Privacy Policy

ATLAS.ti Scientific Software Development GmbH („ATLAS.ti“) is committed to respecting your privacy and protection of personal information (“Personal Information”). We recognize that when you choose to provide us with information about yourself, you trust us to act in a responsible manner. 

This Privacy Policy describes ATLAS.ti’s use of Personal Information that we collect when you visit or use our website, correspond with us via email, phone or other communication channels and use our products. “Personal Information” is information that is personally identifiable like names, addresses, email addresses, or phone numbers, as well as other non-public information that is associated with the foregoing. This Privacy Policy does not apply to the use of your Personal Information that is collected by third parties that ATLAS.ti does not own or control.

1. Name and address of the responsible party

The responsible party within the meaning of the General Data Protection Regulation (GDPR) is:

ATLAS.ti Scientific Software Development GmbH

CEO: Thomas Muhr

Lietzenburger Str. 75

D-10719 Berlin, Germany / EUROPE 

Telephone: +49 30 31 99 88 971

E-Mail: [email protected]

2. Free ATLAS.ti Mobile App(s) for iOS and Android

Personal Data

The ATLAS.ti Mobile apps collect NO PERSONAL DATA of any kind. This also includes location data and documents assigned to or created by app.

Anonymous technical data

The only data that is transmitted anonymously is general crash report data in case of a malfunction. Such information is transmitted to Apple (configurable in the iOS device settings) and Microsoft/HockeyApp (after user confirmation in case of a crash) for the sole purpose of diagnosing the error through our developers and to improve the App further. Beyond these general technical reports that are required to diagnose a crash or malfunction, no data that can be used to identify you or that contains your name, address, or any other personal information is gathered, stored, collected or transmitted by or through the ATLAS.ti Mobile App.

3. Full ATLAS.ti Windows and Mac versions

General

We receive personal and anonymous information from you in the following processes: the purchase, registration, crash reports, usage data (“telemetry”) and during the solving of support tickets (possibly including projects and other data sent to us for investigation), as describes below. 

All such data is used only for the intended purpose of improving the user experience, e.g. by fixing problems and prioritizing features to be added in future updates and versions of the software. If such data may need special processing by external “data processors”, we have binding agreements with such partners to comply with a compatible degree of data protection. 

The processing of the above mentioned personal data is required for the performance of our contract to which you are a party, therefore Art. 6 para. 1 lit. b GDPR serves as the legal basis. Insofar as we obtain your consent for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of personal data.

Updates

During the automated online update of ATLAS.ti, a connection to our server is established and the following information is sent to the server in order to match the user’s installed version against a possible update:

  • serial number (encrypted)
  • current version number
  • seat count

Crash reports

Whenever the Software crashes – stops working, becomes unresponsive, etc. – information of both technical and personal character (e.g. the IP address, most recent user interface actions that took place before the crash, optionally your email address if you want to be informed about progress) is compiled. 

Data compiled and transferred during a system/crash report:

  • Windows User Name
  • Machine Name
  • Time Zone
  • Culture Settings (e.g., Language, Keyboard)
  • Installation Paths
  • Disk information e.g. available space and access rights
  • Video controller
  • Number of Monitors
  • Memory size
  • License Information
  • Library Location
  • Operation system version

Only after explicitly asking for your consent this data is sent to ATLAS.ti technical staff for gaining a deeper insight into the circumstances of the crash and to finally enabling us to fix any existing problems in the Software leading to this dysfunctional behavior. 

Telemetry

We collect anonymous data about the way ATLAS.ti is used. In technical terms, this is known as Telemetry. This may be, for example, how often auto-coding is used, or how often a network view is created, or if the project contains few or many codes, etc. We never collect personal or sensitive data like your name, the title of your project, documents or codes or any of your data.

When your PC contacts our server to send us the data, it sends your IP address (your internet address) to us. This is needed for the Internet to function. Your IP address is not stored as part of the collected data. Such data is sent to us only if you explicitly express your consent by opting in. This option can be set or revoked at any time via the Software’s Privacy settings.

We use the data for statistical purposes to improve the usability, performance and stability of ATLAS.ti. For example, if we see that auto-coding is used often, we may consider making an easy to access shortcut for this functionality. Likewise, if we see that some operation is taking too long to complete, we will try to make it run faster. In other words, this helps us make ATLAS.ti even better.

When you use ATLAS.ti, some actions, like clicking on the “auto-coding” button, result in the usage data being collected. This data is automatically anonymized and sent to ATLAS.ti.

When we collect the data, we anonymize it. We do not track which ATLAS.ti user generated the data. Therefore, we are unable to identify or delete data pertaining to individual users.

Support tickets

Whenever you seek support from ATLAS.ti via the available channels, you will most likely describe a problem you have encountered and supply your email address in order to receive notifications or further questions regarding the problem. This support request is usually forwarded to our relevant expert(s) for inspection and handling. In the unfolding discourse (the “ticket”) we might ask you to send further data such as a project, e.g. in case of a broken project that cannot be opened anymore and in order to regain access to this project. In special cases a direct connection might need to be established by yourself using TeamViewer – of course, only with your explicit consent and under your control only. 

Support outside the EU/EEA

We usually forward support requests from EU citizens to our employees within the EU/EEA. In some cases it may be necessary to forward your support request to specialized employees outside the EU/EEA in order to answer your support requests. 

If we have to transfer your support request to employees in unsafe third countries, we have concluded contracts with all our employees to ensure an appropriate level of protection for the processing of your personal data in these cases.

4. ATLAS.ti Cloud

Access data in server log files

Every time you visit our Service ATLAS.ti Cloud in your Browser, we automatically store access data in so-called server log files. 

The temporary storage of the IP address by the system is necessary to enable ATLAS.ti Cloud to be delivered to your terminal. To do this, your IP address must remain stored for the duration of the session. 

The legal basis for the temporary storage of your data and log files is Art. 6 para. 1 lit. f GDPR. 

This data is evaluated exclusively to ensure the permanent and trouble-free operation of ATLAS.ti Cloud and to improve the content of ATLAS.ti Cloud as well as for transmission to law enforcement authorities in the event of a cyber-attack and to ensure the security of our information technology systems. Your data will not be evaluated for marketing purposes in this context. 

Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR also lies in these purposes.

The data of the server log files are stored separately from all other personal data provided by you.

The collection of the data for the provision of ATLAS.ti Cloud and the storage of the data in log files is necessary for the operation of ATLAS.ti Cloud. Consequently, there is no possibility of objection. 

Data collection and use during registration 

You can register to use ATLAS.ti Cloud. In this case, we collect the personal data that you voluntarily provide to us during your registration. Which data is collected can be seen from the respective input forms. In the context of registration, these are: Your name and e-mail address. You must also create a password. 

Accordingly, the legal basis for the processing of your data is Art. 6 para. 1 lit. b GDPR.

We use the data provided by you only for contract processing and provision of our services to be provided within the framework of the contract. We may also pass on your data to one or more contractors who also use your data exclusively for internal use on our behalf.

We also store your IP address and the date and time of registration in order to prevent misuse of ATLAS.ti Cloud and the services offered and to investigate any criminal offences committed. The storage of this data is therefore necessary for our own protection. The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR also lies in the aforementioned purposes.

This data will not be passed on to third parties unless required to do so by law or for the purpose of criminal prosecution.

After complete processing of the contract or deletion of your account, your data will initially be blocked for further use and deleted after the legal retention periods have expired, unless you have expressly consented to further use of your data or we reserve the right to further use of data which is permitted by law and about which we inform you below. 

Support and CRM system via intercom

We use the chat and CRM system Intercom, a service of Intercom Inc, 55 2nd Street, 4th Fl., San Francisco, CA 94105, USA (“Intercom”). The information generated about your use of ATLAS.ti Cloud is usually transferred to Intercom in the USA and stored there. The USA is an unsafe third country. However Intercom has voluntarily certified itself under the US-EU data protection agreement “Privacy Shield” and has thus committed itself to comply with EU data protection regulations.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of your data after your consent is Art. 6 para. 1 lit. a GDPR.

When you contact us through our chat, we collect necessary information such as your email address, telephone number, the content of your messages, your last activity and the time at which it was last collected in order to respond to your request. In our CRM we store your name, your contact data, your requests and, if you have consented, your support requests. 

We store this data in order to be able to respond to your enquiries, to provide you as our customer with optimum support and to simplify our internal organisation. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR. 

For further information on data protection, please refer to Intercom’s data protection declaration https://www.intercom.com/terms-and-policies#privacy 

Google Analytics

ATLAS.ti Cloud uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The information generated about your use of ATLAS.ti Cloud is usually transferred to a Google server in the USA and stored there. The USA is an unsafe third country. However, Google Inc. has voluntarily certified itself under the US-EU data protection agreement “Privacy Shield” and has thus committed itself to comply with EU data protection regulations.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR.

Google uses Cookies to help analyze the use of ATLAS.ti Cloud. Google Analytics uses methods that enable an analysis of your use of ATLAS.ti Cloud, in particular from which website you came to ATLAS.ti Cloud (so-called referrer), which subpage you access or how often and for how long you view a subpage. Google Analytics uses cookies for this purpose. Every time you visit a page of ATLAS.ti Cloud on which Google Analytics is integrated, your browser on your device is automatically prompted to transmit data to Google Analytics for the purpose of analysis. 

By activating IP anonymization on ATLAS.ti Cloud, the IP address is reduced prior to transmission within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymous IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Google will use this information to evaluate your use of ATLAS.ti Cloud, compile reports on Site activity and provide other Site activity and internet related services. Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR also lies in these purposes.

Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Pseudonymous user profiles can be created from the processed data.

You can prevent Google from collecting the data generated by the cookie and relating to your use of ATLAS.ti Cloud (including your IP address) and from processing this data by Google by downloading and installing the browser add-on available under this link http://tools.google.com/dlpage/gaoptout?hl=en.  The installation of the browser add-on is considered a contradiction by Google.

More information about Google Analytics can be found here. The privacy policy of Google can be found here https://policies.google.com/privacy.

As Google uses Cookies you can reset your browser to refuse all cookies or to indicate when a cookie is being sent as described in the “Cookies and Other Tracking Technologies” section of this Privacy Policy.

Newsletter and newsletter analysis by mailjet 

You can register to receive our newsletter. For the dispatch of our newsletter we use the newsletter dispatch service mailjet, which is operated by Mailjet GmbH, Rankestr. 21, 10789 Berlin (“mailjet”). 

Our newsletter is published regularly and contains product updates and tutorials, new offers and news about us, information about dates of workshops, webinars, conferences and other events around ATLAS.ti or its partners and other organizations in the area of qualitative data analysis. Our Newsletter also includes tips and resources for Software use, best practices and case studies as well as application examples of the different software updates and upgrades, licenses, promotions, and all other information in the area of data analysis.

To register, you must provide us with your e-mail address. You may voluntarily provide us with additional information, such as your name. The registration takes place in a so-called double opt-in procedure. After registering on our website, you will receive a confirmation e-mail from us in which you must confirm your registration once again. This entire process is documented and stored. This includes the storage of the time of registration and confirmation as well as your IP address. The collection of this data is necessary so that we can trace the processes in the event of misuse of the e-mail address and therefore serves to ensure our legal security. By subscribing to our newsletter, you agree to receive it.

The legal basis for the processing of your data after registration for the newsletter is Art. 6 para. 1 lit. a GDPR if you have given your consent.

Your data will be stored on mailjet’s servers. This information is used by mailjet for sending and evaluating the newsletter. The evaluation takes place on our behalf, but mailjet can also use the data for quality assurance and quality improvement of its own service.

The “web-beacon” contained in the newsletter is retrieved from the mailjet server when the newsletter is opened. Information about the browser, your system, your IP address and the time of access is collected as part of this request. In addition, information is collected as to whether the newsletter is opened, when it is opened and which links are clicked. For technical reasons, this information can be assigned to you as the recipient. However, it is not our intention to observe you as an individual user. The evaluations serve us much more to recognize the reading habits of our users in principle and to adapt our contents to all users or to send different contents according to the interests of our users.

You can revoke your consent to the storage and use of your personal data to receive the newsletter and the statistical survey described above at any time with effect for the future. For the purpose of revoking your consent, you can use the link provided for this purpose in the newsletter.

Your data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. Your e-mail address will therefore be stored for as long as the subscription to the newsletter is active. 

For further information on data protection, please refer to mailjet’s data protection policy https://www.mailjet.de/privacy-policy/ 

5. ATLAS.ti Website

Protocol files

Upon accessing our Site, certain additional information is automatically collected and then temporary saved in protocol files (so-called usage data). This information includes your Internet Protocol (IP) address. The legal basis for the temporary storage of your data in protocol files is Art. 6 para. 1 lit. f GDPR. This data is processed exclusively for internal purposes, such as maintaining our operating ability, preventing fraudulent access to our Site or analysing usage patterns, to ensure the permanent and trouble-free operation of the website and to improve the content of our website as well as for transmission to law enforcement authorities in the event of a cyber-attack and to ensure the security of our information technology systems. Your data will not be evaluated for marketing purposes in this context. Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR also lies in these purposes. The data of the protocol files are stored separately from all other personal data provided by you. The collection of the data for the provision of the website and the storage of the data in protocol files is necessary for the operation of our website. Consequently, there is no possibility of objection. 

Cookies and other tracking technologies

Our website uses technologies such as Cookies, beacons, tags and scripts. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by their respective providers on an aggregated basis.

Many cookies contain a so-called cookie ID. It consists of a string of characters through which websites and servers can be assigned to a specific browser in which the respective cookie was stored. After the end of the browser session, most of the cookies we use are deleted (“session cookies”). The permanent cookies (“persistent cookies”), on the other hand, remain on your end device. 

The following data is stored and transmitted in the cookies: Language settings.

Your data collected on our website will be pseudonymized by technical precautions. Therefore, it is no longer possible to assign the data to you. The data will not be stored together with other personal data of yours.

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.

The purpose of using technically necessary cookies is to simplify the use of our websites for you (e.g. your settings are stored). Some functions of our website cannot be offered without the use of cookies. For this it is necessary that your browser is recognized even after a page change. If cookies are not accepted or deactivated, the functionality of our website may be restricted.

Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used by you and can thus constantly optimize our offer.

For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR. 

Some of the third-party services we include may use cookies. Please refer to the websites of the respective providers for information on the respective mode of operation and data processing. You can find the services we use in this data protection declaration.

However, using ATLAS.ti systems does not require that Cookies be accepted. Most browsers accept Cookies automatically. You can control the use of Cookies at the individual browser level. You can set your browser so that you are informed about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general or set so that the setting of cookies is prevented and thus permanently contradict the setting of cookies. You can also delete cookies that have already been set at any time via your browser. The transmission of Flash cookies cannot be prevented via the settings of your browser, but by changing the settings of the Flash Player. This also applies to all third-party cookies listed below.

Do not track signals

Some Internet browsers include the ability to transmit “Do Not Track” (DNT) signals. At this time, however, the definitions and meanings of DNT signals and responses, and the correct behavior regarding DNT signals, are not defined. Until such time as the standard is finalized, this Site does not process or respond to DNT signals. To learn more about DNT, please visit donottrack.us.

Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. The USA is an unsafe third country. However, Google Inc. has voluntarily certified itself under the US-EU data protection agreement “Privacy Shield” and has thus committed itself to comply with EU data protection regulations.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR.

Google uses Cookies to help analyze the use of the website. Google Analytics uses methods that enable an analysis of your use of the website, in particular from which website you came to our website (so-called referrer), which subpage you access or how often and for how long you view a subpage. Google Analytics uses cookies for this purpose. Every time you visit a page of our website on which Google Analytics is integrated, your browser on your device is automatically prompted to transmit data to Google Analytics for the purpose of analysis. 

By activating IP anonymization on our website, the IP address is reduced prior to transmission within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymous IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Google will use this information to evaluate your use of the Site, compile reports on Site activity and provide other Site activity and internet related services. Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR also lies in these purposes.

Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Pseudonymous user profiles can be created from the processed data.

You can prevent Google from collecting the data generated by the cookie and relating to your use of our website (including your IP address) and from processing this data by Google by downloading and installing the browser add-on available under this link http://tools.google.com/dlpage/gaoptout?hl=en.  The installation of the browser add-on is considered a contradiction by Google.

More information about Google Analytics can be found here. The privacy policy of Google can be found here https://policies.google.com/privacy.

As Google uses Cookies you can reset your browser to refuse all cookies or to indicate when a cookie is being sent as described in the “Cookies and Other Tracking Technologies” section of this Privacy Policy.

6. General Provisions

Cleverbridge

We sell our software via cleverbridge Financial Services GmbH, Gereonstr. 43-65, 50670 Cologne (“Cleverbridge”). You are leaving our website for the purchase process and will be redirected to Cleverbridge. Please refer to Cleverbridge’s privacy policy https://www.cleverbridge.com/corporate/privacy-policy/ for more information on data protection.

Contact forms

If you fill out any of the contact forms of the Site, we collect and store your name, company, country, email address, the description and details of your request and any other information you choose to provide. The legal basis for the processing of data transmitted in the course of sending a contact form is Art. 6 para. 1 lit. f GDPR. If the establishment of contact is aimed at the conclusion of a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. However, we use the personal data transmitted by you exclusively for the processing of your concrete inquiry. The data provided will always be treated confidentially. Your data can be stored in a customer relationship management system (CRM system) or another organization tool for customer data. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data sent by contact form, this is the case when the conversation with you has been terminated. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified. If you contact us, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued.

Email and telephone via RingCentral

When you contact us by email or telephone or if you are using any of the email addresses or telephone numbers provided on the Site, we collect and store your name, company, country, email address, telephone number any Personal Information you may provide to us voluntarily in connection with this communication. 

We use the RingCentral service, which is operated by 20 Davis Street, Belmont, California 94002, USA (“RingCentral”), to process your telephone enquiries. If you contact us by phone, we will send the above data to RingCentral in the USA. The USA is an unsafe third country. However, RingCentral has voluntarily certified itself under the US-EU Privacy Shield Agreement, thereby committing itself to comply with EU data protection regulations.

Please refer to RingCentral’s Privacy Policy https://www.ringcentral.com/legal/privacy-notice.html for more information on data protection. 

The legal basis for the processing of data transmitted in the course of sending an e-mail or calling us is Art. 6 para. 1 lit. f GDPR. If the establishment of contact is aimed at the conclusion of a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. However, we use the personal data transmitted by you exclusively for the processing of your concrete inquiry. The data provided will always be treated confidentially. Your data can be stored in a customer relationship management system (CRM system) or another organization tool for customer data. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data sent by e-mail or telephone, this is the case when the conversation with you has been terminated. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified. If you contact us, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued.

Freshdesk

We use the Freshdesk service operated by Freshworks Inc, 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, USA (“Freshdesk”) to process customer inquiries via our support. 

In order to answer your questions via our ticket system, necessary data such as surname, first name, e-mail address, subject and the category of your message are collected via our services and sent to Freshdesk in the USA. During the processing of service requests, it may be necessary to collect further data (name, address). We transmit the above data to Fresdesk in the USA. The USA is a unsafe third country. However, Freshdesk has voluntarily certified itself under the US-EU data protection agreement “Privacy Shield” and is thus committed to comply with EU data protection regulations.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR.

Freshdesk uses your data only for technical processing of the requests. In the aforementioned purpose, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 para. 1 lit. f GDPR. 

For more information about privacy, please see Freshdesk privacy statement at https://www.freshworks.com/privacy/ 

CRM system of Zoho Corporation

We use the Customer Relationship Management System (CRM system) of Zoho Corporation, 4141 Hacienda Drive Pleasanton, California 94588, USA (“Zoho Corporation”) to store our customer data. We transfer data to Zoho Corporation in the USA as described below. The USA is an unsafe third country. However, Zoho Corporation has voluntarily certified itself under the US-EU Privacy Shield Agreement, thereby committing itself to comply with EU data protection regulations.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of your data after your consent is Art. 6 para. 1 lit. a GDPR.

In our CRM we store your name, your contact data, your requests and, if you have consented, your support requests. 

We store this data in order to provide you, our customer, with the best possible service and to simplify our internal organization. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR. 

For more information about privacy, please see Zoho Corporation’s privacy statement at https://www.zoho.eu/privacy.html 

Newsletter and newsletter analysis by CleverReach

You can register to receive our newsletter. For the dispatch of our newsleter we use the newsletter dispatch service CleverReach, which is provided by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany (“CleverReach”). 

Our newsletter is published regularly and contains product updates and tutorials, new offers and news about us, information about dates of workshops, webinars, conferences and other events around ATLAS.ti or its partners and other organizations in the area of qualitative data analysis. Our Newsletter also includes tips and resources for Software use, best practices and case studies as well as application examples of the different software updates and upgrades, licenses, promotions, and all other information in the area of data analysis.

 

To register, you must provide us with your e-mail address. You may voluntarily provide us with additional information, such as your name. The registration takes place in a so-called double opt-in procedure. After registering on our website, you will receive a confirmation e-mail from us in which you must confirm your registration once again. This entire process is documented and stored. This includes the storage of the time of registration and confirmation as well as your IP address. The collection of this data is necessary so that we can trace the processes in the event of misuse of the e-mail address and therefore serves our legal protection. By subscribing to our newsletter, you agree to receive it.

The legal basis for the processing of your data after registration for the newsletter is Art. 6 para. 1 lit. a GDPR if you have given your consent.

CleverReach uses this information to send and evaluate newsletters. The evaluation takes place on our behalf, but CleverReach can also use the data for quality assurance and quality improvement of its own service.

The “web-beacon” contained in the newsletter is retrieved from the CleverReach server when the newsletter is opened. Information about the browser, your system, your IP address and the time of retrieval is collected as part of this retrieval. In addition, information is collected as to whether the newsletter is opened, when it is opened and which links are clicked. For technical reasons, this information can be assigned to you as the recipient. However, it is not our intention to observe you as an individual user. The evaluations serve us much more to recognize the reading habits of our users in principle and to adapt our contents to all users or to send different contents according to the interests of our users.

You can revoke your consent to the storage and use of your personal data to receive the newsletter and the statistical survey described above at any time with effect for the future. For the purpose of revoking your consent, you can use the link provided for this purpose in the newsletter.

Your data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. Your e-mail address will therefore be stored for as long as the subscription to the newsletter is active. 

For further information on data protection, please refer to CleverReach’s data protection policy https://www.cleverreach.com/de/datenschutz/ 

Events via Eventbrite

We used the Eventbrite service operated by Eventbrite Inc. 155 5th Street, Floor 7, San Francisco, CA 94103, USA (“Eventbrite”) to handle events. The person responsible for processing personal data if you live outside the USA or Canada is Eventbrite NL BV, Silodam 402, 1013AW, Amsterdam, Netherlands.

We transfer data to Eventbrite in the USA as described below. The USA is an unsafe third country. However, Eventbrite has voluntarily certified under the US-EU Privacy Shield Agreement and has committed itself to comply with EU data protection regulations. 

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR.

If you register for a paid event, you enter financial data (e.g. credit card number, expiry date, billing address, etc.) via Eventbrite, some of which may contain personal data. In addition, we may set up Eventbrite event registration pages to collect information from you in connection with your registration for an event created by us. Eventbrite passes these data on to us as organizer. 

We need your data to inform you about the course of our events and any changes and, if necessary, to contact you. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR.

Cloudflare

Cloudflare is a traffic optimization and distribution service provided by CloudFlare Inc., 101 Townsend Street, San Francisco, California 94107, USA (“Cloudflare”). Your personal data can be transferred to a Cloudflare server in the USA and stored there. The USA is an unsafe third country. However, Cloudflare has voluntarily certified itself under the US-EU data protection agreement “Privacy Shield” and has thus committed itself to comply with EU data protection regulations.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR.

Personal Data collected: IP addresses. Your IP address is only stored during the session and is subsequently deleted.

The way Cloudflare is integrated means that it filters all the traffic through atlasti.com, i.e., communication between atlasti.com and the User’s browser. 

This type of service allows ATLAS.ti to distribute their content using servers located across different countries and to optimize their performance, in particular to improve the loading time of the website. Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR also lies in these purposes.

The privacy policy of Cloudflare can be found here https://www.cloudflare.com/security-policy/

Data security and confidentiality

In order to maintain the highest level of user protection, we adhere to applicable industry rules and regulations. Thus, we maintain commercially reasonable and appropriate physical, electronic, and managerial measures and procedures to safeguard and secure your Personal Information during data collection, transmission and storage. Your data are only accessible by authorized persons who are familiar with ATLAS.ti’s data privacy policies. However, no company, including ATLAS.ti, can fully eliminate security risks associated with Personal Information.

Legal basis for the processing of personal data

Insofar as we obtain your consent for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of personal data.

For the processing of personal data required for the performance of a contract to which you are a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that your vital interests or the vital interests of another natural person make processing of personal data necessary, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party and your interests, fundamental rights and freedoms do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.

Legitimate interests in the processing

If the processing of your personal data is based on Article 6 para. 1 lit. f GDPR, it is in our legitimate interest, unless otherwise stated, to carry out our business activities. In all other respects, we have stated our purposes and interests within the scope of the above list of processing.

Data erasure and storage time

Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply or you revoke your consent. Furthermore, data may be stored if this has been stipulated by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. If the purpose of storage ceases to apply, you revoke your consent or if a storage period prescribed by the European Directive and Regulation Giver or another competent legislator expires, the personal data will be blocked or deleted routinely and in accordance with the statutory provisions, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

Right to disclosure

You also have the right to receive free disclosure from us at any time about your personal data stored and a copy of this disclosure. You also have a right of access to the following information:

  • the processing purposes,
  • the categories of personal data being processed,
  • the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organizations,
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration,
  • the existence of a right of rectification or deletion of personal data concerning you or of a restriction on processing by the party responsible or of a right of opposition to such processing,
  • the existence of a right of appeal to a supervisory authority,
  • if the personal data are not collected from the person concerned: all available information on the origin of the data and,
  • the existence of automated decision-making, including profiling in accordance with Article 22 para. 1 and para. 4 GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the person concerned.

You also have a right of access to information on whether personal data has been transferred to a third country or to an international organization. If this is the case, you also have the right to obtain information about the appropriate guarantees in connection with the transmission.

Right to correction

You have the right to request the immediate correction and/or completion of incorrect or incomplete personal data concerning you. We shall make the correction without due delay

right to limitation of processing

You have the right to request us to restrict processing if one of the following conditions applies:

  • The accuracy of the personal data is disputed by the person concerned for a period of time which enables the party responsible to verify the accuracy of the personal data.
  • The processing is unlawful, the person concerned refuses to delete the personal data and instead requests that the use of the personal data be restricted.
  • The party responsible no longer needs the personal data for the purposes of the processing, but the person concerned needs them to assert, exercise or defend legal claims.
  • The person concerned has lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the person concerned outweigh those of the responsible party.

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the European Union or of a Member State.

If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

Right to erasure

You have the right to demand that we delete your personal data immediately, provided that one of the following reasons applies and insofar as the processing is not necessary:

  • The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
  • The person concerned withdraws his/her consent on which the processing was based pursuant to Article 6 para. 1 lit. a GDPR or Article 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
  • The person concerned objects to processing under Article 21 para. 1 GDPR and there are no overriding legitimate grounds for processing or the person concerned objects to processing under Article 21 para.2 GDPR.
  • The personal data have been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation under European Union law or the law of the Member States to which the party responsible is subject.
  • The personal data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.

If the personal data have been made public by us and we as responsible party are obliged to delete the personal data pursuant to Art. 17 para. 1 GDPR, we shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform other responsible parties for data processing who process the published personal data, that the person concerned has requested the deletion of all links to this personal data or of copies or replications of this personal data from these other responsible parties for data processing, insofar as the processing is not necessary. 

The right to cancellation does not exist if the processing is necessary:

  • to exercise freedom of expression and information;
  • for the performance of a legal obligation required for processing under the law of the European Union or of the Member States to which the party responsible is subject, or for the performance of a task in the public interest or in the exercise of official authority conferred on the party responsible;
  • for reasons of public interest in the field of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the law referred to under a) is likely to render impossible or seriously impair the attainment of the objectives of such processing, or
  • to assert, exercise or defend legal claims.

Right to notification

If you have exercised your right of correction, erasure or restriction of processing against us, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right vis-à-vis us to be informed about these recipients.

Right to data transferability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, common and machine-readable format. You also have the right to transmit this data to another person responsible without our interference, provided that the processing is based on the consent provided for in Article 6 para. 1 lit. a GDPR or Article 9 para. 2 lit. a GDPR or on a contract pursuant to Article 6 para. 1 lit. b GDPR and that the processing is carried out using automated procedures, provided that the processing is not necessary for the performance of a task, in the public interest or in the exercise of public authority which was transferred to us.

Furthermore, when exercising your right to data transferability pursuant to Art. 20 para. 1 GDPR, you have the right to obtain that the personal data be transferred directly by us to another person responsible, insofar as this is technically feasible and provided that the rights and freedoms of other people are not affected by this.

The right to transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the person responsible.

Right of objection

You have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. e or f GDPR for reasons arising from your particular situation. This also applies to profiling based on these provisions.

We will no longer process personal data in the event of an objection, unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising. This also applies to profiling insofar as it is connected with such direct advertising. If you object to our processing for direct advertising purposes, we will no longer process your personal data for these purposes.

You also have the right to object to the processing of your personal data concerning you, which is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, for reasons arising from your particular situation, unless such processing is necessary to fulfil a task in the public interest.

You can contact us at any time to exercise your right of objection. You may also, notwithstanding Directive 2002/58/EC, exercise your right of opposition in relation to the use of Information Society services by means of automated procedures using technical specifications.

Right to revoke your consent under data protection law

You have the right to revoke your consent to the processing of personal data at any time. The revocation of consent shall not affect the legality of the processing carried out based on the consent until revocation.

Right to automated decisions in individual cases including profiling

You have the right not to be subject to a decision based exclusively on automated processing – including profiling – which has legal effect against you or significantly affects you in a similar manner, provided that the decision:

  • is not necessary for the conclusion or performance of a contract between you and us, or 
  • is admissible by law of the European Union or of the Member States to which we are subject, and that law contains appropriate measures to safeguard your rights, freedoms and legitimate interests; or 
  • with your express consent.

Is the decision 

  • necessary for the conclusion or performance of a contract between you and us, or 
  • it is done with your explicit consent,

we will take reasonable measures to protect your rights and freedoms and your legitimate interests, including at least the right to obtain an individual’s intervention from us to state our position and to challenge the decision.

Existence of automated decision making

We do not perform automatic decision making or profiling.

Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of infringing, if you believe that the processing of personal data concerning you is contrary to the GDPR. 

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

Legal or contractual provisions for the disclosure of personal data; necessity for the conclusion of the contract; obligation of the person concerned to provide the personal data; possible consequences of failure to provide them

We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). In order to conclude a contract, it may sometimes be necessary for you to provide us with personal data, which we will subsequently have to process. For example, you are obliged to provide us with your personal data when you conclude a contract with us. Failure to provide your personal data would mean that the contract with you could not be concluded.

Changes in this Privacy Policy

This Privacy Statement is a living document. We may update this Privacy Policy to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us

To contact us in writing please address your inquiry to:

ATLAS.ti Scientific Software Development GmbH
Lietzenburger Str. 75
D-10719 Berlin
Germany

 

If you have any questions or suggestions regarding our Privacy Policy please contact us by sending us an email to [email protected].

Last updated: June 2018