Personal data in iQUAVIS
In connection with the use of iQUAVIS and associated plug-ins, personal data of the user is collected, stored and processed.
Data Collected
The user’s name is stored together with the login ID including password and the assigned license scope. In addition, the corresponding organizational unit as well as the e-mail address and telephone number can be stored. This information is collected at the time the license is set up, but can be changed at any time (by the customer or by Two Pillars GmbH). In connection with the active use of the software, the following information is associated with the login ID and stored in a log file:
- Information (esp. the time) about the login and logout
- Information (in particular the time) of the creation or deletion of data
- When data is updated
- Further information that roughly reflects the use of iQUAVIS
- Information about bugs in the software
Processing and use of data
The login ID and associated password are processed to authenticate the login. Access and permissions regarding data access are also regulated here. In the case of single sign-on, a user’s email address is passed to a customer-side login server for authentication. The user information is also displayed within the software; This means that the user’s name will also be displayed to other users in iQUAVIS, e.g. work in the same project.
Additional contact information (e-mail address and phone number) can be stored as resource information to display in iQUAVIS as well. They can be used by Two Pillars to be able to contact the user directly if necessary. This is necessary if support has been requested or there are other important reasons.
The log file generated by iQUAVIS is analyzed in order to enable or support the elimination of problems in the event of software errors. In addition, the log file can be used and analyzed to generally increase the functionality of iQUAVIS. However, for this purpose, the data will be processed without reference to the user’s real name or other personal information.
The processing of said information is legitimised by Article 6(1)(f) of the GDPR.
Storage and disclosure
The data collected is stored exclusively on the data storage set up for the operation of the software. It is a server provided by Microsoft Azure and operated exclusively in Germany. A log file stores processes of the iQUAVIS software, whereby the reference to persons is pseudonymised. These can only be viewed by the employees of Two Pillars GmbH. Log files may be passed on pseudonymously to DENTSU SOKEN (in Japan) if this is necessary in connection with second-level support or the correction of errors.
Personal data (user’s name and contact details) are stored together with the application data and kept in the backup for 30 days.
Data deletion
If a user is deleted as an iQUAVIS user, the personal data will no longer be stored on the application server. The information in the backup is automatically deleted at the end of the backup period (30 days).
If iQUAVIS is terminated as a service, all application and personal data will be irrevocably deleted from the server upon expiry of the service contract. It is not stored at Two Pillars.
Last updated: 22 March 2024