Privacy Policy

Data Controller: The data controller for the processing of personal data in connection with the DDC Tools web application is:

• Website Usage Data: We collect basic website usage information including IP addresses, browser type, operating system, and pages visited. This data is used for technical operation and security purposes.
• File Upload Processing: When you use our VDI 2770 validator, uploaded files are processed on our servers but not permanently stored. Files are deleted immediately after processing.
• ID Link Generation: Generated IEC 61406 ID links are stored for the functionality of the service. These links contain no personal information.
• Anonymized Reports: We store anonymized validation reports for service improvement purposes. These reports contain no personal or identifying information.

• Contract Performance (Art. 6(1)(b) GDPR): Processing is necessary for the performance of the service you have requested.
• Legitimate Interest (Art. 6(1)(f) GDPR): We process data for technical operation, security, and service improvement based on our legitimate interest.
• Consent (Art. 6(1)(a) GDPR): Where applicable, we process data based on your explicit consent (e.g., for cookies).

• Technical Cookies: We use technically necessary cookies for website functionality. These cookies are essential for the operation of our service.
• Analytics: We may use analytics cookies to understand website usage patterns. You can opt out of these cookies through your browser settings.
• Cookie Management: You can manage cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

• No Sale of Data: We do not sell, rent, or trade your personal information to third parties.
• Service Providers: We may share data with trusted service providers who assist us in operating our website and providing services (hosting, technical support).
• Legal Requirements: We may disclose information when required by law or to protect our rights and safety.

• Right to Information: You have the right to know what personal data we process about you.
• Right to Rectification: You can request correction of inaccurate personal data.
• Right to Erasure: You can request deletion of your personal data under certain circumstances.
• Right to Restriction: You can request limitation of processing of your personal data.
• Right to Data Portability: You can request transfer of your data in a structured, machine-readable format.
• Right to Object: You can object to processing based on legitimate interest.

• Encryption: All data transmission is encrypted using industry-standard SSL/TLS protocols.
• Access Controls: Access to personal data is restricted to authorized personnel only.
• Regular Updates: We regularly update our security measures to protect against new threats.
• Data Retention: Personal data is retained only as long as necessary for the purposes outlined in this policy.

• Uploaded Files: Deleted immediately after processing (VDI 2770 validation).
• Generated ID Links: Stored permanently for service functionality.
• Website Logs: Retained for up to 12 months for security and technical purposes.
• Anonymized Reports: Retained indefinitely for service improvement (no personal data).

If you have questions about this privacy policy or want to exercise your rights under GDPR, please contact us:

Supervisory Authority:
You also have the right to lodge a complaint with the competent data protection supervisory authority if you believe your rights under GDPR have been violated.

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new effective date.

Last Updated:
Effective Date: