Privacy Policy

We are delighted that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you about which of your personal data we collect when you visit our website and for what purposes it is used.

Who is responsible?

Responsible Party

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

DIgSILENT GmbH
Heinrich-Hertz-Straße 9
72810 Gomaringen
Germany

Telefon.: +49 (0)7072-9168-0
Telefax.: +49 (0)7072-9168-88
E-Mail: mail@digsilent.de

Data protection officer

KaMUX GmbH & Co. KG
Herzogstraße 26
66953 Pirmasens
E-Mail: datenschutz@digsilent.de

If you have any questions about our privacy policy, please feel free to contact us or our external data protection officer at any time.

Who receives my data?

Your data will not be passed on to third parties. If it is necessary to pass on your data (e.g. your IP address) for specific purposes, we will inform you below about the procedure and legal basis for each individual case.

If personal data is processed outside the European Union, we will explain this below for each respective processing operation.

If we use service providers to operate our website who process personal data on our behalf within the scope of order processing in accordance with Art. 28 GDPR, these may be the recipients of your personal data, too. You can find more detailed information on the use of order processors and web services in the descriptions of the individual processing operations below.

Are cookies used?

Cookies are pieces of information that we send to your device’s browser and store there when you visit our website. As an alternative to using cookies, information can also be stored in your browser’s local storage. Cookies do not cause any damage to your device. They cannot execute programs or contain viruses.

Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). We use cookies that are necessary for the technical implementation of our website, which store information until the end of your visit to the site or for a maximum of two days afterwards.

The legal basis for this is Article 6(1)(f) GDPR. As the operator of the website, we have a legitimate interest in the technically error-free and optimised provision of our website. We also need cookies to store your shopping basket and to display our website in the language you have selected.

If third parties process information via cookies, they collect the information directly via your browser. We provide information about the respective services for which we use cookies in the individual processing operations.

How exactly is my data processed?

Below, we provide information about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. Automated decision-making in individual cases, including profiling, does not take place.

Provision of the website

Nature and scope of processing

When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the file accessed
  • Website from which access is made (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Purpose and legal basis

Processing is carried out to safeguard our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of Art. 6(1)(f) GDPR. The collection of data and storage in log files is essential for the operation of the website. There is no right to object to the processing due to the exception under Art. 21(1) GDPR. Insofar as further storage of the log files is required by law, processing is carried out on the basis of Art. 6(1)(c) GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to access our website without providing the data.

Storage period

The aforementioned data will be stored for the duration of the website display and, for technical reasons, for a maximum of 48 hours thereafter.

Webshop login

Nature and scope of processing

    To place an order in our online shop, you can create a user account. Alternatively, you can place an order as a guest. Your personal data will only be stored if you actively create such an account. We use the data you provide in this context exclusively to process your orders, manage the associated payment information and contact you by email if we have any questions about your order.

    The following data is processed:

    • Billing address
    • Email address
    • Username
    • Name

    Please note our applicable terms and conditions:
    https://webshop.digsilent.de/terms-conditions/

    We commission an IT service provider as a processor to provide support services and have concluded a data processing agreement with this provider in accordance with Art. 28 GDPR.

    Purpose and legal basis

    The processing of your data for the purpose of managing your user account and processing your orders is necessary for the fulfilment of the purchase contract you have concluded with us. The legal basis is therefore Art. 6 (1) (b) GDPR (fulfilment of a contract or implementation of pre-contractual measures). Without the provision of this data, we cannot process your order.

    Storage period

    The data in your user account will be stored for as long as your account remains active. You can request the deletion of your account and the associated data at any time – simply contact us at training@digsilent.de. However, data that is part of invoice documents (e.g. your name and billing address) is subject to the statutory retention requirements under commercial and tax law (usually 10 years). Once these statutory periods have expired, this data will also be permanently deleted.

    Learning management system LMS

    Nature and scope of processing

    We use a learning management system (LMS) to provide training materials and to implement digital training and seminar sessions. If you purchase a self-e-learning product, a user account will be automatically created for you in our LMS. In this context, we process the data you provide exclusively to give you access to the LMS, the correct streaming region and the content you have purchased.

    The following data is processed:

    • Email Address
    • Username
    • Name
    • Streaming region
    • IP address

    We have commissioned the service provider VOREST AG (Bleichstr. 21, 75173 Pforzheim) to host the LMS, perform backups and carry out software updates. This provider was carefully selected by us and is strictly bound by our instructions within the framework of a data processing agreement. The service provider has implemented appropriate technical and organisational measures to protect your data and may only use the data for the purposes specified above.

    Please note our applicable terms and conditions:
    https://webshop.digsilent.de/terms-conditions/

    Purpose and legal basis

    Your data is processed in connection with the LMS in order to fulfil the contract concluded with you for the purchase of a self-paced e-learning course. The legal basis for this is Art. 6(1)(b) GDPR (performance of a contract). Without processing the aforementioned data, we cannot grant you access to the digital content you have booked.

    Storage period

    Your personal data in your LMS account will be stored for the duration of your access to the purchased e-learning content. You can request the deletion of your account and the associated data at any time – please contact us informally at training@digsilent.de. Data that is subject to statutory retention obligations (e.g. under commercial or tax law) will be permanently deleted after these periods have expired.

    Amazon Web Services (AWS) when using PowerFactory AppStreaming

    Nature and scope of processing

    AWS is used exclusively for our self-e-learning services. There is no connection to Amazon Web Services when using our website for other purposes.

    Within our self-e-learning courses, we offer you the option of using ‘PowerFactory AppStreaming’. This service is technically implemented via servers from Amazon Web Services (AWS), a provider based in the USA.

    When you start AppStreaming from the learning management system (LMS), a connection to the AWS servers is established. In order to provide the service technically, your current IP address is processed by AWS. The IP address is necessary to deliver the streaming content to your device. An anonymised identifier is also transferred for user assignment; no other personal data such as your name or email address is transferred to AWS.

    Purpose and legal basis

    The processing of your IP address by AWS is technically necessary for the provision of the AppStreaming service, which is part of the course you have booked. The legal basis for the processing is therefore Art. 6 (1) lit. b GDPR (performance of a contract).

    We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. Data transfers to the USA are carried out in accordance with Art. 45(1) GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified under the EU-US Data Privacy Framework (EU-US DPF).

    Storage period

    We have no influence over the specific storage period for the processed data; this is determined by Amazon Web Services, Inc. Further information can be found in the privacy policy for AWS CloudFront: https://aws.amazon.com/de/privacy/.

    WordPress CDN

    Nature and scope of processing

    We use WordPress CDN to ensure the proper delivery of our website content. WordPress CDN is a service provided by Automattic Inc. that acts as a content delivery network (CDN) on our website.

    A CDN helps to deliver content from our online services, in particular files such as graphics or scripts, more quickly, with the aid of regionally or internationally distributed servers. When you access this content, you connect to servers belonging to Automattic Inc., San Francisco, California, US, whereby your IP address and, if applicable, browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of WordPress CDN.

    Purpose and legal basis

    The use of the content delivery network is based on our legitimate interests, i.e. our interest in the secure and efficient provision and optimisation of our online services in accordance with Art. 6(1)(f) GDPR. We also implement language settings and shopping basket storage via WordPress CDN.

    We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. Data transfer to the USA is carried out in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified under the EU-US Data Privacy Framework (EU-US DPF).

    Storage period

    We have no influence over the specific storage period for the processed data; this is determined by Automattic Inc. Further information can be found in the privacy policy for WordPress CDN: https://automattic.com/privacy/ .

    etracker

    Nature and scope of processing

    We use etracker from etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany, as an analysis service for the statistical evaluation of our online services. This includes, for example, the number of visits to our online services, subpages visited and the length of time anonymous visitors spend on the site.

    As the privacy of our visitors is important to us, data that could potentially be linked to an individual, such as IP addresses, login details or device IDs, is anonymised or pseudonymised as soon as possible. It is not used for any other purpose, combined with other data or passed on to third parties. Analyses are therefore carried out exclusively on an anonymous basis and without reference to individuals. IP addresses are only transmitted to etracker for the purpose of anonymisation. We have concluded a data processing agreement in accordance with Art. 28 GDPR for this purpose.

    The data generated with etracker is processed and stored exclusively in Germany. etracker has been independently tested and certified in this regard and has been awarded the ePrivacyseal data protection seal of approval.

    Purpose and legal basis

    Data processing is carried out on the basis of our legitimate interests, i.e. interest in optimising our online services and our website in accordance with Art. 6 para. 1 lit. f. GDPR.

    Storage period

    Personal data (IP address) is immediately anonymised and not stored for long periods. Further information can be found in the privacy policy for etracker: https://www.etracker.com/datenschutz/.

    hCaptcha

    Nature and scope of processing

    We have integrated components from hCaptcha into our website. hCaptcha is a service provided by Intuition Machines, Inc. and enables us to distinguish whether a contact request originates from a natural person or is automated by a program. When you access this content, you establish a connection to servers belonging to Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110, United States, whereby your IP address and, if applicable, browser data such as your user agent are transmitted. Furthermore, hCaptcha records the user’s dwell time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of hCaptcha.

    Purpose and legal basis

    The use of hCaptcha is based on our legitimate interests, i.e. the interest in ensuring the IT security and functionality of the website by preventing automated, abusive access and spam in accordance with Art. 6(1)(f) GDPR.

    Storage period

    We have no influence over the specific storage period for the processed data; this is determined by Intuition Machines, Inc. Further information can be found in the privacy policy for hCaptcha: https://www.hcaptcha.com/privacy.

    jQuery CDN

    Nature and scope of processing

    We use jQuery CDN to ensure the proper provision of content on our website. jQuery CDN is a service provided by jQuery that acts as a content delivery network (CDN) on our website.

    A CDN helps to deliver content from our online services, in particular files such as graphics or scripts, more quickly with the aid of regionally or internationally distributed servers. When you access this content, you establish a connection to jQuery servers, whereby your IP address and, if applicable, browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of jQuery CDN.

    Purpose and legal basis

    The use of the content delivery network is based on our legitimate interests, i.e. our interest in the secure and efficient provision and optimisation of our online services in accordance with Art. 6(1)(f) GDPR.

    We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. Data transfer to the USA is carried out in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified under the EU-US Data Privacy Framework (EU-US DPF).

    Storage period

    We have no influence over the specific storage period for the processed data; this is determined by jQuery. Further information can be found in the privacy policy for jQuery CDN: https://www.stackpath.com/legal/privacy-statement/ .

    What are my rights?

    Under the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), you as the data subject have the following rights:

    • Information pursuant to Art. 15 GDPR, § 34 BDSG (Federal Data Protection Act) about the data stored about you in the form of meaningful information about the details of the processing and a copy of your data;
    • Correction pursuant to Art. 16 GDPR of incorrect or incomplete data stored by us;
    • Deletion pursuant to Art. 17 GDPR of the data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
    • Restriction of processing pursuant to Art. 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to have it deleted because you need it to assert, exercise or defend legal claims, or you have lodged an objection to the processing pursuant to Art. 21 GDPR.
    • Data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data within the scope of consent pursuant to Art. 6(1)(a) GDPR or on the basis of a contract pursuant to Art. 6(1)(b) GDPR and this data has been processed by us using automated procedures. You will receive your data in a structured, commonly used and machine-readable format, or we will transfer the data directly to another responsible party, insofar as this is technically feasible.
    • Objection pursuant to Art. 21 GDPR to the processing of your personal data, insofar as this is based on Art. 6(1)(e) or (f) GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct marketing. The right to object does not apply if there are compelling legitimate grounds for the processing or if the processing is for the establishment, exercise or defence of legal claims. If the right to object does not apply to individual processing operations, this is indicated there.
    • Revocation pursuant to Art. 7(3) GDPR of your consent with effect for the future.
    • Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

    Changes to this Privacy Policy

    We revise this privacy policy when changes are made to this website or when other circumstances make it necessary. The current version can always be found on this website.

    As of 18 December 2025