Privacy Policy

This Privacy Policy provides an overview of the processing of personal data by the companies of the CADFEM Group, described in more detail in Section 2 of this policy, within the scope of the General Data Protection Regulation (GDPR).

This Privacy Policy serves to inform you about the type and scope of personal data processed by us and the purposes and legal grounds for such processing. Furthermore, we wish to draw your attention to your rights regarding personal data processing by us. Insofar as we use terms that are also used in the GDPR, such as “personal data”, “processing”, “data subject” and “controller”, these terms have the meanings defined in detail in Art. 4 GDPR.

The personal data processed by us, the purposes for which it is processed and the legal grounds upon which it is processed depend on the services you use and/or the agreements you have made with us (e.g. online content, products and/or services ordered or requested). Not all parts of this Privacy Policy will therefore apply to you.

This Privacy Policy does not replace the information that we provide to you separately and in relation to your individual case each time your personal data is collected or when contacting you for the first time. However, it supplements these references.

When processing personal data, we comply with the provisions of the General Data Protection Regulation (GDPR) and, as applicable, with the provisions of other relevant statutory provisions of national legislation on data protection, e.g. in Germany the Federal Data Protection Act (BDSG), and any other legislation, e.g. in Germany the Unfair Competition Act (UWG).

We use binding contractual agreements to protect sensitive non-personal data, e.g. data about products (development status, design data, functional samples, simulation results), which you entrust to us as a customer in the context of the services we offer in the form of support, advice and/or commissioned calculation. Our obligations arising from these agreements extend considerably further than the obligations arising from the statutory provisions (in Germany, for example, from the Act to Protect Business Secrets - GeschGehG).


1. PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA

The controllers within the meaning of the GDPR observe the standard principles for processing of personal data set out in Art. 5(1) GDPR. These are lawfulness, fairness, transparency, limitation of purpose, data minimization, correctness, limitation of storage, integrity and confidentiality.

Within the framework of a comprehensive data protection management system, the controllers have put in place the technical and organizational prerequisites that allow demonstration of compliance with these principles, as described in Art. 5(2) GDPR (accountability obligation).


2. NAME AND CONTACT DETAILS OF THE CONTROLLER

The controllers within the meaning of the GDPR are the following legally independent companies of the CADFEM Group.

CADFEM International GmbH
Am Schammacher Feld 37
85567 Grafing near Munich
GERMANY

Phone: +49 (0)8092-7005-97
E-Mail: info@cadfem-international.com


3. CONTACT DETAILS OF THE DATA PROTECTION OFFICER

You can contact our data protection officer at
E-mail: datenschutz@cadfem.de
Phone: +49 8092-7005-10


4. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

Your personal data will only be processed by us if you have consented to its processing for the relevant purpose (Art. 6(1) sentence 1 point (a) GDPR), if processing is necessary for the execution of a contract or for the implementation of pre-contractual measures (Art. 6(1) sentence 1 point (b) GDPR), if we have an overriding interest in its processing (Art. 6(1) sentence 1 point (f) GDPR) or if the GDPR or another law permits or prescribes its processing (Art. 6(1) sentence 1 point (c) GDPR).


5. TARGET GROUP

Personal data of minors (under the age of 16) will not be knowingly collected by us or used in any form. As a rule, we do not know the age of visitors to our website. However, we have not taken any specific measures to protect such data. Persons under the age of 16 may not submit personal data without the explicit consent of their parents or guardians.


6. SOURCES, TYPES AND PURPOSES OF PERSONAL DATA PROCESSED BY US

We process personal data that we receive directly from you from the sources listed below.

In connection with the request for your personal data, you will be informed separately and on a case-by-case basis of the purposes for which your data is processed, the legal grounds on which your data is processed and your rights in connection with personal data processed by us. Detailed information about your rights can be found in Section 10 of this Privacy Policy.

In addition, we process personal data that we lawfully obtain from publicly accessible sources (e.g. the press or the internet) or that is lawfully transmitted to us by other companies of the CADFEM Group or by other third parties. In this case, we provide you with the information specified in Art. 14(3) GDPR within the deadlines specified there. Detailed information can be found in Section 14 of this Privacy Policy.


A) OUR WEBSITE

I) DATA PROCESSING ON OUR WEBSITES

a) Collection of access data and log files

When you access our website, we process data about your access to the server on which we provide our site. Server log files are created in the process. The information stored includes the names of the web pages and files accessed, the date and time of access, the volume of data transferred, confirmation of successful access, the browser type you are using including its version, the operating system you are using, the so-called referrer URL (this is the website you visited before accessing our website and from which you followed a link to our web service), your IP address and the provider through which our website was accessed. The purpose of processing your personal data in this case is to ensure the security of our website. The legal basis for processing your personal data is our legitimate interest in pursuing this purpose, Art. 6(1) sentence 1 point (f) GDPR. Server log files relating to you are stored for a maximum of seven days and deleted thereafter, unless longer storage is required for evidential purposes.


b) Cookies

Our web services use so-called cookies. These serve to make our web service more user-friendly, effective and secure. Cookies are small text files that are set on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies” and are therefore automatically deleted at the end of your visit to our website. Detailed information about the cookies we use (in particular their names, providers - with a link to their privacy policy - purpose, expiration/storage period and type) can be found in the separate cookie information at the end of this page. Cookies do not damage your computer and do not contain viruses.


c) Data transfers to a country outside the European Economic Area

If you have given your consent, your personal data may be transmitted to servers of a third-party provider (e.g. Google, LinkedIn, etc.) whose servers are located in the USA or another third country (i.e. a country outside the European Economic Area (EEA)). We would like to point out that the level of data protection in the USA and other third countries is not comparable to the EU. You are therefore at risk of access to this data by a government agency. This risk may also exist with regard to other third countries. The admissibility of these data transfers to the USA and other affected third countries is based on your express consent, which you have given after being informed of the risks, pursuant to Art. 49(1) sentence 1 point (a) GDPR.


d) Google Analytics

We use Google Analytics in our web services. This is a web analytics service provided by Google LLC (“Google”). The responsible service provider in the EU and Switzerland is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses so-called cookies. These are text files that are stored on your computer and that allow an analysis of the use of our web services by you. The data generated by the cookies about your use of our web services is transmitted to a Google server and stored there. The IP address you use when visiting our web services is only stored in anonymous form (via an irreversible truncation of the IP address).

Data is only collected and stored by Google Analytics if you have given your permission for the corresponding cookie class in the cookie consent banner.

You can also prevent collection of the data generated by the cookies of Google Analytics and related to your use of our web services (including your IP address) and processing of that data by Google Analytics by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout.You can also prevent collection by Google Analytics by clicking on the following link. Your objection will then be implemented by an opt-out cookie, which prevents future collection of your data when using the current browser to visit our web services: disable collection of data by Google Analytics for this website.

Data is only collected and stored by Google Analytics if you have given your permission for the corresponding cookie class in the cookie consent banner. Your personal data is transferred to the USA, where the level of data protection is not comparable to the EU. You are therefore at risk of access to this data by a government agency.

The legal basis for data processing is Art. 6(1) sentence 1 point (a) GDPR in conjunction with Art. 49(1) sentence 1 point (a) GDPR.


e) Google Ads

We use the online advertising system Google Ads of Google LLC. (“Google”). The responsible service provider in the EU and Switzerland is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). We use so-called conversion tracking in this connection and so-called remarketing in connection with Google Analytics (see above).

Data is only collected and stored by Google Ads if you have given your permission for the corresponding cookie class in the cookie consent banner.


l) Google Maps

We offer Google Maps services from Google LLC (“Google”) on our website. The responsible service provider in the EU and Switzerland is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). By using this service, you agree to the collection, processing and use of data collected automatically by Google LLC, its agents and third parties. The terms of use of Google Maps can be found under “Terms of Use of Google Maps”.

The legal basis for data processing is Art. 6(1) sentence 1 point (a) GDPR in conjunction with Art. 49(1) sentence 1 point (a) GDPR.

Data is only collected and stored by Google Maps if you have given your permission for the corresponding cookie class in the cookie consent banner.


II) ONLINE PRESENCE ON SOCIAL MEDIA

We maintain online presences on social networks and platforms, in particular Facebook, Twitter, YouTube, LinkedIn and Xing, in order to communicate with customers and potential and existing users who are active there and to inform them about our services. When accessing these networks and platforms, the terms and conditions and data processing regulations of the respective provider apply. We would like to point out that you use our pages and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. posting, sharing, rating).

When you visit our online presence, the operators of the respective social networks and platforms record your IP address and other information that is available on your PC in the form of cookies. The data collected about you in this context is processed by the respective social networks and platforms and, if necessary, transferred to countries outside the European Union, where the level of data protection is not comparable to the EU. You are therefore at risk of access to this data by a government agency. We have no control over the type and extent of the data processed, the type of processing or the use or transmission of the data to third parties. We also have no effective control options in this respect. The information collected is also used to provide us, as the operator, with statistical information about the use of our respective online presence.

Detailed information about data processing by the operators of the social networks and platforms can be found in their data usage guidelines.

The guidelines of Meta (formerly Facebook) Ireland Ltd. can be found at https://facebook.com/privacy/explanation/.

The guidelines of Twitter, Inc. can be found at https://twitter.com/en/privacy

The guidelines for the use of YouTube can be found in the privacy policy of Google Ireland Limited at https://policies.google.com/privacy.

The guidelines of the LinkedIn Ireland Unlimited Company (“LinkedIn Ireland”) can be found at https://www.linkedin.com/legal/privacy-policy

The guidelines for the use of Xing can be found in the data protection declaration of New Work SE, at https://privacy.xing.com/en.


III) VIDEO PLATFORMS VIMEO AND YOUTUBE

We offer you the opportunity to watch videos on our website. For this we use the services of the video platforms Vimeo and YouTube. The platform Vimeo is operated by the company Vimeo, LLC with its headquarters at 555 West 18th Street, New York, New York 10011, USA. The platform YouTube is operated by the company YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, which has been a subsidiary of Google, LLC since 2006. When you access a video on our website, a connection to the servers oft he respective platform is established and the plugin required for viewing the video is displayed. In addition, various cookies are downloaded to your hardware from servers of the respective platform. Among other things, the respective platform is able to determine which of our web pages you have visited. If you have an account with the respective platform and are logged into it, the platform assigns this information to your account. In this case, the platform will also assign the fact that you are actually watching a video to your account.

Your personal data may be transferred to the USA, where the level of data protection is not comparable to the EU. You are therefore at risk of access to this data by a government agency.

Information about the scope of the data collected by Vimeo and the further handling of that data can be found in Vimeo’s privacy policy. You will find this at https://vimeo.com/privacy.

Information about the scope of the data collected by YouTube and the further handling of that data can be found in the privacy policy of Google, LLC. You will find this at https://policies.google.com/privacy.

The legal basis for data processing is your consent pursuant to Art. 6(1) sentence 1 point (a) GDPR in conjunction with Art. 49(1) sentence 1 point (a) GDPR. In particular, we use a so-called two-click solution, in which cookies of the platforms are not set immediately when the page containing them is called up, but only after a second click, with which you declare your consent to the data transfer. You have the option at any time to revoke your consent in the settings of the cookie banner.

Data is only collected and stored by YouTube and Vimeo if you have given your permission for the corresponding cookie class in the cookie consent banner.


B) CONTACTING US BY E-MAIL, WEB FORMULAR AND TELEPHONE

If you contact us by phone or by e-mail, the personal data you transmit to us (telephone number/e-mail address) is used to process your inquiry and respond to it. The legal grounds for this is the consent you have given in accordance with Art. 6(1) sentence 1 point (a) GDPR and, insofar as you request pre-contractual measures to be taken, also Art. 6(1) sentence 1 point (b) GDPR. Your personal data will be stored in a customer relationship management system (“CRM system”), specifying the date of entry, purpose of use and legal basis. When your inquiry has been dealt with, we will delete your personal data, provided that no further contractual relationship exists with you and that further storage is not required under Art. 17(3) GDPR.


C) PARTICIPATION IN CUSTOMER SATISFACTION SURVEYS

Participation in our customer satisfaction surveys is voluntary. If you participate in such surveys, your personal data will be processed on the basis of the information provided by you in accordance with Art. 6(1) sentence 1 point (a) GDPR. Your personal data will be stored in a customer relationship management system (“CRM system”), specifying the date of entry, purpose of use and legal basis.


D) REGISTRATION FOR CADFEM EVENTS

If you provide us with your personal data for the purpose of registering for events held by us (e.g. seminars, CADFEM ANSYS Simulation Conference, webinars, OpenHouse, etc.), it is processed for the purpose of running the event in question and thus for the fulfillment of contractual obligations (Art. 6(1) sentence 1 point (b) GDPR). For this purpose, your personal data will be stored in a customer relationship management system (“CRM system”), specifying the date of entry, purpose of use and legal basis.


7. RECIPIENTS AND CATEGORIES OF RECIPIENTS OF PERSONAL DATA

Your personal data is stored in customer relationship management systems (“CRM system”) with details of the legitimate purpose and the legal basis for processing. We use a common CRM system. Data that you provide is stored in a CRM system according to this Privacy Policy is therefore passed on by that company to the other companies mentioned. The legal basis for this is Art. 6(1) sentence 1 point (f) GDPR (legitimate interest). In accordance with Art. 6(1) sentence 1 point (f) GDPR, consideration has been given to the fact that CADFEM only processes personal “business” data of customers and also that it benefits customers if the combined expertise of the aforementioned companies of the CADFEM Group can be made available to them. In the view of the supervisory authorities, several companies belonging to the same group of companies which maintain a common customer database are joint controllers within the meaning of Art. 26 GDPR. The aforementioned companies have therefore concluded an agreement on joint processing of customer data. The essential content of this agreement is that CADFEM Germany GmbH provides the technical infrastructure for the CRM system and serves as a contact point for data subjects who want to exercise their rights in connection with processing of their data. Please note, however, that data subjects may assert their rights in accordance with Art. 26 GDPR with and against each of the companies mentioned.

Apart from the management and system administrators, only those employees who need personal data to fulfill the purpose of processing are given access to personal data. External persons only have access to the personal data they need to support us in the execution of the business relationship. These include employees of companies in the categories of printing services, shipping services and telecommunications as well as suppliers, especially licensors of purchased software products.


8. DURATION OF STORAGE AND CRITERIA FOR DETERMINING THAT DURATION

We store personal data for as long as is necessary to fulfill business relationships and the contractual and legal obligations resulting from them. Personal data that is no longer required to fulfill business relationships is deleted at regular intervals. We check the data that we have stored every four years to determine whether it is still needed.

We are subject to the retention requirements of commercial and tax law. The period of retention for personal data covered by this is usually ten years.

We would also like to point out that, for example, the rules on limitation periods set out in Sections 195 et seq. of the German Civil Code (BGB) provide for a normal limitation period of 3 years, which begins at the end of the year in which the claim arose. In addition, special limitation periods can be up to 30 years and thus, in individual cases, lead to a correspondingly longer period of retention.


9. YOUR RIGHTS AS A DATA SUBJECT

Data subjects have the right to request confirmation from the controller as to whether personal data concerning them is being processed; if this is the case, they have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR.

Data subjects have the right to demand from the controller the rectification of inaccurate personal data concerning them and, if necessary, the completion of incomplete personal data without undue delay (Art. 16 GDPR).

Data subjects have the right to demand from the controller that personal data concerning them be erased immediately if one of the reasons listed in detail in Article 17 of the GDPR applies, e.g. if the data is no longer needed for the purposes pursued (right to deletion).

Data subjects have the right to request the controller to restrict processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if the data subject has objected to the processing, for the duration of consideration of the case by the controller.

Data subjects have the right to be informed of the recipients of their personal data. The controller shall inform all recipients of any correction or erasure of personal data or restriction of processing in accordance with Articles 16, 17(1) and 18 of the GDPR, unless this proves impossible or involves disproportionate effort (Art. 19 GDPR).

Data subjects have the right to obtain the personal data concerning them which they have supplied to a controller in a structured, commonly-used and machine-readable format. Furthermore, they have the right, if technically feasible, to arrange for the transfer of that data to another controller (Art. 20 GDPR).

Data subjects have the right to object to the processing of personal data concerning them at any time, for reasons relating to their particular situation. The controller will then no longer process the personal data, unless it can prove compelling, legitimate reasons for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims (Art. 21 GDPR).

Without prejudice to any other administrative or judicial remedy, all data subjects have the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data concerning them infringes the GDPR (Art. 77 GDPR). Data subjects may exercise this right with a supervisory authority in the Member State of their place of residence, their place of work or the place of the alleged infringement.

The responsible supervisory authority for Bavaria is the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach, Germany, postal address: P.O. Box 1349, 91504 Ansbach, Germany, telephone: +49 (0) 981 180093-0, fax: +49 (0) 981 180093-800, e-mail: poststelle@lda.bayern.de.


10. CHANGE OF PURPOSE

According to Art. 6(4) GDPR, the processing of your personal data for a purpose other than that for which the personal data was collected is permissible, subject to certain strict limits, even without your consent. We do not exercise this right. If the use of your personal data for a purpose other than that for which it was collected is not justified by a legal basis other than Art. 6(4) GDPR, we will obtain your express consent before changing the purpose and will only use your data for other purposes on the basis of such consent.

Use of Cookies and Data

You have selected the following settings for the use of cookies

[Your Cookie Consent Settings...]

Here you can change your cookie consent at any time

We classify our cookies
We group cookies into classes. Essential cookies are always active because they are technically necessary for the operation of the website. You agree to the use of further cookies via the cookie consent. Only then will these cookies be used and services from these providers activated.

Essential features
These cookies and data help to make our website usable, for example by enabling basic functions such as logging in to our website or saving the status of your cookie settings. Our website cannot function properly without these cookies.

Cookies: name | provider | function

Functional extensions
These cookies and data enable us to integrate functions and information from third parties into the website. This applies, for example, to playing videos via YouTube.

Cookies: name | provider | function

  • CONSENT | .google.com | Activation and use of Youtube
  • NID | .google.com | Activation and use of Youtube
  • DV | .google.com | Activation and use of Youtube
  • SOCS | .google.com | Activation and use of Youtube
  • AEC | .google.com | Activation and use of Youtube

Analysis and marketing cookies
These cookies and data allow us to understand how you interact with our website. This allows us to measure and improve the performance of our website. In addition, we can control and optimize our marketing activities.

Cookies: name | provider | function

  • _ga | Google Ireland Limited | Analysis and marketing to optimize the service
  • _ga_* | Google Ireland Limited | Analysis and marketing to optimize the service
  • _gat | Google Ireland Limited | Analysis and marketing to optimize the service
  • _gat_UA-* | Google Ireland Limited | Analysis and marketing to optimize the service
  • _gat_* | Google Ireland Limited | Analysis and marketing to optimize the service
  • _gid | Google Ireland Limited | Analysis and marketing to optimize the service