Contents
1. Data Controller
The data controller responsible for the personal data collected through this website is:
This privacy policy applies to all personal data collected through indacotms.com (the "Website") and any contact form submissions made on this site.
2. Data We Collect
We collect personal data only when you voluntarily submit our contact / demo request form. The data collected may include:
- Identity data: first name, last name
- Contact data: work email address
- Professional data: company name, job role, company size, current systems in use
- Communication data: the content of your message or enquiry
We do not collect any special categories of personal data (e.g. health, political opinions, biometric data). We do not use automated profiling or automated decision-making that produces legal effects.
We also collect limited technical data automatically when you visit the Website:
- IP address (anonymised by server logs, not stored by us)
- Browser type and version
- Pages visited and timestamps
This technical data is not linked to your identity and is not retained beyond standard server log rotation.
3. Purpose and Legal Basis
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Responding to your demo or contact request | Art. 6(1)(b) — performance of a (pre-)contract / steps at your request |
| Sending information about INDACO TMS® features relevant to your enquiry | Art. 6(1)(f) — legitimate interest (you initiated contact) |
| Complying with legal obligations | Art. 6(1)(c) — legal obligation |
We do not use your data for marketing purposes without a separate, explicit consent, and we do not sell or rent your personal data to third parties.
4. Data Retention
Contact form submissions are forwarded to our internal email inbox and are retained for as long as necessary to manage your enquiry, and no longer than 24 months after our last meaningful interaction with you.
If you do not become a customer and no further communication occurs, your data will be deleted within 12 months of your initial enquiry.
You may request deletion at any time — see Section 7 (Your Rights).
5. Third Parties
We share your data only where strictly necessary:
- SMTP / Email provider: form submissions are transmitted via our SMTP server hosted at
smtp.indacotms.com. This server is operated by us or our infrastructure provider and is not used to share data with any marketing or advertising platform. - Hosting provider: the Website is hosted on a server we control. Server access logs may contain your IP address temporarily.
We do not use Google Analytics, Facebook Pixel, LinkedIn Insight Tag, or any third-party tracking or advertising services on this website.
6. International Transfers
Your personal data is stored and processed within the European Economic Area (EEA). If any transfer outside the EEA becomes necessary, it will only take place under an appropriate safeguard as required by GDPR Chapter V (e.g. Standard Contractual Clauses).
7. Your Rights
Under the GDPR you have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you (Art. 15).
Right to Rectification
Ask us to correct inaccurate or incomplete data (Art. 16).
Right to Erasure
Request deletion of your data where there is no longer a lawful basis to hold it (Art. 17).
Right to Restriction
Ask us to restrict processing while a dispute is resolved (Art. 18).
Right to Portability
Receive your data in a structured, machine-readable format (Art. 20).
Right to Object
Object to processing based on legitimate interest at any time (Art. 21).
To exercise any of these rights, contact us at hello@indacotms.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority (e.g. the Garante per la Protezione dei Dati Personali in Italy, or the supervisory authority in your EU member state).
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. All data transmitted to and from this website is encrypted in transit using TLS 1.3. Form submissions are sent over authenticated SMTP with TLS encryption.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Material changes will be highlighted on this page for at least 30 days.
11. Contact
For any privacy-related questions or requests: