Data Protection and Privacy Policy

Purpose

erwin, Inc. (erwin) is committed to respecting and protecting your data and privacy when visiting our website. To provide you with relevant information, respond to your requests, and increase the benefits you receive from our website, we sometimes request that you provide us with information about yourself.

We have prepared this data protection and privacy policy to inform you of the information we gather and how it is used. It applies to all erwin websites that display or link to this policy. You also should note that erwin maintains the same data protection and privacy practices with respect to data collected offline, so this policy may be relied upon with respect to those methods of data collection and use.

This policy exists to:

  • Comply with industry best practices and data protection and privacy laws
  • Protect the rights of our customers, partners and staff
  • Provide transparency in how we store and process data about individuals
  • Protect the company from the risks associated with data breaches as much as possible

Data Protection Risks

This policy helps to protect erwin from some very real data security risks, including:

  • Breaches of confidentiality. For instance, information being given out inappropriately or to unauthorised individuals.
  • Failing to offer choice. For instance, all individuals should be free to choose how the Company uses data relating to them, with opt in clauses.
  • Reputational damage. For instance, the Company could suffer if hackers or non-authorized individuals successfully gained access to sensitive data.

General Employee Guidelines

The only people able to access data covered by this policy should be those who have a business need for their work activities.

  • Data should not be shared informally, when access to confidential information is required, employees can request it from their line managers.
  • erwin provides training to all employees to help them understand their responsibilities when handling data, as part of ISO27001 certification.
  • Employees should keep all data secure, by taking sensible precautions and following the corporate guidelines.
    • In particular, strong passwords must be used and they should never be shared.
    • Personal data should not be disclosed to unauthorised people, either within the company or externally.
    • Data should be regularly reviewed and updated if it is found to be out of date. If no longer required, it should be deleted and disposed of.

Data Collection

In general, you may visit this website without identifying yourself or revealing any personal information. But as is true of most websites, we gather certain data automatically and this may include your internet protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Some of this information may be considered personal data under certain data protection laws.

Due to internet communications standards when you visit the website and use its associated services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our website. This information is used to analyze overall trends, to help us understand how our website is being used so we can improve its quality and make it more beneficial to users, and to track and aggregate non-personal information. For example, erwin uses IP addresses to monitor the regions from which customers and visitors navigate the website and use its associated services. erwin also collects IP addresses from customers when they login to the Services as part of the company’s “Identity Confirmation” and “IP Range Restrictions” security features.

Some portions of this website may request that you give us information about yourself from which we are able to identify you, such as your name, email or other address. Some of the ways in which we may collect this information from you are:

  • Event registrations for webcasts, seminars, conferences, etc.
  • Product support registration
  • Education registration
  • Subscription to newsletters or other erwin content-related notifications
  • Product purchases or trials
  • White paper or other downloads
  • Sweepstakes or contests

Data Use

When we collect information about you, it is our intention to tell you why we are asking for the information and what we intend to do with it. You will have the option of not providing the information, in which case you may still be able to access other portions of this website, although you may not be able to access certain programs or services. When you receive your first email communication from erwin, a link at the bottom enables you to “opt out” of certain uses of your information or elect not to receive future communications or services.

The information we collect about you or your computer will be used to operate our website and to provide customer support, respond to your requests, or process any transactions you have authorized. It may also be used to verify your identity, send you information or contact you in relation to an erwin product or service that you are using or that we believe may be of interest to you.

Data Retention

erwin will retain your personal data on our systems only for as long as it is strictly necessary for the purposes for which such data was originally collected (or for such longer period as may be required by law). For example, we will retain customer information for as long as the account is active or as needed to provide services. We will retain and use information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

Data Sharing

In certain instances, we may make your information available to third parties with whom we have a relationship when those third parties provide services on our behalf. We will only provide third parties with information that is necessary for them to perform the contracted services, and we take measures to protect your information. For example:

Service Providers

erwin may share data about customers and website visitors with our contracted service providers so they can provide services on our behalf. These service providers are authorized to use personal information only as necessary to provide the requested services to us.

Technology and Business Partners

erwin is free to partner with other companies to jointly offer products or services, such as APIs. If you specifically consent to receive information about jointly-offered products or services from or through erwin, we may share data about customers or website visitors with our technology partners in connection with your expression of interest. We may also disclose information to our business partners for marketing and other purposes that we believe may be beneficial to you.

erwin does not sell customer or other data to list brokers or other third parties.

International Transfer of Collected Data

erwin is a global company. Accordingly, the information we collect may be used, stored and processed in the United States or in any other country in which erwin does business. By providing information via the website, you are consenting to the transfer of the information outside of your country to any country (including countries which may not have adequate levels of protection). Your information collected may be stored and processed in the United States, Europe or any other country in which erwin or its subsidiaries, affiliates or service providers maintain facilities.

If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please be aware that the majority of data collected is housed in the United States, via the use of service providers and is transferred outside of the European Economic Area (EEA). By agreeing to this document your explicit consent has been given to do so as such transfer may be necessary for the performance of this contract or pre-contractual steps between yourself and erwin, undertaken at your request. erwin has ensured that all adequate protections are in place in respect of the processing of such data outside of the EEA.

erwin may disclose information it has collected about you on the website if required to do so by law or when necessary to protect the rights of erwin or its employees.

Data Security

erwin’s intent is to strictly protect the security of your personal information; honor your choice for its intended use; and carefully protect your data from loss, misuse, unauthorized access or disclosure, alteration or destruction. We have taken appropriate steps to safeguard and secure information we collect online, including the use of encryption when collecting or transferring sensitive data such as credit card information.

However, you should always take into consideration that the internet is an open forum and that data may flow across networks with little or no security measures, and therefore such information may be accessed by people other than those you intended to access it.

erwin will use industry-standard methods in protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to erwin or guarantee that your information on the erwin Service may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. When you enter sensitive information (such as login credentials) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). No method of transmission over the internet or method of electronic storage, is 100 percent secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our site, you can contact us at privacy@erwin.com. We use an outside help platform and a credit card processing company to bill you if you purchase services. These companies do not retain, share, store or use personally identifiable information for any other purposes.

If personal information is compromised in a breach of security, erwin will promptly notify our contacts in compliance with applicable law.

These rules describe how and where data should be safely stored. No data is stored on paper.

These guidelines also apply to data that is usually stored electronically but has been printed out for some reason:

  • When not required, the paper or files are to be kept in a locked drawer or filing cabinet, in conjunction with erwin’s clean desk policy.
  • Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer.
  • Data Classification must be prominently shown on any printouts.
  • Data printouts should be shredded and disposed of securely when no longer required.

When data is stored electronically, it must be protected from unauthorized access, accidental deletion and malicious hacking attempts:

  • Data should be protected by strong passwords that are changed regularly and never shared between employees.
  • Data should only be stored on designated systems and should only be uploaded to an approved SaaS service.
  • Servers containing personal data should be sited in a secure location, away from general office space.
  • Data should be backed up frequently. Those backups should be tested regularly, in line with the company’s standard backup procedures.
  • Data should never be saved directly to laptops or other mobile devices like tablets or smart phones. The use of OneDrive and Office 365 is for this purpose. Applications chosen all have a sufficient business continuity plan.
  • All applications containing data are protected by approved security anti-virus, encryption in transit, at rest and a firewall.

Children’s Privacy

Protecting the privacy of young children is especially important. For that reason, erwin does not knowingly collect or solicit personal information from anyone under the age of 13. In the event that we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at privacy@erwin.com.

Access Requests and Updating and/or Amending Data

Individuals whose personal data is held by erwin are entitled to know what information the company holds and why, how to gain access to it, and be informed about how to correct it if inaccurate or out of date. If an individual contacts the company requesting this information, this is called a subject access request. The data controller will always verify the identity of anyone making a subject access request before handing over any information.

For current erwin customers, you can review, correct, update or delete inaccuracies to the information about you that erwin keeps on file by logging into your account to update your password and billing information. If you do not have an account, please contact privacy@erwin.com with any information you wish to review, correct, update or delete.

Alternately for data subjects tracked by erwin and for former erwin customers, you can contact us directly at privacy@erwin.com. We will acknowledge your request within seventy-two (72) hours and handle it promptly as required by law.

Google Analytics, Cookies and Web Beacons

erwin uses Google Analytics to gather non-personal information about our website visitors. We also use third-party advertising companies to serve ads on our behalf across the internet. These third-party companies use cookie and web beacon (also referred to as 1×1 pixel.gifs or action tags) technology to measure and improve the effectiveness of ads for their clients. Cookies are also used to help us track usage patterns to improve or manage our site, to ensure the integrity of the registration process, and to help provide personalized service and deliver content specific to your interests.

A “cookie” is a small amount of data transferred to your browser and read by the Web server that placed it there. It works as a sort of identification card, recording your preferences and previously entered information. By using cookies, the information you previously provided can be retrieved on your next visit to the website so that your navigation time is reduced and your use of the website is simplified. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie. Web beacons may be used to deliver the cookie and to compile statistics about our website, such as how many people visited a particular page or clicked on certain links.

While your particular use of the site will not be revealed and no personally identifying information will be collected, this anonymous information may be used for online preference marketing purposes, and erwin’s third-party advertising companies may use the information about your visit to the website(s) to provide ads about goods and services of interest to you. This information can include date/time of banner ad shown, related cookie, and the first three octets of the IP address. erwin may share aggregated statistics about the use of the website with third parties.

If you wish to reject the cookies on our website, you will need to turn off cookies in your browser. You can find information on how to reject cookies in different browsers at http://aboutcookies.org. Please note that rejecting cookies may result in lost features and functionality of this website or other websites you visit.

erwin and our partners may use information about your visit to this and other websites. The information could include pages you visit, the items you view or place in your shopping cart, or your responses to our ads and emails. This information allows us to make the erwin ads you see more relevant to you. This is referred to as interest-based advertising. For example, if you recently looked at erwin DG software online, you may be more likely to see an advertisement regarding solutions to data privacy laws as developed by erwin. For this purpose, erwin has selected Google Display Network Ad Retargeting.

To enable you to opt out of interest-based advertising delivered by partners working with erwin, or to customize your experience on erwin websites, please visit https://support.google.com/adsense/troubleshooter/1631343 to opt out. If you opt out, you may still see erwin ads on erwin websites and other websites, but those ads will not be customized to you by erwin or our partner(s).

Please note that if you clear your cookies, or if you use a different browser or device, you may need to reset your opt-out selections.

You may learn more about interest-based advertising by visiting these links:

If you wish to update or remove your email or other contact preferences for marketing communications that erwin sends you, please click the unsubscribe link at the bottom of such emails.

Public Forums

Portions of this website make chat rooms, forums, blogs, message boards, and/or news groups available to visitors. Please remember that any information that is disclosed in these areas becomes public information and exercise caution when deciding to disclose any personal information.

Links to Other Websites

This website contains links to other websites. erwin is not responsible for the privacy practices or the content of such websites. Furthermore, our site includes social media features, such as the Facebook Like button and other widgets. These features may collect your IP address and which page you are visiting on our site and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. Your interactions with these features are governed by the privacy policy of the organization providing it.

Removal

If, at any time, you would like us to remove you from our database, please email privacy@erwin.com.

Questions About Our Data Protection and Privacy Policy

If you have any questions or comments about our privacy notice or practices, please contact us via email at privacy@erwin.com with the words “PRIVACY POLICY” in the subject line.

erwin may modify or update this privacy notice at any time without prior notice. You can check the “Last updated” date below to see when the notice was last changed. We encourage you to check this notice often, so you can continue to be aware of how we are protecting your personal information. Your continued use of the website constitutes your consent to the contents of this data protection and privacy policy, as it may be modified from time to time.

Last updated: May 18, 2018