DIALux Data Privacy Statement

The data protection policy applicable to the online offers on www.dialux.com can be found here: Data protection policy.

Name and contact details of the responsible processor
The responsible party according to Art. 4, para. 7 of the EU General Data Protection Regulation (GDPR) is:
DIAL GmbH
Bahnhofsallee 18
58507 Lüdenscheid, Germany
Tel. +49 (0) 2351 5674 0
E-Mail dialog(at)dial.de
Website www.dial.de

Contact details of the data protection officer
progressorg GmbH
Höveler Weg 2
58553 Halver, Germany
Tel. + 49 (0) 2353 9096 31
Fax: + 49 (0) 2353 9096 49
E-Mail: datenschutz(at)progressorg.de
Website: www.progressorg.de

Description

DIALux is the world's leading software for professional lighting design and marketing tool for lighting manufacturers.

These privacy notes apply to the processing of personal data when registering for and using the DIALux software. Personal data means any information relating to an identified or identifiable natural person. Protecting your privacy when you use DIALux is a matter of importance to us. It is for this reason that we provide the following information to make it clear which personal data we process when you register for DIALux and use our software.

We also explain the legal reason for processing your data and, insofar as such processing is required to safeguard our legitimate interests, provide information about our legitimate interests as well.

Information about the processing of your data

Certain information is processed automatically as soon as you register for DIALux. We have set out below precisely which of your personal data are processed.

(1) Information collected when you register for DIALux
A registration is required to use DIALux. The following personal data are collected as part of the registration process:

First name
Surname
E-mail address
Password
Date und time of registration

This data processing is justified in its necessity to fulfil the terms of the contract between you as the data subject and us pursuant to Art. 6 (1) (b) GDPR on the use of the software, or (2) we have a legitimate interest in guaranteeing the functional capability and error free operation of DIALux and in offering a software solution that meets market requirements and is in keeping with customer's interests, such legitimate interest outweighing your rights and interests concerning the protection of your personal data pursuant to Art. 6 (1) (f) GDPR.

(2) Data collected when you use DIALux
We collect certain data that is required for the use of DIALux.

Set-up information
The set-up procedure mainly collects information in order to establish whether or not the set-up was successful and the possible reason why DIALux was not able to be installed:

Complete IP address, date and time
Instance ID
Evo and set-up version
Operating system and version
Operating system language
Monitor bit resolution and color depth
RAM (total/free)
Result of the system test (passed/failed: OS, HW, SSE2, GPU)
Result of the OGL check (graphics card, driver version)

System information
When DIALux evo is started, the system collects information about your computer's current hardware and software, as well as about other installed DIALux versions and the DIAL infrastructure.

Complete IP address, date and time
Instance ID
CPU type and cycle rate
Type designation of the graphics card(s) installed
Size of the main memory installed
Number and resolution of the monitors connected
.Net Framework versions installed
Version of the service for exchanging DIAL data formats (DCF) required to pass light information to DIALux, for example
Selected language and renderer of the DIALux version(s) identified
Available DirectX version and functions of the graphics card and driver
Operating system version, language and bit width
DIALux plug-ins installed, incl. manufacturer's name
Information on web browsers installed
Graphics card information

When DIALux is started, information is read out from the active graphics card and saved on the customer's computer as a text file. The files are located next to the usage information log files. When DIALux is closed, or in case of an error next time the program is started, the files are uploaded to the DIAL server. The following information is recorded:

Program version number
Instance ID
Process ID and bit width (32/64Bit)
Time at which the log was created
Whether or not there was a connection to the Internet when the program was started
Initialization information from the graphics card
List of accessible OpenGL information, incl. manufacturer and type of the graphics card, as well as version number of the driver and supported OpenGL version

User information/log files
We process the following user information and/or log files:

Program version number
Instance ID
Process ID and bit width (32/64Bit)
Time at which the log was created
Whether or not there was a connection to the Internet when the program was started
User actions (used modes, tools,...), incl. time
Errors and exceptions that occurred, incl. StackTrace

These user data are processed and used to ensure the proper provision of DIALux. This data processing is justified in its necessity to fulfil the terms of the contract between you as the data subject and us pursuant to Art. 6 (1) (b) GDPR on the use of DIALux. In addition, we process personal data on a case-by-case basis by virtue of our legitimate interest pursuant to Art. 6 (1) (f) GDPR. We have a legitimate interest in guaranteeing the functional capability and error free operation of DIALux and in offering a software solution that is in keeping with market requirements and our interests, such legitimate interest outweighing your rights and interests concerning the protection of your personal data pursuant to Art. 6 (1) (f) GDPR.

Period of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. This is the case for data collected during the registration process to fulfil the terms of a contract or to take pre-contractual measures if the data are no longer required to execute the contract. Even when the contract is concluded, there may be a need to store the contracting partner's personal data in order to meet contractual or statutory obligations.

Disclosure and transmission of data

We disclose your personal data without your express prior consent in addition to the cases mentioned explicitly in this Data Privacy Statement only if permitted by law and/or if necessary.

Transmission of data to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in order to utilize third-party services, disclose or transmit data to third parties, then this will only happen in order to fulfil our (pre-)contractual obligations, on the basis of your consent, to meet a statutory obligation or by virtue of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the particular requirements of Art. 44 ff. of the GDPR apply. This means, for example, that processing is carried out on the basis of special guarantees, such as the officially recognized establishment of a data protection level in compliance with the EU or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").

Changes in purpose

Your personal data are processed for purposes other than those described only insofar as this is permitted by a legal provision or you have approved the changed purpose of such data processing. Where data are processed for purposes other than those for which the data were originally collected, we shall advise you, prior to such processing, about these other purposes and make all other relevant information available to you.

Deletion of data

The data processed by us will be deleted or have its processing restricted in accordance with Art. 17 and 18 of the GDPR. Unless expressly stated in this Data Privacy Statement, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any legal storage obligations. If the data are not deleted because they are necessary for other legally permissible purposes, the processing of such data will be restricted. This means that the data is blocked and not processed for any other purposes. This applies, for example, to data that need to be retained for commercial or tax reasons. According to legal requirements in Germany, records shall be retained for 6 years in accordance with Section 257 (1) of the HGB (German Commercial Code) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 (1) of the AO (German Fiscal Code) (books, records, progress reports, accounting documents, commercial and business letters, for documents relevant to taxation, etc.).

Your rights as the data subject

(1) Right to information
You have the right to receive from us, at any time upon request, information about your personal data we process pursuant to Art. 15 GDPR. You can make such request by post or e-mail to the address given below.

(2) Right to rectification of incorrect data
You have the right to demand that we rectify any incorrect data immediately. Please send your requests in this regard to the contact address given below.

(3) Right to erasure
You have the right, under the prerequisites set out in Art. 17 GDPR, to demand that we erase your personal data. These prerequisites provide for a right to erasure particularly if the personal data are no longer required for the purposes for which they were collected or otherwise processed, and also in case of unlawful processing or an objection or if there is an obligation to delete according to union law or the law of the member state by which we are governed. For the period of data storage, see also para. 5 of this Data Privacy Statement. To exercise your right to erasure, please contact the addresses given below.

(4) Right to restriction of processing
You have the right to demand that we restrict processing pursuant to Art. 18 GDPR. This right exists particularly if there is a dispute over the accuracy of the personal data between the user and us for the period required to verify the accuracy and also if the user demands, under an existing right to erasure, that processing is restricted in lieu of erasure; also if the data are no longer required for the purpose pursued by us, though required by the user to exercise or defend legal claims and also if the successful raising of an objection between us and the user is still in dispute. To exercise your right to restrict processing, please contact us the addresses given below.

(5) Right to data portability
Pursuant to Art. 20 GDPR, you have the right to receive from us the personal data concerned, which you provided to us, in a structured, standard and machine readable format. To assert your right to data portability, please contact us at the addresses given below.

Right to object

You have the right, on grounds relating to your particular situation, to enter at any time an objection – according to Art. 21 GDPR – against the processing of your personal data, which takes place on the basis of a balancing of interests pursuant to Art. 6 (1) (f) GDPR. We will cease the processing of your personal data unless we can demonstrate compelling and legitimate grounds for the processing that outweigh your interests, rights and freedoms or if the processing serves for the assertion, exercise or defence of legal claims. If you raise such an objection, we therefore ask that you explain the reasons why we should not process your personal data in the manner we have done so. If your objection is justified, we will examine the situation and either cease or adjust the data processing or explain to you our compelling and legitimate reasons as to why we will continue to perform the processing as such.
Of course, you may object at any time to the processing of your personal data for advertising and data analysis purposes, without this incurring any costs other than those relating to transmission according to the basic tariffs. You may inform us of your objection to such uses via the following contact details: DIAL GmbH, Bahnhofsallee 18, 58507 Lüdenscheid, Germany, Tel. +49 (0) 2351 5674 0, Fax +49 (0) 2351 5674 410, E-Mail dialog(at)dial.de.

Right of complaint

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your data has been carried out illegitimately. The address of the supervisory authority responsible for our company is: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (North Rhine-Westphalia state official for data privacy and information security), Kavalleriestr. 2-4, 40213 Düsseldorf, Germany, email: poststelle(at)ldi.nrw.de. Furthermore, you have the option of contacting the supervisory authority at your usual place of residence.

Name	Purpose	Lifetime	Type	Provider
CookieConsent	Saves your consent to using cookies.	1 year	HTML	Website
fe_typo_user	Assigns your browser to a session on the server.	session	HTTP	Website
__DFC_4f9b69d7523603cb41afcad6ba49adfd	Used to store FastCalc settings.	15 minutes	HTTP	fastcalc.dialux.com

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	13 months	HTML	Matomo
_pk_ref	Used to store the attribution information, the referrer initially used to visit the website.	6 months	HTML	Matomo
_pk_ses	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_cvar	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_hsr	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo

Name	Purpose	Lifetime	Type	Provider
DSID	Google: Security, Functionality, Advertising for AdSense, Campaign Manager, Google Ad Manager, Google Analytics, Display + Video 360, Search Ads 360	2 weeks	HTML	Google
test_cookie	Google: Functionality for AdSense, Campaign Manager, Google Ad Manager, Google Analytics, Display + Video 360, Search Ads 360	15 minutes	HTML	Google
IDE	Google: Advertising for Campaign Manager, Display + Video 360, Google Ad Manager, Google Analytics, Search Ads 360	24 months	HTML	Google
FPLC	Google: Analytics for Google Analytics	20 hours	HTML	Google
FPID	Google: Analytics for Google Analytics	2 years	HTML	Google
GA_OPT_OUT	Google: Functionality for Google Analytics	7 years	HTML	Google
__utma	Google: Analytics for Google Analytics	2 years	HTML	Google
__utmb	Google: Analytics for Google Analytics	30 minutes	HTML	Google
__utmc	Google: Analytics for Google Analytics	session	HTML	Google
__utmt	Google: Analytics for Google Analytics	10 minutes	HTML	Google
__utmz	Google: Analytics for Google Analytics	6 months	HTML	Google
__utmv	Google: Analytics for Google Analytics	2 years	HTML	Google
_ga	Used to distinguish users.	2 years	HTML	Google
_gat	Used to throttle request rate.	1 minute	HTML	Google
_gat_--custom-name--	Google: Analytics for Google Analytics	1 minute	HTML	Google
_gid	Used to distinguish users.	24 hours	HTML	Google
_ga_--container-id--	Persists session state.	2 years	HTML	Google
_dc_gtm_--property-id--	Used by DoubleClick (Google Tag Manager) to help identify the visitors by either age, gender or interests.	1 minute	HTML	Google
_gaexp	Google: Analytics for Google Analytics, Optimize	93 days	HTML	Google
_gaexp_rc	Google: Analytics for Google Analytics, Optimize	10 seconds	HTML	Google
_opt_awcid	Google: Analytics for Google Analytics, Optimize	24 hours	HTML	Google
_opt_awmid	Google: Analytics for Google Analytics, Optimize	24 hours	HTML	Google
_opt_awgid	Google: Analytics for Google Analytics, Optimize	24 hours	HTML	Google
_opt_awkid	Google: Analytics for Google Analytics, Optimize	24 hours	HTML	Google
_opt_utmc	Google: Analytics for Google Analytics, Optimize	24 hours	HTML	Google
_gac_--property-id--	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.	90 days	HTML	Google
AMP_TOKEN	Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, request in progress or an error retrieving a Client ID from AMP Client ID service.	1 year	HTML	Google