We, the WIBU-SYSTEMS AG, Rueppurrer Str. 52-54, 76137 Karlsruhe, Germany (hereinafter “we/our"), take the protection of your personal data very seriously and strictly adhere to all applicable laws and regulations on data protection, in particular the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG). The following explanations will give you an overview of how we ensure this protection and which data we process for which purpose.
Controller within the meaning of Art. 4 No 7 GDPR
WIBU-SYSTEMS AG Rueppurrer Str. 52-54 76137 Karlsruhe Germany Tel.: +49-721-93172-0 Fax: +49-721-93172-22 e-mail: info(at)wibu.com
Every time you access our website and every time you retrieve a file, general data about this process is automatically stored in a log file. The storage serves exclusively system-related and statistical purposes (on the basis of Art. 6 para. 1 letter b) GDPR), as well as in exceptional cases for reporting criminal offences (on the basis of Art. 6 para. 1 letter e) GDPR).
The data will not be passed on to third parties or evaluated in any other way, unless there is a legal obligation to do so (Art. 6 para. 1 letter e) DSGVO).
In detail, the following data record is stored for each retrieval:
name of the retrieved file
date and time of retrieval
the amount of data transferred
message as to whether the retrieval was successful
description of the type of web browser used
operating system used
the previously visited page
your IP address
Personal data will only be processed by us if we are legally permitted to by statutory provisions or you haven given us your consent.
Contact: If you contact us, we will store your data on the basis of Art. 6 para. 1 letter b) GDPR for the purpose of processing your request, as well as in the event that further correspondence should take place.
Corporate Newsletter: We would be pleased to inform you about current topics concerning our products and our company via our newsletter. To send a newsletter we need your name and your e-mail address. You can enter both in the forms provided. Your data will only be processed by us for the purpose of sending you our newsletter. You can unsubscribe from the newsletter at any time and thus object to the further use of your data. At the bottom of each newsletter, you find the link to unsubscribe. The legal basis for data processing is Art. 6 para. 1 letter b) GDPR.
Product Release Notes and Product Change Notifications: With our Tech News Flash and our PCN services, we provide our customers with information about product updates and upgrades, security enhancements, and end-of-life notifications. As a customer, you will receive this information without your explicit consent. The legal basis for data processing is Art. 6 para. 1 letter f) GDPR..
Registration: In order to use our support and download offer or webinar offer, you must register on our website. For this purpose we need various information from you, e.g. first and last name, address, e-mail address. You will also be asked to enter a user name and set up a password to secure your account. For verification you will also receive an email from us to the email address you provided, in which you must click on a confirmation link. Your data will only be used by us for the purpose of administering your registration and, if necessary, for contacting you or providing services in connection with your registration. With your access data you also have the possibility to complete or update your data at any time. The legal basis for this data processing is Art. 6 para. 1 letter b) GDPR, or your consent upon completion of your registration and thus Art. 6 para. 1 letter a) GDPR.
Order: If you place an order with us, your data (first and last name, address, e-mail address, payment data, etc.) will be processed by us exclusively for this purpose and, if necessary, transmitted to companies involved in the performance of the contract (suppliers, payment service providers). The legal basis for this data processing is Art. 6 para. 1 letter b) GDPR. No further data processing takes place.
Webinars: For webinars we use the tool "Go-to-Webinar" provided by LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson's Quay, Dublin 2, Ireland. We have entered into a data protection agreement with LogMeIn to process your personal data in accordance with legal requirements. The legal basis for this data processing is Art. 6 para. 1 letter b) GDPR, or your consent upon completion of your registration and thus Art. 6 para. 1 letter a) GDPR.
Application and application process: If you apply for one of our job advertisements, we store your data on the basis of Art. 6 para. 1 letter a) GDPR for the purpose of carrying out and handling the application process. In any case, the data processing is permitted pursuant to Art. 6 para. 1 letter b) GDPR for the implementation of a pre-contractual measure in the form of the implementation and handling of the application process. The personal data transmitted to us in the context of your application will only be processed for purposes in connection with your interest in employment with us and the processing of your application. The data will not be passed on to third parties. If your application is successful, your details will be transferred to the personnel file. If your application is not successful, we will delete your data after completion of the application process and the legal retention period.
We use so-called cookies in some areas of our website. Such file elements allow your computer to be identified as a technical unit during your visit to this website in order to facilitate your use of our services - even during repeated visits.
Cookies do not allow a server to read private data from your computer or data stored by another server. They do no damage to your computer and contain no viruses.
Use of analysis tool "Matomo" (previously known as "Piwik")
You can also object to the use of your data by Matomo by making use of the following option:
A cookie is stored on your browser, which only contains the information that no data may be collected about you by Matomo. Previously stored cookies are then deleted. However, should you delete all cookies in your browser, you may have to object to the use of your data again.
You can decide here whether a unique web analysis cookie may be stored in your browser to enable us to collect and analyze various statistical data. If you choose not to, you can place the Matomo deactivation cookie in your browser by clicking on the following link.
The use of the aforementioned analysis tool is based on Art. 6 para. 1 letter f) GDPR: the processing takes place for the analysis of the usage behavior and is therefore necessary to protect our legitimate interests.
Our US website also uses Pardot, a service of Salesforce.com Inc., The Landmark @ One Market Street, San Francisco, CA 94105, USA. Pardot sets a maximum of three cookies. These are text files that are stored on your computer and allow an analysis of the use of the website. The cookies set are a "Visitor Cookie", an "Opt-In Cookie" and a "Pardot App Session Cookie". An identification number is generated via the "visitor cookie", which is used to recognize the visitor's browser. The identification number is a generated numerical code that has no meaning outside of Pardot Services. The "Opt-In Cookie" ensures that no "Visitor Cookie" is set by those visitors who have chosen the "Do Not Track" setting in their browser. The "Pardot App Session Cookie" is only set if a customer logs into the Pardot App as user. All cookies only receive the generated number code. Personal data is not collected in this respect. If you want to prevent tracking by Pardot, you can ensure this by your browser settings, or by a corresponding extension of your browser.
For your protection we use the service invisible reCAPTCHA of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google"). The query serves to differentiate whether the input is made by a person or abusively by automated machine processing. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose your input will be transmitted to Google and used there.
However, if IP anonymization is activated on this website, Google will reduce your IP address within Member States of the European Union or in other countries party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser within the scope of reCAPTCHA is not merged with other Google data.
We would like to point out that IP anonymization is active on this site in order to guarantee anonymous collection of IP addresses (so-called IP masking).
The use of invisible reCAPTCHA is based on Art. 6 para. 1 letter a) GDPR. With confirmation of the inquiry you give us your consent to data processing. In any case, data processing is permissible pursuant to Art. 6 para. 1 letter f) GDPR; the query serves to protect access and is intended to ensure human action. It is therefore in our legitimate interest.
We currently use the following social media plug-ins: Facebook, Twitter, LinkedIn, Flickr, YouTube, Google+. We use the so-called Shariff solution. This means that when you visit our website, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data specified in section 2 of this policy will be transmitted. In the case of Facebook, according to the provider, the IP address is anonymized in Germany immediately after collection. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the grayed-out box using your browser's security settings.
We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place in particular (also for users who are not logged in) for the representation of demand-fair advertisement and in order to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, for which you must contact the respective plug-in provider to exercise this right. Through the plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 letter f) GDPR.
The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.
For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the data protection declarations of these providers as notified below. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
Addresses of the respective plug-in providers and URL with their data protection information:
Your personal data will be stored for the duration of the respective legal retention period and subsequently deleted routinely, unless your personal data is still required thereafter to achieve the respective storage purpose (e.g. to fulfil the contract or to initiate the contract).
After 3 years at the latest, we will check whether your data is still needed and whether there is a legal obligation to store it.
Your rights as data subject
Right of Access: You have the right to request confirmation from us whether personal data concerning you will be processed. Please send an email to dataprotection(at)wibu.com. As a registered customer you can also contact us at https://my.codemeter.com.
Rectification / Erasure / Restriction of Processing: Furthermore, you have the right to require us to - correct incorrect personal data concerning you without delay (right of correction); - delete personal data relating to you immediately (right of deletion) and - restrict the processing (right to restrict processing). Please send an email to dataprotection(at)wibu.com. As a registered customer you can also contact us at https://my.codemeter.com.
Data Portability: You have the right to receive personal data concerning you, which you have provided to us, in a structured, common and machine-readable format and to transmit this data to another person responsible. Please send an email to dataprotection(at)wibu.com. As a registered customer you can also contact us at https://my.codemeter.com.
Right to Revoke: You have the right to revoke your consent at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation. Please send an email to dataprotection(at)wibu.com. As a registered customer you can also contact us at https://my.codemeter.com.
Right to Object: If the processing of personal data concerning you is necessary for the performance of a task which is in the public interest (Art. 6 para. 1 letter e) GDPR) or for the protection of our legitimate interests (Art. 6 para. 1 letter f) GDPR), you have a right of objection. Please send an email to dataprotection(at)wibu.com. As a registered customer you can also contact us at https://my.codemeter.com.
Right of Appeal: If you believe that the processing of personal data concerning you violates the GDPR, you have the right of appeal to a supervisory authority, without prejudice to any other remedies.
Our Data Protection Officer
WIBU-SYSTEMS AG Dr. Peer Wichmann Rueppurrer Str. 52-54 76137 Karlsruhe Germany Phone: +49-721-93172-0 Fax: +49-721-93172-22 email: dataprotection(at)wibu.com
For the security of your data we use the latest Internet technologies. During the online inquiry process your data is secured with SSL encryption. For secure storage of your data, our systems are protected by firewalls that prevent unauthorized access from outside.
In addition, we use technical and organizational security measures to protect your personal data provided to us from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our contractual partners who have access to your data in order to provide services to you on our behalf are contractually obliged to maintain data protection and confidentiality.
Reservation of amendments
Transfer of data
If we use subcontractors to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
If data is transferred to a third country, i.e. a country in which the GDPR is not a directly applicable law, i.e. countries outside the EU or the European Economic Area, the data will only be transferred if an appropriate level of data protection is ensured, or if your consent or other legal permission is available.
The transfer of data could make use of auxiliary services like transportation or telecommunication services.