Privacy information
Privacy Policy
This policy explains how we process personal data collected through the TamePulse website, private demo requests, free trials, plans, payments, and the newsletter.
1. Controller and contact
The Data Controller is Enrico Venezia, based in Fara Gera d’Adda (Italy), VAT/Tax ID IT10996290960.
For privacy requests or data subject rights, contact us at hello@tamepulse.com.
2. Personal data we collect
We collect only the data needed to operate the website and handle requests voluntarily submitted by visitors.
- Private demo form data: name, email, company, role, operational process to improve, tools used, and contact preference.
- Free trial requests or commercial contact data: name, email, company, role, and information about the operational process.
- Plan purchase data handled through Stripe, such as billing data, payment status, selected plan, and information needed to manage access, support, or refunds.
- Newsletter data: email, consent text, form language, consent version, date, and double opt-in status.
- Technical and security data: source URL, technical tokens, hashed IP and user agent, and logs needed to prevent abuse and evidence consent.
- Website analytics and interaction data, when these tools are active: pages viewed, events, referrer, device/browser data, cookie identifiers, and aggregated interactions such as clicks, scrolling, heatmaps, or session replay.
3. Purposes and legal bases
We process personal data only where a legal basis exists under Article 6 GDPR.
- Replying to demo requests, free trials, or commercial contacts: pre-contractual steps and legitimate interest.
- Managing purchases, billing, plan access, support, and refund requests: pre-contractual or contractual steps and legal tax/accounting obligations.
- Sending newsletter and product communications: consent.
- Recording evidence of consent and double opt-in: legal obligation and legitimate interest in protecting our rights.
- Maintaining security and preventing form abuse or spam: legitimate interest.
- Improving content and product positioning using aggregated data or voluntary feedback: legitimate interest.
- Measuring traffic, website performance, and page interactions through analytics or behavioral analysis tools: consent, where required by applicable law.
4. Providers and third-party services
We use technical providers that may process personal data on our behalf or as independent controllers, limited to what is necessary for the service.
For the newsletter, the email address may be processed through Mailjet/Sinch Mailjet to send the double opt-in confirmation link. Submitting the form does not activate the newsletter subscription: the subscription is completed only after clicking the confirmation link received by email.
- WordPress and hosting infrastructure to publish the website, receive forms, and maintain technical security.
- Fidaro for the newsletter consent ledger and double opt-in flow.
- Mailjet/Sinch Mailjet for transactional email delivery and newsletter list management.
- Any SMTP provider configured in WordPress to deliver private demo requests, free trials, or operational communications.
- Stripe to handle checkout, payments, billing, fraud prevention, and any refunds.
- Google Analytics for aggregated statistics about traffic, sources, and website usage.
- Microsoft Clarity for behavioral analysis, heatmaps, session recordings, and user experience diagnostics.
5. Retention
We keep data only for as long as needed for the purposes described and any applicable legal obligations.
- Private demo requests, free trials, and commercial contacts: normally up to 24 months from the last interaction, unless an operational relationship follows.
- Purchase, billing, and refund data: for the period required by tax, accounting, and legal protection obligations.
- Newsletter consent and double opt-in logs: for the duration of the subscription and afterwards for the period needed to evidence consent.
- Technical and security logs: for the time strictly needed to prevent abuse and maintain website security.
6. Transfers outside the EEA
Some providers, including email or cloud infrastructure services, may process data outside the European Economic Area. In those cases, transfers rely on appropriate safeguards such as adequacy decisions, standard contractual clauses, or other mechanisms provided by the GDPR.
7. Data subject rights
You may request access, rectification, erasure, restriction, portability, objection to processing, and withdrawal of consent where applicable.
You can exercise your rights by contacting hello@tamepulse.com. You also have the right to lodge a complaint with the competent supervisory authority, including the Italian Data Protection Authority.
8. Updates
This policy may be updated when the product, providers, purposes, or legal requirements change. The last updated date appears above.