– Last date of change: 2018-05-10 –
The person who is responsible for data processing is:
Coati Software KG
We process and store all personally identifiable data that we require to establish and maintain a business relationship with our customers (e.g. if you buy one of our products) or to establish and maintain other contractual relationships with the users of our services (e.g. if you request a test license to evaluate our products or if you subscribe to our mailing list). This data may either be provided by you directly or it may be provided by a software reseller who purchases one of our products on your behalf.
The relevant personally identifiable data that we process are your personal particulars (name, address, contact information), company data (e.g. name, address, contact person), software license information (e.g. license key), bank transfer data, documentation data (e.g. support mail history), marketing and sales data, website data (e.g. website visited, time of access, referring website, browser used, operating system used, essential session cookie, IP address) and other data that is similar to the categories mentioned above.
When we process your personally identifiable information we adhere to the General Data Protection Regulation (GDPR):
(a) For the performance of a contract (Art. 6 Par. 1 b GDPR)
We process your personally identifiable data in order to provide our services regarding the scope of our contractual relation with you or to conduct measures that are initiated by you in order to establish a contractual relation with us. The primary reason for us to process this data is to handle payment, validate your claim to services provided by us or check if you are eligible for certain offers and discounts.
(b) In the context of weighted interests (Art. 6 Par. 1 f GDPR)
We may use and disclose your data only for the following purposes:
(c) Based on your permission (Art. 6 Par. 1 a GDPR)
If you choose to subscribe to our mailing list, we are processing your data in order to inform you about new features and releases of our products and services.
For internal purposes we guarantee that each person who processes your personal data is obliged to treat that information confidentially. Only for the reasons listed above we may share your personal data with third party organizations of the following categories:
When we do have to share personal information with third parties in order to provide certain services, we take steps to protect your information by requiring these third parties to use the personal information we transfer to them in a manner that is consistent with this policy.
We do not transfer your personal data to any third country or international organization directly. However, third parties that work with us in order to provide our services often depend on other third parties that may process your data in a third country.
Transmitting your personal data is permitted if the European Commission has decided that the respective third country offers an acceptable degree of data protection (Art. 45 GDPR). If the European Commission has not made such a decision we will only transmit your personal data to our third parties if they agree on maintaining the acceptable degree of data protection.
We try to keep both, the amount of data that we store and the duration of storing that data to a minimum. How long we store your personal data mainly depends on the reason why we store that data. After that reason ceases to exist (e.g. the license key you purchased expired, you unsubscribed from our mailing list) we keep your data in our system for another year so that we may still be able to answer any of your questions that arise during this period. For special cases a longer storage duration is determined by the respective legal retention period (e.g. commercial and tax retention periods). After expiry of this duration, the corresponding data will be routinely deleted.
If we are processing your personal data because you gave us your permission, you can always revoke that permission. Please be aware that revoking the permission only affects the future and does not affect processing of your personal data that has been conducted before you revoked the permission.
When entering into a business relationship or other contractual relationship with us, we need you to provide personally identifiable data that is required to establish and maintain that relationship or that we are required to record by law. Without that data we are usually not able to enter into a contractual relation with you or to maintain this contract.
We are not using your data for any automatic decision making or profiling.