Privacy Policy lisodoX

Protecting your privacy and personal data is very important to us. We therefore only use your personal data within the scope of legal regulations, in particular the General Data Protection Regulation ("GDPR") and the German Federal Data Protection Act ("BDSG"). With this privacy policy, we would like to inform you - regardless of whether you set up a lisodoX account, use our various apps or visit our website - about the nature, scope and purposes of the collection, use and processing of your personal data by lindner software & consulting GmbH (lisocon).

1. Data controller / Contact / Data Protection Officer

The data controller responsible for data processing pursuant to the GDPR, BDSG, other data protection laws applicable in the member states of the European Union, and other regulations relating to data protection is:

lindner software & consulting GmbH (lisocon) Postkamp 6 30159 Hannover Germany

If you have any questions or concerns about privacy, please contact info(at)lisocon.de. For the conclusion of a data processing agreement pursuant to Art. 28 GDPR (see in detail section 4) and for general questions about our products, please contact info(at)lisocon.de. Further information on the data processing when contacting lisodoX can be found in section 9.

lisodoX's internal corporate data protection officer, Mr. Jae Hyun Kim, can be contacted at the following address: lindner software & consulting GmbH (lisocon) Postkamp 6 30159 Hannover Germany, via email to jaehyun.kim@lisocon.de, or by telephone on +49 511 30 17 90 30.

2. Scope of Data Protection

Data protection applies to personal data as defined by the GDPR, i.e. all information relating to an identified or identifiable natural person. An identifiable natural person is deemed to be a natural person who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific attributes.

3. Texts and Translations - lisodoX (test version)

When using our translation service, please only enter texts that you wish to transfer to our servers. The transmission of these texts is necessary in order for us to provide the translation service. We process your texts, the documents you upload and their translations for a limited period of time. This also applies to corrections you make to our translation suggestions. The corrections are forwarded to our servers to check them for accuracy and, if necessary, to update the translated text according to your changes

Please note that according to its Terms and Conditions, you may not use lisodoX for the translation of texts containing personal data of any kind. The translation of personal data is only possible as part of a lisodoX subscription (please see section 5).

4. Texts and Translations - lisodoX

When using our lisodoX subscription to translate texts, the texts or documents you submit will not be permanently stored and will only be kept temporarily to the extent necessary for the production and transmission of the translation. After complete performance of the contractually agreed services, all submitted texts or documents, and their translations will be deleted. When using lisodoX, your texts will not be used to improve the quality of our services. For further information on the processing of your data within the lisodoX subscription, please refer to section 6 of this privacy policy and our lisodoX Terms and Conditions.

Please note that using lisodoX for the translation of texts containing personal data of any kind is only permitted if there is a justification for this under data protection law. Therefore, our T&C provide for the conclusion of a data processing agreement (see section 7). To enter into such an agreement, please contact info(at)lisocon.de.

5. Creating a lisodoX account and Signing up for a lisodoX Subscription

5.1. Creating a lisodoX account 

You have the option of creating a lisodoX account. You can use the lisodoX via this account within the applicable lisodoX Account Terms and Conditions (please see also section 3). To create the account, the following personal data will be stored:

• E-mail address
• Username
• Given Name
• Family Name
• Organization
• Password
• IP address

We process the email address and password on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR in order to perform the contract of use. Your IP address is processed in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR, as it is in our legitimate interests to match your IP address with IP addresses that have misused our service in the past for fraud prevention purposes.

Please note that the creation of a lisodoX account is a prerequisite for signing up for and using a lisodoX subscription (see section 5.2), but creating a lisodoX account does not oblige you to purchase a paid subscription. Even if you do not sign up for a lisodoX subscription after creating the account, the lisodoX account remains available and you can use it. You can delete your lisodoX account at any time by sending an e-mail with your request to info(at)lisocon.de.

If your company uses Single Sign-On (SSO) to log in to lisodoX, there is no need for a separate registration with lisodoX. When you log in via Single Sign-On your company transmits your email address as well as your first and last name directly to us. We also process this data on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR.

5.2. Signing up for lisodoX

If, after creating a lisodoX account, you sign up for a lisodoX subscription, additionally the following personal data will be collected and processed for the purposes of concluding and fulfilling the contract (Art. 6 para. 1 sentence 1 lit. b) GDPR):

• First name, surname, and where applicable, company name
• Adresse
• Payment details
• Tax numbers (where applicable)
• Selected subscription option
• Possibly other, additional data you provided during the registration process.

Your payment details will be processed by us if you sign up for a lisodoX subscription. The processing of your payment will be performed at the time of the formation of the subscription contract within the meaning of Art. 6 para. 1 sentence 1 lit. b) GDPR. However, if no cancellation is made, the subscription will automatically continue to be subject to payment and the method of payment specified by you will be debited at the time stated in the booking process.

In order to process payments, we forward the necessary payment data to our authorized payment service provider Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland. Where necessary, Stripe will transfer the data to Stripe, Inc., located in the USA. Further information on data protection at Stripe and compliance with the requirements of Art. 44 GDPR can be found here and here. We have concluded a data processing agreement with Stripe, which allows Stripe to process the data solely in accordance with our instructions and not for its own purposes.

In addition to the aforementioned data, we process further (usage-)data relevant for the provision and billing of our service, such as subscription ID, date and time of the subscription conclusion, billing period, successful payment processing, logins, number of translated characters and documents, upgrades and downgrades. The processing and storage of the aforementioned data is necessary for the conclusion of the contract as well as its performance and is therefore justified according to Art. 6 para. 1 sentence 1 lit. b) GDPR. If you yourself are not a party to the contract, but lisodoX is provided to you, e.g., by your employer or an organization to which you belong, we justify the processing of the data mentioned in section 6.1 and the aforementioned usage data via Art. 6 para. 1 sentence 1 lit. f) GDPR, as this is necessary for the performance of the business relationship with our customers, i.e., your employer or your organization.

We store the data for the duration of the contract term and subsequently, if applicable, for the duration of statutory retention periods, insofar as these prescribe the retention for the respective types of data. We will delete your account if you wish to do so after cancelling your subscription. Otherwise, we will maintain your account as lisodoX account (see section 5.1) so that it is available to you in the event of a renewed subscription without you having to register again. This is in your as well as in our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

In your account in the section “Project”, you can view all data about your uploaded and translated documents. If you have a consumption-based subscription, such as the lisodoX “Pay per Use”, you can also view the costs incurred. We justify this data processing via Art. 6 para. 1 sentence 1 lit. b) GDPR, as it is necessary for the performance of the contract, in particular for billing purposes or for managing the number of documents still available for translation. As the processing goes beyond what is necessary for the performance of the contract, we base the processing on our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, as we seek to meet our customers' wish to visualize information on usage behaviour in a transparent manner. The graphical representation of the development of consumption over the contract period is considered to be also in the interest of our customers.

If you yourself are not a party to the lisodoX subscription, but access to our products is provided to you by your employer or an organization to which you belong, it is possible that we share data about your usage behaviour (e.g. last login date) with your employer or organization. Such data transfer only takes place insofar as this corresponds to our legitimate interests as well as the legitimate interests of our customers in receiving information about the use of the subscriptions they have paid for, and your interests do not override in the individual case.

6. Translation of Documents

6.1. Translation of Documents with lisodoX

You can translate documents in different file formats with lisodoX. (e.g., .indd, .idml, .docx, .pptx, .xlsx). When using document translation in lisodoX, section 3 and section 4 of this privacy policy applies. If you translate documents of the file types mentioned above while you are logged in to your lisodoX account, the documents you submit will be processed and stored on the lisodoX infrastructure during the active period of your subscription. With lisodoX, the translation of your documents will be provided exclusively by lisodoX and processed on our infrastructure in the EEA.

6.2. Processing of the Submitted Texts and Translations

We store the texts from your submitted documents to lisodoX and their translations permanently for the duration of your subscription. If your subscription has the option for various “machine translation services activated, then we send texts to those services. If those services are located outside the EU, then the data is transferred to those countries. The processing is therefore justified by Art. 6 para. 1 sentence 1 lit. b) GDPR. Your documents will - within the framework of the contractual agreements and as stated in section 4 - be stored permanently during the active period of your subscription. If your subscription includes a “public translation memory” your texts and translations will be stored permanently and made visible to other customers. The only exception is if you use the "private translation memory" option in your subscription. In this case the texts and translations are not visible to other customers and are deleted after cancellation of the subscription

6.3. Temporary Storage of Metadata when Translating Documents

Regardless of whether you use our paid or free service when translating documents, particularly the following data is stored for each translation process:

• Status/progress of the translation process
• Document file type
• Selected language pair for translation
• Estimates of time needed for the translation
• Number of characters calculated
• Errors that occurred during the translation process

This information is processed in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR based on our legitimate interest in improving the functionality of our products, as this makes it easier to identify any sources of error related to the translation process. The data is stored in a database that can only be accessed by selected employees and is automatically deleted after 14 days.

7. Automatic Collection of Data via Website Access

Regardless of whether you use our paid or free service, your device automatically transmits certain data for technical reasons when you access our website https://lisodox.com. The following data that you may send us will be stored:

• Date and time of access
• Browser type and version
• Operating system
• URL of the website previously visited
• Volume of data transmitted
• Requested domain
• Notification of successful data retrieval
• Search term when using a web browser
• Abbreviated/anonymized IP
• Full IP address
• Diagnostic information in the event of errors

Processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is stored for purely technical reasons. Website access data is used for error analysis, ensuring system security, logging access to lisodoX and for improving our translation service. Based on your IP address, we also use geolocation to determine the region from which you are visiting our website. We use this information to check whether we can offer you the lisodoX service in your region, which corresponds to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of the full IP address for the users of the lisodoX test version for a maximum period of 14 days is also justified by our legitimate interest in achieving the listed purposes, Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of IP addresses of users of the paid lisodoX subscription for the duration of the contract is justified by Art. 6 para. 1 sentence 1 lit. b) GDPR.

Our website also uses services of Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, USA ("Cloudflare"), which operates a so-called Content Delivery Network (CDN). To protect our website, the data transfer between your browser and our servers is routed through Cloudflare's infrastructure in order to analyze whether it is an abusive attack. As part of this analysis, your data is transmitted to Cloudflare in encrypted form, if necessary, also to Cloudflare servers in the USA. However, since your translation requests and other customer data are encrypted between your end device and the Lindner software & consulting GmbH (lisocon)rvers, Cloudflare does not have any access to this data, but only to meta-data (such as your IP address). Only static resources (such as graphics) are loaded directly from Cloudflare-servers. In addition, Cloudflare determines a so-called bot score immediately before the login to lisodoX, which is based on the analysis of the metadata of the client (browser) used. The use of Cloudflare is in our legitimate interest to secure the use of our website and to prevent and defend harmful attacks from outside, Art. 6 para. 1 sentence 1 lit. f) GDPR. We have concluded a data processing agreement with Cloudflare and Cloudflare may therefore only process the data according to our instructions and not for its own purposes. You can find more information about Cloudflare's handling of personal data here.

8. Cookies and Web Storage on lisodox.com and Analysis of User Behaviour 

8.1 Use of Cookies and Web Storage on lisodox.com

We use "cookies" and web storage objects to provide you with a variety of features and improve your user experience. Cookies and web storage objects are small text files that are temporarily stored on your computer via your browser.

If you do not want us to use cookies or web storage objects, you can change your browser settings accordingly. Please note that if you completely disable the use of cookies or web storage objects, the functionality and scope of the website may be impaired.

We specifically use cookies or web storage objects in the following categories:

• Necessary: These cookies or web storage objects are necessary to ensure the functioning of our website and the formation as well as the performance of contracts. The cookies serve security purposes, the smooth navigation on our website, the provision of the most important functions of our products, the storage of your settings such as the display language of the website and the selected translation language as well as the handling of the checkout process for lisodoX. In addition, statistical data about the use of our website is collected. The collecting of data via the necessary cookies or web storage objects is justified according to § 25 para. 2 no. 2 TTDSG (“Telekommunikation-Telemedien-Datenschutz-Gesetz”: German Telecommunications and Telemedia Data Protection Act). The further processing of this data is either necessary in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR for performing the contract or justified due to our legitimate interest in presenting our products and our company in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.
• Performance: In order to continuously improve our website, we collect data for statistical and analytical purposes. We and our external service providers use these cookies or web storage objects with your explicit consent in accordance with § 25 para. 1 TTDSG. The further processing of this data is also based on your consent, Art. 6 para. 1 sentence 1 lit. a) GDPR.
• Comfort: We use these cookies or web storage objects to make using our website more comfortable for you. For example, we remember which areas of the website you have already visited and help you to use the website in the best possible way. In accordance with § 25 para. 1 TTDSG and Art. 6 para. 1 sentence 1 lit. a) GDPR, we only use these cookies or web storage objects and process the data collected from them with your explicit consent. 

The table below lists the different types of cookies and web storage objects that may be used on our website. Cookies or web storage objects are stored until the specified expiration time or until you delete them in your browser or, if it is a session cookie, until the session has expired. You can withdraw your consent for the use of cookies or web storage objects in the categories “Performance” and “Comfort” in each of these categories directly in the table below. Data is not passed on to third parties.

8.2 Analysis of User Behavior

In order to better understand how our products are used and to better tailor our products to the needs and desires of our customers, we analyze pseudonymized data about our customers' use of lisodoX products. The analysis allows us to understand general usage habits and derive different target and user groups. We can then address the identified user groups in a more specific way and, for example, point them to previously unused or unknown features of our products. In this way, we enable our customers to get to know and use all the features of their lisodoX subscription and can thus improve the user experience of the lisodoX. This corresponds to our legitimate interests according to Art. 6 para. 1 p. 1 lit. f) GDPR. The data is processed exclusively on lisodoX’s servers in the EEA, the data is not transferred to the USA. No transfer of the data to third parties takes place.

Overview of the cookies and web storage objects used by lisodoX:

Necessary

Context	ID	Description	Technology	Expiry	Owner
Site appearance	dark theme	Stores selected color scheme for the site.	localStorage	Persistent Data	lisodoX
Proofreading dialog	app-text-edit-dialog-size	Stores the size for the proofreading dialog.	localStorage	Persistent Data	lisodoX
Proofreading	proof	Stores configuration for proofreading and translation processes.	localStorage	Persistent Data	lisodoX
Site localization	uiLanguage	Stores the interface language selected by the user.	localStorage	Persistent Data	lisodoX
Internal IDs	showInternalIds	Determining if the user sees internal IDs for the subjects.	localStorage	Persistent Data	lisodoX
Pinned projects	pinnedProjects	Stores projects that user pinned.	localStorage	Persistent Data	lisodoX
Target languages for machine translation	saved-target-languages	Stores list of target languages that would be used for translation.	localStorage	Persistent Data	lisodoX
Alternative language	altTargetIsoLang	Stores the alternative language that would be shown during translation or proofreading.	localStorage	Persistent Data	lisodoX
User’s metadata	0-into.client	Stores metadata of authorized user.	sessionStorage	Session	lisodoX
User’s notifications	notifications	Stores notifications for authorized user.	sessionStorage	Session	lisodoX
Translation scope	lastStepSaveMode	Stores last used scope for saving segment translation.	sessionStorage	Session	lisodoX
lisodox.com	cookieyes-consent	CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors.	cookie	1 year	CookieYes

Marketing

Context	ID	Description	Technology	Expiry	Owner
Conversion Tracking		Records and evaluates conversions from lisodoX’s LinkedIn advertising campaigns	Tracking Pixel	Persistent Data	LinkedIn

9. Contacting our Sales or Support Team

You have the possibility to contact us via contact form on our website. You can also contact us directly by email.

9.1. Sales and Support Requests

If you would like to send us a sales enquiry in order to receive further information about our products and subscription plans or to start contract negotiations, you are welcome to use our  contact form. In addition to your email address, you are required to provide your name and telephone number; all other information is optional.

If you contact our support team with questions about your contract and its implementation via our contact form, it is necessary to provide a valid email address so that we know who the inquiry comes from and can respond to it

For both support and sales enquiries including any subsequent correspondence, Art. 6 para. 1 sentence 1 lit. b) GDPR serves as the legal basis for the processing of your personal data, as the processing is necessary for the initiation of the contract or the conclusion and performance of our contract. Art. 6 para. 1 sentence 1 lit. b) GDPR also provides justification for the processing of personal data that may be contained in documents sent to our Support team. We will store your data for the duration of our business relationship and subsequently for the duration of the legal retention periods where this is required. The processing of your personal data as part of our customer database and the analyses of our customer-related processes is based on Art. 6 para. 1 sentence 1 lit. f) GDPR, as this is in our legitimate interest.

If you have contacted our Support team via the contact form, it is possible that we will subsequently inquire by email about your satisfaction with our customer service. In this case, we will process your data on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR in order to determine customer satisfaction and to continuously improve our service.

9.2. Privacy Requests

You also have the option of contacting info(at)lisocon.de with questions or concerns about data protection at lisodoX. We process your data in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR on the basis of your voluntarily given consent.

10. lisodoX Newsletter

10.1. Product Newsletter

If you have signed up for lisodoX, we will occasionally send you emails with news on our products, such as the launch of new languages and new features as well as on related products and services. This will also include information and tips on how to get the most out of lisodoX. We are entitled to use the email address you provided when signing up for a lisodoX subscription in this way under the legal conditions of § 7 para. 3 of the German Act against Unfair Competition (UWG). Given our existing contractual relationship, it is also in our legitimate interest to inform you as set out above (Art. 6 para. 1 sentence 1 lit. f) GDPR). If you do not wish to receive such emails from us, you can object to the use of your email address for this purpose at any time by sending an email to info(at)lisocon.de. Of course, each of our emails contain an unsubscribe link at the end.

10.2. Marketing Newsletter and other marketing communication

If you would like to receive more detailed information about our company, products, services and promotions, you can sign up for our marketing newsletter or you can agree to receiving marketing communication in certain other contexts. We may send you information, within the scope of your consent, about offers, special offers, promotions and marketing campaigns and other news from lisodoX from time to time or get in touch with you to discuss specific products and services. The processing of your data is based on your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). You can withdraw your consent at any time with effect for the future by sending an email to info(at)lisocon.de. Of course, our emails each contain an unsubscribe link at the end.

11. User research and surveys

11.1 User surveys

Users are given the opportunity to participate in surveys via the web and app interface of our services. Participation in the surveys is voluntary and can be achieved, for example, via a pop-up found on the interface. The user may be redirected to a third-party website (e.g. Qualtrics) to complete the survey. In order for us to properly analyse the survey results, we match your survey results with your product interaction that we collect when you use our products. This helps us to get better insights on how our users respond to our services, which help us to improve our product offering and services based on the collected survey information. Your personal data will not be collected or processed throughout the entire process. We won’t ask you to enter any personal data when taking part in the survey. Furthermore, to collect your product interaction data we don’t collect or process your IP-address. In order to obtain this data from you, we will assign you a user ID upon confirmation that you wish to participate in the survey. This user ID – in the form of a cookie – does not give away any personal data about the person behind the interaction data and is therefore anonymised.  

Your survey results and product interaction data (if any) will be stored and processed collectively by lisodoX for up to 2 years.  

If personal data is nevertheless collected or processed in the aforementioned process - which we do not plan or assume from our side - we justify this via Art. 6 (1) sentence 1 lit. f) GDPR, as this represents the least intrusion into the rights of the user in contrast to an opt-in and corresponds to the principle of data minimisation. You may withdraw your consent for the cookie at any time with effect for the future by deleting your browser cache.

11.2. Customer Surveys

From time to time, lindner software & consulting GmbH (lisocon) sends out customer surveys via email to inquire about your experience and/or satisfaction with our products. Participation in the surveys is voluntary, and they can generally be answered anonymously, but you also have the option to voluntarily provide your name and/or email address. If you do so, we may contact you afterwards and ask if you would be willing to share your experience with us in a personal conversation.

This processing of your data corresponds to our legitimate interests according to Art. 6 para. 1 sentence 1 lit. f) GDPR to improve our products and to further develop them according to our customer’s wishes. If you voluntarily provide your name and/or email address in the survey, we justify the processing of your data via your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR. You can revoke this consent at any time with effect for the future.

12. lisodoX’s Social Media Pages

lisodoX operates several social media profiles (also called “pages”) on various social networks e.g., Facebook, Instagram, Twitter, LinkedIn and Xing. There we regularly publish posts about our products, new product features as well as new job offers. If you interact with our pages or contact us via them and are a member of the respective social network, we may receive and process data that identify you. As operator of the pages, we also have the option of viewing anonymous statistics on the interaction of visitors with our pages (insight function). For this purpose, the operators of the social networks record your interactions with our pages using cookies and similar technologies. You can find more information on this kind of data processing by Facebook, Instagram and LinkedIn here, here and here.

The legal basis for the operation of our social media profiles and the insights function is our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR in using the pages as an information channel for our company. With regard to the insights function, we have a legitimate interest in understanding the visits and interactions with our page in order to be able to respond to them and to further improve our presence. Insofar as your consent given to the social network justifies the data processing within the framework of the respective social platform, processing is carried out on the basis of this consent.

In addition, we use the LinkedIn image pixel to record and evaluate conversions from our LinkedIn advertising campaigns. Conversions mean whether a user is successfully led to our website via our LinkedIn advertising campaign. Furthermore, user interactions - i.e., individual steps taken by the user on our website - are to be recorded and tracked via conversions. The LinkedIn image pixel is embedded on certain pages of our website and provides feedback to LinkedIn if a conversion has taken place. In doing so, LinkedIn processes the user’s IP address as well as the presence of a cookie set by LinkedIn, which provides conclusions about the conversion. The processing of your personal data is based on your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). The consent is given via the cookie settings. You can revoke your consent at any time with effect for the future by revoking the consent for the “Marketing” cookie category or deleting your browser cache.

Please note that we together with the operator of the respective social network are jointly responsible for the data processing operations triggered when you visit our page. However, the operators of the social networks may also process your data for their own purposes, which are not depicted in this privacy policy. It is also possible that data collected about you will be transferred to third countries, in particular the USA. We have no influence on this data processing and refer to the privacy policies of the respective social networks e.g., for Facebook here, for Instagram here, for Twitter here, for LinkedIn here and for Xing here.

In principle, you can assert your rights (see section 15 below) both against us and against the operator of the respective social platform. However, we would like to point out that despite the joint controllership, you can most effectively assert your rights with the operators of the social networks. If you need help, you can contact us.

13. Webinars

We offer webinars for our users and existing or prospective customers. The webinars are interactive events on the products we offer, conducted by our staff. External speakers may also be invited to the webinars. We point this out accordingly before registration.

We use a service provided by Zoom Video Communications, Inc. ("Zoom"), 55 Almaden Blvd. Suite 600, San Jose, CA 95113, USA, on whose platform the webinars are held. Registration for our webinars takes place via a corresponding landing page of Zoom. We have concluded a data processing agreement with Zoom and Zoom may only process personal data according to our instructions and not for its own purposes. We would like to point out that if you access Zoom's website, Zoom is responsible for the personal data processed through your use of the website. If you have entered into a contractual relationship with Zoom, we have no influence on the personal data collected and processed in this context as part of our webinars. Further information on the handling of personal data at Zoom - in particular also in relation to webinars - can be found here.

In the event of registration for a webinar on a landing page provided by Zoom, we collect and process all personal data that you provide when registering for one of our webinars (first and last name, email address, company (optional), position (optional)). We process your data to fulfil the free participation contract concluded between you and us on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. We store your data on this basis for the duration of the existence of our contractual relationship, i.e. until the conclusion of the webinar, and subsequently for the duration of the statutory retention periods where this is required. If you have a lisodoX account and it is possible for us to assign the webinar registration to this account, the processing of your personal data in the context of our customer database and the analyses of our customer-related processes until the end of the webinar is based on Art. 6 para. 1 sentence 1 lit. f) GDPR, as this is in our legitimate interest to record the demand for webinars and in this context to improve the services for our customers. After completion of the webinar, we note in our customer database under your account that you participated in the webinar. The name and e-mail address given during registration will not be noted and - if they do not match the details in the lisodoX account created - will be deleted by us after the webinar has ended. Should personal data be processed at all in this note in the customer database beyond the webinar, we base this on Art. 6 para. 1 sentence 1 lit. f) GDPR, as this is in our legitimate interest to specifically identify whether customers understand our products in order to provide them with support more quickly in individual cases, or in order to provide certain customers with extended webinars and training.

When participating in a webinar and using Zoom, the following additional personal data is processed:

• User information (This is data associated with the Zoom account and its authentication, e.g. first name, last name, display name, email address, password (unless Single Sign On (SSO) is used), profile picture, Zoom unique user ID).
• Communication data (This is data that you independently enter, upload or share as part of the webinar and associated Zoom usage).
• Meeting metadata and telemetry data (This technical data is, among other things, data relating to the use of the service, including when and how sessions were conducted (IP address, event logs, session information, etc.), as well as device and hardware information that Zoom needs to access in order for features such as camera, microphone, etc. to be operational in the context of participation).

Please note that it is also possible to participate in the webinar without having a Zoom account. In this case, the collection and processing of data is limited to the minimum necessary to be able to maintain the service for you. We have chosen settings so that the collection and processing of the communication content generally takes place on servers in the European Union. As Zoom is based in the USA, we cannot exclude the possibility that data processing (in particular meeting metadata) may also take place in the USA when using the service. A collection and processing of your data through the use of Zoom takes place on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR (participation contract). We store the data collected and processed by Zoom on our behalf for the duration of the Zoom webinar and subsequently for the duration of the statutory retention periods, if this is required. We have no influence on the duration of the data processed by Zoom under its own responsibility. Please contact Zoom directly for information in this regard.

Automated decision-making pursuant to Art. 22 GDPR does not take place.

Please note that we may record Zoom webinars and publish them afterwards on our website or social media channels. Participants will not be visible or identifiable in these recordings. As participants can only ask written questions, they will not appear visually in the recording. The answer to the participant's question will be part of the webinar recording. If, contrary to expectations, personal data of the participants is visible during the recording, it will be made unrecognisable before publication. The recording and storage of the webinar is based on Art. 6 para. 1 sentence 1 lit. f) GDPR, as these processing operations are in our legitimate interest to improve the quality of our webinars. When the webinars are published, no further processing of personal data will take place, as we will make them unrecognisable beforehand - if they can be viewed at all.

14. Data Security

Your connections to our website and our apps are protected with encryption techniques in line with the current state of the art. The level of protection also depends on which encryption your Internet browser and/or mobile device supports. You can tell whether an individual page of our website is transmitted in encrypted form by looking at the closed key or lock symbol in the status bar of your browser. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

15. Your Rights

The following rights are granted by European Union directives and regulations. If you wish to exercise any of the rights listed below, please contact us at the above address.

• Right to confirmation and right of access - We will gladly confirm whether we are processing any of your personal data, which data we are processing, and for what purpose we are processing it.
• Right to rectification - If any of the data we have stored is incorrect, we would certainly be happy to correct it.
• Right to erasure - Should you wish your personal data to be deleted, we will comply with your request as far as legally possible.
• Right to restriction of processing - Should you wish to restrict use; we will comply with your request as far as legally possible.
• Right to withdraw your consent - Should you wish to revoke any previously granted consent; we will comply with your request. Revocation does not affect the permissibility of the processing of your data up to now.

In addition, you can object to the further processing of your data if we process your data based on our legitimate interest (Art. 6 para. 1 sentence 1 lit. f), Art. 21 GDPR). If we process your data for the purpose of direct advertising, you have a general right to object. If we do not process your data for advertising purposes, the objection must be based on your particular situation.

You also have the right to lodge a complaint regarding the processing of your personal data with a supervisory authority, such as the data protection supervisory authority responsible for us: Landesbeauftragte für Datenschutz und Informationsfreiheit Niedersachsen, rinzenstraße 5, 30159 Hannover, email: poststelle@lfd.niedersachsen.de.

16. Special provisions for users from South Korea

16.1 Contact and lisodoX Data Chief Privacy Office (CPO)

If you have any specific questions or concerns about privacy and data protection in South Korea, also with regard to previous versions of this privacy policy, please contact info(at)lisocon.de.

lisodoX’s Chief Privacy Officer for South Korea is Mr. Jae Hyun Kim, can be contacted at the following address: lindner software & consulting GmbH (lisocon) Postkamp 6 30159 Hannover Germany, via email to jaehyun.kim@lisocon.de, or by telephone on +49 511 30 17 90 30.

16.2 Data Deletion and Retention Periods

As described above, we will process your data for as long as is necessary for the stated purpose and if applicable, to the extent that you have consented to. Subsequently, we will delete your personal data without undue delay. We will permanently destroy any personal data saved in electronic format in a way that it cannot be restored and recovered. Personal information printed on paper will be destroyed by shredding thereof.

However, as outlined above in section 5.2, lisodoX is obliged to retain certain personal data of users as required by applicable laws. Relevant laws under Korean law include, in particular, the Act on the Consumer Protection in Electronic Commerce (Article 6) which provides for the retention of data on contract as well as withdrawals and revocations thereof for 5 years, data on the provision of services for 5 years and data on consumer complaints or consumer disputes for 3 years. The Protection of Communications Secrets Act provides in Article 15-2 to retain records of computer communication or internet log and trace data of access point for 3 months.

16.3 Data Security and Pseudonymisation

In addition to the measures set out in section 14 of this privacy policy, under the Korean Personal Information Protection Act we take various technical, administrative and physical measures to ensure data security and the security of personal data. For example, we manage access rights to our systems that contain personal data as well as pseudonymized data in a traceable manner; we take various measures to prevent unauthorised access to personal and pseudonymized data, including maintaining a VPN network; we regularly train our employees in the handling of personal data, including pseudonymized data and data security. We regularly evaluate our data processing procedures and modify them as necessary. In addition, we work with strict physical access controls to e.g. our IT infrastructure and data storage systems as well as to documents that contain personal data. 

17. Changes to the Privacy Policy

We reserve the right to amend this privacy policy. The current version of the privacy policy can be accessed at any time on our website.

Last update: February 2025