1. Scope
This Privacy Policy explains how Arisius Software processes personal data through its website, BPS Pro registration, BPS Pro desktop software, support communication, subscription administration, invoicing, and connected services.
BPS Pro is business software. Company administrators are responsible for ensuring that the company and its users only enter and process data they are allowed to process.
2. Data we process
Depending on how BPS Pro is used, we may process company details, contact details, account details, login information, subscription information, support messages, invoice data, Peppol-related identifiers, uploaded documents, application settings, and technical logs needed to keep the service reliable and secure.
For website visitors, we process the information submitted through forms and the technical data needed to deliver the website.
3. Why we process data
We process personal data to create and manage accounts, deliver BPS Pro, provide support, process subscriptions and payments, send administrative messages, secure the service, prevent abuse, comply with legal obligations, and improve the reliability of our software.
4. Google Gmail access in BPS Pro
BPS Pro can let a user connect a Gmail mailbox so BPS Pro can send outgoing emails from that mailbox. This connection is optional and must be started by the user.
BPS Pro uses Google Gmail access only for sending email messages that the user chooses to send through BPS Pro. BPS Pro does not use this access to read, monitor, delete, analyze, or sell Gmail inbox content.
BPS Pro also requests basic Google identity information, such as the connected account email address and display name, so the mailbox can be shown correctly in BPS Pro after sign-in.
The Gmail permission used by BPS Pro is limited to sending mail. OAuth tokens are stored so the mailbox can remain connected, and they are used only to maintain the sending connection requested by the user.
BPS Pro's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
5. Service providers
We use selected service providers to operate BPS Pro and the website. This can include hosting, email delivery, payment processing, electronic invoicing, security, backups, and support tooling. These providers may only process data as needed to deliver their service to us.
Payment information is processed through Stripe. Electronic invoicing may use external Peppol and accounting service providers when enabled for a company.
6. Security
We use technical and organizational measures intended to protect data against unauthorized access, loss, misuse, and alteration. No system can be guaranteed to be completely secure, but we work to keep access limited and controlled.
7. Retention
We keep data only as long as needed for the purposes described in this policy, for legal or accounting obligations, for security, or for resolving disputes. Data stored in BPS Pro may be kept while the company account remains active and for a reasonable period afterwards.
8. Your rights
Where applicable under privacy law, you may request access, correction, deletion, restriction, objection, or portability of your personal data. You can contact us using the details above. We may need to verify your identity before handling a request.
9. International processing
Some service providers may process data outside your country. When this happens, we rely on appropriate legal safeguards where required.
10. Changes
We may update this Privacy Policy when our services, legal requirements, or processing practices change. The latest version is published on this page.