Privacy Policy

Legal Notice

General Data


1
Introduction

Thank you for your interest in our company. Data protection is of a particularly high priority for the executive management of Dlubal Software GmbH. It is generally possible to use the Dlubal Software GmbH website without providing any personal data.

However, if a data subject wishes to use our company's special services via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.

2
Processing of Personal Data

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to Dlubal Software GmbH. By means of this data protection declaration, our company would like to inform the public about the type, scope, and purpose of the personal data collected, used, and processed by us. Furthermore, the data subjects are informed about their rights by means of this data protection declaration.

The personal data of users processed in the context of this online offer include inventory data (that is, names and addresses of customers), contract data (that is, services used, names of administrators, payment information), usage data (that is, the websites of our online offer visited, interest in our products), and content data (that is, entries in the contact form).

As the controller, Dlubal Software GmbH has implemented numerous technical and organizational measures to ensure the most complete protection of the personal data processed via this website. However, as Internet-based data transmissions can generally have security gaps, absolute protection cannot be guaranteed. Therefore, every person concerned is free to transmit their personal data to us in other ways; for example, by phone.

3
Controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union, and other provisions of a data protection nature is:

Dlubal Software GmbH
Am Zellweg 2
93464 Tiefenbach
Germany

Phone: +49 9673 9203-0
Fax: +49 9673 9203-51
Email: [email protected]
Website: www.dlubal.com

4
Data Protection Officer

For questions regarding the processing of your personal data, please contact our data protection officer directly at any time.

Email: [email protected]

Phone: +49 9673 9203-0

5
Collection of General Data and Information

The Dlubal Software GmbH website collects a series of general data and information each time the website is accessed by a data subject or an automated system. These general data and information are stored in the server's log files. The data collected may include (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (called a referrer), (4) the sub-websites which can be controlled via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using these general data and information, Dlubal Software GmbH does not draw any conclusions about the data subject. Rather, this information is required to (1) deliver the content of our website correctly, (2) optimize the content of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for law enforcement in the event of a cyberattack. These anonymously collected data and information are therefore evaluated statistically by Dlubal Software GmbH and evaluated with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data in the server log files are stored separately from all personal data provided by a data subject.

6
Routine Deletion and Blocking of Personal Data

The controller responsible for the processing shall store and save personal data of the data subject only as long as required to achieve the storage purpose, and insofar as this is prescribed by European directives and regulations or another legislator in laws or regulations, which the controller responsible for the processing is obliged to comply with.

If the storage purpose no longer applies, or if a storage period prescribed by the European directives and regulations or another responsible legislator expires, the personal data will be routinely blocked or deleted in accordance with the legal provisions.

7
Product Recommendations and Practical Tips by Email

As a Dlubal customer or user of our services (for example, using a demo, trial, or student version), you will receive regular product recommendations and practical tips from us by email. You will receive these product recommendations from us regardless of whether or not you have subscribed to a newsletter. In this way, we want to inform you about the products from our offer that may be of interest to you. You will also find useful tips on using our software here.

If you no longer wish to receive product recommendations or advertising messages from us, you may opt out of this at any time. Please send your cancellation in writing (for example, by email, fax, letter) to our contact address. Of course, you will also find an unsubscribe link at the end of each email.

The legal basis is Art. 6 Par. 1 lit. f GDPR, and § 7 (3) UWG.

8
Data Security

We have taken technical and organizational security measures to protect your personal data from loss, destruction, manipulation, and unauthorized access. All our employees and all those involved in data processing are obliged to treat personal data confidentially in accordance with the General Data Protection Regulation.

If personal data are collected and processed via our website, the information is transmitted in an encrypted form in order to prevent misuse by third parties. Our security measures are in line with technological developments and are continuously revised.

9
Contact Option via Website

The website of Dlubal Software GmbH contains the information that allows for quick electronic contact with our company and direct communication with us, which also includes a general address for electronic mail (an email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject will be saved automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller responsible for processing are stored for the purposes of processing or contacting the data subject.

In addition to the purely informational use of our website, we offer various services that you can use if interested. To do this, you usually have to provide additional personal data that we use to provide the respective service and for which the aforementioned data processing principles apply.

These personal data are not passed on to third parties, except to our legally independent Dlubal branches in the shared customer management system (CRM). When completing website forms to download trial versions, you may also pass it on to our local distributors, depending on your country.

10
Data Protection for Applications and in Application Process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. The processing may also be done electronically. This is particularly the case if an applicant sends the relevant application documents to the controller electronically; for example, by email or via a web form on the website. If the controller concludes an employment contract with the applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the legal provisions.

If we cannot offer the applicant a vacancy, but based on the applicant profile, we believe that the application may be of interest for future vacancies, we will store the personal application data for twelve months, provided the applicant does not object to such storage and use. Your data will never be passed on to third parties.

11
Legal Basis of Processing

Art. 6(1)(a) of the GDPR serves as the legal basis for processing operations for which our company obtains consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a contracting party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of other services, Art. 6(1)(b) of the GDPR applies. The same applies to such processing operations that are necessary to take steps prior to entering into a contract; for example, in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1)(c) of the GDPR.

In rare cases, it may be necessary to process personal data in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were injured and their name, age, health insurance data, or other vital information had to be passed on to a doctor, hospital, or other third party. In such as case, the processing would be based on Art. 6(1)(d) of the GDPR. Ultimately, processing operations could be based on Art. 6(1)(f) of the GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis, if the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject that require the protection of personal data. Such processing operations are particularly permissible, because they have been specifically mentioned by the European legislator. In this respect, it considers that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47, Sentence 2 of the GDPR).

12
Legitimate Interests in Processing Pursued by Controller or Third Party

Where the processing of personal data is based on Article 6 I lit. f of the GDPR, our legitimate interest is to conduct our business for the benefit of all our employees and our shareholder.

13
Storage Period for Personal Data

The storage period for personal data depends on the respective statutory retention period. At the end of this period, the relevant data are deleted on a routine basis, providing they are no longer required for a contract fulfilment or conclusion.

14
Legal or Contractual Duty to Supply Personal Data; Information Needed for Contract; Duty of Data Subject to Provide Personal Data; Possible Consequences of not Providing Personal Data

Herewith we clarify that the provision of personal data is partly required by law (for example, tax regulations), or may result from contractual provisions (for example, information on the contractual partner). In order to conclude a contract, it may sometimes be necessary for a data subject to provide us with personal data that we subsequently have to process. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them.

Failure to provide personal data would mean that the contract could not be concluded with the data subject. Before the data subject provides the personal data, it is necessary to contact one of our employees. Our employee explains to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract, or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences failure to provide the personal data would have.

15
Changes to Our Privacy Policy

We reserve the right to change this privacy policy at any time if this may be necessary due to legal requirements, new technologies, or changes in our services; for example, when introducing new services.

If this privacy policy is amended substantially, we will publish such amendments on our website. The new privacy policy will then apply to your repeated visits to our website.

Contact Us

If you have any questions about this privacy policy and the processing of your personal data, you can contact our internal data protection officer via email at [email protected].

Our data protection officer can assist you with requested information, suggestions, or concerns.