Privacy Policy
Last updated: 2026-02-10
This Privacy Policy describes how Enrico Venezia, with registered office in Fara Gera D'Adda (Italy), VAT/Tax ID IT10996290960 (hereinafter, the "Controller", "we", "us", or "our"), collects and processes personal data in connection with the website tameclaw.com and the SaaS platform (the "Service").
We act as Data Controller for the personal data processed for account management, billing, security, and website operation.
For any privacy-related request you may contact us at: hello@tameclaw.com
1. Types of Personal Data Collected
We may collect and process the following categories of personal data:
a) Account and Identification Data
- Name and surname
- Email address
- Company name (if provided)
- Username and account credentials (encrypted)
- Country and language preferences
b) Billing and Transaction Data
- Billing address
- VAT number / Tax ID
- Payment status and transaction identifiers
Note: Payment card details are not processed or stored by us but directly handled by our payment provider.
c) Service Usage Data
- Login records
- Account activity
- IP address (security logs)
- Device and browser information
- Date and time of access
- API usage logs
d) Support Communications
- Messages sent via contact forms
- Customer support emails
- Attachments voluntarily provided by the user
e) Technical and Analytics Data
Collected through analytics and diagnostic tools, including privacy-friendly configurations where applicable:
- IP address (anonymized where applicable)
- Pages visited
- Session duration
- Performance and error data
2. Purposes and Legal Basis of Processing
We process personal data only where a legal basis exists under Article 6 GDPR.
| Purpose | Legal Basis |
|---|---|
| Account creation and authentication | Contract (Art. 6(1)(b)) |
| Provision of the SaaS service | Contract (Art. 6(1)(b)) |
| Billing and invoicing | Legal obligation (Art. 6(1)(c)) |
| Security, fraud prevention, abuse detection | Legitimate interest (Art. 6(1)(f)) |
| Customer support | Contract (Art. 6(1)(b)) |
| Website technical analytics | Legitimate interest (Art. 6(1)(f)) |
| Optional tracking or third-party services | Consent (Art. 6(1)(a)) |
3. Use of Third-Party Services
To operate the Service we rely on external providers acting as data processors.
Google reCAPTCHA
Used to protect login and forms from automated abuse. This service may collect device and behavioral information and transmit data to Google LLC.
Microsoft Clarity
Used only with user consent to analyze user interactions and improve usability. Session recordings and behavioral analytics may be processed.
Matomo Analytics (Self-Hosted)
This analytics tool is used primarily for aggregated statistical analysis and performance monitoring.
Hosting Infrastructure
Our infrastructure providers may process technical connection data (e.g., IP address) strictly for service delivery and security.
All providers are bound by contractual data processing agreements in accordance with Article 28 GDPR.
4. International Data Transfers
Some service providers (such as Google LLC and Microsoft Corporation) are located outside the European Economic Area.
Where personal data is transferred to third countries, the transfer is carried out in accordance with Articles 44-49 GDPR using:
- Standard Contractual Clauses (SCC)
- EU-U.S. Data Privacy Framework (where applicable)
5. Data Retention
We retain personal data only for as long as necessary for the purposes described above.
| Data Category | Retention Period |
|---|---|
| Account data | For the duration of the account |
| Billing records | 10 years (legal obligation under Italian tax law) |
| Security logs | Up to 12 months |
| Support requests | 24 months |
| Analytics data | Usage and interaction data (retained in aggregated form where possible) |
After account deletion, personal data will be deleted or irreversibly anonymized, except where retention is required by law.
6. Data Security
We implement appropriate technical and organizational measures, including:
- Encrypted connections (HTTPS/TLS)
- Hashed passwords
- Access control and authentication
- Logging and intrusion monitoring
- Data minimization principles
7. User Rights (Articles 15-22 GDPR)
You have the right to:
- Access your personal data
- Request rectification
- Request erasure ("right to be forgotten")
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent at any time
Requests may be submitted to: hello@tameclaw.com
We will respond within 30 days.
You also have the right to lodge a complaint with your local data protection authority or with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali).
8. Data Processing Role in Relation to Customer Data
When users of the Service upload or manage data belonging to their own customers or end-users, we act as Data Processor and process such data exclusively on documented instructions of the customer, in accordance with Article 28 GDPR and our Data Processing Agreement (DPA).
9. Cookies and Tracking Technologies
For detailed information about cookies and tracking technologies, please refer to our Cookie Policy.
Non-essential tracking technologies are activated only after explicit user consent via the cookie banner.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Users will be notified in case of material changes affecting their rights.
