Data Protection Statement of  ViSoft GmbH, Sindelfingen

Data Protection Officer: Michael Nissler, michael.nissler@visoft.de

Protecting the personal data of our customers, interested parties and visitors to our website is one of our main priorities. Therefore, we have taken every technical and organizational measure, in order to fulfil the legal data protection requirements (Basic Data Protection Regulations, German Federal Data Protection Laws). Hereinafter, we wish to inform you regarding the capturing, processing, transmission and use of the data of our customers and visitors to our website.

You can print and save this document.

This document explains which of your data is captured, saved and processed, and how, and on what legal basis, this is undertaken. You can print and save this document. It is also possible to access the currently valid version on our website at www.visoft.de/datenschutzerklärung.

By accepting the data protection statement, you agree to ViSoft GmbH capturing, processing and using your personal data, under consideration of the relevant data protection laws, according to the following regulations.

1. Basic principles for capturing and processing of personal data

1.1. Personal Data

According to Article 4, Fig. 1 of the Basic Data Protection Regulations, personal data is any information pertaining to an identifiable or identified natural person. For example, this includes names, addresses, telephone numbers, email addresses – including static and dynamic IP addresses, all banking details and any other inventory and user data that you make available to us for the purposes of registering on our website as a visitor, a customer or an interested party.

1.2. Log Files

Every time you access our website, user data is transmitted via the respective internet browser and saved in protocol files – so-called server logfiles. These data sets that are saved, contain the following information: date and time of access, name of the accessed page, IP address, URL of origin from which you accessed our website, volume of data transmitted, duration of your visit to our website, type and version of the web browser and the operating system used. This data is used exclusively for technical communication and to ensure technical operation. It is deleted as soon as you leave our website, subject to any statutory obligations of storage. The legal basis for this is the fulfilment of our legal obligations pertaining to data security and our justified interest in the technical functionality of our website, the elimination of faults and the guarantee of security.

1. Capture, processing and use of your personal data

We only capture, process and use personal data when this is permissible by law or when we are required to do so by law. If it is sufficient to use anonymised or pseudonymised data for the purpose mentioned, we will limit ourselves to the capture and use of such data.

2.1. Contact Form

If you are interested in finding out more about our offers, or if you are have any questions or want to tell us something, and make contact with us by clicking on the contact from provided on our website, we will capture, save and process the following personal data: the form of address selected, your first and last names, your telephone number, your email address, your company name, your company address and the content of the message you send us. We require your personal data, so that we are able to communicate with you. The content of the message you wish to send us is optional, i.e. voluntary.

Should you wish to enter into a contract with us, we will only use this data to send you information about our company and our offers and to answer your questions and/or to establish, implement and finalise the contractual relationship, for accounting purposes and for purposes of termination of the contract.

The legal bases for the capture of this data are your consent, and/or the need to fulfil the contract with you, the implementation of pre-contractual measures and/or our justified interest in the data, in order to be able to establish, manage or terminate the contractual relationship.

Subject to legal or official obligations of retention, your data will be deleted immediately if you revoke your permission, or as soon as the purpose for data processing no longer exists. If the data is no longer required for operative business, but it still needs to be saved due to legal or official obligations, (e.g. for guarantee or accounting purposes), processing of the data will be limited, in that the data will be marked accordingly and stored separately, with limited access.

2.2. Newsletter

You have the option of registering for our free newsletter. The newsletter, which is sent at irregular intervals, keeps you informed about our current offers. We use the so-called double opt-in process for newsletter subscriptions. We begin by capturing your email address. After you have submitted your declaration of consent for receipt of the newsletter, by entering your email address and clicking on the Subscribe button on our website, you consent to our sending you an email of confirmation, with a link and the necessary explanations, to the email address given. Only once you receive our email and click on the link, are we entitled to send you our electronic newsletter. Your consent is thereby confirmed by a second action, namely clicking on the link provided. For this purpose, we save and use your email address.

By subscribing to our newsletter, you automatically submit the following declaration of consent, which we have included here for your information:

I consent to the receipt of information and/or advertisements from ViSoft GmbH, in the form of their newsletters.

You can revoke your consent for the use of your data for the purpose of transmitting the newsletter at any time. For us, any notification in written form (email, letter, telefax) is sufficient.

The legal basis for the storage and processing of your data is your declaration of consent:

2.3. Customer Data

If you wish to enter into a contract with us, we capture, save and process your personal data solely for the following purposes: customer administration and the processing of your order, including any possible warranties for defects at a later stage; in order for us to provide you with our service as a contractual partner – including consulting and support; for technical administration; for accounting purposes and monetary transactions; for the purposes of terminating contracts that exist between us (e.g. software maintenance contracts).

For your registration as a customer, we capture and process the form of address you have chosen, your first and last names, your telephone number, your email address, your company name and your company address, so that we can communicate with you, i.e. are able to send you all the required information and files, activate the software and carry out software maintenance.

The legal bases for processing data are: your declaration of consent; the existing contract between us and the necessity thereof for the fulfilment of our legal obligations towards you; our justified interest in the storage and capture of the data within the scope of the contractual relationship.

Furthermore, we capture and process all your banking details, so that we are able to invoice the services provided. We capture and process your banking details according to your payment method of choice, i.e. if you choose to pay by credit card, the last and first names of the cardholder, the card number, your credit card, its expiry date and the verification code. If you choose to pay by giropay or PayPal, we do not need any further data. If you choose to pay by “Sofort” transfer, we will capture and process your account number and branch code or IBAN and BIC.

Besides this, we also use your data for our own advertising purposes, i.e. in order to communicate with you regarding our company and our offers or to recommend specific offers to you, by post. You will only receive advertising materials from us via email if you have chosen this option by consenting via the double opt-in process (see Fig. 2.2.). You can revoke your consent to the use of your data for advertising purposes, or for any other individual measures, at any time. For us, any notification in written form (email, letter, telefax) is sufficient.

The legal bases for this are: your declaration of consent; the necessity of the establishment and finalisation of the contract that exists between us; our justified interest in the storage and capture of the data, within the scope of the software maintenance contract.

2.4. Cookies

We use so-called cookies on our website. Cookies are alphanumeric identification characters that are either stored in your working memory for a short time, and then deleted as soon as you close your browser, (“Session Cookies”) or they are saved on your storage medium for extended or unlimited periods (“Temporary/Permanent Cookies“).

We use Session Cookies for the connection during your visit to our website. We only use Temporary/Permanent Cookies to ensure that our offer is comfortable to use and appropriately presented, in order to facilitate your use of our offers, so that you do not have to re-enter certain information with every use, and so that you are re-rerouted to our offer quickly. Permanent Cookies are deleted after no more than six months.

The legal bases for this are: your declaration of consent; our justified interest in the technical functionality; the improvement of our service offer.

Via your browser settings, you can reject the use of cookies, delete them from your computer, block them or activate the function that always queries the use of cookies before setting them. You do not need to accept cookies if you wish to visit our website. However, we would like to point out that without the use of cookies, the functionality of the website could be severely limited.

In the following section, we will give you some examples of how to deactivate cookies:

Example in the browser, Internet Explorer:

1. Open Internet Explorer.
2. In the menu “Extras”, select “Internet Options”
3. Click on the “Data Protection” tab
4. Now you can set whether cookies must be accepted, selected or rejected
5. By clicking on “OK”, you confirm your settings

Example in the browser, Firefox:

1. Open the Firefox browser.
2. In the menu “Extras”, select “Settings”
3. Click on the “Data Protection” tab
4. Select “according to user-defined settings” from the drop-down menu
5. Now you can set whether cookies should be accepted and how long you want them to be saved for. As exceptions, you can also add some websites, for which you always or never want to accept the use of cookies.
6. Confirm your settings with “OK”.

Example in the browser, Safari:

1. Open the Safari browser.
2. Select “Settings” from the function bar (pictogram: a grey gear icon in the top right corner) and click on Private Sphere.
3. Under “Accept Cookies”, you can determine whether and when Safari should accept Cookies from websites. For further information, click on “Help” (?).
4. If you would like more information about the cookies that have been saved on your computer, click on “Show Cookies”.

2.5. Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses so-called cookies – text data – that are saved on your computer. These cookies enable the analysis of your use of the website. The information generated from your use of the website is generally transmitted to a Google server in the USA, where it is saved.

However, if you activate the IP anonymisation option on this website, Google Analytics will shorten your IP address within the member states of the European Union and the European Economic Community. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA, where it will be shortened. On behalf of the operator of this website, Google uses this information to analyse your use of the website, to compile reports about the website activities and to provide the website operator with other services related to the use of the website and the internet. The IP address that is transmitted to Google Analytics from your browser, will not be combined with any other data. You can prevent cookies from being saved on your computer by making the necessary adjustments to your browser settings; however, we would like to point out that, if you prevent the use of cookies, you will not be able to make full use of all the functions available on our website.

Furthermore, you can prevent Google from capturing and processing the data generated by cookies, relating to your use of the website (incl. your IP address), by downloading and installing the browser plugin available under the following link: (http://tools.google.com/dlpage/gaoptout?hl=de). For further information, please visit http://www.google.com/analytics/terms/de.html or  http://www.google.com/policies/privacy/.

The legal bases for this are your declaration of intent and/or our justified interest in the analysis of the use of our website, and the resulting improvement of our service offer.

2.6. Plugins

Two-Click Solution

Our website uses social plugins from the social networks Facebook, Twitter and Google+, so that you also have the option of accessing the information on our website via social media, to enable communication via social media and to enable you to “like” content.

The legal bases for this are your declaration of intent and/or our justified interest in the option of using the communication systems offered by the social media, both for ourselves and for our customers and other interested parties.

To prevent transmission of data to these networks unless you activate it, we use the so-called “two-click solution”. Therefore, the social plugins are deactivated in the basic settings for our website.

Even if you are not a member of one of the social networks, the data is transferred to the respective networks if the usual plugins are integrated. On websites that have integrated plugins, a cookie is set every time the website is accessed. Each time you reconnect, this cookie is automatically sent to a server in the network, so that the network is basically able to combine all the pages a user has visited. This way, a profile can be created. The possibility that the data saved on the respective networks could be assigned to a specific person, when that person registers on a social network at a later date, can therefore not be excluded.

Because a large number of networks have their headquarters outside of Europe, your data is transmitted to the social networks in these third-party states, e.g. in the USA.

We would like to give you the option of sharing what interests you with your social media contacts – on the condition that you agree to your data being transmitted to the respective network.

With the two-click solution, the plugin is only loaded if you click on the button. Before you have done so, social media cannot capture any of your data. This enables you to use our services without your surfing habits becoming visible on the social networks.

2.6.1. Facebook Social Plugins (“Like” Button)

The “Like” button is a plugin of the social network Facebook, which is operated by  Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. For an overview of the Facebook plugins, please visit http://developers.facebook.com/docs/plugins/.

To begin with, the Facebook logo on our website appears as a grey, graphically modified icon. If you activate the grey button, you automatically give your approval for communication with Facebook, and the Facebook “Like” button will appear. After you have activated the “Like “ button, you can pass your recommendation on to Facebook by clicking on the “Like” button a second time.

Your browser then establishes a connection with the Facebook servers in the USA. We have no influence on the scope of the data that is captured and used by Facebook via the plugin. According to the current state of knowledge, it involves the following data: pages visited which contain the Facebook plugin; browser type and version; operating system used; the website visited prior thereto; your IP address; the time of the server request. For further information on the capture and processing of your data by Facebook, please visit http://www.facebook.com/about/privacy/.

If you do not have a Facebook account, or if you are not logged into Facebook, this information is transmitted to Facebook in the USA, where it is saved on their servers

If you have a Facebook account and are logged in at the time of clicking the “Like” button, when you click the button for the second time, the content of our website is immediately linked to your Facebook profile. This content is then visible to other Facebook users, according to your privacy settings. As soon as you activate it, the information is transmitted directly to Facebook, where it is saved on their servers.

If you want to prevent the linking of the data to your Facebook account during your visit to our website, log out of Facebook before visiting our website. Over and above this, the  Facebook plugins can be blocked for your browser, by means of add-ons. For more information, please visit the add-on pages of your browser.

2.6.2. Twitter Connection (“Tweet” Button“)

The “Tweet” button is a plugin of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. For an overview of the functions and to find out what the “Tweet” button looks like, please visit http://twitter.com/about/resources/buttons#tweet.

To begin with, you will only see a grey, graphically modified version of the Twitter logo. If you activate the grey button, you automatically give your approval for communication with Twitter, and the “Tweet” button will appear. After you have activated the “Tweet “ button, you can interact with Twitter by clicking on the “Tweet” button a second time. If you click on the “Tweet” button, you will be redirected to a page where you can log into Twitter if you are not already logged in.

Your browser then establishes a connection with the Twitter servers in the USA. We have no influence on the scope of the data that Twitter captures and uses via its buttons. For further information on the capture and processing of your data by Twitter, please visit: http://twitter.com/privacy.

If you want to prevent the linking of the data to your Twitter account during your visit to our website, log out of Twitter before visiting our website. You can also block the Twitter button for your browser, by means of add-ons. For more information, please visit the add-on pages of your browser, to prevent Twitter from capturing your data.

2.6.3. Google Plus Connection (“+1” Button“)

The Google “+1” button is a plugin of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For an overview of the functions and to find out what the Google “+1” button looks like, please visit http://www.google.com/+1/button/.

To begin with, you will see a grey, graphically modified Google +1 logo. If you activate the grey button, you automatically give your approval for communication with Google and the “+1” button will appear. After you have activated the “+1” button, you can interact with Google by clicking on the “+1” button a second time. As a result, you will be redirected to a page where you can log into Google if you are not already logged in.

Your browser then establishes a connection with the Google servers in the USA. We have no influence on the scope of the data that is captured and used by Google via the button. For further information on the capture and processing of your data by Google, please visit: http://www.google.com/intl/de/+/policy/+1button.html.

According to Google, they save the information that you clicked the “+1” button for our website content. This information is shown in various Google services, such as search results, your Google profile or other places, websites and advertisements on the internet, together with your profile name and your photo.

If you want to prevent the linking of the data to your Google account during your visit to our website, log out of your Google Plus account before visiting our website. You can also block the Google “+1” button for your browser, by means of add-ons, to prevent Google from capturing your data.

Shariff

By means of the usual social plugins from Facebook, Twitter etc., it is possible for the various social networks to obtain precise information about the surfing behaviour of users (so-called user tracking): When you call up a website that has integrated plugins, the user’s browser establishes a direct connection with the servers of the respective social networks. This results in the user data, in particular the IP address, being sent to the network and the network being informed that the user has visited the corresponding page. If the user is logged into the social network at the same time, the social network can assign the visit to the website to the user’s account. If you want to prevent this, you must log out of all social networks before visiting websites that have integrated social plugins.

Even in cases where the user is not a member of a social network, transfer of data to the respective networks takes place if the usual social plugins are integrated. In the case of websites that have active integrated social plugins, a cookie is set each time a website is accessed. This cookie is automatically sent to one of the network’s servers every time you access a website, so that in principle, it is possible for the network to collect all the pages that you have visited, in order to create a profile. It therefore cannot be excluded, that the data, which is stored on the respective networks could be assigned to a person when that person logs into one of the social networks at a later stage.

As many networks are located outside of Europe, for example in the USA, in cases as described above, your data will be transferred to the social networks in these third-party countries, e.g. in the USA.

Further details on the purpose and scope of data collection, processing and use by the social networks and the respective user rights, and the possibilities for the protection of privacy via the profile/account settings, can be found in the data protection information of the respective networks. With regard to our website, the following social media are relevant in this respect:

Facebook:

Facebook. The social network Facebook:

The social network Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. For more information on data protection, please visit: https://de-de.facebook.com/about/privacy.

Twitter. The social network Twitter:

The social network Twitter is operated by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. For more information on data protection, please visit: https://twitter.com/privacy.

Google Plus social network:

The social network Google Plus is operated by Google Inc., Amphitheatre Park-way, Mountain View, CA 94043, USA. For more information on data protection, please visit: http://www.google.com/intl/de/policies/privacy/.

We would like to give you the opportunity to show your contacts in the social networks what you are interested in – provided that you agree to data transfer to the respective networks. Therefore, for the protection of your data, we use the c’t project Shariff, which was developed by the magazine publisher Heise, as standard. With Shariff, you can use our services without your surfing behaviour becoming visible to the social networks at the same time.

The Shariff button only establishes the connection to the social network if you activate the button. Only from that moment on, will your user data be transferred to the respective networks in the USA or other third-party countries and, if necessary, stored there as described above. The social networks cannot collect any data from you before you activate the button. For further information about the c’t project, Shariff, please click here.

2.7. Location Data/Google Maps

In order to determine your location data if you access our website via a mobile device (smartphone/tablet), we use Google Maps, a service of Google Inc. (“Google”). Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The use of Google Maps and the information obtained via Google Maps is governed by Google’s Terms of Use for Google Maps. The Google Maps Terms of Use can be found in Google’s Terms of Use:

https://www.google.com/intl/de_US/help/terms_maps.html

The use of Google Maps always presupposes that Google determines the IP address of the user and collects and processes the location data of mobile devices. Without the IP address, Google would not be able to send the content to the browsers of the respective users. The IP address is transmitted to a Google server, which may also be located outside of Germany, where it is saved. Although Google has submitted to the Privacy Shield, which obliges Google to comply with the data protection standards applicable in the EU, the transmission of data outside of Europe is nevertheless associated with risks in terms of data protection.

Full details can be found in Google’s data protection statement at :

https://www.google.com/intl/de/policies/terms/index.html

Using Google Maps allows us to show you the location of our company and help you to find us more easily.

You can deactivate the use of Google Maps by following the instructions under “Transparency and Choice”: https://www.google.de/intl/de/policies/privacy/

At https://www.google.de/intl/de/policies/privacy/, you will also find further information on the collection and processing of your data by Google.

The legal bases for data processing are your declaration of consent and the fulfilment of the contract concluded with you (the user relationship).

2.8 Data transfer

Your personal data will only be passed on and transmitted to third parties if this is necessary for the purpose of processing a contract and invoicing, or for the purpose of communicating with you, and only if you have given prior consent. For the purpose of processing the contract as described above, and for the ordering process, delivery and billing, we furnish our service providers (transport companies, banks, courier services) with the data they require in order to perform their services. For the purpose of delivering customer information, we may transmit your data to messenger services, lettershops, email service providers and communication agencies. In order to support our IT, IT service providers may be given insight into the data.

The data passed on in this way may only be used by our service providers for the fulfilment of the tasks specified by us. Any other use of the data is prohibited. These service providers may only use this data for the fulfilment of such concrete orders, and they must delete the data after completion of the order – subject to applicable legal or official obligations of retention. In the event that personal data is processed on behalf of a customer, we conclude contracts with our service providers for the processing of the order in accordance with the statutory provisions.

Subject to the above provisions, your personal data will never be disclosed or passed on to third parties for advertising or marketing purposes, or for any other purposes, without your consent, and unless we are directed by you to do so. However this only applies if we are not obliged by law or official order to surrender the data, in particular in cases of criminal prosecution or for the purpose of averting danger.

Subject to Sections 2.6. and 2.7, your data will not be transferred to insecure third-party countries outside of the EU.

3. Encryption

The collection, processing and use of your data is done exclusively in encrypted form, with SSL encryption (so-called Secure Socket Layer – Certificate Comodo Essential SSL Wildcard). SSL makes it possible to encrypt the continuous data stream on the internet, between a user’s server and browser, in order to prevent “secret listening and reading”. You can recognise a secure SSL connection by, among other things, the fact that the URL in the address bar of your browser is marked with https:// and/or when a “lock symbol” (icon) appears next to the address bar of the web browser. By clicking on the icon, you will receive further information about the encryption and/or the SSL certificate used, depending on the browser you are using.

4. Deletion of data/Restriction of data processing

In principle, your data will be deleted as soon as you revoke your consent or when it is no longer required for the purpose of data processing. Should the data no longer be necessary for processing purposes and/or the person concerned has withdrawn his/her consent, the legal basis no longer applies, but the data still has to be stored due to existing legal, official or contractual obligations (e.g. warranties, financial accounting), data processing will be restricted by marking and blocking the data.

You can print or save our data protection regulations at any time.

5. Rights of those affected

5. As a person affected by data processing, you have the following rights:
   – Right of access: You have the right to obtain information about your personal data that we have saved, the duration of storage, the processing thereof and who the recipients of the data are. You also have the right to request a copy of your personal data that is processed by us.- Right of rectificationYou have the right to demand that we correct any inaccurate personal data and complete any personal data that is incomplete.

   – Right of deletion/Right to be forgotten

   You have the right to demand that we delete your personal data, according to the legal requirements. Insofar as the deletion conflicts with legal obligations of retention, the processing of the data will be restricted (see below).

   – Right of limitation of processing

   You have the right to demand that we restrict the processing of your personal data, i.e. to mark the data and restrict the future processing thereof (blocking), subject to the legal requirements.

   – Right of data transmission

   Subject to the legal requirements, you have the right to demand that we transmit the personal data provided by you to yourself, or to a responsible person named by you, in a common, structured, digital format.

   – Right to object to direct marketing

   You have the right to object to the processing of your personal data for advertising purposes (“advertising objection”) at any time.

   – Right to object to data processing on the legal basis of “legitimate interest”

   You have the right to object to data processing by us at any time, insofar as this is based on “legitimate interest”. We will then cease processing the data unless we can prove – in accordance with the statutory provisions  – that there are compelling grounds for further processing, that are worthy of protection, which outweigh your rights.

   – Right to revoke consent

   If you have consented to our collecting and processing your data, you can revoke your consent at any time, with effect for the future.  The legality of the processing of your data until the time of revocation remains unaffected.

   – Right of appeal to the supervisory authority

   If you are of the opinion that the processing of your data violates the applicable laws, you can lodge a complaint with the supervisory authority responsible. You have the option of contacting the data protection authority responsible for your place or country of residence or the data protection authority responsible for us.

   6. Data Security

   We process your data in such a way as to ensure the security of your data in a manner that is appropriate to the risk, by providing for all necessary technical and organisational measures, in accordance with the latest technology and the law.

   7. Changes to the Data Protection Statement

   In the event of changes to our Data Protection Statement, we will bring this to your attention at least six weeks before the changes come into effect.

   You can print out or save our Data Protection Statement at any time. The current version of our Data Protection Statement can be found on our website at ….