Hot Chilli Software (referred to as “we”, “us”) is committed to protecting your privacy and processing your personally identifiable information (referred to as “PII” or “personal data” or “personal information”) with transparency. The PII we collect and process depends on the purpose of your visit and the service or services you have purchased or otherwise agreed to receive from us.
This privacy statement for personally indentifiable information:
- provides an overview of how we collect and processes your personal information and informs you about your rights according to the local laws for the protection of personal information and the European Union’s General Data Protection Regulation (GDPR).
- is addressed to natural persons who are either existing or prospective clients of Hot Chilli Software or are authorized representatives / assignees, or the beneficial owners of legal or natural persons who are existing or potential clients of Hot Chilli Software
- is addressed to natural persons who had a business relationship of this nature with Hot Chilli Software in the past
- contains information regarding when your PII will be conveyed to / exchanged with other companies or subcontractors of Hot Chilli Software and other third parties
- For the purposes of this statement, personal information is understood to be any information which is relevant to you, with which your identity is or can be identified and which include, for example, your name, email address, physical address, VAT number, IP address (only when we have collected it in conjunction with directly identifying information) or the information you submit in your private tickets.
Who are we
Hot Chilli Software is a partnership registered in Australia. We provide software and services. Our registered Australian Business Number is 3527 475 4574 and registered address Unit 21 / 8 St Jude Court Browns Plains QLD Australia.
If you want a copy of your personal information kept on file (“data portability right”) or delete the personal information we keep on file for you (“right to be forgotten”) please log into our site and use the GDPR Menu Item (https://hotchillisoftware.com/account/gdpr).
Which personal information we process and where do we collect it from
We collect personal information of our current and prospective clients through our web site. We never collect information in person, through any other means or using a third party representative.
Invoicing information. We collect the following personal information: your name, email address, physical address, company name (if applicable), company activity (if applicable), VAT number (if applicable), IP address, country based on your IP address and the User Agent string of the web browser you used when subscribing. This information is used to invoices upon successful payment of your purchase and for proving your country of origin.
IP address. Your IP address is temporarily collected whenever you are accessing our site in our web server’s logs, our security software’s logs and our download system’s logs. This information is used to ensure the security of our web site and to prevent abuse. IP address information is not directly identifiable information but if it’s stored in conjunction with your user account ID it might be an indirect identifier.
Support ticket information. Any identifiable information you provide when requesting support through our ticket system’s private tickets feature including but limited to connection information to your site(s) and any other personally identifiable information you may volunteer. We use that information to provide you with technical and account support and, generally, to answer your questions and address your requests.
Contact form information. Any information you volunteer by submitting a contact form through this web site’s Contact Us page. We use this information to respond to your requests.
Whether you are legally obliged to provide us your personal information
Your IP address in the context of security and abuse prevention is specifically exempt from requiring your consent per the European Union’s GDPR. We are legally required to ensure the security of your personal information through any appropriate technical means and that includes collecting your IP address in that context.
Any other personal information is volunteered by you in order for us to be able to provide our services to you. You are not legally required to provide it but unless you do we won’t be able to provide you the services agreed upon.
Why we process your personal information and what is the legal basis
We process your information for the following reasons
Contractual obligations We process your personal information to provide the software download and support services we have agreed upon when you subscribed to our services.
When logging in we automatically process your PII to protect you against unauthorized access to your account and ensure your account safety. We also display you parts of your PII for reasons of personalization of our site’s pages and ensuring that it’s clear who is the currently logged in user.
When you ask for a username reminder or password reset we automatically process your PII to provide the service requested.
When downloading our software we are automatically processing your PII to make sure that you have purchased access to the software you are trying to download and ensure that your account is not being abused.
When using our support ticket system we process your PII to reply to your request. We also automatically process your PII to send you automated email notifications about the handling of your request.
When using our contact form we process your PII to reply to your request. We also automatically process your PII to send you automated email notifications about the handling of your request.
When you are a subscriber we automatically process your PII send you automated transactional emails, i.e. reminders about your subscription expiration and any changes in your subscription’s status with us.
To comply with a legal obligation
There are certain obligations in accordance to local and international laws, as well as Directives issued by the European Union. These legal obligations require the processing of your personal information. In other cases we may receive a court order or otherwise be legally obliged to process or convey your personal information to third parties.
When you are subscribing we automatically process your PII to issue the legally required invoice and send you automated emails with the invoice and information about your purchase. The invoicing information is also sent to our Accountants and Auditors to comply with local tax regulations.
To protect our interests
We process your personal information to protect the legal interests of us and others.A legal interest exists when we have a business or commercial reason to use your information. Even then it must not be against what is fair to you and your best interests. Examples of such processing are as follows:
In case of a suspected abuse or an attempt to compromise, deteriorate, disrupt or otherwise interfere with of our services we may process PII to identify the perpetrator and pursue redress. Such steps may for example (not an inclusive list) include contacting the suspected offender or pursuing the matter legally.
In rare occasions we may send you a personal, manual email to address a concern regarding your subscription e.g. if there is an unexpected problem with your payment as we are notified by the company processing the payment.
In case of a serious security issue in our software where a public announcement is deemed inadequate we may send you an email informing you of the situation, the risks and what you can do.
Because you have given your consent If you have explicitly provided your consent the processing of your personally identifiable information draws its legality upon your explicit consent. You have the right to withdraw your consent at any time. However, any processing which took place before your consent’s withdrawal is not affected.
Who are the recipients of your personal information
While fulfilling our contractual or legal obligations your your personally identifiable information may be conveyed to our partners and subcontractors. These providers and suppliers are in contract with Hot Chilli Software with which they are obliged to uphold the confidentiality and protection of your personal information in accordance to the local data protection laws and the GDPR.
The recipients of your personal information are as follows.
- PayPal Australia for the purposes of processing payments submitted by PayPal
- Stripe for the purposes of processing credit card payments by Stripe.
- Google for the purposes of providing analytics and usage ingormation.
How We Deal With Your Personal Information for Marketing Purposes and Whether We Use Profiling for Such Activities
In general, we do not base our marketing activites on the personal information we have collected from our clients. We do not perform personalized marketing and we do not make use of profiling for marketing purposes.
How long do we keep your personal information
We retain your personal information for as long as we have a business relationship with you as evidenced by the existence of an active subscription or a log in to your account.
We are legally required to retain your invoicing information, both as an off-line backup and in the custody of our auditors, for a period of up to TEN (10) years after your purchase.
Your data protection rights
You have the following rights with regards to the personally identifiable information we keep on file for you:
- Access your personal information. This lets you for example get a copy of the personal data we keep on file for you and confirm that we are processing it legally. You can request a copy of your data through the Data Rights menu item on our site after logging into our site.
- Request the correction of the personal information we keep on you. This allows you to correct incomplete or inaccurate information we keep on file for you. This can be done from the My Profile menu item on our site after logging into our site.
- You have the right to object in cases where we process your personal information for reasons of direct marketing. This also includes profiling, to the extent that this is used for direct marketing. . *Ask the limitation of the processing of your personal information. This allows you to ask us to limit the processing of your personal information.
- Ask for a copy of the personal information pertaining to you in a structured, commonly used and machine readable format, to convey this information to other organizations. You may also request that we directly convey that file to another organization of your choice. This is also known as “data portability right”.
- Withdraw your consent regarding the processing of your personal information at any time. Please note that withdrawal of your consent at any time does not invalidate the legality of the processing based on your consent before that was revoked or withdrawn by you.
We will reply to your requests promptly and within 30 business days. If you have not received a reply from us for over three weeks (21 days) please retry contacting us with alternate means; most likely your request never reached us. Kindly note that we reserve the right to direct you to our site’s tools and / or this Privacy Statement if your concern is readily addressed by it. Per the law, we reserve the right to not reply to your requests if they are too often or are otherwise in abuse of the provisions of the law.
Changes in this Privacy Statement
We may periodically modify or amend this privacy statement.
When this happens we will change the date on the top of the page and keep a change log at the end of this page. We do not have the technical means to notify our clients about any changes. We recommend that you re-examine this statement periodically so that you are always updated on the way we process and protect your personal information.