TRICENTIS SPECPRODUCTS PRIVACY POLICY

This Tricentis Data Privacy Policy (“Privacy Policy”) describes how Tricentis GmbH, Leonard-Bernstein-Strasse 10, 1220 Vienna, Austria, and its subsidiaries (herein collectively referred to as “Tricentis”), processes personally identifiable data and personal information (“Personal Data”) as data controller. A complete list of the Tricentis group may be found at https://www.tricentis.com/about/locations/.

This Privacy Policy applies to individuals who interact with Tricentis online and offline; the usage of the Tricentis products and services provided by Tricentis to business partners (collectively referred to as “Product”), and Tricentis owned or operated Websites such as www.tricentis.com (collectively referred to as “Sites”).

As part of our efforts to facilitate and make your experience with Tricentis as user-friendly, enjoyable and productive as possible, Tricentis may collect and use certain information you provide to us directly or we may receive indirectly from another legally permissible basis.

Please review the entire policy to learn about the types of Personal Data Tricentis processes, what Personal Data is disclosed to third-parties, and how Tricentis protects Personal Data.

1.         Information Tricentis Collects – Categories of Personal Data

As you interact with Tricentis and use our Product and Sites, Tricentis collects and uses Personal Data such as:
·             General contact information. Contact details include  name, email address, physical (work) address, phone number, company, job title, gender, as well as account information.
·             Digital ID. Information regarding your digital identity, such as login name, screen name, nickname, or handle; device information like manufacturer and model of your device; Internet Service Provider (ISP); Internet Protocol (“IP”) address (or another device identifier); browser type; and operating system as well as metadata (e.g. location, cookies, access times and dates, referring/exit pages, clickstream data, pages of the Sites that you visit; the time spent on those pages or interacting with certain portions of the Sites, information you search for on the Sites).
·             Any other not listed and voluntarily given personal information about you.
Tricentis does not collect or use any sensitive Personal Data and does not want you to provide us with such. Sensitive Personal Data are special categories of Personal Data which is by law considered more sensitive, such as: racial or ethnic origin, political opinions, religious and philosophical beliefs, or trade-union membership, genetic or biometric data, health data, sex life or sexual orientation.

2.         How is Personal Data Collected – Source of processing

2.1.      Information you directly provide to us. If you use our Products and Sites or communicate with us (by phone, chat, email, web forms, social media or other means of communication), you may be required to provide us certain information and Personal Data, in the following ways:

·       by filling in forms on our Sites, subscribing to or using our Products, entering into an agreement with Tricentis, posting material, requesting further information or services;

·       when you report a problem with or have a question about our Products;

·       by responding to surveys that Tricentis ask you to complete for research purposes;

·       by fulfilment of your orders;

2.2.      Information indirectly provided by our business partners. Tricentis may receive Personal Data about you submitted to us by your employer (= Tricentis contracting party). Although, Tricentis requires our business partners not to share Personal Data, Tricentis cannot control what our business partners disclose. Our Products are intended to be accessed and used by multiple users, so our business partners may provide your Personal Data as contact person for using our Products.

2.3.      Information from your use of our Products and Sites.
To improve our Products, Tricentis uses telemetry data on how you use our Products to our servers. All data are collected on a company and not on a user level, therefore no Personal Data will be stored and/or processed. By installing our software, you may deactivate the option to provide us with such information (opt-out).

Tricentis collects your usage information on our Sites, including your access times, location, browser types and language, and IP addresses to track and aggregate information (e.g. Tricentis uses IP addresses to monitor the regions from which you navigate our Sites or when you log into our Sites as part of Tricentis’ features).

Tricentis may collect device-specific information when you access our Products and Sites, including your hardware model, operating system and version, unique device identifiers, mobile network information, and information about the device’s interaction with our Products and Sites.
This information is collected automatically by our servers when you access our Sites or use our Products and is statistical data, which may or may not include Personal Data, but Tricentis may maintain it or associate it with Personal Data Tricentis processes in other ways or receives from third-parties. It helps us to improve and to deliver better and more personalized services, including by enabling us to estimate our audience size and usage patterns, store information about your preferences, allowing us to customize our services according to your individual interests, speed up your searches and recognize you when you return to our Sites.

The technologies Tricentis uses for this automatic data collection may include:

o   Cookies. A cookie is a small file placed on your computer. For more information about our use of cookies, including details on how to opt-out of certain cookies, please see the “Cookies” section below.

o   Web Beacons. Pages of our services or our e-mails may contain small electronic files known as Web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related Website statistics (for example, recording the popularity of certain Website content and verifying system and server integrity).

Tricentis also collects Personal Data from interactions with and use of certain functionalities, such as:

·       Messaging. The Sites provide messaging to enable users to communicate with one another and/or with us. Tricentis collects communications made between users using the Sites’ messaging for legitimate business purposes, including in the course of customer service investigations regarding user complaints and disputes between users.

·       Public Forums. If you use any bulletin board, chat room, comment posting feature, or other public communication service, forum, or feature offered through the Sites, or post any information available for viewing by other users, any of the information that you share will be visible to other users. The information that you make available can be read, used, and collected by other users to send you unsolicited messages outside of the Sites. Tricentis is not responsible the way the Personal Data that you decide to share in this way will be used by other users.

·       Social Media. Tricentis operates and maintains networking pages on social media platforms such as Facebook, Twitter, and LinkedIn. Tricentis may import comments and posts from these third-party platforms to our Sites. If you post to any of our networking pages on third-party social media platforms, you are providing information to the public at your own risk. Please visit the privacy policies of any third-party social media platforms.

2.4.      Information from Other Sources. Tricentis may also collect information about you from:

·       third-parties, including but not limited to third-party verification services, mailing list providers;

·       publicly available sources;

·       our business partners, including our resellers, marketing partners, or service providers Tricentis engages to provide you with certain aspects of our Products, such as service providers or hosting services;

·       our events you may attend, or from social networks, and

·       third-party analytics service providers.

3.         Legal basis for Personal Data Processing

Tricentis processes Personal Data about you only if we have a valid legal basis for such a processing, which may be as follows:
·       Consent. You have given Tricentis or any third-party on behalf of Tricentis the consent that Tricentis is allowed to process your Personal Data. If the processing of your Personal Data is only based on your consent, you have the right to withdraw and/or reject your consent at any time (see section 8).

·       Contract. For the performance of a contract between Tricentis and you or to take steps prior to entering into such a contract;

·       Legitimate Interest. In case the processing is necessary to pursue the legitimate interest of Tricentis or a third-party. In all circumstances, Tricentis will limit a processing based on the legitimate interest to what is necessary for its purpose. If the processing of your Personal Data is only based on our legitimate interest, you have the right to object such processing of your Personal Data at any time (see section 8). Legitimate interest includes but is not limited to the following data collection:

o   the performance of a contract between Tricentis and your employer (our business partner), or to take steps prior to entering into a contract between Tricentis and your employer (our business partner); additionally the performance of a contract between Tricentis and our business partner for the benefit of you or your employer, or to take steps prior to entering into a contract between Tricentis and our business partner for the benefit of you or your employer;

o   intracompany transfers and data sharing for administration and organizational purposes within the Tricentis group companies;

o   product development and enhancement to enable Tricentis to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our customers, and to better understand how users interact with our Products and Sites;

o   communications, marketing and intelligence – including processing data for direct marketing purposes and to determine the effectiveness of our promotional campaigns and advertising;

o   fraud detection and prevention (crime prevention);

o   enhancement of our cybersecurity, including improving the security of our network and information systems; and

o   general corporate operations and due diligence;

·       Compliance. In case the processing is necessary for compliance with any legal rights and obligations to which Tricentis is subject.

4.         Usage of your Personal Data

Tricentis uses Personal Data only in compliance with the purposes for which your Personal Data was collected or subsequently authorized by you. Tricentis will take reasonable technical and organizational measures to ensure that Personal Data is relevant to its intended use, accurate, complete, and current.

Purpose of ProcessingCategories of Personal DataLegal Basis
Contract. Tricentis uses your Personal Data to carry out our obligations and enforce our rights arising from any contracts entered into between you and/or our business partners and us, including for billing and collection and to notify you about changes about our Products Tricentis provides to you.General InformationFulfilment of a contract (if it is a direct contract) or our legitimate interest (if you are an employee of our contracting party) to fulfil our contractual obligations.
Customer Support. Tricentis uses your Personal Data (which may also include messages sent by you) to provide, maintain, personalize and improve our Products and Sites and to deliver the information and support you request, including support, complaint and administrative messages.
Please note, that you cannot refuse to receive service messages from Tricentis including but not limited to account, safety and legal notices.
General Contact Information
Digital ID
Fulfilment of a contract (if it is a direct contract) or our legitimate interest (if you are an employee of our contracting party) to fulfil our contractual obligations.
Marketing Communication. Tricentis uses your Personal Data to send you news and information and to communicate with you about our Products. You may opt-out at any time of receiving promotional emails from us by following the instructions in those emails.General Contact Information
Digital ID
Your consent and/or our legitimate interest to promote our products and services.
Product Analysis. Tricentis uses your Personal Data to track and analyze trends and usage relating to our Products and SitesGeneral Contact Information
Digital ID
Our legitimate interest to improve our Products.
Compliance. to protect our rights or property to investigate and prevent fraud or other illegal activitiesGeneral Contact Information
Digital ID
Any additionally given information
Our legitimate interest and legal obligation to protect Tricentis’ interests
Data Accuracy. Tricentis uses your Personal Data to compare information for accuracy and verify your identity.General Contact Information
Digital ID
Fulfilment of a contract (if it is a direct contract) or our legitimate interest (if you are an employee of our contracting party) to fulfil our contractual obligations, improve and secure our Products, customer support or any other communication.
Specific Purpose. Tricentis may use your Personal Data for any other purpose disclosed to you relating to our services or to fulfil any other purpose for which you provide your Personal Data.General Contact Information
Digital ID
Any additionally given information
Your consent and/or our legitimate interest to such specific purpose.

Tricentis may combine Personal Data about you that Tricentis has collected from different sources, for example, by combining publicly available information from various sources to help analyze sales opportunities.

Tricentis will never sell any Personal Data to a third-party.

5.         Sharing of Personal Data – Recipients

Processors. Tricentis shares Personal Data with contractors, service providers and other third-parties who carry out the processing of Personal Data on behalf of Tricentis (“Processors”) under a written contract and only with such Providers who provide sufficient guarantees to implement appropriate technical and organizational measures to protection your Personal Data. Furthermore, Processors are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which Tricentis discloses Personal Data to them. Tricentis may provide Personal Data to our Processors including but not limited to facilitate the Sites; to provide the Sites or portions of the Sites on our behalf; to perform related services to our Products, including, maintenance services, database management, fulfilment, web analytics, and improvement of the features or functionality; or to assist us in analyzing how the Sites is being used.

Tricentis Group. Your Personal Data may be collected from one entity of the Tricentis Group but will be shared with the other entities in accordance with this Privacy Policy. As Tricentis continues to develop business, Tricentis may buy, sell, or share assets in connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy. In such transactions, Personal Data may be a transferred business asset, if Tricentis itself or substantially all our assets are acquired.

Third-Parties. Tricentis shares Personal Data with third-parties who determine the purposes and means of processing on its own. Tricentis shares Personal Data for any lawful purpose to which you have expressly consented or directed, or to fulfil the purpose for which you provided the Personal Data to us or unless you expressly consent to share Personal Data with a specified third-party. In case Tricentis may disclose Personal Data to another third-party not listed, Tricentis will inform about such a disclosure at the time first disclosed to such third-party. Please note, recipients of Personal Data may be in another state where you are located (see section International Transfer).

5.1.      Law and Protection. Tricentis may release Personal Data when Tricentis believes at its sole discretion, that such release is appropriate and necessary: to comply with any court order, subpoena, law or legal process, including to respond to any government or regulatory request; to enforce agreements, Tricentis has with you or your employer; to protect the rights, property, or safety of Tricentis, our business partners or others; to prevent activity that Tricentis believes at its discretion, may be or may become illegal, unethical, or legally actionable (including exchanging Personal Data with other companies and organizations for fraud protection).

5.2.      Advertisers/Cookie Providers. Tricentis may release aggregate and anonymized/pseudonymized Personal Data to advertisers and other third-parties in order to promote or describe use of the Sites.

6.         Retention of your Personal Data

Tricentis retains Personal Data for a period consistent with the purpose of processing. Tricentis keeps Personal Data for no longer than reasonably necessary for the use of our Products and Sites and for a reasonable period afterward. If you are a business partner’s employee, Tricentis will delete your Personal Data from our systems 7 years after termination of the agreement, insofar no other duration is necessary to be compliant with applicable laws. Tricentis also may retain Personal Data during the period needed for us to pursue our legitimate business interests (such as back up and archive, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements).

7.         Rights to Personal Data

In addition to the information provided in this Privacy Policy, you have the following rights.

·       Right of access: You have the right to obtain a confirmation as to whether or not Personal Data concerning you are being processed by Tricentis and, where that is the case, access to the personal data and receive detailed information about the concrete processing.

·       Right to rectification: You have the right to obtain correction or change of your Personal Data if your Personal Data are inaccurate or out of date. In addition, and considering the purposes of the processing, you have the right to have your Personal Data completed, including by means of providing a supplementary statement.

·       Right to be forgotten: You have the right to obtain a deletion of your Personal Data if your Personal Data are no longer necessary for Tricentis to retain. If you want to completely delete all your Personal Data, your account may become deactivated and filed information will be irrevocably deleted. However, Tricentis may retain an archived copy of your records as required by law or based on our legitimate interest, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes. In such instance, Tricentis will inform you accordingly.

·       Right to restriction: You have the right to obtain a restriction of the processing of your Personal Data, if you have contested the accuracy of your Personal Data, the processing if unlawful, Tricentis no longer needs the Personal Data or you have objected to the processing of your Personal Data, provided that all legal requirements are met.

·       Right to object/withdraw: You have the right to object to the processing of your Personal Data, if Tricentis does not have other legitimate grounds besides your consent for doing so, unless Tricentis can demonstrate compelling legitimate grounds for further processing.

·       Right to data portability: You have the right to receive a copy of your Personal Data which Tricentis processes.

·       Right to lodge a complaint with a supervisory authority. Since Tricentis is headquartered in Austria, you have the right to lodge a complaint pursuant to Art 77 GDPR with the Austrian Data Protection Authority “Datenschutzbehörde” (www.dsb.gv.at).

Tricentis does not base its decisions solely on automated processing of Personal Data, including profiling, which would produce legal effects or similarly significantly effects on you.

If you have any question regarding your privacy rights or if you want to update or correct information about yourself you can contact us at any time or in case you are a registered user of the Tricentis Support Portal, you can also use the online form https://tricentisit.service-now.com/sp/gdpr (see section, contact details below).

8.         Third-Partys: Service Providers, Links to other Sites, Third-Party Advertising

This Privacy Policy does not apply to any websites managed, maintained, and/or hosted by third-parties that you may visit e.g. via a link provided through the Sites or on a website maintained by any third-party. Tricentis is not responsible for and does not control the (privacy) practices of any third-party websites or service providers to whose websites Tricentis may link.

Some content or applications, including advertisements, on or through our Sites are served by third-parties, including advertisers, ad networks and servers, content providers and application providers. These third-parties may use cookies, alone or in conjunction with web beacons or other tracking technologies, to collect information about you when you use our Sites. The information they collect may be associated with your Personal Data or they may collect information, including Personal Data, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. Tricentis does not control these third-parties’ tracking technologies or how they may be used. Please contact the responsible provider directly.

9.         International data Transfer

Tricentis processes and stores Personal Data in the European Union, the United States, Australia and other countries and uses third-party service providers, which may be outside of your country of origin.

Tricentis is committed to comply with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data. Since Tricentis is a global organization, Personal Data and any additional information submitted may be used globally. Therefore, Personal Data may be transferred to other Tricentis entities worldwide, where it will be processed in accordance with this Privacy Policy and applicable laws.

Where the law of your country of origin requires your express consent to Tricentis disclosing Personal Data to services providers or Tricentis entities located in countries outside of your country of origin, you consent to such disclosure and acknowledge in respect of such disclosure that (i) you may not be able to seek redress under the laws applicable in your country of origin, (ii) the overseas recipient may not be subject to the same privacy obligations, (iii) you may not be able to seek redress in the overseas jurisdiction; and (iv) the overseas recipient may be subject to a foreign law that could compel the disclosure of personal information to a third-party, such as an overseas authority.

Tricentis implements suitable security measures to ensure that Personal Data is protected. Tricentis executes a Data Privacy and Data Security Agreement with third-parties with whom Tricentis shares Personal Data, if required by law.

10.         Security measures

Tricentis employs administrative, physical, and technical measures designed to protect your information from unauthorized access. Tricentis takes a proactive approach to its security program to ensure the level of security is appropriate to the risk, considering technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms.

Please note that no security system is impenetrable. Accordingly, Tricentis cannot guarantee the security of our databases, nor that information you supply will not be intercepted. Tricentis is not responsible for circumvention of any privacy settings or security measures contained on or within Products and Sites. Where you have chosen a password for access to certain parts of our Products and Sites, you are responsible for keeping this password confidential and you should not share your password with anyone.

Tricentis will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored Personal Data to you via email or posting through the Sites in the most expedient time possible and without unreasonable delay, as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

11.         Children’s Privacy

Tricentis’ Products and Sites are directed to business customers only and not directed to minors younger than sixteen (16) years of age nor intends to process Personal Data from minors under 16. If you are under 16 years, do not use the Site and do not send any information about yourself to us.

12.         CookieS

Tricentis Sites uses cookies and by using our Sites you are giving consent in accordance with this Privacy Policy to cookies being used by accepting the notification banner. If you do not agree to the use of cookies in the way as described herein, you need to set your browser settings accordingly or not use Tricentis’ Sites.

12.1.      Cookie Definition. Cookies are small files that are sent to and stored on your computer or mobile device. They are generally used to make websites and cloud-based services work better and more efficient, e.g. they can recognize you and remember important information that will make your visit of a website or cloud-based service more convenient (e.g., by allowing you to enter a password less frequently or remembering user preferences). Taken alone, cookies do not personally identify you – rather, they merely recognize your web browser. Unless you choose to identify yourself to Tricentis, either by opening an account, filling out a web form (such as by signing up for a free trial) or you have previously identified yourself to us, you remain anonymous.

12.2.      Cookie Usage. Tricentis may use cookies and other tracking technologies to deliver and improve our Sites, to display relevant content, products and services, and for other important purposes which are identified herein. This section describes how Tricentis may use cookies and other tracking technologies to deliver and improve the Sites, to display relevant content, products and services on the Sites, and for other important purposes and applies when you visit, access, or use our online products, trial and cloud-based services, and Sites that are owned or operated by Tricentis.

By clicking “Agree and Proceed” on our cookie pop-up notice, or clicking to close the cookie pop-up notice on our Sites, you agree that you have affirmatively consented to and opted-in to our use of cookies as described herein. Further, by using the Sites, you agree that Tricentis can use these technologies as described herein.

12.3.      Types of Cookies. Tricentis uses different types of cookies on our Sites to make your interaction easy and meaningful. The Sites may include first-party cookies, that send data directly to Tricentis and contractors acting on our behalf, including cookies used to monitor, analyze, and administer the Sites, and third-party cookies, that send data to our contractors for their own commercial use. Further, Tricentis use session cookies, which exist only during one session and disappear from your computer or device when you close your browser, and persistent cookies, which remain on your computer or device after you close your browser.

·       Strictly Necessary Cookies. These cookies are essential to the operation of our Products and Sites. They are used to facilitate our log-in process, authenticate users, and enable you to navigate the Sites and to use their features. They are also used by our employees for in-product messaging and analytics. Without these cookies, Tricentis may not be able to provide certain Products and the Sites may not perform as smoothly for you as Tricentis would like.

You have no option to opt-out of the use of strictly necessary cookies, since they are essential to operate our Products and Sites.

·       Functionality Cookies. These cookies allow us to remember the choices you make while visiting our Sites and to provide enhanced and more personalized content and features, such as customizing a certain webpage or application page, remembering if Tricentis has asked you to participate in a promotion and for other services you request, like watching a video or commenting on a blog. To permit your connection to the Sites, our servers receive and record information about your computer and browser, potentially including your IP address, browser type, and other software or hardware information. These features help us to improve your visit and assist in navigation of the Sites’ features.

You may manage, or opt out of the use of functionality cookies on our Sites, please see instructions below. Opting out may impact the functionality you receive when using our Sites.

·       Analytics Cookies. Tricentis and our service providers may use analytics cookies, to collect information and enable us to improve them by collecting information how you use the Sites, for instance, which pages you go to most. The information allows us to see the overall patterns of usage, help us record any difficulties users may have while using the Sites and show us if our advertising is effective.

You may manage, or opt out of the use of analytics cookies on our Sites, please see instructions below. Opting out may impact the functionality you receive when using our Sites.

·       Advertising Cookies. Tricentis may also use cookies and similar tools to correlate your use of the Sites to personal information obtained about you. For example, if you have asked us to provide you information about our upcoming products, our services or any promotions, Tricentis may utilize our cookie and/or clickstream data about your activities when you engage with us on the Sites. By evaluating this information, Tricentis may more clearly target the information provided to you to the specific items Tricentis thinks you will find interesting, based on your prior online activities and preferences. Tricentis also uses third-party advertising cookies. Tricentis and our service providers may use advertising cookies to deliver ads that Tricentis believes are more relevant to you and your interests.

You may manage, or opt out of the use of advertising cookies on our Sites, please see instructions below. Opting out may impact the functionality you receive when using our Sites.

·       Third-Party Cookies/Social Plugins. Tricentis may work with third-parties to provide services on our Sites. Tricentis uses analytics services supported by third-party companies who generate analytics cookies. Tricentis may not have access to these cookies, although Tricentis may use statistical information arising from the cookies provided by these third-parties to customize content and for the other purposes described above. These companies may also transfer this information to other parties where required to do so by law, or where such other parties process the information on their behalf.

12.4.      Tricentis does not control these third-party cookies, their use is governed by such third-parties. Please visit relevant third-party’s website and privacy policy to learn about these cookies and to disable or reject them. Control of Cookies. If you want to control cookies, you could view cookies stored on your hard drive, choose whether to permit cookies to be set by default by changing browser settings or delete the cookies stored on your hard drive. The main web browsers allow you to change your cookie settings directly through their sites and are typically found in the ‘options’ or ‘preferences’ menu of your browser. Please be aware, that your decision to control cookies may affect your experience of our Sites. Turning cookies off, for instance, will prevent you from registering for, signing in to, and using many of the services on our Sites.

12.5.      “Do not Track” Signal. Some web browsers may be configured to send “Do Not Track” signals to websites, or users may use similar mechanisms, to indicate a user’s preference that certain web technologies may not be used to track the user’s online activity.

13.         Changes to Privacy Policy

From time to time Tricentis may change this Privacy Policy with or without prior notice to you. You can tell when changes have been made to the Privacy Policy by referring to the version. Please review this Policy regularly to ensure that you are aware of any changes. If Tricentis materially changes the usage and disclosure of Personal Data, Tricentis will post a notice on our Site and send an e-mail to our registered users. Tricentis will also keep prior versions of this Privacy Policy in an archive for your review.

14.       Contacting Tricentis

If you have any questions or concerns about this Privacy Policy or your Personal Data, please contact us:

Controller
Tricentis GmbH

Attn.: Legal Department – Privacy

Leonard-Bernstein-Strasse 10

1220 Wien

Austria

Email: legal@tricentis.com

Tel: +43 1 263 2409 00

Via online form: Tricentis Support Portal

https://tricentisit.service-now.com/sp/gdpr
(only for registered users)

For a complete list of the Tricentis group, please see https://www.tricentis.com/about/locations/.

Data Protection Officer
c/o Tricentis GmbH

Attn.: Data Protection Officer – Privacy

Leonard-Bernstein-Strasse 10

1220 Wien

Austria

Email: privacy@tricentis.com

15.         Specific Privacy Information FOR Tricentis Products: SpecFlow, SpecFlow+, SpecFlow+LivingDoc, SpecMap

15.1.      Support Tickets. Support tickets are handled using Zendesk. Information on how Zendesk complies with the GDPR can be found here. Access to the ticketing system is restricted to those employees at Tricentis who require access to the tickets in order to respond to customer inquiries, complete purchase orders and provide technical support (including troubleshooting and reproducing issues).

15.2.      SpecFlow and SpecFlow+

·       Usage Tracking with Azure Application Insights. To improve the quality of our extensions we use Azure Application Insights, an analytics platform provided by Microsoft. Only anonymous usage data is transferred to Azure Application Insights, for further details, please see Microsoft’s documentation here. You can disable these analytics if you do not wish to share this information.

·       SpecFlow. We collect the following anonymous data in SpecFlow:

o    Unique anonymous user identifier

o    Target framework(s) of projects that uses SpecFlow

o    Operating system platform

o    Project GUID of projects that uses SpecFlow

o    MSBuild Version

o    SpecFlow version in use

o    Unit test provider

o    Running as build server flag

o    Build server identifier

o    Hashed assembly name (SHA256)

·       SpecFlow Visual Studio Extension. We track the following anonynmous data in Azure Application Insights when using the SpecFlow Visual Studio Extension:

o    Unique anonymous user identifier

o    Name of the IDE

o    Visual Studio version

o    Target framework(s) of projects

o    Extension version

o    Previously installed extension version

o    Running in Docker container flag

o    Unit test provider

·       SpecFlow+ Runner. We collect the following anonymous data in SpecFlow+ Runner:

o    Unique anonymous user identifier

o    Target framework in use

o    Operating system platform

o    Version of SpecFlow+ Runner

o    Running as build server flag

o    Build server identifier

o    Running in Docker container flag

·       SpecFlow Online Gherkin Editor. We collect the following anonymous data in SpecFlow Online Gherkin Editor:

o    Unique anonymous user identifier

o    Text field activations

o    Save to .feature file

o    Copy to clipboard

o    Clear text field

·       SpecFlow+ LivingDoc and SpecMap Azure DevOps Extension. The following data is automatically collected by Azure Application Insights:

o    Web server telemetry: HTTP requests, URI, time taken to process the request, response code, client IP address. session ID.

o    Web pages: Page, user and session counts, page load times, exceptions, Ajax calls.

o    Performance counters: Memory, CPU, IO, network occupancy.

o    Client and server context: OS, locale, device type, browser, screen resolution.

o    Exceptions and crashes: Stack dumps, build ID, CPU type.

o    Dependencies: Calls to external services such as REST, SQL, AJAX. URI or connection string, duration, success, command.

o    Availability tests: Duration of test and steps, responses.

·       We track the following additional anonymous data in the SpecFlow+LivingDoc and SpecMap Azure DevOps or Azure DevOps Server extension:

o    Unique anonymous user identifier

o    Host GUID

o    Collection GUID

o    Project GUID

o    Extension version

o    Platform (Azure DevOps or Azure DevOps Server)

o    Platform version

o    License information (SpecMap)

·       User-created Data. Our products installed as extensions on Azure DevOps or Azure DevOps Server store user created data on the hosting infrastructure where the extension is installed. All data written by the extensions remains within the host infrastructure. For further details, please see Microsoft’s privacy policy by clicking on this link.

15.3.      SpecFlow+LivingDoc. Tricentis provides different extensions for Azure DevOps and Azure DevOps Server. All data that is written by the extensions will remain within the host infrastructure, for further details, please see Microsoft’s privacy policy by clicking on this link.

·       Usage Tracking. To improve the quality of our extensions we use Azure Application Insights, an analytics platform provided by Microsoft. Only anonymous usage data is transferred to Azure Application Insights, for further details, please see Microsoft’s documentation by clicking on this link.

15.4.      SpecMap. Tricentis provides different extensions for Azure DevOps and Azure DevOps Server. All data that is written by the extensions will remain within the host infrastructure, for further details, please see Microsoft’s privacy policy by clicking on this link.

·       Usage Tracking. To improve the quality of our extensions we use Azure Application Insights, an analytics platform provided by Microsoft. Only anonymous usage data is transferred to Azure Application Insights, for further details, please see Microsoft’s documentation by clicking on this link.

Version 01/2020