Potsdam, Germany: May 2018
This Data Protection Policy is intended to provide information on the processing of personal data in our company. We hereby fulfill our statutory obligations under the Telemedia Act (TMG) and the EU General Data Protection Regulation (EU-GDPR, EU 2016/679), in particular Articles 13 and 14 as well as Article 26(2).
For Semtation GmbH the protection of your privacy always has a very high priority.
This Data Protection Policy describes how we handle data which may be directly or indirectly related to natural persons (personal data) and which hardware and software is used.
Please note that further information may be added to our Data Protection Policy depending on the product or service concerned.
We comply with relevant privacy laws and this Data Protection Policy at all times. We only share data with others as described in these provisions.
How can you contact us?
Please contact us using this Contact link.
What personal data is processed by us?
We collect and process data when you download the SemTalk Test Version or when you visit our websites. Some of this data may be personal.
This includes the following information:
Information when you visit our website:
When you visit one of our websites, we may process information on the domain you are visiting us from and which browser you use and your user behavior on our site during the current session.
You need to register to download the SemTalk Client. During your account setup, we collect personal data, such as your name, e-mail address, supplemented by your telephone number and address if necessary. By agreeing to download the SemTalk Client, you give us permission to contact you using the address information you have provided so that we can provide you with information about topics such as our upcoming events and product updates. If you do not want to be contacted, you send us your objection by clicking here.
If you contact us for support inquiries, we will store your contact details in connection with this particular inquiry. We may also encourage you to access your system through a conferencing app (such as Skype for Business) to help determine the cause of your problem. In some cases we may ask you to provide us with additional files generated by analytical tools to handle your support inquiry.
When using our products and services, we do not collect and process personal data. In some cases, you may deliberately submit or provide us with files for verification. If these contain personal data, processing is carried out in accordance with the guidelines set out in this Data Protection Policy.
Information regarding your location:
We do not access any locational information.
Why and on what legal basis do we store personal information?
We process your data, whether it can be traced back directly or indirectly to a natural person or not, for the following purposes:
· To allow you to be able to test SemTalk Client
· For administrative purposes.
· To inform you about events and innovations of our products.
Contract initiation and performance:
In general, we only store personal data needed to fulfill our contractual obligations to you (Art 6 I b) DSVGO) or where you have given us your data as part of our communication (for example, by sending us an e-mail with your contact details).
Your consent is required for the processing of certain data. In these events we will inform you expressly about the situation and provide you with the opportunity to allow us to process this data.
In these cases we will inform you about the purpose of the data processing and about your right of revocation.
It is also possible that we may process data based on our legitimate interest. In doing so, we are obliged to disclose our interest and to make a trade-off between your and our interest. Such as is the in the following case:
If we classify you as an interested party in SemTalk or if you become our customer, we store your contact information in Microsoft SharePoint online (in the Microsoft Cloud, hosted in Ireland). We use your data to maintain our sales process or to execute our administrative processes related to our customer relationship.
Storage and deletion periods:
We store personal data only to the extent required to fulfill the purpose. The storage period depends on legal requirements and the duration of the contractual relationship.
Should the data no longer be used, it will be anonymized and/or deleted in accordance with legal regulations.
Should you wish to have your data deleted, we will delete all your data. Should you wish to continue to be our customer, your contact details (name, company name, email address, telephone number and postal address, type and number of purchased products, scope of maintenance contracts) as well as information on the topics we have communicated about (e.g. emails that you have sent to us) will remain in our systems.
Further, please note that after the confirmation of your deletion request it is not possible to restore your data.
We do not use any other analysis tools.
Social Media Registration:
We do not use any social media registration information.
Why and with who do we share personal data with?
Your personal data will not be transmitted to third parties for reasons other than those listed below.
We will only disclose your personal data to third parties, if:
· You have expressly given us your consent for this,
· This is permitted by law and is required for the performance of our contractual relationships with you (for example, if you purchase Microsoft products from us) or
· The disclosure of the data is based on a legal obligation.
We share personal data with the following recipients or categories of recipients for the aforementioned reasons:
· Employees (internal and external)
· IT infrastructure service providers
· Payment processors
· Providers of analysis tools
· Public authorities
How do we collaborate with Partners in your behalf?
We collaborate with partners (for example Microsoft) for selected products and services in ways that are compliant with GDPR legal mandates. We jointly define the purpose and means of processing with these companies. For this, personal data may also be forwarded. In accordance with the GDPR, both companies are then responsible for this processing and/or the legally compliant handling of your data.
What do we use international Partners for?
We use a global IT infrastructure including computers, cloud-based servers, networks, and software solutions of international companies to provide our services.
These partners are based in different countries, partly also outside the European Union. In these countries, the same level of data protection is not always governed by and established in law as in the European Union. For this reason, we have taken a number of measures in accordance with the GDPR to ensure the highest possible protection of your personal data. These are:
· Cooperation with organizations in countries recognized by the EU Adequacy Decision
· Cooperation with organizations according to the EU-US Privacy Shield
· Cooperation with organizations based on the EU Standard Contractual Clauses
· Cooperation with organizations based on agreed guarantees
Compliance with statutory obligations and requirements is guaranteed by our partners.
Further, in certain specific cases, your personal data may be forwarded to third countries based on your express consent.
How can you revoke your consent?
If you have given us your consent to process certain data, such as allowing us to send you a newsletter, you have the right to revoke this consent – in whole or in part – at any time by contacting us directly by email.
What are your rights?
You have the following rights in connection with your personal data, subject to possible legal restrictions:
The right to be informed, rectification, erasure, restriction of processing, portability, and object.
At this point we expressly point out that we reserve the right to perform an identity check of the individual submitting the inquiry, in accordance with legal requirements, and to also take further measures to clearly verify the inquirer's identity.
Anonymous users of our products and services:
If you use our products and services anonymously, i.e. without having registered by providing your email address, we will not be able to perform the necessary and legally required identity check within the scope of your legal request. In accordance with Article 11(2) GDPR we therefore reject the exercise of any claims of the data subject according to Articles 12 to 22 GDPR, unless the data subject provides information allowing their identification in order to exercise their rights laid down in the aforementioned articles.
Right to information:
If you would like to know what personal data we hold on you, we offer you the following function. Here you will be able to ask for an overview of the core information we have such as your name, email address, and postal details.
You will receive activity data on request via email. The provision of this information may take some time, depending on the scope of the activity data.
Right to rectification:
Here you can ask for an overview of the records stored by us, such as your name, email address, and postal details. If you find that this information is incorrect, please notify us in writing (e.g. E-Mail) with the corrected information.
Right to erasure:
Should you wish to delete your data, you have the option to ask for it here. We will then erase your data in accordance with legal requirements.
However, we would like to point out that we are legally obliged to store certain data for longer periods of time (e.g. the retention periods for accounting documents are currently 10 years (The Fiscal Code of Germany)).
Additionally, we would like to point out that we are able to block your data immediately but due to technical restrictions it may take up to 180 days to permanently delete your data, provided there are no legal obligations and statutory rights preventing deletion.
Further, please note that after the confirmation of your deletion request it is not possible to restore your data.
You may continue using the SemTalk Editor as an anonymous user.
Right to restriction of processing:
You have the right to restrict the processing of your personal data. To this end, please inform us of the categories of data affected by your request and the reasons for your request. We will examine the facts immediately and inform you of the result.
Right to data portability:
Right to lodge a complaint:
If you are dissatisfied with our efforts in connection with data protection, you have the right to lodge a complaint with the data protection supervisory authority responsible in your country. For example, for Semtation GmbH contact:
Die Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht
Stahnsdorfer Damm 77
How do we protect your personal data?
To protect your personal data, Semtation GmbH has taken measures that comply with data protection law and the state of the art in the software industry. These are continuously reviewed and adjusted if necessary. The goal is to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, unauthorized knowledge or against unauthorized access by third parties.
For the transmission of data between our web pages, our applications and our backends, the communication is encrypted according to the SSL (Secure Socket Layer) procedure.
We protect the systems and processes through a series of technical and organizational measures. These include among others. data encryption, logical and physical access restriction and control, firewalls and recovery systems.
Our employees are regularly trained in the corresponding sensitive handling of personal data and are obliged to comply with data secrecy in accordance with legal requirements.
What possibilities are there for minors to use our services?
Our products and services may not be ordered or installed by minors.
What other information is important?
Remember that the data you send to forums will be classified and treated as information that is "manifestly made public". If you are active in forums, there is a risk that others may find and use the information you provide. Be careful and handle your personal information in a responsible manner when online in a public forum.
Changes to this Data Protection Policy
This Data Protection Policy is revised on an ad-hoc basis to adapt it to current developments in relation to our company, our products and services, legal requirements, and social developments.