The Synopsys Software Integrity Group is now Black Duck®. Learn More

Understanding our Data Processing Relationship

At Black Duck Software, Inc. (“Black Duck”), we take data privacy seriously. And we understand that our clients seek clarity about our role in processing personal data. This document explains our role as an independent controller in processing personal data for most of our solutions.

If we do collect or otherwise process personal data, it will generally be limited to business contact information, login credentials, and related information. We may process the business contact information for the purposes of managing the contractual relationship, communicating with you about the contract, and related administrative purposes. We may collect login credentials and related activity, for the purposes of securing our platform and preventing unauthorized access. Also, please note that if single sign on support is configured, we do not store passwords.

Because we are determining the means and purposes of the processing of such limited personal data as described in the foregoing paragraph, we are an independent data controller. And thus, in these circumstances, a Controller to Processor Data Processing Addendum would not apply.

We are open to discussing any concerns or inquiries you have about this document specifically or data privacy in general. Please do not hesitate to contact us at [email protected].