BTA transfer personal data to such third countries, personal data will be protected as described in this Privacy Policy and in accordance with applicable law.

The Security of Your Information

Your Account Information is protected by a password for your privacy and security. We may enable additional security features in the future, like multi-factor authentication. You need to prevent unauthorized access to your Account and information by creating a unique, secure, and protected password and limiting access to your computer and browser by signing off after you have finished accessing your Account on the Services.

We seek to protect your information (including your Account Information) to ensure that it is kept private; however, we can’t guarantee the security of any information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

BTA implements appropriate technical and organizational measures and procedures to ensure the protection of data subject’s rights, and always in accordance with applicable data protection law, as well as to protect personal data against accidental or unlawful destruction, loss, alteration, disclosure, access, and other unlawful forms of processing. BTA ensures that all persons processing personal data under its authority and supervision have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

In case of a data security breach leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, BTA will inform data subjects of the breach without undue delay, including a summary description of the potential impact and a recommendation on measures to mitigate the possible adverse effects of the breach.

BTA ensures that personal data has been pseudonymized or anonymized wherever possible. Services contain appropriate authorization mechanisms to avoid unlawful access, as well as effective encryption has been used to mitigate the risk of data security breaches. BTA will inform when an updated version of the service is available, and if the update is security critical, Individual Users will be prevented from using the old version of the service.

Furthermore, BTA recommends that data subjects take additional measures to protect information privacy by keeping confidential account information and passwords.

What Information You Can Access

If you are a registered user, you can access most information associated with your Account by logging into the Services and checking your Account Settings page. Registered and unregistered users can access and delete cookies through their web browser settings.

Rights of Data Subjects

As a data subject, you have the right to access, rectify, cancel, and object to the processing of your personal data by directing any such requests to BTA. BTA allows data subjects to exercise these rights by submitting a data subject request through Services or by contacting BTA at team@bookthatapp.com.

Furthermore, you have the right to lodge a complaint with a data protection supervisory authority.

Changes to This Privacy Policy

BTA may amend this Privacy Policy from time to time. Users may be required to accept the amended Privacy Policy upon logging in to Services to keep using the services. BTA will notify data subjects of any substantial changes to this Privacy Policy and processing activities well before the effective date of the changes by sending an email or in another effective manner to give data subjects a reasonable notice period to assess the consequences of such changes. If you do not agree to such a new version of this Privacy Policy, you may terminate the use of Services by notifying BTA via the service or by sending an email to [email protected]. In this event, you will not be bound by the new version of this Privacy Policy.

Should you have a question about the purposes of using Services determined by BTA’s Customers, please contact the Customer entity in question directly.

‍