SEGGER Privacy Policy

'Personal Data' means any information relating to an identified or identifiable natural person.

'Data Subject' is an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

'Processing' means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

'Controller' means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data; where the purposes and means of such Processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Controller for the purposes of the GDPR is:

SEGGER Microcontroller GmbH
Ivo Geilenbrügge
Managing Director
Ecolab-Allee 5
40789 Monheim am Rhein
Germany

Phone: +49-2173-99312-0
Email: dataprotection@segger.com
Website: www.segger.com

'Consent' of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him or her.

'Restriction of Processing' means the marking of stored Personal Data with the aim of limiting their Processing in the future.

'Profiling' means any form of automated Processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

'Processor' means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller.

'Recipient' means a natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not. However, public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as Recipients; the Processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the Processing.

'Third Party' means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, Processor and persons who, under the direct authority of the Controller or Processor, are authorized to process Personal Data.

For the Processing of Personal Data as defined above, the relevant data protection rules, especially Article 6 GDPR, stipulate certain preconditions under which such Processing is legally permitted:

1. The Data Subject has given Consent to the Processing of Personal Data for one or more specific purposes. For instance during any registration for services offered on SEGGER´s website it may be requested to give Consent to the Processing of Personal Data as it is necessary to provide such services.
2. Processing is necessary for the performance of a contract in which the Data Subject is a party and in order to process purchase orders properly and, if needed, to get back to customers with respect to questions they may have concerning SEGGER´s products.
3. Processing is necessary for compliance with a legal obligation to which the Controller is subject. This may, for instance, apply to the proper handling of purchases with respect to the relevant tax regulations.
4. Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a Third Party. This does, however, not apply where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which requires protection of Personal Data, in particular where the Data Subject is a child. There might be even vital interests of the Data Subject or of another natural person which are to be protected and which justify Processing for such purposes.
5. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

If one or more of these preconditions are met, the Processing of Personal Data is legally permitted.

The Data Subjects have the following rights with regard to the Personal Data:

• right of access (GDPR Article 15)
• right to rectification (GDPR Article 16)
• right to erasure or right to be forgotten (GDPR Article 17)
• right to Restriction of Processing (GDPR Article 18)
• right to be informed (GDPR Articles 13 and 14)
• right to data portability (GDPR Article 20)
• right to object (GDPR Article 21)
• right not to be subject to a decision based solely on automated Processing (GDPR Article 22).

SEGGER offers various services and functionalities on its website, as outlined in the following sections. In order to provide these services a specified set of Personal Data is required and the user is asked to fill out a form to provide such data. We only save data required to provide the services as outlined in the sections below.

SEGGER internally collects information on the browser types, operating systems, websites and sub-websites, from which SEGGER´s website is reached, the date and time of access and the IP addresses used by the Data Subject. These data are processed anonymously and separately from any data you may have given to SEGGER during registration, for newsletter purposes or for the use of other functionalities of the SEGGER website.

For safety purposes, especially in order to fight any cyber attacks and fraud, SEGGER stores IP addresses, the internet service providers and the date and time of access for a period of fourteen days.

SEGGER offers newsletters for subscription. In the newsletters SEGGER keeps its customers, users and other interested persons informed about SEGGER´s most recent offers and products. For the subscription process, Personal Data of the users such as e-mail addresses are requested in order to ensure the accurate transmission of the newsletter. These data are also needed to initiate the confirmation process that the owner of the e-mail address is authorized to receive the newsletter. Such data will only be used for the transmission of the newsletter and will not be transferred to Third Parties.

By subscription to the Newsletter Service the user consents to such Processing of the Personal Data. The user, however, may at any time revoke such Consent to this Processing and may unsubscribe from the newsletter.

The blog offered by SEGGER provides additional information about SEGGER and its products. In case a user wants to receive a notification when a new blog entry is added, the user can subscribe to the blog. The data collected in this process is handled in the same way as the data collected for the newsletter. The data collected are needed to secure accurate transmission of such notification to the user.

SEGGER has installed a system for software update notifications. Users may subscribe to this system to receive information related to the specified product and its software releases. Similar to the newsletter, Personal Data of the users such as e-mail addresses are required in order to ensure the accurate transmission. Such data will only be used for the transmission of the notification and will not be transferred to Third Parties as Recipients. The user may, at any time, revoke the Consent to the data Processing and may unsubscribe from the notification system.

Customers of SEGGER may register the hardware product they acquired from SEGGER. This allows the authentication of the customer when support is requested. The form on the SEGGER website, which is to be filled in during the registration process, only collects such Personal Data which are indispensable for such authentication. The customer, by filling in the form, consents to the storage and Processing of such data, this Consent being revocable at the customer´s sole discretion at any time. The storage and the Processing of such data does not involve any transfer to Third Parties nor the use for other purposes.

In cooperation with qualified silicon vendor partners, users may register in order to receive a free device based commercial use license for a SEGGER product. The input form used for this registration process determines what Personal Data are transmitted. The collection of Personal Data is necessary in order to fulfill contractual obligations. There will be no transfer of the collected data to any Third Party. The Consent for the storage of these Personal Data may be revoked at any time.

Prior to the use of all SEGGER software - regardless whether it can be downloaded free of charge from SEGGER’s website or its use is subject to a paid license - the acceptance of the related license agreement is required from the user (see https://www.segger.com/purchase/licensing/). In addition to that, some SEGGER software or material provided as download from SEGGER’s website might require a registration prior to the download, use or receipt of the software or material. If such registration is required during the registration process, only those Personal Data (i.e. name and e-mail address) are collected from the user which are needed to handle the licensing process.

The website of SEGGER offers the possibility to contact SEGGER by clicking the link “contact”. The Personal Data provided by the Data Subject during such contact are stored in order to secure and to facilitate the purpose of the visitor´s contact with SEGGER.

The Controller will collect and process the Personal Data of applicants for the purpose of the Processing of the application. If the Controller concludes an employment contract with an applicant, the submitted data will be stored for the purpose of Processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the Controller, the data related to the application will be deleted according to applicable law.

SEGGER will collect, store and process Personal Data for its internal use. However, SEGGER may transfer Personal Data to Third Parties, for instance, if such transfer is necessary for the performance of a contract as agreed by the customer as a Data Subject.

SEGGER informs you that - if you are domiciled in the USA or in Canada - SEGGER Microcontroller Systems LLC, a SEGGER subsidiary, will answer your questions and process your orders and inquiries. SEGGER also cooperates with distributors worldwide which may contact you about your requests. SEGGER has committed SEGGER Microcontroller Systems LLC and certain distributors to adhere to appropriate data protection standards by special agreements. SEGGER may transfer your Personal Data to SEGGER Microcontroller Systems LLC or to those distributors with which such agreements have been concluded.

On SEGGER´s website, reference is made to social networks such as Facebook, Twitter, and LinkedIn. You may click on the link of the respective social network while you are visiting SEGGER´s website. If you click on such link while visiting SEGGER´s website the network may register your visit of SEGGER´s website. Personal Data may be transferred to the respective social network during your visit of the network according to the terms and conditions of such social network.

Even if the storage and Processing of Personal Data is legally permitted under relevant data protection rules, however, it is not allowed for an unlimited period of time but is subject to retention periods. For instance, if data are no longer needed for the appropriate fulfillment of any contractual obligations or for the compliance with any retention period under applicable tax law such data are to be deleted.

SEGGER has implemented a process and standards for the deletion of Personal Data in accordance with the applicable data protection rules including the GDPR. This process involves a regular scrutiny of the relevant retention periods for the storage of Personal Data and their deletion when such retention periods are expired unless other reasons require the further storage of such data.