This Privacy Notice explains how we process the personal information that we collect from our customers and prospective customers when they use Soliton Systems’ services, attend our events, subscribe to our newsletters, or use our websites, apps, platforms and services governed by this Privacy Notice (our “Services”).
Soliton Systems is the data controller of your personal information, that is, the entity that determines the ‘purposes and means’ of the processing of the personal information processed about you, or, in other words, the uses for which Soliton Systems processes your personal information and the manner in which it is done. In the Privacy Notice, “Soliton” shall mean Soliton Systems Europe N.V. and is referred to in this notice as “we”, “us”, “our” or “Soliton Systems”.
- When this Privacy Notice applies
The following Services are subject to this Privacy Notice:
- Completing a form on our website.
- Enquiring about Soliton products and/or services, whether on- or offline.
- Taking part in research, for example a survey.
- Using our service or marketing portal.
- Attending one of our events.
- Our marketing of goods and services we think may be of interest to you and your business.
- Information we collect and what we use it for
We collect personal information in the following circumstances:
- When you have expressed interest in a product or service we offer: We will collect your business contact details. For example, if you approach us online, attend our stall at an event and/or call us about a potential service or product, we will make a note of your details so that we may follow up on your query as well as offering other products and services that may be of interest to your business.
- Upon registering for a Service we offer: You will be asked for several personal details that are necessary to create a service portal account and offer you our Services. Some of these fields are marked as compulsory. If you do not provide us with information which is marked as compulsory, we may be unable to provide all or part of the Services to you.
- When you use our Services: We may collect and process personal information regarding your use of such Services to improve your overall experience and to fulfil our obligations to you.
- When we research our market and find potential buyers: To make sure we are reaching the appropriate business audiences, we may from time to time purchase marketing lists and other databases providing contact details. These may contain your name, business email address and business phone number. However, we do not buy marketing lists which contain your private, outside-of-work contact details.
- To improve your user experience and the overall quality of our Services: Knowing your basic personal details lets us personalize any communications we send to you. For example, we collect your role information to ensure we provide marketing which is relevant to your role in your business.
- To provide support for Soliton products and services. Customers, or prospective customers, may submit support requests regarding the following topics over the phone, by email or via the website of Soliton or through the service desk:
- questions regarding the configuration
- questions regarding the general functionality
- reporting of technical problems
- questions regarding change requests
- other technical inquiries
2.1. To Provide Online Accounts
This is personal information you give us when setting up an online account (for example, our service desk) which personally identifies you rather than your business, such as your name, position within your business, business email address or telephone number. There are several reasons we need this information:
- To verify your identity and assist with the identification of users: For example, your email address may act as your username to sign into your online account and access Soliton Service Desk.
- To send important notices: For example, we ask for your email address so that we can send you a confirmation of your orders or service updates. We will also send you communications about purchases or changes to our terms, conditions, and policies.
2.2. Responding to customer queries
Your personal details will be processed to respond to queries and assist with the identification of users. For example, your contact information will be collected when you submit a form may then be used as an identifier in future. Whenever you fill in a form on our website, we may store relevant identity data so that we can trace the history of your query and deal with it more efficiently.
2.3. Events management
We collect your information to register you for an event, webinar or seminar which you have expressed interest in and provide you with the relevant materials for that event:For example, and depending on the kind of event involved, we collect your name, telephone number (please supply your business telephone number only, dietary requirements and any other information necessary to enable you to get the most out of your experience.
2.4. To learn about your activities
2.4.1. Browsing Behavior, Device Information and Interaction
We sometimes record details of your actions (for example, repeated site visits, interactions, keywords, online content production) when you access and use our Services so that we can build a customer ‘picture’ over time.
We may combine behavioral information (such as your browsing activity) with your personal details, but we will not store any personal details related to fields left blank by you during your sign-up process.
We capture information about your Operating System and Internet Browser when you visit our website or use our Services, including information that is automatically logged when you use our Services (for example, requested information, timestamp, IP address, and, where applicable and necessary, various network infrastructure and server identifiers).
We will process your behavioral, device and interactions information for the following purposes:
- To provide, maintain, protect and improve products and Services, and to develop new ones:
- For example, information about how you browse our websites or search for products can be used for data analysis and research, to deliver better user journeys, provide more relevant search results or structure the way the information is shown in our Services.
- To improve your user experience and the overall quality of our Services:
- Your activity such as the pages you visit or the items you view teaches us what you find important and most interesting to you on our Services so that we can tailor your experience around what matters to you most.
- Device and platform identifiers let us know which device you are using to access our Services in order to customize and optimize them to your device and improve your overall user experience.
- Subject to the requirements of applicable law, to provide you with marketing communications, for example, more relevant content and offers, and latest news about products and events which we think will be of interest to you and your business:
- For example, following a link to a tutorial from a marketing email, or following Soliton on Facebook or Twitter.
- Understanding how and where you interact with Soliton means we can provide you with more personalized and helpful information through your preferred communication channels.
- To protect our other users and Soliton:
- We can monitor unusual or suspicious activities on Soliton services, such as automated abuse, so that we can address it quickly and inform you about potentially fraudulent activities affecting your account.
- We might also use your personal information for internal auditing, in order to comply with applicable legal requirements.
2.4.2. Product Details, Product Usage and Service & Support History
This is information about your Soliton products or solutions (such as services provided, software applications, product model, serial number and purchase date), of how Soliton products or solutions are set up and used (e.g. user set-up and preferences, installation and integration or other settings) and our Services, as well as details on your customer or managed Service, Licenses held, Warranty and Repairs interactions with Soliton.
Some of the information under this category does not qualify as personal information, but we will apply any necessary safeguards to ensure as well the privacy of this information. We will process this data for the following purposes:
- To provide you with more useful information, more relevant content and offers, and latest news about our products, solutions, services and events: For example, personalized and helpful information, such as expert hints and tips, learning resources, software updates, installation or user guides, or details about relevant training courses.
- To help solve any issues you might have with Soliton products and Services:
- We require your product information so that we can troubleshoot your queries more effectively, providing you with information which is specific to your Soliton product.
- Understanding your Operating System (OS) allows us to troubleshoot your query more effectively, for example, by providing you with information about relevant driver downloads.
- We will use this information to evaluate whether your Soliton product is eligible for warranty coverage.
The support requests received, and the personal data transmitted by customers, or prospective customers, will be stored in an internal ticket system of Soliton Systems and will be used for the purpose of documenting and processing the support request, as well as for the purpose of contacting the respective client/prospective client in order to provide relevant feedback.
Upon the creation of a ticket in the ticket system of Soliton Systems, the system will send an automatic email to the email address from which the notification was sent. That response includes, inter alia, a link through which the customer, or prospective customer, can look at the created ticket.
Employees of Soliton, the partner of Soliton in charge of the customer, as well as the email addresses stated upon the creation of a ticket (data subject who created the ticket, as well as “cc” addressees (if any) entered by the data subject), can access a support ticket. The administration of the tickets is logically separated and sorted by organization, so that a partner of Soliton may only access tickets of the clients supported by the partner.
2.5. For fulfilment purposes
In order to support your business and perform our contract for the Services with you, we may need to collect personal data to arrange repairs, fulfil orders and perform services. We will need to arrange appointments to do so, and therefore need to get the contact details of someone at your business. Examples include:
- when you log a call to arrange a repair or service;
- when you fill in a form, we send you about one of our products, including online versions;
- provision of managed services information such as reporting, usage and utilization;
- when we detect issues with your Soliton software or hardware which we need to talk to you about;
When we have to perform technical operations on your IT infrastructure, we may have access to personal data held by your organization. Where we use third parties for our fulfillment activities, we make sure to choose trusted partners who have the same values that we do.
Depending on your role, we may need to use your information to contact you regarding service availability or changes to those services.
2.6. To find new customers
To offer our products and services to others who may be interested in them, we sometimes obtain your contact details from our partners in the industry, as well as professional bodies who provide this information to businesses. When we obtain contact details this way, we ensure that your contact details are not part of any national opt-out service.
2.7. Purchase Information
We keep records about goods and services you buy through Soliton. These help us to provide, maintain, protect and improve products and services, and to develop new ones. We also send important notices, such as communications about purchases or changes to our terms, conditions, and policies.
2.8. Cookies and other technologies
2.9. Legal and regulatory requirements and other business purposes
We sometimes need to process your personal information to comply with applicable laws and regulations, for example where we have an obligation to report suspected fraud.
There may also be other business-related purposes for processing your information, including negotiating, concluding and performing contracts, managing accounts and records, supporting corporate social responsibility activities, legal, regulatory and internal investigations.
- Legal Basis for using your personal information
Soliton will only process your personal information where we have a legal basis to do so.
The legal basis will depend on which of the above purposes for which we have collected and use your personal information. In almost every case the legal basis will be one of the following:
- The legitimate business interests of Soliton: where it is necessary for Soliton to understand our customers, promote our goods, products and Services and operate effectively as a multinational IT service provider and manufacturer of imaging, photography products, information and document management products, solutions and Services. For more information see section 3.1 below.
- Performance of a contract with your business: where you have ordered, or requested products or Services from us, and we need to use your contact details in order to process your order and deliver the products or Services.
- Compliance with law: where Soliton is subject to a legal obligation and needs to use your personal information in order to comply with that obligation.
- Consent: for example, where you have provided information to us voluntarily in order to enter a competition. You can withdraw your consent at any time from our Soliton Systems Europe Privacy Page.
3.1 Our Legitimate Interests
Soliton’s legitimate interests include where it is necessary for Soliton to understand our customers in sufficient detail so we can create and publicize new products and Services and offer our customers a better experience. For example:
- We perform analytics on this legal basis as they are necessary to provide you with a tailored experience and so that we can improve, maintain and manage our products and Services in a way which meets your expectations as a customer;
- We need to use your information so that we can better support your organization and maintain the products and services which you use;
- We use lead and campaign management technology to help us analyze how our customers interact with us and ultimately provide more relevant and interesting content to you;
- Like most businesses, where permissible we market new products and services which we think you may be interested in these, always offering you the option to unsubscribe.
- How we share your information
4.1. Within Soliton
We restrict access to personal data to people within our group of companies who have a “need to know” such information. For example, we may pass personal data we collect about you to our local sales businesses or local service centers in order to provide our Services where you are located.
4.2. Outside Soliton, to our partners and third parties
Except as described in this notice or where you have provided your consent, the personal information processed when you use our Services will not be shared with or disclosed to other individuals or businesses, for their own use.We may disclose your personal information to the following third parties, amongst others, for the purposes described here:
Vendors or other subcontractors with whom we have a business relationship and who provide products and services to us so that we can provide our Services to you (such as warehousing and delivery, maintenance and servicing partners, software development, website hosting and management);
Payment processing companies, credit reference agencies and anti-fraud screening service providers in order to process payments and (where necessary) to carry out fraud-screening;
With our professional and legal advisers for the purposes of obtaining commercial, financial or legal advice;
In exceptional circumstances, personal information may be shared with third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our customers, staff and assets;
We may also disclose your personal information if it is necessary to comply with a legal obligation in any jurisdiction, including where that obligation arises as a result of a voluntary act or decision by us (e.g. our decision to operate to a country or a related decision).
- How we protect your information
Your personal information is held on secure servers and is not processed for any purposes other than those set out in this Privacy Notice. The servers Soliton uses to store this information are accessible to authorized staff only and Soliton ensures that adequate security measures are in place.
Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us of the problem by contacting us at the contact details below.
We use vendors and service providers based around the world. Consequently, your personal information may be processed in countries outside of the country where you live, including if you live in Europe, and such countries may include some where you may have fewer legal rights in respect of your personal information than you do under local law. If we transfer personal information outside of the European Economic Area to a country that provides a lower standard of legal protection for your personal information, we will ensure that your privacy rights are protected by appropriate safeguards, in particular through the use of the EU’s standard contractual clauses. Please contact us if you would like more information about these safeguards.
- Marketing communications
Soliton may use your personal information for marketing purposes and to inform you about other products and services, which Soliton thinks might be of interest for you and your business. You can specify whether you wish to receive such information by ticking the appropriate box in our forms, or by telling us your preference where we interact in person.
You will be able to opt out from receiving such information at any time from the relevant preference centre or by unsubscribing using a link/mechanism provided in all applicable communications. If you unsubscribe from marketing, please note we may still contact you with service messages from time to time (for example, to confirm an order you have made or to confirm delivery details).
- How to exercise your rights
We will delete your personal information once it is no longer necessary for the purposes for which it was originally collected.
You also have the right to object to your personal information being used for certain purposes, including to send you marketing. See ‘Marketing Communications’ above, for more details of how to opt-out of marketing.
We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we are not able to comply with your request. To make any requests regarding your personal information, or if you have any questions or concerns regarding your personal information, you should contact us using the details below. You are also entitled to raise your concerns with your local data protection authority.
- Retention of your information
Soliton will keep your personal information for as long as we need it for the purposes set out in section 2 of this Privacy Notice and in accordance with any retention periods required by applicable laws and during the relevant statutes of limitations. This term should typically not exceed 6 years in most jurisdictions. For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing, tax and warranty purposes. We may also keep a record of correspondence with you (for example if you have made a complaint about a product or our Services) for as long as is necessary to protect us from a legal claim. Where we no longer have a need to keep your personal information, we will delete it. Please note that where you unsubscribe from our marketing communications, we will keep a record of your communication information to ensure we do not market to you in future.
Soliton will not delete your personal information where it refers to an active relationship or a product or service explicitly requested by you (for example, a recent purchase made at Soliton).
- Your commitments
You guarantee the quality of the information provided in our Services. All personal information you send to Soliton must be real, accurate and kept up to date. You take full responsibility that your information is accurate, updated and that it complies with this principle.
- Changes to this Privacy Notice
We will update our Privacy Notice from time to time to ensure you are promptly informed of Soliton’s data processing activities. We will not engage in any processing operations that might put at risk your personal information and will gather your explicit consent where necessary to safeguard your right to privacy. We will keep you updated on any changes to this Privacy Notice through the Services. We will also use any of the communication methods provided by you to inform you on important changes to this Privacy Notice. If you continue using our Services after having been unequivocally informed on the updated Privacy Notice, you agree to be bound by the updated terms.
- Contacting Soliton
Please contact directly to our European DPO on DPO@solitonsystems.com with any questions or comments about this Privacy Notice.
We hope that Soliton will be able to resolve any concerns you may have. However, if you are still not satisfied, you may raise your concerns with your local data protection authority.
Last Modified: 2021-27-08
What are cookies?
Please note that the cookies we use can’t harm your computer. Soliton does not store personally identifiable information in the cookies we use, but we do use encrypted information gathered from cookies to help us to improve your experience of our website. For example, they help us to identify and resolve errors, or to determine the related products to show you when you are browsing our sites.
To make full use of the content and personalized features on solitonsystems.com, your computer, tablet or mobile phone will need to accept cookies (and often does so by default), as we can only provide you with certain personalized features on this website by using them.
Changing your cookie settings or Opting Out
Our cookies don’t store sensitive information such as your name, address or payment details. However, if you’d prefer to restrict, block or delete cookies from solitonsystems.com, or any other website, you can use your browser to do this. Each browser is different, so check the ‘Help’ menu of your browser (or your mobile phone’s user manual) to change your cookie preferences.
Google Analytics is a web analytics service offered by Google, Inc. Google Analytics sets cookies in order to allow us to evaluate and report on the use of our website. It is widely used across the web and all data is anonymized meaning the cookies carry no personally identifiable information. These cookies help us to understand our visitor’s behavior and allow us to make improvements to better our user’s experience. It’s a win-win relationship.
Visitors can opt out of Google Analytics using this browser add-on.
Soliton Systems has integrated Google AdWords on its website. Google AdWords is an Internet advertising service which enables advertisers to place ads both in the search engine results of Google and in the Google advertising network, and which is offered by Google LLC. The purpose of Google AdWords is the advertising for our website by displaying target group oriented advertising on the websites of third-party enterprises and the results of the search engine, Google, as well as a target group-oriented display of third-party advertising on our website. If a user is led to our website via a Google ad, Google will set a conversion cookie in the user’s browser. By the session cookie, it can be traced whether specific subsites on our website were called up. Conversion cookies will be deleted after 30 days.
By the session cookie, Google will prepare visitor statistics for our website, which statistics we will use to ascertain the total number of the users who were led to us through AdWords. In so doing, personal data such as the websites visited by the user will be stored. In addition, upon each visit to our website, personal data of the user, including the user’s IP address, will be transmitted to Google in the USA and will be stored there. Google anonymizes those log data by deleting part of the IP address and the cookie information after 9 or 18 months, respectively.
Users may also object to the delivery of target group-oriented advertising by Google. To do this, users must click the link www.google.com/settings/ads from the Internet browser used by them and make the desired settings there.
To display the Soliton Systems addresses an affiliate partners on its website, Soliton uses Google Maps content. Google Maps is a service for displaying addresses in city maps and maps provided by Google LLC.
By visiting the website of Soliton Systems, Google is informed that the user has accessed the corresponding sub-page of our website. In addition, the data are transmitted. This takes place regardless of whether Google provides a user account via which the user is logged in or if there is no user account. If the user is logged in to Google, this data will be assigned directly to their account. If the user does not wish to be allocated to their Google profile, they must first log out.
Google stores these data as usage profiles and uses them for advertising, market research and/or customizing its website. Such an evaluation is performed above all (even for users who are not logged in) in order to display needs-based advertising. Users have a right to object to the creation of these user profiles, whereby they must contact Google in order to exercise this right.
Google cookies general information
Soliton Systems has integrated videos of YouTube on its website, which are stored at http://youtube.com, for the purpose of being able to play those videos directly on our website. Upon each calling-up of a website of Soliton Systems on which a YouTube video was integrated, YouTube and Google will obtain knowledge which specific subsite of our website is used by the user. In addition, the following information and personal data of the user will be transmitted to YouTube: IP address, date and time of the request and the time zone, the website called up, the transferred data volume, the browser, operating system and its surface, the language and version of the browser software. YouTube and Google will always be notified via the YouTube component that a user visited our website if the user is logged in at YouTube or Google at the same time, regardless of whether the user clicks on a YouTube video. That information will be allocated to the user’s account with Google or YouTube, respectively. If the user does not wish such a transmission of that information to YouTube and Google, the user can also prevent the transmission by logging off from the user’s YouTube account before accessing our website.
YouTube will store the data collected about the users as user profiles and use the same for the purposes of advertising, market research and/or the structure of its website as needed. Any such analysis will be made, in particular, (also for users who have not logged in) to display demand-oriented advertising and to inform other users of Google and YouTube of the activities of the user on our website. Users have a right to object to the creation of those user profiles, which right must be exercised as against YouTube.
We use HubSpot to personalize the way we communicate with you. When you first visit Soliton website, a third-party cookie from hubspot.com is stored in your browser. This cookie is then used to track the pages that you visit during your session. Whilst the cookie may be used across many sites, the information collected on Soliton website is visible only to Soliton and is not shared with any third parties including HubSpot or other users of the HubSpot system.
Although this cookie does not contain any personal information about you specifically, if you choose to fill out a form on our site then we will link your personal information (including but not limited to what operating system you are using, IP address, cookie information, time stamp, and clickstream information) to the browsing information associated with the HubSpot cookie on your browser. This information is only gathered while you are on Soliton website but cannot and will not gather information about other third-party sites that you have visited.
We then use this information to improve our service to you such as choosing how we communicate with you (subject to your consent) and tailoring the content of our communications to you to include information that reflects the interest that you have shown in the content of our web pages, or by choosing offers or promotions that we think may interest you and to improve how we respond to your needs.
We also embed videos from our official Vimeo channel. This may set cookies on your computer once you click on the Vimeo video player, but Vimeo will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.
List of cookies used by Vimeo (Please note: The list includes all cookies potentially used by Vimeo. That does not necessarily mean that all these cookies will be set in your browser): https://vimeo.com/cookie_list
The use of Vimeo is based on our interest in presenting our online content in an appealing manner.
Links from solitonsystems.com to third party websites
Soliton cannot be responsible for the cookies used on any third-party website that is linked or referenced from solitonsystems.com.
When you visit a page on solitonsystems.com you may be sent cookies from third party advertisers. These include, but aren’t limited to, Facebook and LinkedIn. You may also be sent cookies from websites which contain embedded content (for example YouTube). We don’t control the settings of these cookies, so suggest you check the respective third-party websites for more information about their cookies and how to manage them.
Further information about cookies
If you’d like to learn more about cookies in general and how to manage them, visit http://www.aboutcookies.org/, please note that Soliton cannot be responsible for the content of external websites.
Collection of personal data when you visit our LinkedIn company page
- LinkedIn (the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) processes personal data and information for market research and advertising purposes. LinkedIn evaluates your pattern of use to present its advertisements in a more targeted manner. Furthermore, LinkedIn enables us as the operator of the LinkedIn page to receive statistics, which it produces based on the visits of users of our LinkedIn page. The purpose of these statistics is to enable us to control the marketing of our business activities. The statistics allow us to, for example, obtain knowledge of the profiles of the users who visit and view our LinkedIn page, read posts or use applications on the page; to provide the users with more relevant content and to develop functions that may be more interesting for the users. These use profiles can in turn also be used to, for example, publish advertisements that are likely to correspond to the users’ interests both within and outside of the networks. For these purposes, cookies are normally installed on users’ devices. These cookies store information on the pattern of use and interests of the users. Furthermore, data can also be stored in the use profiles independent of the devices used by the users. This is particularly the case if users are members of LinkedIn and are logged into their account.
- To gain a better understanding of how we can make our LinkedIn page more interesting for users, demographic and geographic evaluations are produced based on the information recorded by LinkedIn and provided to us, We can use this information to publish interest-based advertisements in a targeted manner without obtaining direct knowledge of the identity of the user. If you use LinkedIn on several different devices, the collection and evaluation can also occur across different devices when the users are registered members of LinkedIn and are logged into their own profile.
- The user statistics produced are only transmitted to us in anonymized form. We have no access to the data that form the basis of these statistics.
- We operate this LinkedIn page to present our company to and to communicate with the users of LinkedIn and other interested individuals who visit our LinkedIn page. We only want to find out which content and information attract the interest of the users of our LinkedIn page so that we can continue to make our page more attractive. The processing of the personal data of the users is carried out based on our legitimate interests in an optimized presentation of our company. The legal basis for the data processing is Article 6 paragraph 1 lit. f) GDPR.
- We do not disclose any personal data to third parties.
Possibilities to object on LinkedIn
- Users of LinkedIn can use the LinkedIn settings for advertising preferences to influence the extent to which their user behaviour is allowed to be recorded when they visit our LinkedIn page. Further possibilities can be found in the LinkedIn settings at https://www.linkedin.com/psettings/privacy, https://www.linkedin.com/psettings/advertising, https://www.linkedin.com/psettings/messages, https://www.linkedin.com/psettings/account and https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Nature of joint responsibility
The agreements with LinkedIn, including those concerning joint responsibility, mainly indicate that information requests and the enforcement of further rights of the data subject should most appropriately be carried out directly via LinkedIn. As the provider of the social network LinkedIn, LinkedIn solely has the direct means of access and the information required to be able to process your inquiries and requests. LinkedIn can additionally take any required measures directly and provide information. If you nevertheless require our support, please feel free to contact us at any time.
Data privacy statement
We are very glad about your interest in our enterprise. Data protection is of particular importance to the management of Soliton Systems Europe N.V. (hereinafter “Soliton Systems” or “we”). Personal data are at all times processed in compliance with the General Data Protection Regulation (GDPR). In this data privacy statement, we inform you of the collection of personal data from data subjects in accordance with Article 13 GDPR.
- This data privacy statement uses, inter alia, the following terms, as they are defined in the GDPR:
a) Personal data
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
c) Restriction of processing
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
”Processor” means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
h) Third Party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
- Name and contact details of the controller
The controller for the processing of personal data under this data privacy statement is:
Soliton Systems Europe N.V.
Gustav Mahlerplein 2
1082 MA Amsterdam
Phone +31 (0) 20 301 21
- Contact details of the data protection officer
The data protection officer of Soliton Systems Europe is:
Mr. Jörg Giffhorn
Soliton Systems Europe N.V.
Gustav Mahlerplein 2
1082 MA Amsterdam
Phone +31 (0) 20 301 21
- Processing of personal data on the website of Soliton Systems – Purposes and legal bases; Recipients
a) Collection of personal data and information when accessing the website of Soliton Systems
Upon each access to the website of Soliton Systems by a user, information without any personal reference and personal data of that user will be collected and stored in the log files of the servers of Soliton Systems. The following is collected and stored: (1) the browser types and versions used, (2) the operating system used by the user, (3) the website from which the user accesses our website (“referrer”), (4) the subsites called up by the user on our website, (5) the date and time of the access to our website, (6) the user’s IP address, (7) the user’s Internet service provider.
The personal data and information collected on that basis are evaluated by Soliton Systems statistically and for the purpose of enhancing data protection and data security within our enterprise in order to warrant a level of protection for the personal data processed by us which is adequate given the risk. Any personal data collected upon an access to the website, in particular, the user’s IP address, will be deleted, at the latest, seven days from their collection, unless an attack or a threat by the user was discovered. Those personal data will not be disclosed to third parties.
To the extent that we collect and use personal data of the user such as, in particular, the user’s IP address, upon an access to the website of Soliton Systems, the legal basis therefor is Article 6(1)(f) GDPR, as that processing is necessary to safeguard the controller’s legitimate interests. The legitimate interests of Soliton Systems pursued thereby are the enhancement of data protection and data security within our enterprise in order to warrant a level of protection for the personal data processed by us which is adequate given the risk, and to protect our information systems and our website against attacks and damage.
b) Registration on, and contact through, the website of Soliton Systems
Data subjects have the option to register on the website of Soliton Systems, while providing personal data, or to contact Soliton Systems. What personal data will be transmitted to Soliton Systems in that respect results from the respective entry mask or contact form for the registration or contacting,
respectively. The personal data transmitted by the data subject to Soliton Systems in that respect will only be collected and stored for the purposes pursued by the registration or to process the contact request by the data subject. Those personal data will not be transmitted to third parties.
The legal basis for the processing of those personal data is Article 6(1)(b) GDPR, as the processing is necessary for the performance of a contract between Soliton Systems and the data subject or in order to take steps at the request of the data subject prior to entering into a contract.
c) Direct advertising, product information and newsletters of Soliton Systems
On the website, we offer the transmission of direct advertising, product information and newsletters from Soliton Systems by email. To do this, we require the email address of the data subject. We may use the email address received by us from the data subject in connection with a contract for the use of products of Soliton Systems for direct advertising regarding our own similar goods or services, unless the data subject has objected to such use. The legal basis for such use is Article 6(1)(f) GDPR, as the processing is necessary for the purposes of the legitimate interests pursued by Soliton Systems. The legitimate interests pursued by Soliton Systems thereby are the advertising of products and services to clients. Data subjects may any time object to that use in accordance with the note at the end of this document regarding the right to object in accordance with Article 21 GDPR, without incurring any transmission costs other than those under the base rates.
In other respects, we will collect and process the email address of the data subject in order to send direct advertising, product information and newsletters from Soliton Systems by email, provided that the data subject has granted their prior consent. That consent will be logged, and the data subject
may at any time retrieve the contents of the consent, as well as that note. Data subjects may at any time revoke their consent with effect for the future, as described in the following declaration of consent.
The declaration of consent reads as follows:
”I hereby agree that Soliton Systems may in future regularly inform me of product news and offers from the area of mobile security by email and may send me email newsletters. To this end, Soliton Systems may store and use the email address stated by me. I may at any time revoke that consent with effect for the future. The revocation may be sent by mail to Soliton Systems, Gustav Mahlerplein 2, 1082 MA Amsterdam, The Netherlands, or by email to email@example.com. In addition, the email advertising and the email newsletter may also be unsubscribed by clicking the link at the end of the email.“
The legal basis for the processing of those personal data is the consent of the data subject (Article 6(1)(a) GDPR).
The website of Soliton Systems uses the following cookies:
- Session cookies
”Session cookies” are temporary cookies which remain in the cookie file of the user’s browser until the user leaves the website of Soliton Systems; they are necessary, in particular, to facilitate the use of the website of Soliton Systems. Session cookies will be deleted when a user’s browser session ends.
e) Use of Google Analytics
Soliton Systems has integrated Google Analytics on its website. “Google Analytics” is a web analysis service offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google”).
Google Analytics uses “cookies”, which are text files placed on the user’s computer to help the website analyses how the websites are used. The information generated by the cookie about the use of this website by users will normally be transmitted to, and stored by, Google on a server in the USA. IP anonymization has been activated on the website of Soliton Systems, so that the IP address of users will be shortened before by Google in the member states of the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a server of Google in the USA and will be shortened there, so that data processing can be performed outside the European Union. In that case, the personal data collected by means of Google Analytics will be transmitted to the USA.
Google has implemented the certification under the EU-US Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI) and has thereby met the legal requirements for the adequacy of the data protection level regarding the provision of the service, Google Analytics, by way of commissioned data processing. On behalf of Soliton Systems, Google will use that information for the purpose of evaluating the use of the website by users, compiling reports on website activities and providing other services to Soliton Systems relating to Internet usage. The user’s IP address transmitted from the user’s browser in connection with Google Analytics will not be amalgamated with any other data of Google.
f) Use of Google AdWords
Soliton Systems has integrated Google AdWords on its website. Google AdWords is an Internet advertising service which enables advertisers to place ads both in the search engine results of Google and in the Google advertising network, and which is offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter ”Google”).
The purpose of Google AdWords is the advertising for our website by displaying target group oriented advertising on the websites of third-party enterprises and the results of the search engine, Google, as well as a target group-oriented display of third-party advertising on our website. If a user is led to our website via a Google ad, Google will set a conversion cookie in the user’s browser (see section 4 d) above as regards cookies). By the session cookie, it can be traced whether specific subsites on our website were called up. Conversion cookies will be deleted after 30 days. By the session cookie, Google will prepare visitor statistics for our website, which statistics we will use to ascertain the total number of the users who were led to us through AdWords. In so doing, personal data such as the websites visited by the user will be stored. In addition, upon each visit to our website, personal data of the user, including the user’s IP address, will be transmitted to Google in the USA and will be stored there. Google anonymizes those log data by deleting part of the IP address and the cookie information after 9 or 18 months, respectively.
g) Integration of Google Maps
Soliton Systems has included Google Maps content on its website. Google Maps is a service for displaying addresses in city maps and maps provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
By visiting the website of Soliton Systems, Google is informed that the user has accessed the corresponding sub-page of our website. In addition, the data referred to in 4 a) are transmitted. This takes place regardless of whether Google provides a user account via which the user is logged in or if there is no user account. If the user is logged in to Google, this data will be assigned directly to their account. If the user does not wish to be allocated to their Google profile, they must first log out. Google stores these data as usage profiles and uses them for advertising, market research and/or customizing its website. Such an evaluation is performed above all (even for users who are not logged in) in order to display needs-based advertising. Users have a right to object to the creation of these user profiles, whereby they must contact Google in order to exercise this right.
The legal basis for the use of Google Maps by Soliton Systems is Art. 6 (1) (f) GDPR, as the use of Google Maps is necessary to safeguard the legitimate interests of the controller. The corresponding legitimate interests of Soliton Systems are to display the Soliton Systems addresses on Google Maps for directions and route planning.
Further information on the purpose and scope of Google’s data collection and processing is available at https://www.google.com/policies/privacy/partners/?hl=en. To ensure an appropriate level of privacy, Google has been certified under the EU-US Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).
h) Use of YouTube
Soliton Systems has integrated videos of YouTube on its website, which are stored at http://youtube.com, for the purpose of being able to play those videos directly on our website. Upon each calling-up of a website of Soliton Systems on which a YouTube video was integrated, YouTube and Google will obtain knowledge which specific subsite of our website is used by the user. In addition, the following information and personal data of the user will be transmitted to YouTube: IP address, date and time of the request and the time zone, the website called up, the transferred data volume, the browser, operating system and its surface, the language and version of the browser software. YouTube and Google will always be notified via the YouTube component that a user visited our website if the user is logged in at YouTube or Google at the same time, regardless of whether or not the user clicks on a YouTube video. That information will be allocated to the user’s account with Google or YouTube, respectively. If the user does not wish such a transmission of that information to YouTube and Google, the user can also prevent the transmission by logging off from the user’s YouTube account before accessing our website.
YouTube will store the data collected about the users as user profiles and use the same for the purposes of advertising, market research and/or the structure of its website as needed. Any such analysis will be made, in particular, (also for users who have not logged in) to display demand oriented advertising and to inform other users of Google and YouTube of the activities of the user on our website. Users have a right to object to the creation of those user profiles, which right must be exercised as against YouTube.
The legal basis for the use of YouTube by Soliton Systems is Article 6(1)(f) GDPR, as that use is necessary to safeguard the controller’s legitimate interests. The legitimate interests pursued by Soliton Systems thereby are the display of demand-oriented advertising and information in the form of YouTube videos and to inform other users of the social network of the activities of users on our website.
YouTube is offered by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Further information regarding the purpose and scope of the collection of the data and their processing by YouTube can be called up at https://www.google.de/intl/de/policies/privacy/ and https://www.youtube.com/yt/about/de/. Google has implemented the certification under the EU-US Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI), so that an adequate data protection level exists.
- Processing of personal data when using the products of Soliton Systems – Purpose and legal basis; Recipients
When clients use the products, ”Soliton MailZen”, ”Soliton MailZen Management Portal“ and ”Soliton MailZen Gateway“, of Soliton Systems, the following personal data about the client will be collected and processed for the following purposes:
a) Soliton MailZen
The software, ”Soliton MailZen“, serves the encrypted storage of emails, contacts, appointments and other data on the mobile device of the client, or the client’s employees. As a supplement thereto, the software, ”MailZen Management Portal“, serves the central configuration settings of the software,
”MailZen“, on the client’s mobile devices. The software, ”MailZen Gateway“, serves the secure access of the MailZen App to the client’s internal company network. To settle the business relationships with its clients, and for the internal processing of the business transactions, Soliton systems uses electronic data processing. When installing the software, ”MailZen“, and when using the software, ”MailZen Management Portal“ and ”MailZen Gateway“, only the email addresses of the users will be transmitted by the client to Soliton Systems and be stored there centrally. In addition, the data which are relevant for the operation of the software, for example the validity of the license, and what modules have been activated, will be stored.
b) MailZen Management Portal
In addition, the license management and the MailZen Management Portal serve the purpose of registering the licenses and issuing the license certificates. Furthermore, analyses of the licenses and their use may be made in the License Manager (CLM).
Through the MailZen Management Portal, the following types of personal data of the client and all persons registered by the client in the MailZen Management Portal will be collected and processed:
- person master data (e.g., first and last name)
- communications data (e.g., phone, email)
- username for the log-in at the admin console
- public certificates
- transport-PIN-protected p12 container
- push-notification token
- device information (version number of the MailZen software release, device type, device number, operating system of the device, version of the operating system, language set in the operating system)
- other personal data collected by the client on its own in the portal in addition
In the MailZen Management Portal, all devices, as well as the configuration of the MailZen App, for all MailZen users of the client will be managed. When using MailZen, the settings made in the MailZen Management Portal will be exchanged between that portal and the MailZen App.
In connection with the user administration, email notifications will be sent from the MailZen Management Portal automatically or by an administrator to the MailZen App or the user of the MailZen Management Portals, respectively.
c) Place of data processing
Those personal data will be stored, processed and used exclusively in the territory of the European territories, a Member State of the European Union or another contracting state of the Agreement on the European Economic Area.
d) Legal basis
Soliton Systems collects, processes and uses those personal data exclusively for the performance of the contract with the client and stores those personal data in a safe place. That processing of personal data of the client by Soliton Systems is necessary for the performance of the contract with the client on the basis of Article 6(1)(b) GDPR.
e) Commissioned processing
If the client has the software, “MailZen Management Portal“, hosted by Soliton Systems, the parties shall enter into a separate agreement regarding commissioned data processing in accordance with Article 28 GDPR, under which Soliton Systems acts as a processor of the client.
f) Recipient of personal data
If the software, ”MailZen Management Portal“, is hosted by Soliton Systems as a processor, Soliton Systems will, in turn, use subcontractors in accordance with the agreement on commissioned data processing in accordance with Article 28 GDPR. Soliton Systems has commissioned Azure Cloud, as the operator of the computer centre and hosting provider. In other respects, those personal data will not be disclosed to third parties.
- Processing of personal data in relation to the support for the products of Soliton Systems – Purpose and legal basis; Recipients
Soliton Systems collects and processes personal data for the purpose of providing support for its products. Clients, or prospective clients, may submit support requests regarding the following topics over the phone, by email or via the website of Soliton Systems:
- questions regarding the configuration
- questions regarding the general functionality
- reporting of technical problems
- questions regarding change requests
- other technical inquiries
The support requests received, and the personal data transmitted by clients, or prospective clients, will be stored in an internal ticket system of Soliton Systems and will be used for the purpose of documenting and processing the support request, as well as for the purpose of contacting the respective client/prospective client in order to provide relevant feedback.
Upon the creation of a ticket in the ticket system of Soliton Systems, the system will send an automatic email to the email address from which the notification was sent. That response includes, inter alia, a link through which the client, or prospective client, can look at the created ticket.
Employees of Soliton Systems, the distribution partner of Soliton Systems in charge of the client, as well as the email addresses stated upon the creation of a ticket (data subject who created the ticket, as well as “cc” addressees (if any) entered by the data subject), can access a support ticket. The administration of the tickets is logically separated and sorted by organization, so that a distribution partner of Soliton Systems may only access tickets of the clients supported by the distribution partner.
That processing of personal data of the client, or prospective client, by Soliton Systems is necessary for the performance of a contract between Soliton Systems and the data subject or in order to take steps at the request of the data subject prior to entering into a contract and is based on Article 6(1)(b) GDPR.
- Processing of personal data for distribution purposes – Purpose and legal basis; Recipients
Soliton Systems collects and processes the personal data of prospective clients for the purpose of submitting offers and for distribution purposes, if a prospective client contacts Soliton Systems and expresses his or her interest in the products of Soliton Systems. The contact data submitted by the prospective client to Soliton Systems will be stored and processed in the CRM system of Soliton Systems and will be deleted after one year, at the latest, unless the data are processed for another lawful purpose. Soliton Systems will transmit the personal data of prospective clients collected by Soliton Systems for the purpose of submitting an offer and for distribution purposes to distribution partners for further operational processing and contacting the prospective client.
That processing of personal data of prospective clients by Soliton Systems is either based on a consent by the prospective client (legal basis: Article 6(1)(a) GDPR) or is necessary to take steps prior to entering into a contract (legal basis: Article 6(1)(b) GDPR).
- Duty of data subjects to provide personal data and potential consequences of a failure to provide personal data
Data subjects are obliged to provide us with personal data if we enter into a contract with them. A consequence of a failure to provide the personal data would be that the contract with the data subject cannot be entered into. In addition, the provision of personal data is necessary for the use of the products and the website of Soliton Systems. A consequence of a failure to provide the personal data would be that the products or the website of Soliton Systems cannot be used at all, or that the scope of functions will be limited
- No automated decision-making; No profiling
We do not use automated decision-making or profiling.
- Storage period and deletion of personal data
Soliton Systems stores personal data of data subjects only as long as this is necessary for the purposes for which they were processed, unless statutory provisions required a longer retention period. If the purpose for which the personal data were collected or stored no longer exists, the data will be routinely deleted.
- Rights of data subjects
Data subjects have the following rights:
- Right of access to the relevant personal data (Article 15 GDPR)
- Right to rectification (Article 16 GDPR)
- Right to erasure (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to object to the processing if the processing is made on the basis of Article 6(1)(e) or Article 6(1)(f) GDPR (Article 21 GDPR); see also the note regarding the right to object pursuant to Article 21 GDPR at the end of this document
- Right to data portability (Article 20 GDPR)
- Right of the data subject to revoke a granted consent at any time, without this affecting the lawfulness of the processing made before the revocation, if the processing is based on a consent in accordance with Article 6(1)(a) or Article 9(2)(a) GDPR
- Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
- Modifications of this Data Privacy Statement
On a case-by-case basis, it will be necessary to adapt and modify the contents of this Data Privacy Statement. Therefore, Soliton Systems reserves the right to modify this Data Privacy Statement and will transmit the modified version to the data subject before the modified version takes effect and will publish the modified Data Privacy Statement at the same place as this Data Privacy Statement.
Note regarding the right to object pursuant to Article 21 GDPR
- Right to object on grounds relating to a particular situation
You have the right to object, on grounds relating to your particular situation, at any time to the
processing of personal data concerning you which is made on the basis of Article 6(1)(e) (public interest) or Article 6(1)(f) (data processing on the basis of the weighing of interests) of the GDPR; this applies also to any profiling based on those provisions. Soliton Systems will no longer process the personal data, unless Soliton Systems is able to demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or the processing serves the establishment, exercise of defense of legal claims.
- Right to object in relation to direct marketing
If Soliton Systems processes personal data for direct marketing purposes, data subjects have the right to object at any time to the processing of personal data concerning them for the purpose of such marketing; this applies also to any profiling related to such direct marketing. If data subjects object to the processing for direct marketing purposes, the personal data will no longer be processed for such purpose.
- Exercise of the right to object
The right to object may be exercised without a specific form, for example, by a letter to Soliton Systems, Gustav Mahlerplein 2, 1082 MA Amsterdam, the Netherlands, or by email to firstname.lastname@example.org.