PRIVACY POLICY
Data Protection Declaration for the processing of personal data in the European Economic Area
Effective Date: July 2024
Name and address of controller
The controller (also referred to as "Maxon"; "we", "us" or "our") in accordance with the General Data Protection Regulation (GDPR) and other national data protection regulations of European Union Member States as well as other data protection regulations is:
Maxon Computer GmbH
Basler Str. 5
61352 Bad Homburg vor der Höhe, Germany
With respect to certain processing activities, we jointly determine the purposes and means of processing together with other companies, i.e., as so-called joint controllers:
- With respect to the transfer of personal data within the company group or to partner companies, Maxon and Recipients are joint controllers as further detailed in the section on “Transfer of personal data to other external recipients (third parties)” below.
- With respect to Facebook Custom Audience, Maxon and Meta Platforms Ireland Limited are joint controllers as further detailed in the section on "Facebook Custom Audience" below.
- In the context of email marketing towards event and raffle participants, Maxon and the relevant event organizers/raffle co-operation partners are joint controllers as further detailed in the section on "Other advertising" within the "By email" subsection below.
You may contact the controller at [email protected] with respect to questions about this Data Protection Declaration, the processing of your personal data in general and to exercise your rights towards the controller as outlined in the section on the rights of data subjects below.
Name and address of data protection officer
The data protection officer of the controller is:
FPS Consult GmbH
Eschersheimer Landstraße 27
60322 Frankfurt am Main, Germany
Phone: +49 69 90550530
E-Mail: [email protected]
General Data Processing
Scope of processing of personal data
We process personal data that we receive in the course of your visit to our Website, if you contact us or use our services.
Legal basis for the processing of personal data
When processing personal data, we rely on the following legal bases:
- the performance of a contract to which the affected person (the "data subject") is a party, Art. 6 para. 1 sentence 1 lit. b GDPR (this also applies to processing operations that are necessary for the implementation of pre-contractual measures)
- legitimate interests of our company or a third party, Art. 6 para. 1 sentence 1 lit. f GDPR, provided that the interests, fundamental rights and freedoms of the data subject do not override the former mentioned interests
- fulfillment of legal obligations to which our company is subject, Art. 6 para. 1 sentence 1 lit. c GDPR
- consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR
The purposes for which we process personal data, relevant legal bases and specific legitimate interests (where legitimate interests are the basis for processing) are stated further below.
Data processing by processors
- In some cases, we use external service providers to process personal data (e.g., service providers for customer management, service providers for invoice management, IT service providers). These have been carefully selected by us and commissioned in accordance with data protection requirements, are bound by our instructions and are regularly monitored.
Transfer of personal data to other external recipients (third parties)
Various external recipients, which are not engaged as processors as outlined in the section above "Data processing by processors", may receive your personal data. Such external recipients are also called third parties. A data transfer to these external recipients may take place for the performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR), if a corresponding consent has been given (Art. 6 para. 1 sentence 1 lit. b , Art. 7 GDPR), based on our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) or if it is required by law (Art. 6 para. 1 sentence 1 lit. c GDPR).
Recipients within the company group
NEMETSCHEK SE - Konrad-Zuse-Platz 1 - 81829 Munich - Germany
Maxon Computer Inc. - 515 Marin St., Ste 322, Thousand Oaks, CA 91360 - USA
Maxon Computer Ltd. - 114 High Street, Cranfield - Bedfordshire, MK43 0DG - United Kingdom
Maxon Computer Canada Inc. - 434, rue St.-Pierre, bureau 400, Montréal, Québec, H2Y 2M5 - Canada
Maxon Computer KK - Hiroo 5-22-3, Hiroo Nishikawa Bldg. 2F - 150-0012 Shibuya-ku, Tokyo – Japan
Maxon may transfer personal data within the company group for the processing purposes listed in the section "Specific purposes of processing (including legal bases and legitimate interest)".
Legal basis for the processing of personal data in this context is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR), insofar as we have obtained consent for such processing, the performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR), insofar as the processing is related to a contract with the person whose data is transferred, or our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in transferring the data within the company group for internal administrative purposes.
Transfer of personal data to partner companies (resellers/distributors)
- For contractual purposes
A transfer of your personal data to third parties may be necessary for the provision of the service. Your personal data will then be transferred to the authorized distributor or reseller who is responsible for your geographic region and for the provision of services. According to your language selection on the website, your personal data will be forwarded to one of these distributors or resellers.
The legal basis for the transfer of your personal data in this case is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR).
- For advertising purposes
Your personal data will only be transferred to third parties for advertising purposes with your express consent. Your personal data will then be transferred to the authorized distributor or reseller who is responsible for your geographic region. This distributor will then send you general information in connection with Maxon products via email. According to your language selection on the website, your personal data will be forwarded to one of these distributors or resellers.
The legal basis for the forwarding of your personal data for advertising purposes is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
You can withdraw your consent to the forwarding of your personal data for advertising purposes at any time with effect for the future. An informal communication, e.g., by email, is sufficient for the withdrawal of consent. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal (see also "Rights of data subjects").
Other external third party recipients
- We may transfer personal data to third parties (e.g. authorities, courts, lawyers, auditors, external agencies to combat piracy) where necessary to safeguard our rights or comply with legal obligations to which we are subject.
The legal basis for the forwarding of your personal data for the purpose of safeguarding our rights is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in establishing, exercising and defending legal claims. The legal basis for the forwarding of your personal data for the purpose of complying with legal obligations to which we are subject is compliance with the respective legal obligations (Art. 6 para. 1 sentence 1 lit. c GDPR).
Transfer to third countries
A transfer of personal data to countries outside the European Economic Area (EEA) only takes place if the requirements of Art. 44 et seq. GDPR are met. A third country is a country outside the European Economic Area (EEA) in which the GDPR is not directly applicable.
We transfer your personal data to the USA or other third countries only if either
- An adequacy decision has been adopted by the EU Commission with respect to the relevant third country (Art. 45 para. 1 GDPR), which particularly is the case for Canada (regarding commercial organizations), Japan and the United Kingdom;
- sufficient guarantees are provided by the recipient in accordance with Art. 46 GDPR for the protection of the personal data – for example, the conclusion of standard contractual clauses between us and the recipient with appropriate additional security measures (Art. 46 para. 2 lit. c GDPR) or binding internal data protection rules approved by the competent data protection authorities (Art. 46 para. 2 lit. b GDPR); in this way, the recipient assures us that it will provide sufficient protection for the data and thus ensure a level of protection comparable to the GDPR; or
- one of the exceptions listed in Art. 49 GDPR applies – for example, your explicit consent (Art. 49 para. 1 lit. a GDPR) or if the transfer is necessary for the fulfillment of contractual obligations between you and us (Art. 49 para. 1 lit. b GDPR).
The EU Commission has not issued an adequacy decision for the USA pursuant to Art. 45 para. 1 GDPR. According to the European Court of Justice in its judgment of 17 July 2020 (Case C-311/18, "Schrems II"), there is no level of data protection in the USA that would be comparable to that in the EU. When personal data is transferred to the U.S., there is a risk that U.S. authorities may gain access to the personal data on the basis of the PRISM and UPSTREAM surveillance programs based on Section 702 of FISA (Foreign Intelligence Surveillance Act) and on the basis of Executive Order 12333 or Presidential Police Directive 28. According to the European Court of Justice, EU citizens have no effective legal protection against such access in the USA or the EU. Due to this, we intend – where necessary – to agree on additional security measures with relevant recipients to ensure an adequate level of data protection.
If you would like to receive further information on international transfers of personal data or a copy of the relevant guarantees (Art. 46 GDPR) referenced above, please contact us at [email protected].
Specific purposes of processing (including legal bases and legitimate interests)
Functions of the website
If the user visits or uses our website purely for informational purposes, i.e., if they do not register or otherwise transmit information to us, we only collect the personal data that the user's browser or device transmits to our server. If the user wishes to view our website, we collect the following data, that is technically necessary for us to display our website to the user and to ensure stability and security:
- IP address,
- Date, time and duration of the visit,
- Content of the request (specific page),
- Access status/http status code,
- Website from which the request comes,
- Browser,
- Operating system.
The legal basis for the processing of personal data for the use of our website are our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) in making the website available in order to present and develop our business and in resolving disruptions regarding our website and ensuring the security of the website and our systems.
The processing of personal data is technically necessary for us to display our website to the user and to ensure stability and security.
Registration on our website
On our website, we offer users the opportunity to register by providing personal data. The data is entered and transmitted to us and stored. Mandatory data for registration on our website are the user's first and last name, the user's email address and the country in which the user is located.
a. At the time of registration, the following personal data is processed:
- First and last name,
- Email address,
- Country in which user is located,
- (optional) Phone number,
- (optional) Language.
Various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information on this can be found under "Data processing by Processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data for registration on our website is performance of a contract, including implementation of pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR).
The registration of the user is necessary for the provision of certain content and services and for the implementation of pre-contractual measures and the fulfillment of contracts. The user must register for a MyMaxon account in order to download the trial version of Cinema 4D. Likewise, the user must register for a MyMaxon account in order to be able to purchase licenses of our products. These are then available for the user to download in their user account.
The personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected (or otherwise processed) and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims. This is generally the case for the personal data collected during the registration process when the registration on our website is cancelled or modified.
b. The personal data collected during the registration process for a MyMaxon account will in individual cases be linked to personal data collected in other systems. Detailed information on the linking of personal data can be found further down in this data protection declaration for the respective system.
Downloading and activating a trial version
Users can download and activate a trial version of our products on our website. To do so, the user must register on our website.
In addition to the data processed during registration on our website, the following personal data is processed:
- System/Machine ID.
Various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information on this can be found under "Data processing by Processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data for registration on our website is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR). Exceptionally, to the extent personal data of persons, who are not our contractual partners, will be processed in this context (e.g. contact persons at business customers), the legal basis is our and our contractual partner's legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in efficiently and productively carrying out the contract between us and the contractual partner.
The processing of personal data in the context of downloading and activating the trial version serves to ensure that a person downloads the respective trial version of a program version only once.
The personal data is deleted as soon as it is no longer required to achieve the purpose for which it was collected (or otherwise processed) and there are no legal – in particular trade and tax law – obligations to retain it and they are not required for the establishment, exercise or defense of legal claims.
In order to activate the trial version, users must consent to receiving advertising and to the forwarding of their data to authorized distributors or resellers responsible for them geographically.
Further information on data processing in connection with the granting of advertising consent by the user can be found under "Other advertising". Further information on the transfer of data to distributors/resellers can be found under "Transfer of personal data to external recipients".
Purchase of licenses online
Users can purchase licenses of our products online. The prerequisite for this is registration on our website.
Note: The purchase itself as well as the payment will be processed accordingly by the external service providers Digital River Ireland Limited, with offices at Unit 153, Shannon Free Zone, Shannon, Co. Clare, Ireland or Digital River, Inc., with offices at 10380 Bren Road West, Minnetonka, MN 55343, USA or Digital River Japan KK, with offices at 160-0023 東京都 Tokyo, Shinjuku Mitsui Building #2, 3-2-11, Nishi-Shinjuku, depending on the country in which the customer is located; customers from the US and South America are processed by Digital River, Inc., customers from Japan are processed by Digital River Japan KK, Customers from the rest of world are processed by Digital River Ireland Limited. The latter will also be the contractual partner. Digital River Ireland Limited respectively Digital River, Inc. respectively Digital River Japan KK are each a separate controller with respect to processing of your personal data in the context of the purchase.
In addition to the data processed during registration on our website, the following personal data is processed:
- First and last name of the customer,
- Address.
With respect to purchases on http://pixologic.com/, the following personal data may additionally be processed:
- Billing address,
- Credit card information (however, after a transaction, the financial information (credit cards, CVC, etc.) will not be stored on our servers).
When requesting support with respect to our products, the following personal data may additionally be processed:
- Software details,
- Hardware details,
- Company name.
Various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information on this can be found under "Data processing by processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data in the context of the purchase of licenses of our products and support related thereto is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR). Exceptionally, to the extent personal data of persons, who are not our contractual partners, will be processed in this context (e.g. contact persons at business customers), the legal basis is our and our contractual partner's legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in efficiently and productively carrying out the contract between us and the contractual partner.
The processing of personal data during the purchase of licenses of our products via our website serves the execution of the purchase and License Agreement as well as the provision of the software for download. We also process your personal data to contact you about support issues or to inform you about the expiration of your temporary licenses.
The personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected (or otherwise processed) and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims.
Purchase of licenses via telephone/email
It is also possible to purchase licenses for our products directly from us by email or telephone.
In doing so, the following personal data will be processed:
- First and last name of the purchaser,
- Company, if applicable,
- Address,
- Email address.
The provision of further data, e.g., telephone and fax number, is voluntary.
Various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information on this can be found under "Data processing by processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data in the context of the direct purchase of licenses for our products is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR). Exceptionally, to the extent personal data of persons, who are not our contractual partners, will be processed in this context (e.g. contact persons at business customers), the legal basis is our and our contractual partner's legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in efficiently and productively carrying out the contract between us and the contractual partner.
The processing of personal data in the context of a direct purchase serves the fulfillment of pre-contractual (informational) obligations, the processing and execution of the order, invoicing and payment processing as well as the provision of the software for download. We also process your personal data to contact you about support issues or to inform you about the expiration of your temporary licenses.
The personal data is deleted as soon as it is no longer required for the purpose for which it was collected and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims.
Contact via contact form or email
Users can contact us via the contact form or via the email address provided.
In doing so, the following personal data is processed:
- Contact data, in particular email address,
- Other personal data provided by the user himself,
- Time of form submission.
Various external recipients within the company group may receive your personal data. Further information on this can be found under "Data processing by processors" and "Transmission of personal data to external recipients".
The legal basis for the processing of personal data in this context is performance of a contract if the contact purpose is the conclusion of or otherwise related to a contract with the person contacting us (Art. 6 para. 1 sentence 1 lit. b GDPR). Otherwise, the legal basis for the processing of personal data in this context generally is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in contacting you due to your enquiry.
The personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected and there are no legal – in particular trade and tax – retention obligations and they are not required for the establishment, exercise or defense of legal claims.
Contact due to important changes to our services (including our websites)
We may contact you to alert you regarding important changes to our services (including our websites), for example due to substantial changes to this data protection declaration or changes to our terms and conditions.
In doing so, the following personal data is processed:
- Contact data, in particular email address
Various external recipients within the company group may receive your personal data. Further information on this can be found under "Data processing by processors" and "Transmission of personal data to external recipients".
The legal basis for the processing of personal data in this context is performance of a contract if the contact purpose is related to a contract with you (Art. 6 para. 1 sentence 1 lit. b GDPR). Otherwise, the legal basis for the processing of personal data in this context generally is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in informing you about important changes to our services.
Educational license for students and teachers
Students and teachers can download and activate the license of our products for educational purposes from our website at the discounted price indicated on the website. This requires registration on our website..
Note: Verification of whether the interested party meets the requirements as a student or teacher is handled by the external service provider SheerID, Inc., 1300 SW Fifth Avenue, Suite 2100, Portland, Oregon 97201 USA (“SheerID”) with its sub-processors including but not limited to Onfido Ltd, 14-18 Finsbury Square, 3rd Floor, London EC2A 1AH. United Kingdom (“Onfido”). SheerID and its processors are responsible for processing your personal data as part of the verification process.
In addition to the data processed during registration on our website, the following personal data is processed:
- System/Machine ID.
- Verification documents related to your student or teacher status (e.g., university/college enrolment papers of students, academic institution ID card of teachers).
- Biometrics data (e.g., government ID, passport and facial scanning that enables to verify you as a student or a teacher).
SheerID and its processors shall be responsible for processing the biometrics data and verification documents listed above. The company will not receive any sensitive personal data collected and processed by SheerID nor its processors.
Various external recipients within the company group may receive your personal data. Further information on this can be found under "Data processing by processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data for downloading and activating the license for educational purposes and support related thereto is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR) and legitimate interest of the company in order to verify student or teacher status accurately (Art. 6 para. 1 sentence 1 lit. f GDPR).
The processing of personal data when purchasing licenses of our products via our website serves to execute the purchase and License Agreement and to make the software available for download. We also process your personal data to contact you about support issues.
The personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected and there are no legal – in particular trade and tax – retention obligations and they are not required for the establishment, exercise or defense of legal claims. Verification documents collected and processed by SheerID shall be deleted after 7 days after the completion of the verification process. Biometrics data collected and processed by SheerID’s sub-processor Onfido shall be deleted after 48 hours after completion of the verification process.
Please find more information in SheerID’s and Ondifo’s processes in their Privacy Policies by clicking the following links:
SheerID: https://www.sheerid.com/global-privacy-policy/
Onfido: https://onfido.com/privacy/
Data collection within the scope of the software – technical protection functions
The prerequisite for using the software is registration on our website.
The software contains technical protection functions against piracy, unauthorized use and for the protection of our intellectual and industrial property rights and economic interest. This prevents the user from using the software in a way that violates the License Agreement.
a. The following personal data is processed as part of the technical protection functions:
- IP address,
- Computer ID,
- Data related to use of the software,
- Eligibility data,
- Transaction data,
- Technical data.
We use technical protection functions to ensure the fulfillment of the License Agreement and to combat piracy and to protect the Software from unauthorized use.
In the event that the software is used in a manner that violates the License Agreement, your data will be disclosed to third parties. In the event that the violation has taken place outside the European Union, the personal data may also be transferred to this third country.
The legal basis for the use of personal data within the scope of technical protective functions as well as for any possible forwarding of this personal information to a third party is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in ensuring that our software is used in accordance with the relevant License Agreement.
The processing of your data serves the purpose of being able to trace unauthorized use of the software as well as license infringements so Maxon can in such cases prevent such unauthorized use and take measures against license infringement. The forwarding of your data to third parties serves the purpose of pursuing unauthorized use of the software or license infringement in other countries, for example.
Your data will be deleted as soon as the purpose for which they were saved has been achieved and they are no longer needed and no legal obligations for retention – in particular with regard to trade or tax law retention provisions – exist and the data are not required for the establishment, exercise or defense of legal claims. In accordance with this, your data will be saved at least as long as Maxon can pursue the unauthorized use of the software or license infringement.
b. The personal data collected within the scope of the technical protection functions, in particular the computer ID, can be linked with personal data that was collected within the scope of registration for a MyMaxon account. Conclusions can therefore be made regarding an individual that has or is using the software in a manner contrary to the License Agreement.
In the event that the software was or is being used in a manner contrary to the License Agreement the combined personal data will also be forwarded to third parties. In the event that the infringement took place outside of the European Union, the combined personal data will also be forwarded to this third country.
The legal basis for the lining of personal data collected within the scope of the technical protection functions with the personal data collected within the scope of registration for a MyMaxon account as well as the forwarding of this information to third parties is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in ensuring that our software is used in accordance with the relevant License Agreement and identifying who is violating said agreement.
The linking of personal data serves the purpose of identifying and contacting persons who use the software in a manner contrary to the License Agreement. This serves to ensure the authorized use of the software and protect against violations.
Forwarding the combined personal data servers, the purpose of supporting Maxon’s pursuit of unauthorized use of the software or breaches of the License Agreement in foreign countries, for example.
The link between personal data will be removed as soon as the purpose for which it was linked no longer exists and no legal obligations for maintaining this link remain and the linked data is not required for the establishment, exercise or defense of legal claims.
Moves by Maxon
Users can download the app "Moves by Maxon" via various app stores. The prerequisite for using this app is registration on our website. Further information on the registration on our website can be found under "Registration on our website".
Via "Moves by Maxon" users can capture their facial expressions ("Captured Data") and store the Captured Data on their devices for the purpose of creating face animation with different poses in a Cinema 4D desktop application. Unless users themselves transfer the Captured Data to other devices/applications, the Captured Data stays on the user's device and is visible as well as accessible only from the Files folder in the iOS device, specifically inside the Moves folder. In any case, Maxon does not store, use or share the Captured Data with any third party. The legal basis for the processing of Captured Data a is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR). The Captured Data can be deleted by the user at any time either within the app or via the Files folder on the iOs device.
In order to activate "Moves by Maxon", users must consent to receiving advertising and to the forwarding of their registration data (name, email address, country in which the person is located, proof of opt-in to authorized distributors or resellers that are geographically responsible for them. The legal basis for advertising and forwarding registration data to authorized distributors or resellers is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR). The personal data is deleted as soon as it is no longer required to achieve the purpose for which it was collected respectively when the e-mail recipient withdraws consent (and where there is no other legal ground for processing than consent) and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims. Further information on data processing in connection with the granting of advertising consent by the user can be found under "Other advertising". Further information on data transfer to distributors/resellers can be found under "Transfer of personal data to external recipients".
Other advertising
By email
General Non-Personalized Marketing
With their consent, users receive information about Maxon software products and Maxon product news, service offers and general topics about the Cinema 4D Community by email.
In this context, we process the following personal data:
- First and last name,
- Email address,
- Country in which the person is located,
- Proof of opt-in.
Various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information on this can be found under "Data processing by processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data for email advertising is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
The personal data is processed in order to deliver emails, to address the user personally and in their respective national language, and to prevent misuse of the services or the email address used.
The personal data is deleted as soon as it is no longer required to achieve the purpose for which it was collected respectively when the e-mail recipient withdraws consent (and where there is no other legal ground for processing than consent) and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims.
You can withdraw your consent to receive emails at any time with effect for the future. For the withdrawal, an informal message, e.g. by email, or using the "unsubscribe" link in emails is sufficient. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal (see also "Rights of data subjects").
Personalized Product Support Marketing Communication
Based on their consent to personalized marketing communications in support of product, users will receive personalized information by email based on personal interests. Information based on personal interests means that, with your consent, we will evaluate which Maxon products you are interested in and provide you with personalized information on this basis. In order to determine your usage behavior, we use various service providers. These allow us to determine which product features you have used and which product features and other Maxon services and products may also be of interest to you so that we can send you email communications about (1) additional product features and (2) other Maxon services and products.
In this context, we process the following personal data:
- First and last name,
- Email address,
- Country in which the person is located,
- Proof of opt-in,
- Identifier ID,
- Data related to use of the software (product name and trial start date).
In the context of personalized product support marketing communication, various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information can be found under “Data processing by Processors” and “Transfer of personal data to external recipients”.
The legal basis for the processing of personal data for email advertising is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
The personal data is processed in order to deliver emails, to address the user personally and in their respective national language, and to analyze product features the user has used in order to send the user email communications about (1) additional product features and (2) other Maxon services and products.
You can withdraw your consent to receive emails at any time with effect for the future. For the withdrawal, changing the communication preferences in the MyMaxon email communication preferences of the user’s Maxon account, an informal message, e.g. by email to [email protected] or using the "Unsubscribe" link in emails is sufficient. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal (see also "Rights of data subjects").
The personal data is deleted as soon as it is no longer required to achieve the purpose for which it was collected respectively when the e-mail recipient withdraws consent (and where there is no other legal ground for processing than consent) and there are no legal - in particular trade and tax law - retention obligations and they are not required for the establishment, exercise or defense of legal claims. Personal data on the behavior of the user will hence be deleted after the user has withdrawn his or her consent to personalized marketing communications in support of product. Even without withdrawal of consent, the data will be deleted at the latest when it is no longer required for the purposes of the marketing measures.
Email Marketing Towards Event and Raffle Participants
General information:
Participants of events where we were represented may receive marketing communication via email based on their consent. Such consent might have been obtained by event organizers on our behalf.
Participants of raffles in which we co-operated may receive marketing communication via email based on their consent. Such consent might have been obtained by raffle co-operation partners on our behalf.
In this context, we receive the following personal data from such event organizers or raffle co-operation partners and subsequently process them for the purpose of sending marketing communication via email:
- First and last name,
- Email address,
- company the event participant works for / represents and position,
- country.
Various external recipients may receive your personal data. Further information on this can be found under "Data processing by processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data for email advertising is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
The personal data is processed in order to deliver emails, to address the user personally and in their respective national language, and to prevent misuse of the services or the email address used.
The personal data is deleted as soon as it is no longer required to achieve the purpose for which it was collected respectively when the email recipient withdraws consent (and where there is no other legal ground for processing than consent) and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims.
You can withdraw your consent to receive marketing emails at any time with effect for the future. For the withdrawal, please send an email to [email protected], or use the "unsubscribe" link in marketing emails. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal (see also "Rights of data subjects").
Joint control in the context of email marketing towards event and raffle participants:
We and the event organizers or raffle co-operation partners who collect your personal data and obtain your consent to email marketing activities by us (each also referred to as "Joint Controller") jointly process the personal data identified in the "General information" sub-section above ("Joint Data") in respect of the collection by such organizers or co-operation partners and subsequent sharing of the data with us for the purpose of enabling us to carry out email marketing activities (i.e., as joint controllers). For any other processing activities we and the event organizers or co-operation partners remain separate controllers.
The legal basis for the collection and sharing of this personal data is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
You have the rights described in the "Rights of data subjects" section of this Privacy Policy. Please contact [email protected] if you would like to exercise your rights towards us or one of the other Joint Controllers. Alternatively you can also contact the other Joint Controllers.
The Joint Controller have determined their responsibilities for compliance with the obligations under GDPR by means of an arrangement between them ("JC Arrangement").
Under the JC Arrangement, the Joint Controller other than Maxon are, in particular, responsible for:
making available information on the processing of personal data in the context of collection and sharing of personal data with Maxon for the purpose of enabling Maxon to carry out email marketing activities;
handling and fulfilling requests related to rights described in the "Rights of data subjects" section of this Privacy Policy.
Under the JC Agreement, every Joint Controller, in particular, is responsible for:
making available information of the essence of the JC Arrangement to affected data subjects;
ensure that they comply with all legal retention and deletion requirements in respect of to the Joint Data they hold;
determining appropriate security measures to protect personal data as well as documenting, reviewing and updating these measures as necessary in respect of the Joint Data they hold;
notifying the competent data protection authority and affected individuals about data breaches where required under GDPR in respect of Joint Data which is affected by a personal data breach and which they hold;
designating a contact person for data protection queries.
If you have any questions about the processing of your personal data under joint control or would like to receive information about the other Joint Controllers processing your personal data, please contact us at [email protected].
By telephone
With their consent, private users receive information about Maxon Software products and Maxon product news, service offers and general topics related to the Cinema 4D Community by telephone.
We also contact commercial customers by telephone for information about Maxon software products and Maxon product news, service offers and general topics around the Cinema 4D Community.
In this context, we process the following personal data:
- First and last name,
- Telephone number,
- Country in which the person is located,
- Proof of opt-in, if applicable.
Various external recipients may receive your personal data. These may be recipients within the company group and/or certified partner companies. Further information can be found under "Data processing by processors" and "Transfer of personal data to external recipients".
The legal basis for the processing of personal data for telephone advertising is consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
The legal basis for the processing of personal data for telephone advertising for commercial users is alternatively our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in advertising our products and services.
The personal data is then processed in order to contact the user by telephone as well as to address them personally and in their national language. In this case, we consider the processing of personal data for the purpose of direct marketing to commercial users as processing serving our legitimate interest, Art. 6 para. 1 sentence 1 lit. f GDPR.
The personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected respectively – where relevant – when consent is withdrawn (and if there is no other legal ground for processing than consent) and there are no legal – in particular trade and tax law – retention obligations and they are not required for the establishment, exercise or defense of legal claims.
Users can withdraw their consent to telephone advertising at any time with effect for the future. An informal communication, e.g. by email, is sufficient for the withdrawal. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal (see also "Rights of data subjects").
Commercial users may at any time object to the processing of their personal data for telephone advertising based on our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR). We will then no longer process the relevant personal data for conducting telephone advertising.
Webinars
Maxon offers (simulated) live webinars via external service providers who were carefully selected by Maxon and were commissioned in compliance with data protection requirements.
Participants of these webinars must register on the respective websites of these external service providers.
Note: In order to participate in a webinar, you must register on the website of the respective external service provider. The external service provider is separate controller with respect to the processing of personal data within the scope of this registration.
The following personal data will be collected for the participation in our webinars:
- First and last name,
- Email address.
Furthermore, inter alia information about when the participation took place, how long participation lasted as well as if and which questions were asked in the chat will be processed. Tracking will also take place to determine if the webinar window was active or in the background.
The personal data that is gathered by the external service provider during the webinar will not be forwarded by us to a third party.
Legal basis for the processing of personal data within the scope of participation in a webinar by us is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR) and our legitimate interest (Art. 6 (1) (f) GDPR) in understanding how people participate in our webinars.
In the event that the seat of the external service provider lies outside of the European Union your personal data might also be processed accordingly in that respective country. In order to ensure an adequate level of data protection, a job processing contract and the standard EU clauses were concluded.
At the end of the webinar, the webinar participant might be given the opportunity to complete a survey. Additional information, inter alia opinions about the webinar and improvement suggestions as well as information about whether or not the webinar participant is a Cinema 4D user and the version with which they work and information about their profession and field of work of the webinar participant will be requested. The processing of personal data serves the purpose of evaluating and processing webinars. Legal basis for the processing of personal data within the scope of a survey is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in obtaining and understanding feedback provided by participants in order to improve our webinars or consent (Art. 6 para. 1 sentence 1 lit. a GDPR) where consent has been obtained in this context. The consent for participating in a survey after the conclusion of a webinar can be withdrawn by the participant at any time with effect for the future. For the withdrawal a simple message, e.g., via email is sufficient. The withdrawal of consent will not affect the lawfulness of processing of personal data prior to the revocation.
Surveys and Following Interviews
From time-to-time Maxon may conduct surveys to measure and analyze user interest in products, services, content, or technical support. The processing of personal data serves the purpose of continuously improving products, tools, processes, and services. Legal basis for the processing of personal data within the scope of a survey is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in obtaining and understanding feedback provided by participants in order to tailor our products, tools, processes and services to participants’ wishes and requirements or consent (Art. 6 para. 1 sentence 1 lit. a GDPR) where consent has been obtained in this context.
Surveys are carried out anonymously unless indicated otherwise. Participation in all Maxon surveys is voluntary. Participants can choose not to provide any data by not taking part.
The following personal data may be collected for the participation in our surveys (unless it is carried out anonymously):
- First and last name,
- Email address,
- The company at which the person is working (in some cases),
- Responses given during participation in the survey
The surveys will be held on the website of different external service providers. The personal data that is gathered by the external service provider as a result of a survey will generally not be forwarded by us to a third party. As an exception, such data may be shared within the Maxon entities where this is necessary to pursue the purposes of surveys listed above.
Following the surveys, participants may be asked to participate in an interview. The processing of personal data serves the purpose of further improving products, tools, processes, and services. Legal basis for the processing of personal data within the scope of a survey is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in obtaining and understanding feedback provided by participants in order to tailor our products, tools, processes and services to participants’ wishes and requirements or consent (Art. 6 para. 1 sentence 1 lit. a GDPR) where consent has been obtained in this context.
These interviews are entirely on a voluntary basis. Participants can choose not to provide any data by not taking part.
Interviews will be held via MS Teams as a video call.
The following personal data will be collected for the participation in our interviews following the surveys:
- In addition to the data collected during the above-mentioned survey process, inter alia information about when the interview participation took place, how long the interview lasted as well as if and which questions were asked in the interview and responses thereto will be processed.
- Videocall recording (The videocall will not be recorded unless the participant gives consent.)
The personal data that is gathered during the interview will generally not be forwarded by us to a third party. As an exception, such data may be shared within the Maxon company group where this is necessary to pursue the purposes of interviews listed above.
The documentation and possible publication of the survey and/or interview results will be done exclusively in an anonymous form, without disclosing participants’ name and without giving any information that could be used to draw conclusions about participants.
The consent for participating in a survey and/or a following interview can be withdrawn by the participant at any time with effect for the future. For the withdrawal a simple message, e.g., via email is sufficient. The withdrawal of consent will not affect the lawfulness of processing of personal data prior to the revocation.
The personal data will be deleted or anonymized as soon as it is no longer required to achieve the purpose for which it was collected (or otherwise processed) and there are no legal retention obligations, and they are not required for the establishment, exercise, or defense of legal claims. This is generally the case for the personal data collected during surveys and interviews within 6 months after collection of such personal data. Videocall recordings will be deleted within 90 days.
TeamViewer
Maxon offers the possibility of remote support via TeamViewer.
Note: In order to use our remote support, customers must download and install the TeamViewer client provided by TeamViewer Germany GmbH, Jahnstrasse 30, 73037 Göppingen. TeamViewer Germany GmbH is a separate controller with respect to processing of personal data within the scope of the download of the TeamViewer client.
The following personal data will be gathered by us within the scope of remote support via TeamViewer:
- If applicable, the customer’s name if used as an alias/nickname for TeamViewer.
- If necessary, we will take and save notes for individual sessions for protocolling results of a remote support session.
- We record remote support sessions and save these in order to safeguard ourselves against false claims for damages.
- The chats that take place during communication with the customer via TeamViewer’s chat function will also be saved.
Your personal data will not be forwarded to third parties.
Legal basis for the processing of personal data via TeamViewer is performance of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR), our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) I documenting remote support sessions and in establishing, exercising and defending legal rights or, where consent has been obtained, consent (Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR).
Facebook Custom Audience
Maxon uses Facebook Custom Audience for websites. In this context, personal data are processed in order to identify persons that may have the most interest in our products and services and enable us to provide such persons with corresponding information.
Maxon and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, ("Meta") jointly determine the purposes and means of processing with respect to Facebook Custom Audience, i.e. they are so called joint-controllers (Art. 4 no. 7, Art. 26 para. 1 sentence 1 GDPR). Maxon may share information about people and actions they take on our website and apps ("Event Data"). Meta may use this Event Data to ascertain people who have previously interacted with our business and create groups of Facebook users based on Event Data so that these can be targeted with advertisement ("Joint Processing").
Information on how to contact Meta and their data protection officer, on how Meta processes personal data (including relevant legal bases) and the ways to exercise data subjects' rights against Meta can be found in their data policy (available here).
Maxon has entered into a joint controller arrangement (Controller Addendum) with Meta (available here) in which Maxon and Meta have determined their responsibilities under GDPR. Under this Controller Addendum Maxon is obligated to provide the information included in this section to website users. Meta is responsible for enabling data subjects' rights (Art. 15 to 20 GDPR) with regard to personal data stored by Meta after the joint processing of such data.
Maxon's legal basis for processing of personal data in this context is consent (Art. 6 para. 1 sentence 1 lit. a , Art. 7 GDPR).
Data processing in the context of a company transaction
In the context of a sale of assets, it is possible that Maxon will transfer personal data of customers and users to the purchaser.
In this context, we may process the following personal data:
- Contact details, especially email address,
- Other contractual data,
- Other personal data, submitted by the users themselves.
The purpose of the data transfer is to fulfill our obligations under the purchase contract with the purchaser and to enable the purchaser to continue the customer relationship with customers and users. The legal basis for the processing of the personal data here is either our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in efficiently managing and disposing of our company and assets and in transferring personal data of customers who have not objected to this to the purchaser or the implementation of pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR) if the customer is a natural person and agrees with the transfer of the customer agreement to the purchaser.
Safeguarding our rights
Maxon may process personal data to safeguard Maxon's rights.
Legal basis for the processing of personal data in this context is our legitimate interest (Art. 6 para. 1 sentence 1 lit f GDPR) in establishing, exercising and defending legal claims.
Compliance with legal obligations
Maxon may process personal data to comply with legal obligations to which Maxon is subject.
Legal basis for the processing of personal data in this context is compliance with the respective legal obligations (Art. 6 para. 1 sentence 1 lit. c GDPR).
Data deletion and storage period
The personal data of data subjects will generally be deleted as soon as they are no longer necessary in relation to the purpose for which they were collected (or otherwise processed).
As an exception, the data can be stored for a longer period of time for compliance with a legal obligation, i.e. if this has been set out by the European or national legislator in European Union regulations, laws or other regulations to which we are subject, or for the establishment, exercise or defense of legal claims; personal data that we store solely for these purposes will not be used for any other purpose.
Rights of data subjects
You have the following rights regarding personal data provided that the relevant legal requirements are met:
- Right of access, Art 15 GDPR
You may request information about the processing of your personal data and a copy of the personal data undergoing processing insofar as such copy does not adversely affect the rights and freedoms of others. - Right to rectification (Art. 16 GDPR)
You may request correction of your personal data that is inaccurate and/or completion of such data which is incomplete. - Right to erasure 17 GDPR
You may request deletion of your personal data, in particular where (i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) you objected to the processing and there are no overriding legitimate interests for the processing, (iii) your personal data has been unlawfully processed or (iv) your personal data has to be erased for compliance with a legal obligation to which we are subject. The right to erasure, however, does not apply in particular where the processing of your personal data is necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims. - Right to restrict processing, Art. 18 GDPR
You may request restriction of processing (i) for the period in which we verify the accuracy of your personal data if you contested the accuracy of the personal data, (ii) where the processing is unlawful and you request restriction of processing instead of deletion of the data, (iii) where we no longer need the personal data, but you require the data for the establishment, exercise or defense of legal claims or (iv) if you objected to processing until it has been verified whether our legitimate grounds override your interests, rights and freedoms. - Right to object, Art. 21 GDPR
You have the right to object, for reasons resulting from your particular situation, at any time, to the processing of your personal data which is based on legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) this also applies to profiling based on this provision according to Art. 4 No. 4 GDPR. If you file an objection, your personal data will no longer be processed for the purpose you objected to unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing serves the establishment, exercise or defense of legal claims.
Generally, we assume that we will be able to demonstrate such compelling legitimate interests. However, we will review any objection based on the individual relevant facts.
In individual cases we may process your personal data for direct marketing purposes without your prior consent. You have the right to object to the processing of your personal data for direct marketing purposes at any time; this also applies to profiling in as far as it is connected with direct marketing. If you file an objection to the processing for direct marketing purposes we will no longer process your personal data for this purpose.
The objection can be made informally and should be sent to:
Maxon Computer GmbH
Basler Str. 5
61352 Bad Homburg vor der Höhe, Germany
Email: [email protected]
- Right to data portability, Art. 20 GDP
You may request to receive your personal data, which you have provided to us, in a structured, commonly used machine-readable format and transmit those data to another controller without hindrance from us, where the processing is based on consent or a contract and the processing is carried out by automated means; in these cases you may also request to have the personal data transmitted directly to another controller where this is technically feasible. - Right to withdraw consent, Art. 7 (3) GDPR
Consent that was granted can be withdrawn at any time with effect for the future. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. This also applies for the withdrawal of consent that was given prior to the introduction of the GDPR, i.e., prior to May 25, 2018.
Within the scope of the right of access (Art. 15 GDPR) and the right to erasure (Art. 17 GDPR), the restrictions in accordance with Clauses 34, 35 of the German Federal Data Protection Act (BDSG) apply.
Furthermore, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of an alleged infringement if you consider that the processing of your personal data infringes the GDPR (Art. 77 GDPR).
Please address your requests to exercise your rights to [email protected] (with the exception of the right to lodge a complaint with a supervisory authority).
Data security
We protect your data using modern security systems and we adhere to the data protection and security provisions in accordance with the GDPR.
We maintain current technical measures to ensure data security, in particular for the protection of your personal data against threats during data transfers or attainment by third parties. These measures are updated to meet state-of-the-art standards.
Online forms on our website are sent using SSL encryption for your protection. Nevertheless, we cannot guarantee that the information sent cannot be read by third parties during transmission. Please be aware that despite our efforts, no data security measures can guarantee security.
You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust, unique password that no one else knows or can easily guess, and keeping your log-in details and password private.
Obligation for providing and possible consequences for not providing data
You are not obligated to provide your personal data to us. However, within the scope of the use of our services, you may be required to make the personal data available that is necessary for the fulfillment of the respective purpose or that we are legally obliged to collect. Without this data, we may not be able to conclude or execute a contract with you and/or provide you with our services.
Existence of automatic decision-making, including profiling
Fundamentally, we do not use fully automated decision-making or profiling to start or carry out a business relationship in accordance with Art 22 GDPR. If we should implement this process in individual cases, we will inform you accordingly in as far as this is required by law.
Changes to data protection notices
We continuously develop and optimize the services we offer. It can therefore occur that we add new functionalities. If this affects the way in which we process your personal data we will inform you accordingly in due time in our data protection notices (e.g. in this data protection declaration).
The last update of this data protection declaration was July 2024.
Data Protection Declaration for the processing of personal data outside of the European Economic Area
Effective Date: July 2024
This Privacy Policy (“Policy”) supplements the information contained in Maxon Computer Inc.’s (515 Marin Street, Suite 322, Thousand Oaks, CA 91360, United States) (“Company,” “we,” “our,” or “us”) Data Protection Declaration and applies to all visitors and users of our website, our Web Shop, any of our group company websites and applications where this Policy is posted (each, a “Site”), whether on our digital properties or on applications we make available on third-party sites or platforms, and the services available through our Site, Web Shop, and any such websites and applications (collectively, the “Services”). This Policy describes the types of information, including personal information (which term includes sensitive personal information, as defined under certain applicable laws, when used in the Policy), we collect from visitors and users of our Site and Services, and our practices for collecting, using, maintaining, protecting, and disclosing that information.
By visiting a Site and using the Services, or providing consent where required by applicable law you agree that your personal information will be handled as described in this Policy. Your use of a Site and Services, and any dispute over privacy, is subject to this Policy and our Terms of Use, including its applicable limitations on damages and the resolution of disputes. The Terms of Use are incorporated by reference into this Policy.
Please keep in mind that when you provide information to us on a third-party site or platform, the information you provide may be separately collected by the third-party site or platform. The information we collect is covered by this Policy, and the information the third-party site or platform collects is subject to the privacy practices of the third-party site or platform.
Information We Collect About You and How We Collect it
Generally, (with your consent, where required under applicable laws and regulations), we may collect the following types of personal information depending upon the nature of our relationship and interactions with you:
Information We Collect Directly from You. We collect several types of information from and about users of our Services.
- We offer users the opportunity to register to create an account on our Sites in order to access the Services. When you create an account with us, we may collect your information, including your first and last name, e-mail address, telephone number, language, password, and the country in which you are located. In addition, on some of our Sites, you can log in using your credentials for Facebook, Google, Discord or other social media or similar sites. When you log-in using those credentials we or the provider of these other sites may request certain information or permissions from you, such as to share your profile information with us and to share certain information with us related to your account with that provider.
- When you use or access the Services, we may collect information required to deliver the Services to you, including commercial information, such as records of products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
- We may also collect information required to facilitate transactions through the Services, including financial or payment information, your address, and other contact information.
- Depending on the Services that you use, you may be able to upload facial images and expressions to the Services. This information is stored on your device and is not used to identify you.
- When you request access to the Services, such as access to Maxon One Licenses for Educational purposes, we may collect professional information, such as employment-related information and business contact information, to verify that you meet eligibility requirements for purchasing the Services and to deliver the Services to you. We may also request education information, such as your school name and grade level, to confirm your eligibility for the Services and to deliver the Services to you. In order to verify your eligibility status to provide licenses for educational purposes, you shall be required to upload biometrics data. Verification of whether you meet the requirements as a student or teacher is handled by the external service provider SheerID, Inc., 1300 SW Fifth Avenue, Suite 2100, Portland, Oregon 97201 USA (“SheerID”) with its sub-processors including but not limited to Onfido Ltd, 14-18 Finsbury Square, 3rd Floor, London EC2A 1AH. United Kingdom (“Onfido”). SheerID and its processors are responsible for processing your personal data as part of the verification process. SheerID and its processors shall be responsible for processing the biometrics data and verification documents. The company will not receive any sensitive personal data collected and processed by SheerID nor its processors.
- We may collect information you provide to us when you fill out a survey or questionnaire, or other type of form you complete through the Services.
- If you participate in one of our summits, we collect information that we need to administer the summit, including your name, studio, email address, physical address, headshot or logo, artwork and your biography. We may share this information with summit sponsors and other participants. If you win prize giveaways, we will share your information on our Site or in a chat.
- If you participate in one of our contests, we collect your information that we need to administer the contest, including your name, your streaming channel ID, and your email address and physical address. We may share your information with sponsors and we may publish your name on our website, for example, if you place in a contest, or if we use your image for marketing purposes.
- If you contact us, we may collect records and copies of your correspondence, including e-mail addresses, direct chat history, and other correspondence and contact information.
- While you are navigating a Site or using the Services, we may collect your search queries or information about your viewing history.
- When you submit a customer inquiry, complaint, or request assistance with use of a Site or the Services, we may collect your name, alias, or nickname for obtaining access via the TeamViewer platform. We may also collect and record information from remote support sessions, as well as notes from individual remote support sessions, for quality assurance purposes, and to safeguard ourselves against fraudulent claims for damages.
- When you subscribe to receive updates from us about new features of the Services, such as newsletters or e-mail alerts, we collect contact information from you, such as your name, e-mail address, or telephone number.
- We also collect any information you choose to e-mail or communicate to us while using the Services.
- On some of our Sites, we invite you to post content, including your questions, comments, pictures, and any other information that you would like to be available on the Site. If you post content to our Site, the information that you post will be available to all visitors to our Site. If you post your own content on our Site or Services, your posting may become public and we cannot prevent such information from being used in a manner that may violate this Privacy Policy, the law, or your personal privacy.
Information We Collect Automatically. Whenever you visit or interact with our Site, we may automatically collect data about your visit through cookies, pixels, tags, log files, and other technologies. Such information includes but is not limited to your computer’s Internet Protocol (“IP”) address, device ID, device location information, browser type, browser version, the pages you visit, the time spent on those pages, the time and date of your visit, downloads you initiate, and other statistics. We gather such information through cookies and other web technologies. Please see the “Our Use of Cookies and Other Tracking Mechanisms” section in our Privacy Policy to find out more.
Information We Collect from Third Parties. We may collect information about you from third party sources (which may be combined with other information we have collected about you), such as: service providers, marketing partners, third-party partners, public and third-party databases, social media platforms such as Facebook, Twitter, Instagram, YouTube, LinkedIn, (including from social media connections), platform providers, payment processors, and from other third parties.
How We Use Your Personal Information
Personal Information Under the California Consumer Privacy Act (CCPA). We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
Our Uses of Your Personal Information. We collect and use your personal information for the purposes described below (with your consent, where required under the applicable law):
- To provide our Services to you.
- To communicate with you about your use of our Services, to respond to your inquiries, and for other customer service purposes.
- To tailor the content and information we may send or display to you, offer location customization, personalized help and instructions, or to otherwise personalize your experiences while using the Site or Services. Depending on the Services that you use, you may be able to upload facial images and expressions to the Services. This information is stored on your device and is not used to identify you. In order to use this Service, you must agree to receive advertising and to share your name, email address and country with our third-party distributors and resellers. However, no facial images or expressions are shared with our third-party distributors or resellers.
- For marketing, promotional, and customer support purposes in accordance with applicable laws. For example, we may use your personal information, such as your e-mail address, to send you news and newsletters, special offers and promotions, informational materials, or to otherwise contact you about products, services, or other information we think may interest you. We also use the information that we learn about you to assist us in advertising on third-party websites and to assist us in evaluating the success of our advertising campaigns on various platforms.
- To better understand how individuals access and use our Services, to improve and develop our Services, and to respond to individuals’ desires and preferences. This includes using personal data for purposes such as data analysis and conducting surveys or questionnaires, such as for market research or customer satisfaction purposes.
- To help verify user activity, as well as to promote safety and security, such as by monitoring fraud, investigating suspicious or potentially illegal activity or violations of our terms of use or other policies, protecting our rights, or pursuing available remedies.
- To comply with legal and regulatory obligations, as part of our general business operations, and for other business administration purposes, including authenticating your identity, maintaining customer records, monitoring your compliance with any of your agreements with us, collecting debts owed to us, safeguarding our business interests, and managing or transferring our assets or liabilities, for example in the case of an acquisition, disposition, or merger, as described below.
- For purposes that we may notify you of or to which you consent.
Categories of Personal Information Under the CCPA and Other Applicable Laws
While our collection, use, and disclosure of personal information varies based upon our relationship and interactions with you, in this section we describe, generally, how we have collected and disclosed personal information about consumers in the prior twelve (12) months (from the Last Updated date above with your consent, where required under applicable laws).
Sources of Personal Information. As further described in the Information We Collect About You and How We Collect It section above, we may collect personal information from the following sources:
- directly from the individual
- advertising networks
- data analytics providers
- social networks
- internet service providers
- operating systems and platforms
- government entities
- business customers/clients
Categories of Personal Information Collected and Disclosed. In the table below, we identify the categories of personal information (as defined by the CCPA) we have collected and disclosed for a business purpose as defined by the CCPA (where required under applicable laws), as well as the categories of third parties to whom we may disclose such personal information. For more information about the business and commercial purposes for which we may disclose personal information, as defined by the CCPA, please see the How We Share Your Personal Information section above.
______________________________________________________________________________________________________________________________________________
Categories of |
Description |
Do We Disclose for a Business Purpose? |
Do We Sell under the CCPA? |
Categories of Third Parties to Whom |
______________________________________________________________________________________________________________________________________________
Identifiers |
Includes direct identifiers, such as name, alias, salutation, user ID, username, account number or unique personal identifier; email address, phone number, address and other contact information; IP address and other online identifiers; and other similar identifiers. |
YES |
NO |
|
______________________________________________________________________________________________________________________________________________
Customer Records |
|
YES |
NO |
|
______________________________________________________________________________________________________________________________________________
Commercial Information |
|
YES |
NO |
|
______________________________________________________________________________________________________________________________________________
Usage Data |
Includes browsing history, clickstream data, search history, access logs and other usage data and information regarding an individual’s interaction with our websites, mobile apps and other Services, and our marketing emails and online ads. |
YES |
NO |
|
______________________________________________________________________________________________________________________________________________
Geolocation Data |
Includes precise location information about a particular individual or device. |
YES |
NO |
|
______________________________________________________________________________________________________________________________________________
Audio, Video and Electronic Data |
Includes audio, electronic, visual, thermal, olfactory, or similar information such as photographs and images (e.g., that you provide us or post to your profile) and call recordings or recordings of remote support sessions (e.g., of customer support calls or remote sessions). |
YES |
NO |
|
______________________________________________________________________________________________________________________________________________
Protected Classifications |
|
NO |
NO |
|
______________________________________________________________________________________________________________________________________________
Inferences |
|
YES |
YES |
|
Your Consumer Rights Under the CCPA and Other Applicable Laws
You may have the following rights where permitted under the CCPA and other applicable laws:
Right to Request Disclosure. The right to request, free of charge, that we disclose information about our collection and use of your personal information over the past twelve (12) months or longer period where permitted under applicable laws, including:
- The categories of personal information we collect about you;
- What personal information we collect, use, or disclose about you;
- The categories of sources of the personal information we collect about you;
- Our business or commercial purpose for collecting the personal information;
- For each category of personal information, the categories of third parties with whom it was disclosed; and
- The specific pieces of personal information we collect about you.
You may request a copy of the personal information we hold about you. For more information on how to request information about our collection, use, and disclosure of your personal information, please see the Submitting Your Requests section below.
Right to Request Deletion. The right to request the deletion of your personal information that we collected. For more information on how to request deletion, please see the Submitting Your Requests below. Once we receive your request and verify your identity, we will review your request to see if an exception allowing us to retain the information applies. We will delete or de-identify personal information not subject to an applicable exception from our records and where required by applicable law, and will direct our service providers to take similar action.
You do not need to create an account with us to exercise your deletion rights. We will only use personal information provided in a deletion request to review and comply with the request.
Right to Request Opt-Out of the Sale of Your Personal Information. If you are age 16 or older, the right to direct us to not sell your personal information at any time. Please note that we do not sell the personal information of consumers of any age.
To exercise the right to opt-out, you or your authorized representative may submit an opt-out request by following the procedures specified in the Submitting Your Requests section below. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorized personal information sales. However, you may change your mind and opt back in to personal information sales at any time by clicking this link.
You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to review and comply with the request.
Right of Non-Discrimination. The right to be free from discriminatory adverse treatment for exercising these rights. We will not discriminate against you for exercising any of your CCPA rights, or your rights under other applicable laws where we are not permitted to do so. Under certain applicable laws, you also may have the right to refuse decisions based solely on automated decision making technology that materially affects you.
You may have the following rights under applicable laws:
Right to correct. The right to request correction of personal information we hold about you that is incorrect or inaccurate.
Right to withdraw consent or deregister your account. The right to withdraw your consent to processing of your personal information. Processing prior to the withdrawal of your consent will be not affected. You also may have the right to deregister your account that you registered on any Site or any Services (if any).
Right to Transfer. The right to request transfer of your personal information to another organisation.
Submitting Your Requests
Requests to Know, Correct, Delete, Transfer, Withdraw- Your Consent or Deregister Your Account. To exercise your rights to know or delete described above, you may submit a request by contacting us through the following method:
- Via email at [email protected]
Requests to Opt-Out of Sales of Your Personal Information. To exercise your right to opt-out of sales of your personal information, you may submit a request form via our website at this link. You may also submit a request by email at [email protected].
Verification of Requests. Only you, or an individual legally authorized to act on your behalf, may make a request to know, delete, or opt-out related to your personal information. To designate an authorized agent, please contact us by using the contact information above.
You may only submit a request to know twice within a 12-month period to the extent you are exercising a right under the CCPA. Your request to know or delete must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information, or that the requestor is your authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We may request information from you in order to verify your identity. Additionally, we may require that authorized agents provide proof of their authorization. We cannot respond to your request or provide you with personal information if we are unable to verify your identity, your authority to make a request on behalf of another person, or if we cannot confirm that the personal information relates to you. In general, we will verify your request and your identity by matching the information you provided with the information we have in our records.
You do not need to create an account with us to submit a request to know, or to submit a request to delete your personal information or opt-out of sales of your personal information.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
Transfers of Personal Information Outside of China
If you are resident in China, with your separate consent, we may transfer, access or store your personal information outside of the People’s Republic of China where we are satisfied that adequate levels of protection are in place to protect the integrity and security of your personal information or adequate security measures are adopted and in compliance with applicable laws, such as contractual arrangements. Where required by applicable laws, we will put in place appropriate measures to ensure that processing of your personal information outside of the People’s Republic of China is safeguarded by the equivalent level of data protection as in the People’s Republic of China.
Third-Party Links
Our Site and Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.
Security of Your Personal Information
We have implemented reasonable and appropriate security precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.
You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust, unique password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
Minors
We do not knowingly collect or process personal information of minors under the age of 14 without the consent of their parents or guardians, or as otherwise permitted by applicable law. We will take steps to delete the information as soon as possible should we become aware of minors’ personal information. Parents or guardians can contact us to request such deletion.
Access to Your Personal Information
You may modify personal information that you have submitted by logging into your account and updating your profile information. Please note that copies of information that you have updated, modified, or deleted may remain viewable in cached and archived pages of the Site or Services for a period of time.
Your Choices Regarding Our Use of Your Personal Information
We may send periodic promotional e-mails to you (with your consent, where required by applicable laws). You may opt-out of promotional e-mails by following the opt-out instructions contained in the e-mail. If you opt-out of receiving promotional e-mails, we may still send you e-mails about your account or any services you have requested or received from us.
Changes to this Policy
This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time (with your consent, where required under the applicable law), so please be sure to check back periodically. We will post any changes to this Policy on our Site and Applications.
Contact Us
If you have questions about the privacy aspects of our Site or Services or would like to make a complaint, please contact us at:
Maxon Computer Inc.
515 Marin Street, Suite 322
Thousand Oaks, CA 91360
United States
E-mail: [email protected]