Versions Compared

Old Version 13

changes.mady.by.user Johannes Kästle

Saved on

compared with

New Version Current

changes.mady.by.user Kilian Lohmann

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Privacy Policy

...

Information about the processing of your data

TNG Technology Consulting GmbH (hereinafter referred to as TNG / We) welcomes your visit to our website and your interest in our company. We take the protection of your personal data seriously and want you to feel safe and comfortable when using our apps, visiting our website, or signing up to our newsletter.

All personal data accumulated within the framework of the services provided by TNG will be processed and used in accordance with the applicable regulations for the protection of personal data. Under no circumstances will TNG sell your personal data.

1. Controller

Data processing on this website is the responsibility of the controller, namely:

TNG Technology Consulting GmbH
Beta-Straße 13
85774 Unterföhring
Germany

2. Data security

TNG Technology Consulting GmbH uses technical and organizational security measures to protect the data made available to TNG Technology Consulting GmbH from accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

Our security measures are continuously improved in line with technological developments.

3. Data Processing

On this page, we inform you about how we process your personal data. "Personal data" in this context includes all information relating to an identified or identifiable natural person. "Processing" means all operations or series of operations relating to personal data, such as the collection or storage of personal data.

 

Except as expressly stated below, there is no legal or contractual obligation for you to provide TNG with the information described above. 

3.1 Atlassian Marketplace Apps

a. TNG provides apps for Atlassian products on the Atlassian Marketplace. If you ("End User") download, install and/or use our apps, you acknowledge that you have read and agree with the terms of our EULA and

...

this Privacy Policy.

Please note, that the following apps have a different Privacy Policy completely replacing this Privacy Policy:

App usage

b. Art. 6(1) lit. f GDPR acts as legal basis for the processing as the End User is a client or in the service of TNG (Rec. 47 Sent. 2 GDPR), unless expressly stated below.

3.1.1 App usage

a. Apps for Server and Data Center are installed directly in the End User’s Atlassian system. Therefore, all data stored and processed by these apps remains in the End User’s Atlassian system if none of the exceptions in 3.1.1.c apply. TNG’s apps do not transmit any data to TNG or any other external third-party system if none of the exceptions in 3.1.1.c apply. Therefore, TNG does not have access to any data stored in the End User’s system when the End User installs TNG’s Server and Data Center apps if none of the exceptions in 3.1.1.c apply.

b. Apps for Cloud are written using Forge. Forge apps are hosted by Atlassian and keep all data in Atlassian’s infrastructure. Therefore, all data stored and processed by these apps remains in Atlassian’s infrastructure if none of the exceptions in 3.1.1.c apply. TNG’s apps

...

only transmit any data to TNG or any other external third-party system in the cases listed in 3.1.1.c. Therefore, TNG does not have access to any data stored in the End User’s system when the End User installs TNG’s Cloud apps unless either the End User or Atlassian provides data to TNG

...

Customer support

  1. If the End User has issues or questions related to TNG’s apps, the End User might want to contact TNG. In order to give the End User appropriate support, TNG might ask the End User to provide TNG with diagnostic information. It is completely up to the End User if the End User provides TNG with such information and if so, in which form. All data the End User provides to TNG is only used to analyze and solve the End User’s issue.

Contact data collection and privacy

or an exception stated in 3.1.1.c applies.

c. The End User can opt in to use external services inside the apps. In particular, this includes third party AI services like OpenAI. The submission of an API key of the external service enables the functionality of the feature using the external service and will only be used to offer the agreed functionality. When the use of external services is enabled, only data needed for the agreed functionality may be sent to the external service provider. This allows the external service provider to process and analyze the data according to the privacy policy of the external service and/or any DPA with that service provider.

3.1.2 Contact data collection and privacy

a. The Atlassian Marketplace provides TNG with contact data such as the End User’s name, company name, address, e-mail address and phone number if the End User buys or evaluates one of TNG’s apps.

b. TNG may use the End User’s contact data for sending e-mails with relevant information and marketing material regarding products and services similar or connected to the app during an active license or evaluation term and a period of six (6) months after its end. The End User can deny this right at any time by submitting a request to atlassian-apps@tngtech.com.

c. TNG may contact the End User via e-mail when

i. the End User starts an evaluation of an app,

ii. the End User buys an app,

iii. the End User permits to be contacted for a specific purpose (e.g., support),

iv. TNG would like to contact the End User about an app review submitted by the End User to the Atlassian Marketplace,

v. TNG would like to advertise products and services similar or connected to an app the End User has an active license for or is currently evaluating,

vi. TNG is legally required to inform the End User.

d. TNG processes the End User’s contact data using Mailchimp as a subprocessor. TNG seeks to provide only that information to Mailchimp that is necessary to perform its specific function. All e-mails sent by Mailchimp are sent on TNG’s behalf and delivery is confirmed with the use of Cookies and other tracking technologies. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on these technologies, TNG might see if and when a newsletter was opened and which links have been clicked. The tracking technologies used by Mailchimp are detailed in Mailchimp's Privacy Policy.

e. TNG provides an option to the End User to opt-out of any e-mail communication unless TNG is legally required to inform the End User. If the End User does not want to receive e-mail communication by TNG, the End User may simply unsubscribe at any time by either using the unsubscribe button in the respective e-mail or by contacting atlassian-apps@tngtech.com.

3.1.3 Customer support

a. If the End User has issues or questions related to TNG’s apps, the End User might want to contact TNG. Each time the End User contacts TNG, the following data is collected:

i. the End User’s name,

ii. the End User’s email address,

iii. date and time of the contact,

iv. all data the End User shares in their message.

b. TNG uses the Atlassian Cloud to work on support requests. This applies to all methods of contacting TNG, including email support requests and those submitted via TNG’s support portal hosted by Jira Service Management. 

c. In order to give the End User appropriate support, TNG might ask the End User to provide TNG with diagnostic information. It is completely up to the End User if the End User provides TNG with such information and if so, in which form. All data the End User provides to TNG is only used to analyze and solve the End User’s issue. For reference purposes and to help with future requests by the End User, the data is stored up to three years, unless the End User chooses to exercise their rights as described in Section 5.

d. Art. 6(1) lit.

...

 a GDPR acts as legal basis for

...

this processing as the End User

...

consented to receiving help via TNG’s support portal.

3.2 Website Hosting

a. TNG uses Amazon Web Services (AWS) as a service provider within the terms of Art. 28 GDPR to supply website hosting and associated services, which may require access to the User's personal data.

b. This website is delivered via the AWS Cloudfront service. This is a Content Delivery Network (CDN) that uses a variety of worldwide servers to ensure optimal site availability. Depending on the User's location, the server may be located outside the EU. The associated transfer of connection data takes place exclusively via the service provider AWS, which acts as a processor, and is governed by Standard Contractual Clauses according to Art. 46 2(c) GDPR.

c. Each time our website is accessed, the following data is automatically collected:

i. IP address

ii. Date and time of the call

iii. Information about your browser and operating system

iv. Websites through which you accessed our website

v. Websites that you access through our website

d. This data will be stored only for a duration commensurate with our functional and security requirements and then automatically deleted. Exceptions to this rule will only be made in cases where there is a legitimate interest in its further storage, for example to clarify security
incidents. In these cases, the data will be deleted as soon as this
process is completed.

e. This data processing is based on our legitimate interest to make our website accessible to users, to identify any functional problems or capacity deficits of our website and to verify security in accordance with Art. 6 para. 1 lit. f DS-GVO/UK GDPR.

3.3 Newsletter

a. TNG provides an option to receive Apps Newsletter communications. If you ("Subscriber") subscribe to our Apps Newsletter, you acknowledge that you have read and agree with the terms of this Privacy Policy.

b. Upon subscription to our Apps Newsletter, the Subscriber agrees to provide TNG with the Subscriber’s e-mail address for the sole purpose of receiving Apps Newsletter e-mail communications.

c. TNG may use the Subscriber’s e-mail address to send regular Apps Newsletters via e-mail with information about the following topics:

i. Updates to our apps on the Atlassian Marketplace

ii. New TNG app releases on the Atlassian Marketplace

iii. Information relevant to the usage of our apps

iv. Other news and achievements from TNG

d. Art. 6(1) lit. a GDPR acts as legal basis for the processing as the Subscriber consented to receiving Apps Newsletter communications.

e. TNG processes the End User’s contact data using Mailchimp as a subprocessor. TNG seeks to provide only that information to Mailchimp that is necessary to perform its specific function. All e-mails sent by Mailchimp are sent on TNG’s behalf and delivery is confirmed with the use of Cookies and other tracking technologies. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on these technologies, TNG might see if and when a newsletter was opened and which links have been clicked. The tracking technologies used by Mailchimp are detailed in Mailchimp's Privacy Policy.

f. TNG provides an option to the Subscriber to stop receiving Apps Newsletter e-mail communications. If the Subscriber no longer wants to receive e-mail communication by TNG, the

...

Subscriber may simply unsubscribe at any time by either using the unsubscribe button in the respective e-mail, the unsubscribe button on our website, or by contacting atlassian-apps@tngtech.com.

4.

...

Recipients of the data

Below are details of third parties receiving data from TNG.

Regarding data transfers to third countries, the EU, the UK and Switzerland have mutually identified their data protection regulations and those of New Zealand as adequate, which will serve as the legal basis for any data transfers to those countries.

Amazon Web Services, Inc.

All permanently stored data is stored in the European Union (EU). In case the Content Delivery Network (CDN) of AWS is being used in order to ensure optimal availability of the website, it cannot be ruled out that the data held and processed by AWS will be provided from a server outside the EU. AWS has committed itself in standard data protection clauses according to Art. 46 para. 2 lit c. (DS-GVO, UK GDPR) or Art. 16 para. 2 lit. d (DSG) to comply with data protection standards also in these cases; more detailed information can be found here.

Atlassian

Customer Contact Data may be transferred to and processed in Data Centers outside of the EU. Atlassian is contractually commited that any such transfers are made in compliance with the Standard Contractual Clauses (SCCs). More detailed information can be found here.

Mailchimp

Customer Contact Data may be transferred to and processed in Data Centers outside of the EU. Mailchimp is contractually commited that any such transfers are made in compliance with the Standard Contractual Clauses (SCCs). More detailed information can be found here.

5. Rights of Data Subjects

5.1 DS-GVO (EU) / Data Protection Act 2018 & UK GDPR (UK)

You have the right, in accordance with the laws applicable to you and to the extent provided therein, to access your personal data and to require us to update, rectify or erase your personal data. In addition, in accordance with applicable law, you may restrict TNG's processing of your personal data, and you have the right to data portability. Your right to access your personal data includes the right to obtain a copy of all or certain portions of your personal data in our possession, as long as the provision of such data by TNG does not adversely affect the rights and freedoms of other persons.

Right to object: you have the right to object to the processing of

...

your personal data solely on the basis of TNG's legitimate interest. If you exercise your right to object hereto, TNG will no longer process your personal data unless there are compelling legitimate grounds for further processing or the processing is necessary to establish, exercise or defend legal claims.

If the processing is based on your consent, you can revoke this consent at any time. This revocation only affects future processing.

You also have the right to lodge a complaint with the relevant data protection authority if you believe that the processing of your personal data has violated applicable data protection laws.

 

5.2 Privacy Act (Australia)

You have the right of access to your data and to request rectification of your data. You also have the right to lodge a complaint if you believe that the processing of your personal data has violated applicable data protection laws. In all such cases, please contact our data protection officer ANZ (see section 6).

If you wish to lodge a complaint about our handling of your personal information, you can contact our data protection officer via dataprotection-anz@tngtech.com. We take all complaints seriously and will investigate your concerns promptly and fairly. We will respond to your complaint within a reasonable timeframe, usually within 30 days, and inform you of the steps we have taken or will take to address your concerns. We may ask you to provide additional relevant details and may discuss your complaint with our internal departments, our service providers, and others where appropriate. If you are not satisfied with our response, you have the right to lodge a complaint with your relevant data protection authority, e.g. the Office of the Australian Information Commissioner at https://www.oaic.gov.au/about-us/contact-us/.

 

5.3 Privacy Act (New Zealand)

You have the right of access to your data and to request rectification of your data. In such cases, please contact our data protection officer ANZ (see section 6).

 

5.4 California Consumer Privacy Act

You have the right of access to your personal data and to require us to rectify or erase your personal data. You also have the right to data portability and to restrict the use of sensitive personal data. Exercising these rights, such as the erasure of your data, may result in TNG being unable to provide certain services you have requested or being unable to provide them as desired. Exercising your rights does not carry any further negative consequences for you; TNG will not discriminate against you in any way as a result of exercising your data protection rights. To exercise your rights, please contact our data protection officer (see section 6).

 

6. Data Protection Officer

If you have any questions regarding the processing of your personal data, you can contact our data protection officer directly, who is also available in case of requests for access, inquiries or complaints:

Data Protection Officer
Dr. Marcel Lippmann
TNG Technology Consulting GmbH
Beta-Str. 13
85774 Unterföhring
datenschutz@tngtech.com

For inquiries concerning processing by our Australian subsidiary TNG Technology Consulting ANZ Pty Ltd, please contact:

Data Protection Officer ANZ
Dr. Philipp Lang
TNG Technology Consulting GmbH
Beta-

...

Str. 13
85774 Unterföhring

...

dataprotection-anz@tngtech.com

 

We can supply our GPG key on request, should you wish to send us your request in encrypted form.

 

7. Version

This privacy policy was last modified on 07.05.2024. We reserve the right to amend this policy from time to time to reflect changes in our data processing, for example. In the event of changes, we will post the new privacy policy on this website.