Legal

Privacy Policy

Last updated: 1 January 2025 · Effective date: 1 January 2025 · Version 1.0

Summary: This policy covers only the bpmine.com website — what data we collect when you visit or contact us, why we collect it, and what your rights are. We collect only what is necessary to respond to your enquiries and operate this website.

Contents

1.Who we are
2.What this policy covers
3.Data we collect and why
4.Legal basis for processing
5.Data retention
6.Sharing and international transfers
7.Your rights under GDPR
8.Cookies
9.Security
10.Changes to this policy
11.Contact us

1. Who we are

BPMine ("we", "us", "our") is the operator of bpmine.com and the data controller for personal data processed in connection with this website and our communications with visitors and prospective customers.

Websitebpmine.com

Emailinfo@bpmine.com

2. What this policy covers

This Privacy Policy applies exclusively to:

Visitors to bpmine.com and any of its subdomains;
Individuals who contact us via the demo request form, email, or any other communication channel available on this website.

This policy does not cover any data processing that occurs within the BPMine software platform once it has been deployed inside a customer's own infrastructure. The BPMine product operates entirely on-premise — no data from customer deployments is transmitted to us or processed by this website.

3. Data we collect and why

Category	Data collected	Purpose
Contact enquiries	Name, email address, company name, phone number, message content	Responding to demo requests and deployment enquiries submitted via this website
Website analytics	Anonymised IP address, browser type, pages visited, time on site, referral source	Understanding how visitors use our website and improving its content
Email communications	Email address, name, message history	Managing follow-up correspondence with visitors who have contacted us
Cookies	Session identifiers, consent records	Basic website functionality and recording your cookie preferences — see Section 8

We collect only the personal data that is necessary for the purposes described above. We do not collect special categories of personal data (Article 9 GDPR), we do not engage in profiling, and we do not process data relating to children under 16.

4. Legal basis for processing

We rely on the following legal bases under Article 6 of the GDPR:

Legitimate interests (Art. 6(1)(f)): Responding to visitor enquiries, managing our communications, and operating and improving this website. We have balanced these interests against your rights and concluded that they do not override your fundamental rights and freedoms.
Contract (Art. 6(1)(b)): Where processing is necessary to take steps at your request prior to entering into an agreement — for example, when you request a product demo.
Consent (Art. 6(1)(a)): For non-essential cookies and any marketing communications, where you have given explicit consent. You may withdraw consent at any time without affecting the lawfulness of prior processing.
Legal obligation (Art. 6(1)(c)): Where we are required to process or retain data to comply with applicable EU or national law.

5. Data retention

We retain personal data only for as long as necessary for the purpose for which it was collected:

Contact and enquiry data: Up to 2 years from the date of last contact, unless an ongoing business relationship requires a longer period.
Email correspondence: Up to 3 years, unless a longer retention period is required by law.
Anonymised website analytics: Up to 24 months.
Cookie consent records: 12 months from the date of consent.

You may request deletion of your personal data at any time by contacting us at info@bpmine.com. We will comply within the timeframes required by GDPR, unless we have a legal obligation to retain the data.

6. Sharing and international transfers

We do not sell, rent, or share your personal data with third parties for their own purposes. We may share data only in the following limited circumstances:

Service providers: Trusted processors such as email hosting or CRM tools, who act on our instructions under data processing agreements and are bound by GDPR-equivalent obligations;
Legal requirements: Where we are required to disclose data by law, court order, or regulatory authority.

International transfers

Where any of our service providers process personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR — including Standard Contractual Clauses (SCCs) approved by the European Commission, or adequacy decisions where applicable.

7. Your rights under GDPR

If you are located in the European Economic Area, you have the following rights in relation to your personal data. To exercise any of them, please contact us at info@bpmine.com. We will respond within 30 days.

Right of access (Art. 15): Request a copy of the personal data we hold about you.
Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
Right to erasure (Art. 17): Request that we delete your personal data where there is no longer a lawful basis for processing it.
Right to restriction (Art. 18): Request that we temporarily suspend processing of your data in certain circumstances.
Right to data portability (Art. 20): Receive a copy of your data in a structured, machine-readable format, where technically feasible.
Right to object (Art. 21): Object to processing based on legitimate interests, including for direct marketing.
Right to withdraw consent (Art. 7(3)): Where processing is based on consent, withdraw it at any time via your browser settings or by contacting us.
Right to lodge a complaint: You have the right to lodge a complaint with the supervisory authority in your EU Member State. A list of EU data protection authorities is available at edpb.europa.eu.

8. Cookies

We use only the cookies necessary to operate this website and record your preferences:

Cookie	Type	Purpose	Duration
session_id	Strictly necessary	Maintains your browser session	Session
cookie_consent	Strictly necessary	Records your cookie consent choice	12 months
_analytics	Analytics (opt-in)	Anonymised usage statistics to improve the site	24 months

Strictly necessary cookies are set without requiring consent, as they are essential for the website to function. Analytics cookies are only placed with your explicit consent. You may manage or withdraw consent at any time through your browser settings.

We do not use advertising, behavioural tracking, or third-party marketing cookies.

9. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure, in accordance with Article 32 GDPR. These include:

Encryption of all data in transit using TLS 1.2 or higher;
Access controls limiting who within our team can access contact data;
Regular review of our security practices.

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, inform you directly.

10. Changes to this policy

We may update this Privacy Policy from time to time. The date at the top of this page indicates when it was last revised. Where changes are material, we will provide reasonable notice before the new version takes effect — for example, via a notice on this website or by email if you have previously contacted us.

Continued use of bpmine.com after the effective date of any update constitutes acceptance of the revised policy.

11. Contact us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Emailinfo@bpmine.com

Websitebpmine.com

You also have the right to contact your local data protection supervisory authority. A directory of EU supervisory authorities is available at edpb.europa.eu.