The Synopsys Software Integrity Group is now Black Duck®. Learn More

close search bar

Sorry, not available in this language yet

close language selection

EEA Supplemental Website Privacy Statement

Scope of this Supplemental Statement

Black Duck, Inc., ("we", "us", "our") provides to residents of the European Economic Area, the United Kingdom and Switzerland this Supplemental Website Privacy Statement ("Supplemental Statement"), which contains information provided to such residents in addition to or deviating from the Black Duck, Inc.’s general privacy policy ("Policy").

Unless defined specifically in this Supplemental Statement, capitalized terms shall have the meanings set forth in the Policy.

Controller and EU Representative

Black Duck operates the Site and is the controller of any personal data collected or otherwise processed on or through the Site.

Purposes and Legal Bases for Processing

We process your personal data on several different legal bases, as follows:

1.  Based on necessity to enter into or perform a contract with you. We need to process your personal data to enter into an agreement with you or a legal entity you represent, to perform contractual obligations, to respond to related questions and requests from you, or provide customer support.

2.  Based on legitimate interestsWe process personal data from you

  • for the security and safety of the Site, our information technology connected to the Site, and the users of the Site;
  • to detect and prevent fraud;
  • to protect and defend the rights or property of others, or our own rights and interests;
  • to track your activities on the Site

3.  Based on compliance with legal obligations. We may need to process your personal data to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal process.

4.  Based on your prior consent such as for certain instances of placing cookies on your device (subject to certain exceptions) or sending certain marketing communications to you. Additional information on our use of cookies and our marketing communications to you are set forth below. 

COOKIES USED ON THE SITE

The Site makes use of cookies. Cookies are small text files downloaded by your Internet browser and stored on the device you use to access the Site (e.g., your desktop computer, tablet or smartphone). Depending on their purpose, cookies log specific user-related information such as your user preferences, authentication information, security parameters, data concerning the device you access the Site with and statistical information regarding your use of the Site. Where necessary during your visit of the Site or when revisiting the Site, your Internet browser transmits the cookies including the contained information back to the servers they were initially downloaded from or created by. The analysis and processing of such information allows us to ensure the functionality of the Site, improve your online experience and optimize the structure and content of the Site.

The cookies we use can be categorized as follows:

Strictly Necessary Cookies

These are cookies that are required for the operation of the Site or of certain parts thereof. They either serve the sole purpose of carrying out network transmissions or are strictly necessary in order for us to provide an online service explicitly requested by you.

 

Analytical/Performance Cookies

These cookies allow us to carry out web analytics or other forms of audience measuring such as recognizing and counting the number of visitors and seeing how visitors move around the Site. This helps us to improve the way the Site works, for example, by ensuring that users are easily finding what they are looking for.

 

Functionality Cookies

These cookies are used to recognize you when you return to the Site. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region). Loss of the information in these cookies may make our services less functional but would not prevent the Site from working.

 

Targeting/Profiling Cookies

These cookies record your visit to the Site and/or your use of the services, the pages you have visited and the links you have followed. We will use this information to make the Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

 

Demographic Information Cookies

These cookies collect and retain limited demographic information such as date of birth and gender, if such information is provided by the user, which is tied to anonymous identifiers and may be referenced by the system for some tailored advertising.

 

You may influence the scope and extent to which we use cookies when you visit our Site. In particular, you may prevent cookies from being stored on your device by adjusting the respective settings on your Internet browser. For more information on how to do so in the settings of your particular Internet browser, please see the following information:

Internet Explorer:
https://privacy.microsoft.com/en-us/internet-explorer-ie11-preview-privacy-statement

Chrome:
https://www.google.com/intl/en/chrome/browser/privacy/

Firefox:
https://support.mozilla.org/en-US/products/firefox/protect-your-privacy

Safari:
http://www.apple.com/privacy/manage-your-privacy/

However, please be aware that this might render certain functions of our Site inoperable or more difficult to use. Depending on the Internet browser you use, you might also be able to specifically reject third-party cookies. In this context, please note, however, that third parties might still have access to your Personal Data to the extent that such information is logged by first-party cookies.

MARKETING COMMUNICATIONS TO YOU

You can register to receive newsletters or similar information on our products or services or the products or services of our affiliated companies by accessing Black Duck’s Subscriptions Center. As part of the registration process, we ask you to provide us with certain contact and other information.

When receiving a registration, we log and store the date/time of registration and the IP address the registration was received from. We may use this for evidentiary purposes in case your contact details are used by an unauthorized party.

In addition, if you are located in a jurisdiction where a double opt-in procedure is used (e.g., Germany), we verify the authorized use of an email address by sending an email to such address asking for confirmation of the registration via a contained link. If and when the link is clicked on, we will automatically be notified that the registration has been confirmed from the email account initially used for the registration. Only upon such confirmation will the registration become effective and will we send newsletters or similar information to the confirmed email address.

When registering to receive newsletters or similar information on the Subscriptions Center, you explicitly declare your consent to our processing of your personal data for this purpose. You are under no obligation to provide such consent and, if you choose to do so nonetheless, you may withdraw your consent at any time, with future effect and for any or no reason by revisiting the Subscription Center or by following the unsubscribe link contained in any email communication sent to you.

RECIPIENTS OF YOUR PERSONAL DATA

We may disclose your personal data to the following third parties for the following purposes, as required or permitted by applicable law:

Who Is your Personal Data Disclosed To?

What Is the Purpose Underlying the Disclosure?

Wholly owned subsidiaries or legal affiliates of Black Duck.

To coordinate and improve local marketing and user support activities in the local jurisdiction.

Third-party providers such as web analytics and hosting providers.

To assist us in the operation or improvement of the Site or to provide, maintain, or enhance our products and services.

Other third parties consistent with applicable legal requirements.

To comply with legal obligations to which we are subject.

 

DATA TRANSFERS TO RECIPIENTS OUTSIDE OF THE EU/EEA

We and many of our affiliated companies and third-party service providers are located outside the European Economic Area in jurisdictions that are not subject to an unqualified adequacy decision by the EU Commission finding them to provide an adequate level of protection of personal data, essentially equivalent to that guaranteed within the EU.

However, to ensure an adequate level of protection of your personal data, we enter into data processing and data transfer agreements with our affiliated companies and third-party service providers outside of the European Economic Area that incorporate the provisions of the Standard Contractual Clauses approved by the EU Commission or implement other appropriate transfer mechanisms.

HOW LONG WE KEEP YOUR PERSONAL DATA

We have implemented appropriate retention periods for your personal data collected or otherwise processed on or through the Site.  Personal data processed in the context of a contract with you will be retained by us for the term of the contract and for a reasonable time afterwards as might be required to determine and settle any related claims. All personal data retained will have a legal basis for such retention and shall be retained consistent with the purposes for the retention.  

YOUR RIGHTS REGARDING THE PROCESSING OF YOUR PERSONAL DATA

Subject to the conditions set out in the applicable law, you have the rights to (i) inquire whether and what kind of personal data we hold about you and how it is processed, and to access or request copies of such personal data, (ii) request the correction or supplementation of personal data about you that is inaccurate, incomplete or out-of-date in light of the purposes underlying the processing, or to (iii) obtain the erasure of personal data no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, processed for legitimate interests that, in the context of your objection, do not prove to be compelling, or processed in non‑compliance with applicable legal requirements. In addition, you have, subject to the conditions set out in the applicable law, the rights to (iv) request us to restrict the processing of personal data in certain situations where you feel its processing is inappropriate, (v) object, in certain circumstances, to the processing of personal data for legitimate interests, and to (vi) request portability of personal data that you have actively or passively provided to us (which does not include data derived or inferred from the collected data), where the processing of such personal data is based on consent or a contract with you and is carried out by automated means. In case of concerns, you also have the right to lodge a complaint with the competent local data protection authority.

Subject to applicable law, you may exercise the above mentioned rights by contacting us at privacy@blackduck.com.

EFFECTIVE DATE AND CHANGES

This Supplemental Statement is effective October 1, 2024. We may make changes, including material changes, to this Supplemental Statement from time to time. We will provide notice in accordance with applicable regulations. But we encourage you to review the Supplemental Statement each time you visit our Site to learn of any changes.

If you have any questions or suggestions regarding this Supplemental Statement, please contact us at privacy@blackduck.com.