Data Privacy Policy

Data Privacy Policy

Protecting your personal data is important to us. This data privacy policy shall help you understand what data we collect, how we collect it, why, and what we do with it.

This data privacy policy applies to our entire services and business activities, including our websites and other online presence.

The legal foundation of this data privacy policy and of our collection and processing of data is the General Data Protection Regulation (GDPR) of the European Parliament and of the European Council, in particular Art. 6 (1) (a-c, f) GDPR.

The body responsible for collecting and processing data under this data privacy policy is Software.Process.Management Dr. Andreas Birk, Usedomstr. 15, 70439 Stuttgart, Germany, phone +49 711 6645 324, email (controller according to GDPR, throughout this document referred to as we).

Data We Collect and Process

We collect and process the following data:

  • Contact data (e.g., email addresses, telephone numbers)
  • Contract data (e.g., object and period of a contract)
  • Inventory data (e.g., customer data like name and address)
  • Payment data (e.g., bank details, payment history)
  • Project data (e.g., customer requirements and documents)
  • Software user data (e.g., account information)
  • Website and software usage data (e.g., visited web pages and topical interests)
  • Content data (e.g., website user input, photographs)
  • Technical meta data (e.g., browser types, IP addresses)
Affected Types of Persons

We collect and process personal data of the following types of persons:

  • Customers, interested persons, and business partners
  • Members and interested persons of networks and communities in which we engage, and that we support actively—e.g., by management of working groups or organization of user group meetings
  • Visitors and users of our online offerings and services
Purposes of Data Collection and Processing

We collect and process personal data for the following purposes:

  • Provide consulting, coaching, and training services
  • Provide contractual services and support
  • Answer requests and communicate with customers, interested persons, and users
  • Publish and communicate on technology and business topics
  • Support networks and communities
  • Maintain customer relationships
  • Conduct marketing and sales activities
  • Conduct required administrative activities
  • Conduct security measures
Use of Personal Data

Personal data are information through which a natural person can be identified, directly or indirectly. They include name, email address, or telephone number. Personal data are, too, information on an individual’s preferences, its company or association affiliations, or what web pages a person has visited.

We collect, use, and share your personal data only as far as we are legally entitled to do so, or as far as you have declared your consent.

Contacting Us

When you contact us, for instance by email or by using a contact form, we store your information in order to process the request, or for being able to answer your follow-up questions.

Website Access Data & Server Logfiles

As providers of websites we collect data about every access to the website (so-called server log files), and our web hosting service providers do so likewise. This access data includes: Name of the called web page, file, date and time of the access, transferred data volume, notifications on successful invocation, browser type and version, the user’s operating system, referrer URL (i.e., the web page visited previously), IP address, and the requesting provider.

We use the logged data for statistical analyses in order to operate and improve our websites and their services, and for additional administrative purposes. We and our web hosting service providers reserve the right to analyze the stored data, when there are specific indications of unlawful usage of the website. Legal foundation of this data processing is Art. 6 (1) (f) GDPR in connection with Art. 28 GDPR.

User Comments

When you post comments in a blog or provide other kinds of contributions, we store your IP address. This serves our and our service providers’ security in the event any user’s comments or contributions contain unlawful content (e.g., insults or illegal propaganda). In such cases the user can be made liable for his or her comments or contributions, and we or our service providers have a direct interest in the user’s identity and stored data.


We send newsletters that inform registered recipients about specific topic areas and about offers.

If you want to receive newsletters, you must provide a valid email address and additional information. This information enables us and our service providers to validate that the user actually possesses the email address, and that the user agrees with receiving the newsletter. We may enquire additional information that is exclusively used to tailor newsletter contents according to the user’s preferences. Examples include language preferences, regional preferences for event announcements, and topic areas of special interest. We use these data only for providing the newsletter service. We do not share this information with third parties except our service providers.

When you register for a newsletter, we or our service provider stores your IP address and the registration date. This data shall enable us to prove when a third party makes unauthorized use of a person’s email address and registers for the newsletter without this person’s knowledge.

You can unsubscribe from the newsletter at any time using a link in the newsletter postings, via your profile pages, or by sending a message to our contact address above.

Integration of Third-Party Services and Content

We may integrate third-party services and content into our websites and associated services. Examples are YouTube videos, Google Maps services, RSS feeds, or graphics from other websites. This integration always requires that the providers of these other services and content (in the following denoted third-party providers) recognize the IP address of the user. Because without IP address they could not send their content to the user’s browser. This means that the IP address is required for displaying these contents and for providing these services.

We strive to integrate only those contents and services whose third-party providers use the user’s IP address solely for sending their services and contents. However, we have no bearing on a third-party provider’s use of IP addresses. As far as we are aware of such additional data uses by third-party providers, we either stop using this particular service or we inform you via our data privacy policy.

Web Analytics

Our websites may use Matomo, a web analytics open-source software. Matomo uses cookies, which are data files placed on your computer, to help us analyze how users use the site. The information derived from the cookies about users’ usage of the website (including a user’s IP address, anonymized prior to its storage) is stored on the server of our web hosting service providers in Germany.

You may refuse the usage of cookies by configuring your browser accordingly. However, you shall be aware that this might prevent some part of the website from functioning.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.


A cookie is a small data file that websites use to store information on a user’s computer by the user’s web browser. This information, for instance, can have the purpose to improve user experience. It can also be statistical data of website usage that the provider uses to optimize the website.

As a user you can control cookie usage. Most browsers can be configured so that cookie usage is constrained or prevented altogether. You can also manually trigger deletion of stored cookies in your browser. However, this may inhibit usability of the website or impede some functionality.

On our websites, we may use several kinds of cookies:

Session cookies enable us identifying which web pages you have visited already. This enhances your browsing experience. Session cookies will be deleted automatically once you have left the website.

Permanent cookies help us enhancing user experience, for example by restoring your previous user settings on the website. They are stored for a fixed certain duration or until a certain expiry date. Afterwards, your browser will delete them automatically. You can also delete them manually at any time.

We also use persistent cookies for purposes of statistical analysis of website visits. We use these analyses for optimizing website structure and browsing experience.

Our usage of cookies and our processing of associated data is justified based on Art. 6 (1) (f) GDPR, in order to serve our legitimate interests and those of authorized third parties.

Transfer of Data to Third Parties

We transfer your personal data to third parties only in the following cases: You have expressed your explicit consent according to Art. 6 (1) (a) GDPR. Transfer is within our legitimate interests or those of an authorized third party, according to Art. 6 (1) (f) GDPR. Transfer must be conducted due to a legal obligation according to Art. 6 (1) (c) GDPR. Transfer is legal and required for the performance of a contract in which you are party, or in order to take steps at your request prior to entering into such a contract, according to Art. 6 (1) (b) GDPR.

Where we engage others with processing your personal data, this is governed by a contract or other legal act following Art. 28 GDPR.

Your Data Privacy Rights

You have the following rights:

Right of access (Art. 15 GDPR): You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed. Where this is the case, you have the right to obtain access to this personal data and to the associated information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR): You have the right to request the immediate rectification of inaccurate personal data concerning you and, if necessary, the completion of incomplete personal data.

Right to erasure (Art. 17 GDPR): You have the right to obtain the immediate erasure of personal data concerning you, under the conditions specified in Art. 17 GDPR.

Right to restrict processing (Art. 18 GDPR): You have the right to request restriction on processing your personal data, under the conditions specified in Art. 18 GDPR.

Right to object to processing (Art. 21 GDPR):

You have the right to object to the processing of your personal data that we have received pursuant Art. 6 (1) (f) GDPR, under the conditions specified in Art. 21 GDPR.

Right to data portability (Art. 20 GDPR): In certain cases specified in Art. 20 GDPR, you have the right to receive personal data concerning you in a structured, commonly used and machine-readable format, or to request the transmission of this data to a third party.

Right to withdraw consent (Art. 7 (3) GDPR): You have the right to withdraw your consent to processing your personal data. This shall not affect the lawfulness of any processing based on consent before its withdrawal.

Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you feel that the processing of your personal data infringes upon GDPR.

Changes to This Data Privacy Policy

We keep this data privacy policy under regular review and place any updates on this web page.

This data privacy policy dates from August 2020.