Privacy policy

We appreciate your interest in our company and our products and would like you to feel secure when visiting our website, also with regard to the protection of your personal data.

scdsoft AG takes your legitimate data protection concerns very seriously and complies with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG-new), the Telecommunications Digital Services Data Protection Act (TDDDG) and, where applicable, the provisions of other applicable data protection regulations.

All data processing operations (collection, processing and utilisation) by scdsoft AG are carried out in strict compliance with the statutory data protection regulations. We collect, process and use personal data in order to fulfil orders and to further improve the content and functionality of our services.

scdsoft AG handles the data you provide carefully and conscientiously. Insofar as data of any kind is collected, processed or used, this is always done within the framework of the legal provisions or with your express consent.

The protection of privacy is of crucial importance for the future of Internet-based business models and for the development of an Internet-based economy. With this privacy statement, scdsoft AG underscores its commitment to the protection of privacy. In the following, you will learn how scdsoft AG handles personal data on this website.

This privacy policy applies to this and all other websites that refer to this privacy policy. Under certain circumstances, other data protection provisions apply to individual scdsoft AG companies. We therefore ask you to carefully read the data protection statements of all scdsoft websites you visit.

Responsible person according to Art. 4 para. 7 of the Basic Data Protection Regulation (DSGVO) is:
scdsoft AG
Albert-Nestler-Straße 21
76131 Karlsruhe

Mannheim Local Court Commercial Register Number: HRB 109104
Sales tax identification number: DE 811449988
Phone: +49 721 160800 – 0
Fax: +49 721 160800 – 99
E-Mail: info@scdsoft.de
Internet: www.scdsoft.de

You can reach our data protection officer at scdsoft AG at:
scdsoft AG
Thomas Fletschinger
E-Mail: dsb@scdsoft.de

Global data protection standards

Our handling of personal data has been aligned with global principles and standards with regard to transparency in the use of personal data, observance and granting of rights of choice, access regulations, rules on data integrity, data security, data sharing and monitoring the lawfulness of processing. In particular, scdsoft AG complies with the General Data Protection Regulation (DSGVO).

Consent

By using this website, you consent to the electronic storage and use of your data as described below. Changes to this privacy policy will always be posted on this page so that you are always aware of what data scdsoft AG stores and how it is used. Where required by applicable data protection law, we will also expressly ask for your consent for the further processing of personal data collected on this website or provided by you.

Cookie consent with Borlabs cookie
 Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to store certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consents you have given or the revocation of these consents. This data is not shared with the Borlabs cookie provider.

The collected data will be stored until you request us to delete it or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found under https://borlabs.io/kb/what-information-does-borlabs-cookie-store/.

The use of Borlabs cookie consent technology takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

Manage cookie settings

 

Collection and processing of personal data
 scdsoft AG would like to better understand your needs and interests and provide you with optimal service. Therefore, scdsoft AG collects and uses personal information in the manner described below and in accordance with applicable data protection law.

When you visit our website, we collect your IP address and use cookies and other Internet technologies (hereinafter referred to as “automated tools” and “integrated web links”) that help us obtain general information about visitors to our website and their interests. Below we explain which technologies are used and what kind of information is collected with them.

We also collect and process data that you voluntarily provide to us, for example, when you register for events, subscribe to newsletters, participate in online surveys, join discussion groups or forums, or make purchases. In addition, we collect and process data that you voluntarily provide to us, for example, when you register for events, subscribe to newsletters, participate in online surveys, join discussion groups or forums, or make purchases.

What data do we collect and why?
With the help of the collected data, scdsoft AG would like to provide you with consistent personal support. scdsoft AG will use your data exclusively as described in this statement or at the time of collection. Any subsequent change in the purpose of use is subject to your express consent, unless the change is otherwise legitimized by applicable law.

We always process your personal data for a specific purpose.In particular, we may process your personal data for the following purposes:

  • to manage our relationship with you, for example, through our databases, in which we aggregate data about you from our various sources to provide an overview of how we work together; and to improve and personalize our understanding of your preferences and our communications with you;
  • for order processing and delivery of ordered services and products.
  • to carry out tasks for the preparation or performance of contracts;
  • to provide evidence of business transactions;
  • to provide you with appropriate and up-to-date information and our products and services;
  • to improve the quality of our products and services by adapting our offer to your specific needs;
  • to answer your inquiries and provide you with efficient support;
  • to track our activities (e.g., measure collaboration or sales, number of appointments/meetings, topics discussed, materials presented);
  • to invite you to events sponsored by us or used by us (e.g., lectures, conferences);
  • to grant you access to our specified IT systems so that you can use certain services provided by scdsoft AG;
  • to manage our IT resources, including infrastructure management and business continuity.;
  • to protect the Company’s economic interests and ensure compliance and reporting (e.g., adhering to our policies and local regulatory requirements, taxes and deductions, complying with internally established grant limits, managing alleged instances of misconduct or fraud, conducting audits, and defending litigation).;
  • for archiving and logging;
  • for the processing of job inquiries
  • for invoicing and accounting as well as
  • other purposes prescribed by law and by the authorities.
  • In certain cases, we are required by law to transmit data to a requesting government agency (institution or authority). The legal basis for the processing is Art. 6 para. 1 c DSGVO or § 24 para. 2 no. 1 BDSG.
  • in some cases, business partners require personal data from our customers. This usually takes place in the context of order fulfillment (e.g. in the case of complaints). This is expressly provided for by law. In this case, scdsoft AG remains responsible for the protection of your data – if necessary, in addition to the order processor. The respective business partner works according to our instructions, which scdsoft AG ensures through strict contractual regulations.
  • to fulfill the legal obligations for recording, documentation and reporting to competent authorities.

IP addresses
IP addresses are used for malfunction analysis, website administration, and to gather demographic information. Furthermore, we use IP addresses and possibly other information that you have provided to us on this website to learn which pages from our offer are accessed and which topics our Visitors are interested in. We use the insights gained to be able to offer you an optimized range of information on our products and services. As a matter of principle, scdsoft AG only collects such data in anonymized form and will not link it to a registered user’s profile without the user’s consent. When visiting our website, only the domain name is recorded by default.

scdsoft AG only collects data in connection with your visit to the scdsoft website. We do not collect any personal data in connection with your visits to the websites of other companies or organizations that are not part of scdsoft AG.

Cookies

  • we use cookies on our website or websites. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablets, smartphone, etc.) when you visit our websites. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware. In the cookie, information is stored that arises in each case in connection with the specific end device used. This does not mean, however, that we gain direct knowledge of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our websites. These are automatically deleted after you leave our site.
  • in addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our website again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again..
  • on the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies enable us to automatically recognize that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time..
  • the cookies process data and are necessary for the stated purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 (1) p. 1 lit. f) DSGVO.
  • most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

E-mail addresses
If you give us your e-mail address or provide it via the contact form, we will also contact you by e-mail. We will not pass on your e-mail address to third parties outside scdsoft AG. You can choose at any time not to receive any more e-mails from scdsoft AG.

Orders and registration for events
 Our website contains forms that you can fill out to request information, products and services.

Use of external service providers
We work with service providers who process certain data on our behalf. This is done exclusively in accordance with the applicable data protection law. In particular, we have concluded data processing agreements on behalf of our service providers that meet the requirements of Article 28 of the GDPR.

Newsletter notices and consents
With the following information, we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.

Newsletter content
We send newsletters and e-mails advertising information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. The contents circumscribed in the context of a registration for the newsletter are decisive for the consent of the users.

Double opt-in and logging
The registration for our newsletter takes place in a so-called double opt-in process. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address.

Login data
To register for the newsletter, it is sufficient to enter your e-mail address. In addition, we use other data such as name and first name, country and customer group. This information is only used for personalization and segmentation of the newsletter.

Statistical survey and analyses
The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times.

The statistical surveys also include the determination of whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is not our intention to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Disclosure of data, transfer to third country
The transfer of your personal data to third parties for purposes other than those listed below does not take place. We will only disclose your personal data to third parties if:

  • you have given your express consent in accordance with Art. 6 (1) p. 1 lit. a) DSGVO, § 26 (2) Federal Data Protection Act (BDSG).,
  • the disclosure is necessary in accordance with Art. 6 para. 1 p. 1 lit. f) DSGVO for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.,
  • in the event that a legal obligation exists for the disclosure pursuant to Art. 6 (1) sentence 1 lit. c) DSGVO as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b) DSGVO, § 26 para. 1 BDSG for the processing of a contractual relationship with you or for pre-contractual measures at your instigation..

A transfer to a third country or an international organization is not intended and there is no automated decision making, unless otherwise provided for in this privacy policy.

If necessary, information will also be passed on by scdsoft AG to business partners, service providers, third parties or subcontractors. This may be necessary to provide a service or transaction requested by you, such as order processing, for customer service purposes or to inform you about services or products and services.

Your personal information will not be disclosed, sold or otherwise made available to third parties for marketing purposes without your prior consent.

scdsoft AG may be required to disclose your data and related information in response to a court or regulatory order. We also reserve the right to use your data to assert or defend legal claims.

In the event of an acquisition or merger with another company, disclosure or transfer of personal data to potential or actual buyers may be required. In such a case, scdsoft AG will strive to protect the data as much as possible.

In accordance with applicable law, we reserve the right to store and disclose personal and other data for the purpose of detecting and combating illegal activities and attempted fraud or a violation of the scdsoft AG Terms of Use.

Analysis tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) p. 1 lit. f) DSGVO. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the tracking tools described in more detail below.

Privacy policy for the use of Matomo
On this website, data is collected and stored using the web analytics service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”) on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes pursuant to Art. 6 para. 1 lit. f DSGVO. Pseudonymized user profiles can be created and evaluated from this data for the same purpose.

The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. If you do not agree with the storage and evaluation of this data from your visit, then you can object to the storage and use for the future at any time by mouse click. In this case, a so-called opt-out cookie will be stored in your browser, with the consequence that Matomo will not collect any session data.

Please note that the complete deletion of your cookies will result in the complete deletion of your cookies will result in the deletion of your cookies will result in the deletion of the opt-out cookie and you may have to reactivate it. As far as legally required, we have obtained your consent pursuant to Art. 6 (1) lit. a DSGVO for the processing of your data as outlined above. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above to make an objection.

The Matomo program is an open source project.

You can obtain information from the third-party provider on data protection at: https://matomo.org/privacy-policy/.

Privacy policy for the use of Vimeo plugins
Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.

For more information on the handling of user data, please refer to Vimeo’s privacy policy at: https://vimeo.com/privacy.

Privacy policy for the use of LinkedIn

Plugins of the social network LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter “LinkedIn”), are integrated on our website. You can recognize the LinkedIn plugins by the LinkedIn logo or the “share button” (“recommend”) on this website (hereinafter collectively referred to as “LinkedIn plugins”). When you visit our website, a direct connection between your browser and the LinkedIn server is established via the LinkedIn plugins. LinkedIn thereby receives the information that you have visited this website with your IP address. If you click the LinkedIn “Share Button” while logged into your LinkedIn account, you can link the content of this website on your LinkedIn profile. This allows LinkedIn to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. Details on data collection (purpose, scope, further processing, use) as well as your rights and setting options can be found in LinkedIn’s privacy policy. LinkedIn provides this information at: https://www.linkedin.com/legal/privacy-policy.

Privacy policy for the use of Xing

The “XING Share button” is used on this website. When you visit this website, your web browser connects for a short time to the servers of XING AG (“XING”), which provides the functions of the “XING Share button” (including a visitor counter). XING does not store any personal data about you and your visit when you access the website. XING does not store IP addresses, nor does XING use cookies to monitor your visit behavior in relation to the “XING share button”. Please visit the following website for the latest version of the privacy policy for the “XING share button” and further information: https://dev.xing.com/plugins/share_button/privacy_policy

Links to other websites

Our website may contain links to the websites of third parties such as XING, LinkedIn, Vimeo or others. scdsoft AG is not responsible for the data protection precautions or the content of the websites of third parties or websites that do not belong to scdsoft AG or affiliated companies.

Web fonts from myfonts.com
 This site uses so-called web fonts for the uniform display of fonts, which are provided by MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to the servers of MyFonts. This enables MyFonts to know that our website has been accessed via your IP address. The use of MyFonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

If your browser does not support web fonts, a standard font from your computer will be used. You can find more information about MyFonts at: https://www.monotype.com/legal/terms-use and https://www.monotype.com/legal/privacy-policy.

Data management
 scdsoft AG will retain personal data only for as long as is necessary for the purpose for which it was collected or for the purposes for which it is required by law.

Data protection information in the application process

  1. We process the applicant data only for the purpose and within the scope of the application procedure in accordance with the legal requirements. The applicant data is processed to fulfill our (pre)contractual obligations within the scope of the application procedure in accordance with Art. 6 para. 1 lit. b. DSGVO Art. 6 para. 1 lit. f. DSGVO insofar as the data processing becomes necessary for us, e.g. within the scope of legal procedures (in Germany, § 26 BDSG also applies).
  2. The application process requires applicants to provide us with applicant data. Required applicant data are personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with the following additional information.
  3. By submitting an application to scdsoft AG, applicants consent to the processing of their data for the purposes of the application process in the manner and to the extent set out in this privacy policy.
  4. Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are voluntarily communicated within the scope of the application procedure, their processing shall additionally be carried out in accordance with Art. 9 (2) lit. b DSGVO (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are requested from applicants as part of the application process, their processing is additionally carried out in accordance with Art. 9
    Para. 2 lit. a DSGVO (e.g. health data if this is necessary for the exercise of the profession).
  5. Applicants can send us their applications by post or by e-mail. However, please note that e-mails are generally not encrypted and applicants must ensure encryption themselves. We can therefore accept no responsibility for the transmission path of the application between the sender and receipt on our server. If the applicant has any concerns about the security of the application documents sent by e-mail, we recommend sending the application documents by post.
  6. The data provided by applicants may be processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job offer is not successful, the applicants’ data will be deleted. The applicants’ data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.
  7. Subject to a justified revocation by the applicant, the data will be deleted after the application process has ended for twelve months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act.
    In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years. If you are awarded a position during the application process, the data will be transferred from the applicant data system to our HR information system and deleted 10 years after the end of the employment relationship.

Invoices for any reimbursement of travel expenses are archived in accordance with tax law requirements.

Data protection information for the use of Microsoft 365

We would like to inform you below about the processing of personal data in connection with the use of Microsoft 365 products.

1. Purpose of processing

scdsoft AG uses the Microsoft 365 application package as a work tool. Microsoft 365 consists of various applications (e.g. MS Teams, MS Office, MS SharePoint, MS OneDrive), all of which are operated in the cloud.

We also use the Microsoft 365 tool to communicate with you and to conduct telephone conferences, online meetings, video conferences and surveys, as well as queries with our clients, cooperation partners, service providers, suppliers, customers and participants.

2. Information about Microsoft 365 software

We use Microsoft 365 software from Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399 USA (hereinafter ‘Microsoft’). This is operated as a cloud application. In some cases, a user account must be created to use the individual components. If this user account was not created by us and made available to you, Microsoft is the responsible body or the body that provided you with the access data.

In addition, Microsoft reserves the right to process user data for its own business purposes. In this context, Microsoft is the responsible body. We have only limited influence over Microsoft’s use of your usage data. We take all possible measures to minimise the transfer of your usage data to Microsoft as far as possible, but cannot completely prevent this.

Details and contact information, in particular regarding your rights vis-à-vis Microsoft, can be found at the following links if you have any questions about this topic:

General: https://privacy.microsoft.com/de-de/privacystatement

Regarding Microsoft 365 Teams: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy

We have concluded data protection agreements with Microsoft to guarantee a minimum level of data protection. To this end, we have agreed that the processing of personal data by Microsoft will generally take place on servers in the EU.

For some services, however, data is still transferred to the USA, which is considered by the EU to be an unsafe third country in terms of data protection. In order to establish an adequate level of data protection in third countries comparable to that within the European Union, standard contractual clauses have also been concluded with Microsoft.

Please note that we have only limited influence over the processing of your usage data by Microsoft. To the extent that Microsoft processes personal data in connection with Microsoft’s legitimate business operations, Microsoft is the independent data controller for this use and, as such, is responsible for complying with all applicable laws and obligations of a data controller.

3. Data processing for the technical delivery of services:

Certain information is automatically processed as soon as you access one of the Microsoft 365 applications:

  • IP address, technical information for the delivery of a correct web page
  • Data required for authentication, licence use, logging and misuse detection
  • Date and time of access, type of access

To investigate and prosecute legal violations:

If necessary to investigate illegal or abusive use of Microsoft 365 services or for legal prosecution, personal data will be forwarded to law enforcement agencies or other authorities, as well as to injured third parties or legal advisors, if applicable. However, this will only happen if there are indications of illegal or abusive behaviour. Disclosure may also take place if it serves to enforce terms of use or other legal claims. We are also legally obliged to provide information to certain public authorities upon request. These include law enforcement agencies, authorities that prosecute administrative offences punishable by fines, and tax authorities.

The processing of this information serves our legitimate interest in the effective provision and security of the services used, as well as for legal prosecution. The legal basis is Art. 6(1)(f) GDPR.

When using Microsoft 365 Teams

We use the Microsoft 365 Teams tool as an exchange platform for a variety of communications, including

  • to conduct training measures/online seminars
  • for virtual one-on-one meetings
  • for group meetings

In some cases, participation is possible without login details, in other cases you must log in with your access data to participate in such meetings.

The following data is collected, which can usually also be displayed to the other participants:

  • Your user name (access data for Microsoft 365 applications)
  • At least the display name you have entered yourself
  • A dial-in number that you use when dialling into a meeting by telephone

possibly other identification features:

  • Information about yourself that you have stored as a user within Microsoft 365, in particular the following master data:
    • Surname, first name, contact details such as telephone number, email address, fax number, if entered by you or the organisation from which you received the access data.
  • Other voluntary data (such as a profile picture you have stored)
  • Communication content (text, audio, video)
  • If audio or video content is recorded, you will be notified separately.

To enable video display and audio playback, data from your device’s microphone and any video camera on your device will be processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the video conference application.

Further technical usage data is collected in the process:

  • Data within the scope of multi-factor authentication that you have stored yourself in your Microsoft account (e.g. optionally your (private) mobile phone number)
  • Information about the data/files/documents that were accessed
  • All activities related to use, such as creating, changing or deleting a document, setting up a team (and channels in teams), taking notes in a notebook, starting a chat, replying in a chat

Insofar as the meetings take place within the framework of a contractual relationship between us, data processing is based on Art. 6(1)(b) GDPR. If no contractual relationship exists, the legal basis is Art. 6(1)(f) GDPR. In this case, our interest lies in the effective implementation of online meetings.

4. Recipients / disclosure of data

Personal data processed in connection with the use of Microsoft 365 products will not be disclosed to third parties, except in the cases described in section 5, unless it is specifically intended for disclosure.

5. Data processing outside the European Union

At least some of your data will also be transferred and processed outside the EU or the EEA, namely in the USA and other third countries.

The possible adequate level of protection is ensured by the conclusion of standard data protection clauses in accordance with Art. 46(2)(c) or (d) GDPR.

6. Deletion of data

We delete personal data as a matter of principle when there is no longer any need for further storage. A need may exist in particular if the data is still required to fulfil contractual services, to comply with retention obligations or to enforce or defend legal claims. In the case of statutory retention obligations, deletion will only be considered after the respective retention obligation has expired. If you are registered as a user with Microsoft 365, reports on your usage data (login data and IP addresses, other metadata, telephone dial-in data, etc.) may be stored by the provider for up to 90 days.

If we store your data in data backups, it will be overwritten regularly and in a manner appropriate to our operations.

Data subject rights

You have the right,

  • according to Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or opposition, the existence of a right of complaint, the origin of your data, if they were not collected by us, such as the existence of automated decision-making and, if necessary, meaningful information about its details;
  • demand the correction of inaccurate or the completion of your personal data stored by us without delay in accordance with Art. 16 DSGVO;
  • to request, pursuant to Art. 17 DSGVO, the erasure of personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation on grounds of public interest, or for the establishment, exercise or defense of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
  • in accordance with Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
  • according to Art. 7 (3) DSGVO to revoke your once given consent at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
  • to complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or the registered office of our company for this purpose.

The competent supervisory authority for data protection of scdsoft AG is:
Baden-Württemberg Supervisory Authority
The State Commissioner for Data Protection of Baden-Württemberg
P.O. Box 10 29 32, 70025 Stuttgart
Urbanstr. 32, 70182 Stuttgart
Tel. 0711 615541 – 0
Fax: 0711 615541 – 15
Mail: poststelle@lfd.bwl.de
http://www.baden-wuerttemberg.datenschutz.de

For the assertion of the aforementioned rights as well as for questions regarding data protection, you can contact the person responsible or send an appropriate e-mail to dsb@scdsoft.de

Right of objection
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f) DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you would like to make use of your right of revocation or objection, it is sufficient to send an e-mail to dsb@scdsoft.de.

Data security
a) Within the website visit, we use the widespread SSL procedure (Secure Sockets Layer) in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
b) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Changes to this privacy policy
Due to current circumstances, such as a change in the relevant data protection regulations, we will update this privacy policy if necessary.

 

Last change: 1st Oct. 2025