Privacy Statement

We take your privacy seriously

A white background with a green, yellow, and blue background.

Privacy Statement

Last updated: September, 2021

Your privacy is important to SoftwareOne. We would like to inform you what personal data we may use about you, how we may use it as well as inform you about your data protection rights.

The type of data we use and what we do with that depends on the relationship we have with you. It is therefore possible that some parts of this Privacy Statement may not be relevant for you or more than one parts of this Statement may apply to you.

This Privacy Statement may be replaced or supplemented in order to fulfill legal requirements as well as to provide you with all necessary information on how we process your data.

Download PDF version

Controller

The controller responsible for the processing of your personal data is the SoftwareOne entity with which you have established a relationship, for instance by visiting its website, using its services, signing up for events or applying for a vacancy.

Description of data processing

We may process your personal data in particular for the following purposes (and legal grounds):

  • communicate with you and process as well as respond to your request ((pre)contractual or legitimate interest);
  • process comments or posts (legitimate interest);
  • register and send newsletters to which you subscribe (consent);
  • marketing purposes (consent or legitimate interest);
  • registration, authentication and administration of user accounts (contractual);
  • license monitoring purposes (legitimate interest);
  • provision of demo products and services as well as trials (also from third parties) for marketing purposes (contractual and legitimate interest);
  • analysis purposes in order to improve our products and services (legitimate interest);
  • tailor our website content and experience to your interests (consent or legitimate interest);
  • maintain the security of our websites, platforms, applications as well other products and services (legitimate interest);
  • comply with legal and regulatory requirements and requests (legal obligation);
  • establish, exercise and defend legal claims (legitimate interest).

 

Respond to requests

We may collect your personal data in order to process your request, addressed to us via chat functions, contact forms or other means.

Relevant personal data: name, email address, postal address, telephone number, company, country, content of request, date of request, and other data you may disclose to us.

Posts and comments

You may post and comment on our websites, platforms, applications as well as other products and services. Your content may be publicly accessible in such a case. Please note that we may still manually review your post or comment before it is published, which may cause a delay. If you provide a name or alias, this name will be published next to your content.

Relevant personal data: name or alias, content of post or comment, time and date and other provided information.

Newsletters

You can sign up for our newsletters. The newsletters provide you with information about current trends and event highlights in the IT industry, special offers, new products, services and important dates for IT decision makers. We require your email address for the registration.

In certain regions, we may send you a confirmation email after you have completed the registration form. In such a case the registration is not activated until you have clicked on the link in the confirmation email.

If you register to our newsletters, we may include individual tracking technologies in our newsletters, with which we can recognize when the newsletter sent to you was accessed or opened and individualize the links in the newsletter to determine when you clicked on which link.

You can unsubscribe from the newsletters at any time. Simply use the unsubscribe link which is found at the end of every email or send an email to info.global@softwareone.com.

Relevant personal data: email address, name, other information in the registration form, opened newsletter or not, date/time of opening the newsletter, how many times the newsletter was accessed, links clicked.

Creation and administration of user accounts

In order to make use of our services and products, you may be requested to register and maintain a user account with us.

Relevant personal data: name, address, company name, telephone number, email address, time and date of registration, logins, passwords, usage data.

Analysis of usage data for statistical purposes

We may process your usage data in order to analyze it for statistical purposes and to improve our products and services.

Relevant personal data: content, date and time of visit, volume of data transmitted, access status, information about your web browser and operating system, referral link that indicates from which website you arrived, IP address, which is anonymized in such a way that it is no more possible to trace it back to you.
The protocol data is only analyzed in an anonymized manner.

Cookies and other similar technologies

We may use cookies and similar technologies (for simplicity reasons, hereinafter referred to as cookies), when you use our websites, platforms, applications as well as other products and services.
Our cookie banner and consent management system show you a list of the cookies we use, including their provider, purpose, description and other relevant information. In the default setting, only the essential cookies are enabled. Via the consent management system, you can determine whether you allow the setting of additional cookies or not. You can adjust your preferences at any time via the consent management system.

Relevant personal data: see consent management system.

Relevant personal data: see consent management system.

Website Analysis

We use web analysis tools for the appropriate design of our websites and in order to identify and count returning visitors. These tools generate usage files on the basis of pseudonyms. To this purpose, cookies are being used according to the description in our consent management tool.

We also use the following functions to quantify the traffic:
We enrich the pseudonymous data with other data provided by third-party providers. This enables us to capture the demographic characteristics of our visitors, for example information about their age, sex and place of residence.

Relevant personal data: see consent management system.

Tracking and retargeting technologies for marketing purposes

We use (cross-device) tracking technologies so that we can display targeted advertising outside of our website and determine how effective our advertising is.

How does the tracking work?

When you visit or use our websites, platforms, applications as well as other products and services, it is possible that the third-party providers listed in our consent management system access your browser or your end device (for example a so-called browser fingerprint), analyze your IP address, store and/or read recognition characteristics on your end device or gain access to individual tracking pixels.

The third-party providers may use the individual characteristics to recognize your end device on other websites. We can instruct the respective third-party providers to display advertising that is based on the visit or use of our websites, platforms, applications or other products and services.

What does cross-device tracking mean?

If you register with the third-party provider using your own user data, the respective recognition characteristics of different browsers and end devices can be lined with each other. If the third-party provider generated a separate characteristic for the laptop, desktop or the smartphone or tablet you use, these individual characteristics can be associated with each other as soon as you use a service of the third-party provider with your login information. This way, the third-party provider can effectively manage our advertising campaigns across different end device.

Relevant personal data: see consent management system.

Map, Video and other embedded Services

We embed certain services into our websites that are not stored on our servers. For example, you can find out the exact location of a SoftwareOne entity using maps or you can watch videos. In certain regions, we may ensure that access to our websites, platforms, applications or other products and services with embedded content does not automatically provide the third-party provider with any information, we only display locally stored thumbnails. In such case, content from third-party providers is only loaded after you provide your consent via our consent management system.
When you view the content, the third-party provider receives the information that you accessed our website as well as the usage data that are required in this regard for their service. We have no influence on the further data processing performed by the third-party provider.

Relevant personal data: see consent management system.

Description of data processing

We may process your personal data, when you visit our social media pages below:

LinkedIn:
https://www.linkedin.com/company/SoftwareOne

Twitter:
https://twitter.com/SoftwareOne
https://twitter.com/SWO_Careers

Facebook:
https://www.facebook.com/Softwareone/
https://www.facebook.com/softwareonecareers

Instagram:
https://www.instagram.com/softwareone/
https://www.instagram.com/swocareers/

YouTube:
https://www.youtube.com/SoftwareOne-global

We, in addition to the provider of the respective social media pages are jointly responsible as controllers for the processing of your personal data. The provider in this respect also determines the purposes and means of the data processing activities, which we can influence only to a limited extent. To the extent that we can exert influence over or set parameters regarding the processing of your data, we will, within our means, take actions to ensure that the platform provider processes your data in compliance with applicable data protection regulations. In many cases, however, we cannot influence the data processing by provider, and we also do not know exactly which data is being processed by the provider.

The data entered by you on our social media pages, such as comments, videos, pictures, likes, public messages, etc., are published by the social media page provider and are never used or processed by us for any other purpose. We merely reserve the right to delete content, if necessary. We may share your content on our website if it is a function of the social media page, and communicate with you via the social media page.

We process your personal data in the interest of our public relations and communications (legitimate interest). We may also process your data in order to establish an employment relationship with you ((pre)contractual). More information can be found in section “As an applicant to our vacancies”.

If you wish to object to particular data processing over which we have an influence, please contact us as described in section "Contact for Data Protection Requests". We will examine your request and determine whether we are able to respond to you. Otherwise, you may contact the social media page provider directly.

If you submit a request to us on the social media page, we may also, depending on your request, refer to other secure communication channels that guarantee confidentiality. You may always send us confidential requests via the provided channels.

We may use our social media pages for advertisement purposes. In doing so, we may use demographic, interest-based, behavior-based, or location-based target group characteristics provided by the provider of the respective social media page. For more information about the processing of your data on the social media pages, please visit the data protection statements of the respective providers listed below. We can influence the data processing only to a limited extent and we cannot disable the statistics that the provider of the respective social media page makes available to us. However, we ensure that no additional optional statistics are provided to us that involve the processing of personal data.

We use conversion tracking options for individual social media channels. For this purpose, we have incorporated corresponding pixels or tags on our website in order to collect conversion data. Via the consent management system, you can determine whether you allow the setting of additional cookies or not. You can adjust your preferences at any time via the consent management system.

Data processing by the provider of the social media page

The provider of the social media page may use web-tracking methods. Web-tracking can be performed regardless of whether you are signed up for an account on the social media platform or not. As already explained, the web-tracking methods of the social media page are, for the most part, beyond our control. For example, we cannot disable these features.
Please be aware that the provider of the respective social media page may use your profile and behavioral data, in order to evaluate your habits, personal relationships, preferences. We have no influence over the processing of your data by the provider of the respective social media page.

More information on the data processing conducted by the provider of the respective social media page can be found in provider’s data protection statements:

LinkedIn: https://www.linkedin.com/legal/privacy-policy

Twitter: https://twitter.com/en/privacy

Facebook: https://www.facebook.com/privacy/explanation

Instagram: https://help.instagram.com/155833707900388

YouTube: https://policies.google.com/privacy?hl=en

Description of data processing

We may process your personal data in particular for the following purposes (and legal grounds):

  • communicate with you and process as well as respond to your request ((pre)contractual or legitimate interest);
  • register and send the newsletter to which you subscribe (consent) via other media than described in section “As a user of our websites, platforms, applications and other products or services” (consent);
  • fulfill and execute your product purchase and use of services (contractual or legitimate interest);
  • license monitoring purposes (legitimate interest);
  • marketing purposes; to provide you with personalized information about our products and services as well as conduct market research and satisfaction surveys (consent or legitimate interest);
  • credit checks on customers, which involve credit agencies ((pre)contractual or legitimate interest);
  • assessment and screening, including due diligence purposes (also in mergers & acquisitions) (legitimate interest or legal obligation);
  • corporate transactions purposes, such as during a sale of a (part of) business, or any restructure, merger, joint venture, or other disposition of our business, assets, or stock or similar proceedings (legitimate interest or legal obligation);
  • comply with legal and regulatory requirements and requests (legal obligation);
  • establish, exercise and defend legal claims (legitimate interest).

 

Respond to requests

We may collect your personal data in order to process your request. In certain regions outside EU/EEA/UK/Switzerland, we may also process your personal data in order to provide you with personalized information about our products and services as well as conduct market research and satisfaction surveys. In such case, you have the right to object to such processing. More information on how to exercise your right can be found in section “Contact for Data Protection Requests”

Relevant personal data: name, email address, postal address, telephone number, company, country, content of request, date of request, and other data you may disclose to us.

Newsletters

You can sign up for our newsletters. The newsletters provide you with information about current trends and event highlights in the IT industry, special offers, new products, services and important dates for IT decision makers. We require your email address for the registration.

In certain regions, we may send you a confirmation email after you have completed the registration form. In such a case the registration is not activated until you have clicked on the link in the confirmation email.

If you register to our newsletters, we may include individual tracking technologies in our newsletters, with which we can recognize when the newsletter sent to you was accessed or opened and individualize the links to determine when you clicked on which link.

You can unsubscribe from the newsletters at any time. Simply use the unsubscribe link which is found at the end of every email or send an email to info.global@softwareone.com.

Relevant personal data: email address, name, other information in the registration form, opened newsletter or not, date/time of opening the newsletter, how many times the newsletter was accessed, links clicked.

Product purchase or use of our services

In order to purchase and use our products and services, we may process your personal data. For more detailed description of the performed data processing, please see our executed agreements and other documents related to data protection.

In certain regions and in particular in EU/EEA/UK/Switzerland, we may also process your personal data in order to provide you with personalized information about our products and services as well as conduct market research and satisfaction surveys. In such case, you have the right to object to such processing. More information on how to exercise your right can be found in section “Contact for Data Protection Requests”

Relevant personal data: name, address, company name, telephone number, email address, time and date of registration, usage data, respective product or service.

Description of data processing

We may process your personal data for seminars, webinars, training sessions or other events (“events”) that you would like to attend organized by SoftwareOne or another organizing company. In order to do so, we may process your data in particular for the following purposes (and legal grounds):

  • process your registration for the events, manage your attendance and accommodation as well as send you communications related to the events (contractual or legitimate interest);
  • process your audiovisual content (e.g., pictures, audio/video recordings, etc.) (consent or legitimate interest);
  • marketing purposes (see section “As a customer, business partner and interested party”)

 

Audiovisual content

During events organized by SoftwareOne or another organizing company, we may take pictures or videos of the group of people, crowds or people in special roles (e.g., speakers, people on stage) for communication purposes. We may publish this material on our websites, social networks or in any other digital or printed media. If you do not wish to appear in such audiovisual content, please inform the person recording and producing the content accordingly as well as be conscious during in person events to not walk into the pictures/videos when these are being taken.

In case of individual pictures or videos or other audiovisual content of the participants, we will separately inform you about this data processing and ask for your consent before we take such action. This could be conducted in different forms and stages, for instance via a checkbox on a sign-up form, or during in person events by distributing differently colored entrance tags.

You have the right to object to such processing or withdraw your consent. While we will make reasonable efforts to comply with your request, any information (including images and videos) that is posted on the internet and social media platforms, becomes accessible world-wide and may be easily copied and distributed by other third parties who are not connected or under the control of SoftwareOne. Thus, this information may remain available on the internet even after they have been deleted by SoftwareOne. Further deletion requests should then be directed to the respective internet search engine or social media platform operators.

Where your picture is used in a printed material (e.g., leaflet, magazine, newsletter etc.), if disproportionate effort is associated with your objection or withdrawal, it is possible that the printed products containing your picture will continue to be used until the already printed edition has been used up. Your photo will not be used for any newly printed materials. The same applies to your photos in electronic newsletters, if the consent given is withdrawn after the start of the production process.

Relevant personal data: pictures, videos, voice recordings, biometric data and other audiovisual data.

Virtual events

We may process your personal data in order to communicate with you and organize as well as perform virtual meetings with you. In this process, we may be supported by external third-party providers (videoconferencing, communication providers) with whom we share your personal data.

In certain cases, we may also record virtual meetings. Please see the section about audiovisual content for more information.

Relevant personal data: contact details (e.g., name, e-mail address), meeting metadata (e.g., date, time and duration of communication, meeting name, participant’s IP address), device/hardware data (MAC addresses, client version), text, audio and video data, connection data (e.g., phone numbers, country names, start and end times).

Description of data processing

We may process personal data, which we receive directly from you or via publicly accessible sources (e.g., professional networks on the Internet) or data received from third parties (e.g., personnel service providers, universities, employment/recruitment agencies, referrals, tax and social insurance authorities).

We may process your personal data in particular for the following purposes (and legal grounds):

  • evaluate your candidature, assess your skills, experience, and qualifications ((pre)contractual);
  • set up interviews and assessments ((pre)contractual);
  • conduct background checks and assessments as required or permitted by applicable law ((pre)contractual or legal requirement);
  • check for your eligibility for the particular role ((pre)contractual and legal obligation);
  • contact third party references provided by you in order to evaluate your previous performances ((pre)contractual);
  • contact you regarding the progress of your application ((pre)contractual);
  • reimburse travel expenses during recruitment, if agreed ((pre)contractual);
  • create an account for you in our application system ((pre)contractual);
  • maintain records for hiring process ((pre)contractual);
  • keep your application for the personnel files, in case of successful application (contractual);
  • provide you with job opportunities based on your interest and skills and inform you about the latest news on recruitment activities (consent);
  • conduct satisfaction surveys in order to improve our recruitment process (legitimate interest); You always have the right to object to such processing. More information on how to exercise your right can be found in section “Contact for Data Protection Requests”
  • comply with legal and regulatory requirements and requests, deriving for instance from the field of employment and social security and social protection law (legal obligation);
  • establishment, exercise or deference of legal claims to which we may be subject to (legal obligation).

 

Relevant personal data: CV (including pictures or images provided by you), motivation letter, reference letters, contact data (e.g., name, address, telephone number, e-mail address, home address etc.), identification data (e.g. date of birth, gender, nationality, identity card or passport, etc.), employment data (e.g., work history employment contract, past employment, current employment status type of employment, function, work or a residence permit if necessary, to verify the legality of your employment, etc.), education and qualification data (e.g., degrees, certificates, previous career experience, secondary employment, if applicable as well as references and other related documents substantiating your professional expertise and experience), questionnaires and assessment results, background checks, health data when permitted and/or required by applicable law, bank account details (e.g., to reimburse travel expenses, if agreed).

Data retention: We retain your personal data as long as this is necessary for the processing of your application for which it has been collected. If your application was not successful, we will delete all data no later than six (6) months after the date of rejection of your application.

In individual cases, certain personal information may be stored for a longer period (e.g., travel expense reports). The duration of the data retention depends on the applicable local legal requirements (e.g., under the respective national tax laws).

If you have not been selected during the recruitment process, but your application is still of interest to us, we will ask you whether we may keep your application available for potential future appointments. The legal basis for this data storage is your explicit consent, which is completely voluntary and can be withdrawn at any time for the future.

Data retention

Unless we have not already provided you with specific information about the retention of your personal data, we retain your data as long as this is necessary to fulfill the purposes for which it has been collected. Data, which is no longer required, will be deleted, provided that there are no legal storage and documentation obligations that would require a longer retention.

Data recipients

We may disclose your personal data to parties in order to fulfil the purposes described in this Statement.

Due to SoftwareOne’s international group structure, certain departments and persons require on a need-to-know basis to process your personal data. For all intragroup data access and transfers, we comply with applicable data protection requirements.

Furthermore, trusted third party service providers contracted by SoftwareOne may also receive data for the aforementioned purposes. In particular, these are inter alia, service providers who support us with regards to order fulfillment, payment/billing, customer service, finance, auditing, fraud detection, IT services, communication, hosting, logistics, email delivery, marketing, sales, data analysis, event management, training, surveys, printing, archive, advisory and consulting services.

SoftwareOne may disclose your data to further recipients, such as private as well as public entities and institutions, including law enforcement, data protection authorities, tax authorities, credit agencies, debt collectors, banks, courts, hotels or other companies insofar as there is a legal basis for such disclosure.

SoftwareOne only shares your data to recipients outside SoftwareOne, if there is a legal basis for the data transfer and appropriate data transfer mechanisms are implemented. For more information, you may contact us as described in section “Contact for Data Protection Requests”.

Data transfers to third countries

We may transfer your personal data to other SoftwareONE entities globally and to our providers, mainly in the EEA, UK, Switzerland, US, LATAM (e.g. Mexico, Brazil), South Africa and Asia Pacific (e.g. India, China, Australia) only and insofar as this is necessary or required for the fulfilment of the purposes described in this Statement, there is a legal basis for the data transfer and appropriate standard contractual clauses  are implemented, if no adequacy decision exists.
SoftwareOne AG is headquartered in Switzerland. According to the EU Commission, Switzerland is a country that offers an adequate level of protection.

Your rights

You may have the right to:

  • access your data as well as receive a copy of your data;
  • rectification and erasure;
  • restriction of processing;
  • data portability;
  • object, especially if the data is processed pursuant to the legitimate interests of SoftwareOne;
  • lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes applicable data protection regulations.

Contact for data protection requests

In case of questions related to data protection, requests for further information or complaints please contact us at:

SoftwareOne | Legal - Department Data protection
E-Mail: data-protection.eu@softwareone.com
Phone: +49.341.2568.000

Data protection officer

Our data protection officer for the EU/EEA, Switzerland and the UK is:

FIRST PRIVACY GmbH
Konsul-Smidt-Straße 88
28217 Bremen, Germany

For contact details of data protection officers outside the aforementioned countries, please click here.

Changes to the Privacy Statement

Version history

Version Date
1.0 June 2020
2.0 September 2021