Privacy policy

We appreciate your interest in our company and our products and would like you to feel secure when visiting our website, also with regard to the protection of your personal data.

scdsoft AG takes your legitimate data protection concerns very seriously and complies with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG-new), the Telecommunications Digital Services Data Protection Act (TDDDG) and, where applicable, the provisions of other applicable data protection regulations.

All data processing operations (collection, processing and utilisation) by scdsoft AG are carried out in strict compliance with the statutory data protection regulations. We collect, process and use personal data in order to fulfil orders and to further improve the content and functionality of our services.

scdsoft AG handles the data you provide carefully and conscientiously. Insofar as data of any kind is collected, processed or used, this is always done within the framework of the legal provisions or with your express consent.

The protection of privacy is of crucial importance for the future of Internet-based business models and for the development of an Internet-based economy. With this privacy statement, scdsoft AG underscores its commitment to the protection of privacy. In the following, you will learn how scdsoft AG handles personal data on this website.

This privacy policy applies to this and all other websites that refer to this privacy policy. Under certain circumstances, other data protection provisions apply to individual scdsoft AG companies. We therefore ask you to carefully read the data protection statements of all scdsoft websites you visit.

Responsible person according to Art. 4 para. 7 of the Basic Data Protection Regulation (DSGVO) is:
scdsoft AG
Albert-Nestler-Straße 21
76131 Karlsruhe

Mannheim Local Court Commercial Register Number: HRB 109104
Sales tax identification number: DE 811449988
Phone: +49 721 160800 – 0
Fax: +49 721 160800 – 99
E-Mail: info@scdsoft.de
Internet: www.scdsoft.de

You can reach our data protection officer at scdsoft AG at:
scdsoft AG
Thomas Fletschinger
E-Mail: dsb@scdsoft.de

Global data protection standards

Our handling of personal data has been aligned with global principles and standards with regard to transparency in the use of personal data, observance and granting of rights of choice, access regulations, rules on data integrity, data security, data sharing and monitoring the lawfulness of processing. In particular, scdsoft AG complies with the General Data Protection Regulation (DSGVO).

Consent

By using this website, you consent to the electronic storage and use of your data as described below. Changes to this privacy policy will always be posted on this page so that you are always aware of what data scdsoft AG stores and how it is used. Where required by applicable data protection law, we will also expressly ask for your consent for the further processing of personal data collected on this website or provided by you.

Cookie consent with Borlabs cookie
Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to store certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consents you have given or the revocation of these consents. This data is not shared with the Borlabs cookie provider.

The collected data will be stored until you request us to delete it or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found under https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
The use of Borlabs cookie consent technology takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

Manage cookie settings

Collection and processing of personal data
scdsoft AG would like to better understand your needs and interests and provide you with optimal service. Therefore, scdsoft AG collects and uses personal information in the manner described below and in accordance with applicable data protection law.
When you visit our website, we collect your IP address and use cookies and other Internet technologies (hereinafter referred to as “automated tools” and “integrated web links”) that help us obtain general information about visitors to our website and their interests. Below we explain which technologies are used and what kind of information is collected with them.
We also collect and process data that you voluntarily provide to us, for example, when you register for events, subscribe to newsletters, participate in online surveys, join discussion groups or forums, or make purchases. In addition, we collect and process data that you voluntarily provide to us, for example, when you register for events, subscribe to newsletters, participate in online surveys, join discussion groups or forums, or make purchases.

What data do we collect and why?
With the help of the collected data, scdsoft AG would like to provide you with consistent personal support. scdsoft AG will use your data exclusively as described in this statement or at the time of collection. Any subsequent change in the purpose of use is subject to your express consent, unless the change is otherwise legitimized by applicable law.

We always process your personal data for a specific purpose.In particular, we may process your personal data for the following purposes:

  • to manage our relationship with you, for example, through our databases, in which we aggregate data about you from our various sources to provide an overview of how we work together; and to improve and personalize our understanding of your preferences and our communications with you;
  • for order processing and delivery of ordered services and products.
  • to carry out tasks for the preparation or performance of contracts;
  • to provide evidence of business transactions;
  • to provide you with appropriate and up-to-date information and our products and services;
  • to improve the quality of our products and services by adapting our offer to your specific needs;
  • to answer your inquiries and provide you with efficient support;
  • to track our activities (e.g., measure collaboration or sales, number of appointments/meetings, topics discussed, materials presented);
  • to invite you to events sponsored by us or used by us (e.g., lectures, conferences);
  • to grant you access to our specified IT systems so that you can use certain services provided by scdsoft AG;
  • to manage our IT resources, including infrastructure management and business continuity.;
  • to protect the Company’s economic interests and ensure compliance and reporting (e.g., adhering to our policies and local regulatory requirements, taxes and deductions, complying with internally established grant limits, managing alleged instances of misconduct or fraud, conducting audits, and defending litigation).;
  • for archiving and logging;
  • for the processing of job inquiries
  • for invoicing and accounting as well as
  • other purposes prescribed by law and by the authorities.
  • In certain cases, we are required by law to transmit data to a requesting government agency (institution or authority). The legal basis for the processing is Art. 6 para. 1 c DSGVO or § 24 para. 2 no. 1 BDSG.
  • in some cases, business partners require personal data from our customers. This usually takes place in the context of order fulfillment (e.g. in the case of complaints). This is expressly provided for by law. In this case, scdsoft AG remains responsible for the protection of your data – if necessary, in addition to the order processor. The respective business partner works according to our instructions, which scdsoft AG ensures through strict contractual regulations.
  • to fulfill the legal obligations for recording, documentation and reporting to competent authorities.

IP addresses
IP addresses are used for malfunction analysis, website administration, and to gather demographic information. Furthermore, we use IP addresses and possibly other information that you have provided to us on this website to learn which pages from our offer are accessed and which topics our

Visitors are interested in. We use the insights gained to be able to offer you an optimized range of information on our products and services. As a matter of principle, scdsoft AG only collects such data in anonymized form and will not link it to a registered user’s profile without the user’s consent. When visiting our website, only the domain name is recorded by default.

Scdsoft AG only collects data in connection with your visit to the scdsoft website. We do not collect any personal data in connection with your visits to the websites of other companies or organizations that are not part of scdsoft AG.

Cookies

  • we use cookies on our website or websites. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablets, smartphone, etc.) when you visit our websites. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware. In the cookie, information is stored that arises in each case in connection with the specific end device used. This does not mean, however, that we gain direct knowledge of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our websites. These are automatically deleted after you leave our site.
  • in addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our website again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again..
  • on the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies enable us to automatically recognize that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time..
  • the cookies process data and are necessary for the stated purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 (1) p. 1 lit. f) DSGVO.
  • most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

E-mail addresses
if you give us your e-mail address or provide it via the contact form, we will also contact you by e-mail. We will not pass on your e-mail address to third parties outside scdsoft AG. You can choose at any time not to receive any more e-mails from scdsoft AG.

Orders and registration for events
Our website contains forms that you can fill out to request information, products and services.

Use of external service providers
We work with service providers who process certain data on our behalf. This is done exclusively in accordance with the applicable data protection law. In particular, we have concluded data processing agreements on behalf of our service providers that meet the requirements of Article 28 of the GDPR.

Newsletter notices and consents
With the following information, we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.

Newsletter content
We send newsletters and e-mails advertising information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. The contents circumscribed in the context of a registration for the newsletter are decisive for the consent of the users.

Double opt-in and logging
The registration for our newsletter takes place in a so-called double opt-in process. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address.

Login data
To register for the newsletter, it is sufficient to enter your e-mail address. In addition, we use other data such as name and first name, country and customer group. This information is only used for personalization and segmentation of the newsletter.

Statistical survey and analyses
The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are collected. This information is used for the technical improvement of the services based on the

technical data or the target groups and their reading behavior on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times.

The statistical surveys also include the determination of whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is not our intention to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Disclosure of data, transfer to third country
The transfer of your personal data to third parties for purposes other than those listed below does not take place. We will only disclose your personal data to third parties if:

  • you have given your express consent in accordance with Art. 6 (1) p. 1 lit. a) DSGVO, § 26 (2) Federal Data Protection Act (BDSG).,
  • the disclosure is necessary in accordance with Art. 6 para. 1 p. 1 lit. f) DSGVO for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.,
  • in the event that a legal obligation exists for the disclosure pursuant to Art. 6 (1) sentence 1 lit. c) DSGVO as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b) DSGVO, § 26 para. 1 BDSG for the processing of a contractual relationship with you or for pre-contractual measures at your instigation..

A transfer to a third country or an international organization is not intended and there is no automated decision making, unless otherwise provided for in this privacy policy.
If necessary, information will also be passed on by scdsoft AG to business partners, service providers, third parties or subcontractors. This may be necessary to provide a service or transaction requested by you, such as order processing, for customer service purposes or to inform you about services or products and services.

Your personal information will not be disclosed, sold or otherwise made available to third parties for marketing purposes without your prior consent.
scdsoft AG may be required to disclose your data and related information in response to a court or regulatory order. We also reserve the right to use your data to assert or defend legal claims.
In the event of an acquisition or merger with another company, disclosure or transfer of personal data to potential or actual buyers may be required. In such a case, scdsoft AG will strive to protect the data as much as possible.
In accordance with applicable law, we reserve the right to store and disclose personal and other data for the purpose of detecting and combating illegal activities and attempted fraud or a violation of the scdsoft AG Terms of Use.

Analysis tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) p. 1 lit. f) DSGVO. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the tracking tools described in more detail below.

Privacy policy for the use of Matomo
On this website, data is collected and stored using the web analytics service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”) on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes pursuant to Art. 6 para. 1 lit. f DSGVO. Pseudonymized user profiles can be created and evaluated from this data for the same purpose.
The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. If you do not agree with the storage and evaluation of this data from your visit, then you can object to the storage and use for the future at any time by mouse click. In this case, a so-called opt-out cookie will be stored in your browser, with the consequence that Matomo will not collect any session data.

Please note that the complete deletion of your cookies will result in the complete deletion of your cookies will result in the deletion of your cookies will result in the deletion of the opt-out cookie and you may have to reactivate it. As far as legally required, we have obtained your consent pursuant to Art. 6 (1) lit. a DSGVO for the processing of your data as outlined above. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above to make an objection.

The Matomo program is an open source project.
You can obtain information from the third-party provider on data protection at: https://matomo.org/privacy-policy/

Privacy policy for the use of Vimeo plugins
Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
For more information on the handling of user data, please refer to Vimeo’s privacy policy at: https://vimeo.com/privacy

Privacy policy for the use of LinkedIn

Plugins of the social network LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter “LinkedIn”), are integrated on our website. You can recognize the LinkedIn plugins by the LinkedIn logo or the “share button” (“recommend”) on this website (hereinafter collectively referred to as “LinkedIn plugins”). When you visit our website, a direct connection between your browser and the LinkedIn server is established via the LinkedIn plugins. LinkedIn thereby receives the information that you have visited this website with your IP address. If you click the LinkedIn “Share Button” while logged into your LinkedIn account, you can link the content of this website on your LinkedIn profile. This allows LinkedIn to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. Details on data collection (purpose, scope, further processing, use) as well as your rights and setting options can be found in LinkedIn’s privacy policy. LinkedIn provides this information at: http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv

Privacy policy for the use of Xing

The “XING Share button” is used on this website. When you visit this website, your web browser connects for a short time to the servers of XING AG (“XING”), which provides the functions of the “XING Share button” (including a visitor counter). XING does not store any personal data about you and your visit when you access the website. XING does not store IP addresses, nor does XING use cookies to monitor your visit behavior in relation to the “XING share button”. Please visit the following website for the latest version of the privacy policy for the “XING share button” and further information: https://dev.xing.com/plugins/share_button/privacy_policy

Links to other websites

Our website may contain links to the websites of third parties such as XING, LinkedIn, Vimeo or others. scdsoft AG is not responsible for the data protection precautions or the content of the websites of third parties or websites that do not belong to scdsoft AG or affiliated companies.

Web fonts from myfonts.com
This site uses so-called web fonts for the uniform display of fonts, which are provided by MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to the servers of MyFonts. This enables MyFonts to know that our website has been accessed via your IP address. The use of MyFonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
If your browser does not support web fonts, a standard font from your computer will be used. You can find more information about MyFonts at: https://www.monotype.com/de/rechtshinweise/nutzungsbedingungen/ und https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/.

Data management
scdsoft AG will retain personal data only for as long as is necessary for the purpose for which it was collected or for the purposes for which it is required by law.

Data protection information in the application process

  1. We process the applicant data only for the purpose and within the scope of the application procedure in accordance with the legal requirements. The applicant data is processed to fulfill our (pre)contractual obligations within the scope of the application procedure in accordance with Art. 6 para. 1 lit. b. DSGVO Art. 6 para. 1 lit. f. DSGVO insofar as the data processing becomes necessary for us, e.g. within the scope of legal procedures (in Germany, § 26 BDSG also applies).
  2. The application process requires applicants to provide us with applicant data. Required applicant data are personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with the following additional information.
  3. By submitting an application to scdsoft AG, applicants consent to the processing of their data for the purposes of the application process in the manner and to the extent set out in this privacy policy.
  4. Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are voluntarily communicated within the scope of the application procedure, their processing shall additionally be carried out in accordance with Art. 9 (2) lit. b DSGVO (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are requested from applicants as part of the application process, their processing is additionally carried out in accordance with Art. 9
    Para. 2 lit. a DSGVO (e.g. health data if this is necessary for the exercise of the profession).
  5. Applicants can send us their applications by post or by e-mail. However, please note that e-mails are generally not encrypted and applicants must ensure encryption themselves. We can therefore accept no responsibility for the transmission path of the application between the sender and receipt on our server. If the applicant has any concerns about the security of the application documents sent by e-mail, we recommend sending the application documents by post.
  6. The data provided by applicants may be processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job offer is not successful, the applicants’ data will be deleted. The applicants’ data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.
  7. Subject to a justified revocation by the applicant, the data will be deleted after the application process has ended for twelve months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act.
    In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years. If you are awarded a position during the application process, the data will be transferred from the applicant data system to our HR information system and deleted 10 years after the end of the employment relationship.

Invoices for any reimbursement of travel expenses are archived in accordance with tax law requirements.

 

Microsoft Teams Privacy Policy

We use the service “Microsoft Teams ” of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter “Microsoft Teams”) to conduct online meetings, video conferences and/or webinars. In case of using Microsoft Teams, different data are processed.
Here, the scope of the processed data depends on the data you provide before or during participation in an online meeting or video conference or webinar. In the context of using Microsoft Teams, data of the communication participants is processed and stored on Microsoft Teams servers. This data may include, in particular, your login data (name, email address, phone (optional) and password) and meeting data (topic, participant IP address, device information, description (optional)).
In addition, visual and auditory contributions of the participants, as well as voice input in chats may be processed. When processing personal data that is required for the fulfillment of of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time with effect for the future. Incidentally, the legal basis for the processing of data when conducting online meetings, video conferences or webinars is our
legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO in the effective implementation of the online meeting, webinar or video conference.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision of the European Commission.

For more information about Microsoft Teams’ use of data, see the Microsoft Teams privacy policy at: https://privacy.microsoft.com/de-de/privacystatement

 

Data subject rights

You have the right,

  • according to Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or opposition, the existence of a right of complaint, the origin of your data, if they were not collected by us, such as the existence of automated decision-making and, if necessary, meaningful information about its details;
  • demand the correction of inaccurate or the completion of your personal data stored by us without delay in accordance with Art. 16 DSGVO;
  • to request, pursuant to Art. 17 DSGVO, the erasure of personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation on grounds of public interest, or for the establishment, exercise or defense of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
  • in accordance with Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
  • according to Art. 7 (3) DSGVO to revoke your once given consent at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
  • to complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or the registered office of our company for this purpose.

 

The competent supervisory authority for data protection of scdsoft AG is:
Baden-Württemberg Supervisory Authority
The State Commissioner for Data Protection of Baden-Württemberg
P.O. Box 10 29 32, 70025 Stuttgart
Urbanstr. 32, 70182 Stuttgart
Tel. 0711 615541 – 0
Fax: 0711 615541 – 15
Mail: poststelle@lfd.bwl.de
http://www.baden-wuerttemberg.datenschutz.de

For the assertion of the aforementioned rights as well as for questions regarding data protection, you can contact the person responsible or send an appropriate e-mail to dsb@scdsoft.de

 

Right of objection
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f) DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you would like to make use of your right of revocation or objection, it is sufficient to send an e-mail to dsb@scdsoft.de.

Data security
a) Within the website visit, we use the widespread SSL procedure (Secure Sockets Layer) in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
b) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Changes to this privacy policy
Due to current circumstances, such as a change in the relevant data protection regulations, we will update this privacy policy if necessary.

 

Last change: 1st Oct. 2023