Last Updated 14 May 2020
We use your personal data for many reasons, from understanding how our users engage with our products and services to providing efficient technical support services.
These are the main reasons why we collect and use data about our customers and others who interact with Bohemia Interactive Simulations:
- To enable us to provide you with our products and services, including customer support services.
- To provide the services or information you sign up for, such as newsletter subscriptions.
- To carry out marketing analysis and send you communications when we have your permission, or when permitted by law.
We think carefully about our use of personal data, and below you can find the details of what we do to protect your privacy. This policy covers, among other topics:
- Information about your rights and our obligations
- Clarity about our dealings with you and transparency about how we collect and use your personal data
- Commitments on how we protect your personal data
- Commitments on how we will facilitate your rights and respond to your questions.
BISIM’s objective is to implement and maintain appropriate technical, security and organizational measures to protect personal data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure. In particular, to achieve this goal BISIM aims to ensure that personal data is:
- processed lawfully, fairly and in a transparent manner in relation to the individual (data subject) ('lawfulness, fairness and transparency');
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; However, further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes as permitted by relevant laws may not be considered to be incompatible with the initial purposes ('purpose limitation');
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimization');
- accurate and, where necessary, kept up to date; in this regard we will take reasonable steps to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay ('accuracy');
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by applicable laws and regulations in order to safeguard the rights and freedoms of the individual (data subject) ('storage limitation'); and
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures ('integrity and confidentiality').
BISIM’s policy is to obtain prior consent from the data subject to the collection, use, processing or disclosure of personal data, except where otherwise required or permitted by law. Our goal is to request consent in an intelligible and easily accessible form, using clear and plain language. Consent may be express or implied, depending on the circumstances. When appropriate, the written consent of the individual (data subject) will be requested (e.g. by mail, email or other electronic means). If the consent is given in the context of a written declaration or form which also concerns other matters, the request for consent will be presented in a manner which is clearly distinguishable from the other matters. Sometimes, an individual's consent may be obtained verbally or implied through his or her conduct or dealings with BISIM. BISIM generally does not require an individual to consent to collection, use, processing or disclosure of personal data as a condition of the provision of a product or service, beyond that which is necessary to provide the product or service or processing is necessary for the performance of a contract to which the individual (data subject) is party or in order to take steps at the request of the individual (data subject) prior to entering into a contract. However, some personal data may be requested that is optional for an individual to provide in order to improve the user experience or to help BISIM improve the products or services it offers and provides. BISIM may collect, use or disclose personal data without notice or consent only where permitted or required by law. Consent may be varied or withdrawn at any time subject to legal limitations and reasonable notice if required by law (without affecting the lawfulness of processing based on consent before its withdrawal). BISIM will advise the individual of any consequences of a variation or withdrawal.
COLLECTION OF DATA
In order to provide services or information to its customers, prospective customers, website visitors and others, BISIM collects certain types of data from them. This section describes how data is collected and used by BISIM.
The Personal Data We Collect:
BISIM collects and retains only the personal data that is required to meet the purposes identified by BISIM. BISIM is committed to collecting personal data in a fair, open and lawful manner. For this reason, BISIM does not indiscriminately collect personal data. The type of personal data we may collect includes contact information (such as name, postal address, email address, telephone or fax numbers, etc.) but we may from time to time request a data subject to optionally provide demographic information or product or service preferences or usage patterns. When a data subject inquires about products or services or orders products or services, or engages in activities such as participating in BISim-organised events downloading demos or subscribing to a newsletter, the data subject may provide information such as name, company name, job title and department, email, address, telephone and facsimile numbers, and other relevant data. BISIM may also collect, record and analyze information of visitors to its website. We may record your IP address. BISIM may add information collected by way of page view activity. Furthermore, BISIM may collect and process any personal data that you volunteer to us in our website’s forms, such as when you subscribe to a service or submit an enquiry or technical support request. Such personal data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, your areas of interest, interest in BISIM’s products, and certain information about the company you are working for (company name and address), as well as information as to the type of relationship that exists between BISIM and yourself. Our website also provides for an easy way to contact us either by direct communication with us or by electronic mail (e-mail address). If a data subject contacts us by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. This personal data transmitted on a voluntary basis by a data subject to us are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties. BISIM also gathers data about visits to the website, including numbers of visitors and visits, Geo-location data, length of time spent on the site, pages clicked on or where visitors have come. This information is used by BISIM to identify its customers, prospective customers, website visitors and others and provide or offer them with products, support, services, mailings, conduct sales and marketing actions, billing and to meet contractual obligations. It is completely optional for customers, prospective customers, website visitors and others to engage in activities or obtain services offered or provided by BISIM. Depending upon the activity or service, some of the information that we ask a data subject to provide is identified as mandatory and some as voluntary or optional. If the data subject does not provide the mandatory data with respect to a particular activity, the data subject may not be able to engage in that activity or receive the applicable product or service or may not be able to fully benefit from the product or service offered. BISIM’s policy is not to conduct processing of (a) personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, or (b) genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
GENERAL DATA AND INFORMATION
BISIM’s website collects a series of general data and information when a data subject accesses the website. This general data and information are stored in the server log files. Collected general data may include (a) the browser types and versions used, (b) the operating system used by the accessing system, (c) the website from which an accessing system reaches our website (so-called referrers), (d) the sub-websites, (e) the date and time of access to the Internet site, (f) an Internet protocol address (IP address), (g) the internet service provider (ISP) of the accessing system, and (h) other similar data and information that may be used in the event of attacks on BISIM’s website or other information technology systems. When using these general data and information, BISIM does not draw any conclusions about the data subject. On the contrary, this information is used to (1) help deliver the content of BISIM’s website in the intended manner, (2) improve the content of BISIM’s website as well as its advertisement and promotion, (3) improve the performance of BISIM’s website or other information technology systems, and (4) provide applicable law enforcement authorities with information necessary for criminal prosecution in case of hacking or cyber-attack on BISIM’s website or other information technology systems. Accordingly, BISIM uses anonymously collected data and information for statistical analysis with the aim of improving and protecting data security and our operations and service offerings, and to improve protection for the personal data we collect and process.
- the individual (data subject) has given consent to BISIM’s the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract (such as an end user license agreement or on-line subscription) to which the individual (data subject) is party or in order to take steps at the request of the individual (data subject) prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which BISIM as the controller is subject;
Or in rare cases:
- processing is necessary in order to protect the vital interests of the individual (data subject) or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in BISIM as the controller;
- processing is necessary for the purposes of the legitimate interests pursued by BISIM as the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual (data subject) which require protection of personal data,
If personal data is to be used or disclosed for a purpose not identified at the time of collection, individual consent will be obtained, where required by applicable law.
SHARING PERSONAL DATA
BISIM may also share such information with service vendors or contractors in order to provide a requested service or transaction or in order to analyze the visitor behavior on its website.
LIMITING USE, DISCLOSURE AND RETENTION
BISIM limits its use or disclosure of personal data to the purposes for which it was originally collected, unless it has first obtained the consent of the person from whom such information was received, or as otherwise permitted or required by law. BISIM retains personal information only for as long as it is needed for the purposes for which it was collected or used, or as otherwise required by law. The corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract. From time to time BISIM may use a third party or a related entity to store or manage personal data on our behalf. In such circumstances, BISIM requires such service providers and related entities to protect, by contract or other means, the personal data transferred to them by BISIM.
Personal data is maintained in as accurate, complete and up-to-date form as necessary for the purpose for which it is collected, or where it is likely to be used to make a decision about an individual. BISIM does not routinely update personal data and relies on the individual to advise it when his or her personal data changes. From time to time, in its sole discretion, and for a reasonable and legitimate purpose, BISIM may request written confirmation from an individual that the information collected and held by BISIM is up to date and accurate.
Personal data is protected, by appropriate technical and organizational measures including security safeguards appropriate to its sensitivity and level of risk, from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks. BISIM’s security safeguards include, as relevant:
- premises security;
- locked file cabinets;
- restricted access to personal information;
- technological safeguards such as security software and authentication methods;
- organizational security measures
If BISIM uses the services of any third parties to process personal data, BISIM will enter into legal agreements that require the third party to protect the personal data in a manner acceptable to BISIM and consistent with the protection provided by BISIM. BISIM also ensures that any of its Employees who deal with personal data are properly trained and are aware of the necessary and appropriate measures required to protect personal data. Individuals (data subjects) have specific rights to object to BISIM’s processing of their personal data if BISIM:
- processes the personal data based on an exercise of official authority (including profiling);
- uses the personal data for direct marketing (including profiling); or
- processes the personal data for purposes of scientific/historical research and statistics.
RIGHT TO RESTRICTION OF PROCESSING
Individuals (data subjects) have the right to obtain from BISIM restriction of processing where one of the following applies:
the accuracy of the personal data is contested by the individual for a period enabling BISIM to verify the accuracy of the personal data;
- the processing is unlawful and the individual opposes the erasure of the personal data and requests the restriction of their use instead;
- BISIM no longer needs the personal data for the purposes of the processing, but they are required by the individual for the establishment, exercise or defence of legal claims;
- the individual has objected to processing by means of automated decision-making pending the verification whether the legitimate grounds of BISIM override those of the individual.
RIGHT TO ERASURE
Individuals (data subjects) have the right to obtain from BISIM the erasure of personal data concerning him or her without undue delay and BISIM will erase personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the individual (data subject) has withdrawn his or her consent on which the processing is based and where there is no other legal ground for the processing;
- the individual (data subject) objects and has a legal basis for such objection and there are no overriding legitimate grounds for the processing;
- the personal data have been unlawfully processed; or
the personal data have to be erased for compliance with a legal obligation to which BISIM is subject.
Notification regarding rectification or erasure of personal data or restriction of processing
RIGHT TO OBJECT, AND AUTOMATED INDIVIDUAL DECISION-MAKING
Individuals (data subjects) have the right to refuse to be subjected to automated decision making, including profiling and may insist on human intervention if the decision is:
- Based on automated processing; and
- Produces a legal effect or a similarly significant effect on the individual.
RIGHT TO DATA PORTABILITY
Individuals (data subjects) have the right to receive the personal data concerning him or her, which he or she has provided to BISIM, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from BISIM, where:
- the processing is based on consent or on a contract with BISIM; and
- the processing is carried out by automated means.
LEGAL OBLIGATION TO DISCLOSE PERSONAL INFORMATION
We are permitted to disclose personal information when we are legally required to do so or have good reason to believe that this is legally required.
EXCEPTIONS ARISING UNDER LAW
- national security;
- public security;
- the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security;
- other important objectives of general public interest of governmental authority having jurisdiction over BISIM in particular an important economic or financial interest of the governmental authority, including monetary, budgetary and taxation a matters, public health and social security;
- the protection of judicial independence and judicial proceedings;
- the prevention, investigation, detection and prosecution of breaches of ethics for regulated professions;
- a monitoring, inspection or regulatory function connected, even occasionally, to the exercise of official authority in the cases referred to in points (a), (b), (c), (d), (e) and (g);
- the protection of the individual (data subject) or the rights and freedoms of others;
- the enforcement of civil law claims.
We may also reveal a user’s personal information without his/her prior permission only when we have good reason to believe that the disclosure of this information is required to establish the identity of, to contact or to initiate legal proceedings against a person or persons who is/are suspected of infringing rights or property belonging to BISIM or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property.
YOUR RIGHT TO ACCESS AND MODIFY YOUR PERSONAL INFORMATION
Subject to some exceptions, you have the right to request access to any personal information relating to you that is held by BISim in accordance with applicable laws. Ordinarily, a copy of the personal information held by BISim electronically or in files can be provided.
- wish to access the personal information relating to you that is held by BISim; or
- wish to update personal information relating to you that is held by BISim because you believe that information is incorrect or out of date; or
- no longer wish to have personal information relating to you held by BISim,
you will need to make a written request by email to [email protected] with sufficient details for BISim to identify you, and to contact you in the event that BISim requires further confirmation of your identity.
By requesting that BISim cease holding personal information relating to you, you acknowledge and agree that BISim will cease the provision of all services to you requiring such information. BISim will then take all reasonable steps to ensure that the personal information relating to you is destroyed or de-identified by secure means.