- Contact Camunda
- Information Camunda Collects from Products
- How Camunda Uses Product Usage Data
- How Camunda Uses Operations Data
- How Camunda Shares Information Collected from Products
- Legal Basis for Processing Information
- Data Retention
- International Data Transfers
- User Privacy Rights and Choices
- California Privacy Rights
- Changes to this Policy
This Policy applies to the information Camunda collects in connection with customer use of the Products, for which we determine the means and purpose of processing. This information includes Product Usage Data (defined below) and Operations Data (defined below), which are generally technical but may include limited Personal Data.
This Policy does not cover:
Service Data. Certain Camunda Products permit customers to consume, or upload and submit, content, including Personal Data to the Products, referred to as Service Data. This Policy does not cover Service Data or any Personal Data contained in Service Data, because the customer’s organization (not Camunda) controls how Service Data is processed.
Camunda Services GmbH is Controller within the meaning of the GDPR and of other data protection laws or provisions applicable in the Member States of the European Union.
If you have any questions or concerns regarding this Policy please contact Camunda’s email at privacy@Camunda.com or by postal mail to:
Camunda Services GmbH
Zossener Strasse 55-58
Or phone: +49 30 664 04 09 – 00
Camunda has appointed an external Data Protection Officer for German data subjects.
The Data Protection Officer for Camunda is:
JBB Data Consult GmbH
For questions about how information is gathered, stored, shared, used, or to exercise any data subject rights, please contact our Data Protection Officer as follows:
Information Camunda Collects from Products
Camunda automatically collects “Operations Data” and “Product Usage Data” from customer use of the Products. Operations Data is information Camunda uses to facilitate the delivery of the Products, manage and monitor the Products, and provide support. Product Usage Data is information Camunda uses for product analytics and improvement, which may contain Personal Data such as IP addresses, email addresses, and identifiers, including cookies, but is generally technical, aggregated or pseudonymized. Depending on the Product, the information may include:
Products and System Data: Information about the Products being used and the systems and related environment from which customers access the Service. Examples include Product type and version, license information, installed plug-ins, UUID, and third-party systems used in connection with the Product.
Operations Data: Statistics related to uptime, indexes, shards, and segments and similar data points.
Performance Data: Information about the performance of the Products, such as response times and metrics on the performance and scale of the Products.
Feature Usage Data: Information about how the Products are used, including user interface metrics and details about which features are used or paths users take.
How Camunda Uses Product Usage Data
Camunda uses Product Usage Data in order to improve Products, support Customers and business to business marketing and sales, comply with legal requirements and other legitimate purposes. Camunda may use Product Usage Data for the following purposes:
Product Improvement: To analyze the use of the Products, prioritize testing and development of new features and functionality, improve support responses and forecasting, make pricing decisions, and identify, understand, and anticipate performance issues that affect the Products.
Customer Support: To provide support to our customers, such as guidance that will help optimize usage, identify product improvement opportunities and prioritize future product features, personalize customer’s experience, and suggest related Camunda Products to increase engagement and adoption of Camunda Products.
Business to Business Marketing and Sales: To market additional Products to customers, where permitted by law, and to advise sales discussions.
Legal Requirements: Camunda may be required to access Personal Data contained in Product Usage Data as required by law, such as to comply with legal processes, when Camunda believes, in good faith, that disclosure is necessary to protect or defend Camunda rights, property, or users of the Products in order to protect the safety of others, to investigate fraud, or respond to government requests, including public and government authorities outside a user’s country of residence, for national security or law enforcement purposes.
Other Legitimate Business Purposes: Camunda may use Product Usage Data when it is necessary for other legitimate purposes.
How Camunda Uses Operations Data
Camunda uses Operations Data to facilitate Product delivery, administer accounts, provide support, maintain security, administer disaster recovery plans, detect fraud, and comply with legal requirements. Camunda may use Operations Data for the following purposes:
Conduct account administration: To provide account management on Products, including managing product downloads, updates, and resolutions, and distributing administrative or account-related communications, including release notes and billing information.
Provide support: When users or individuals contact Camunda via a Camunda support channel so that Camunda may contact them about support requests, in which users may be asked to provide copies of affected files, logs, or other information that will enable Camunda to assist with the support request. In such cases, Camunda uses the requested information to respond to, troubleshoot, and resolve the support request.
Maintain the security of Camunda infrastructure and Products: Maintains security monitoring and incident management, handles the performance and stability of the Products, and addresses technical issues.
Administer disaster recovery plans and policies: To activate Camunda’s back-up disaster recovery plans and policies.
Detect fraud: To help monitor, prevent and detect fraud, improve security, monitor and confirm identity or access, and prevent malware or security risks.
Comply with legal obligations: To comply with applicable laws and regulations, including complying with legally mandated reporting, disclosure or other legal process requests, for mergers and acquisitions, finance and accounting, insurance purposes, legal and business consulting and dispute resolution.
Other legitimate business purposes: Camunda may use Operations Data when it is necessary for other legitimate purposes.
How Camunda Shares Information Collected from Products
Legal Basis for Processing Information
Camunda only uses customer and user Personal Data in a lawful, apparent, and reasonable manner. Camunda relies on the following legal bases:
- Consistent with customer’s or user’s specific revocable consents in accord with Art. 6 I a GDPR;
- To prepare, enter into and fulfill a contract in accord with Art. 6 I b GDPR, as necessary;
- As necessary for Camunda’s legitimate interests in accord with Art. 6 I f GDPR, such as perform, improve, maintain, and secure the Products, providing support for users and customers of the Products, and operate the business efficiently and appropriately.
Please contact Camunda at privacy@Camunda.com with questions about the legal basis on which Camunda collects and uses Personal Data.
Camunda retains information collected in connection with the Automatic Data Collection Tools and Cookies only for as long as necessary to fulfill the purposes outlined in this Policy.
International Data Transfers
A user’s personal data may be accessed, stored, transferred to and processed in countries other than the country in which the person resides. As an internationally operating company, Camunda processes Personal Data in countries outside the European Economic Area (“EEA“), including the USA. These countries may have data protection laws that differ from the laws of the country where the person resides. We have taken adequate security precautions to ensure that such personal data remains protected in accordance with this Policy and we have established adequate mechanisms to protect personal data in agreements with Camunda’s service providers such as use the standard contractual clauses of the EU Commission in accordance with Art. 46 Para. 2 lit. c GDPR.
User Privacy Rights and Choices
Camunda collects a limited amount of Personal Data to fulfill the purposes outlined in this Policy. Users may exercise their choices with regards to Personal Data, such as the request to accessing, correcting, updating or deleting Personal Data, by contacting us at privacy@Camunda.com.
California Privacy Rights
If you have any questions about security, please contact us at privacy@Camunda.com. Camunda is committed to protect the security of Personal Data, by using appropriate technical and organizational measures to protect Personal Data from unauthorized access, use, or disclosure, but cannot eliminate security risks and breaches associated with Personal Data.
Changes to this Policy
This Policy is subject to occasional revision. If substantial changes are made in the way Camunda uses personal data, appropriate measures will be taken to inform customers, consistent with the significance of the changes made, and Camunda will provide notice of any material Policy changes where required by applicable data protection laws.
Effective Date: October 12, 2020
February 2022: This privacy statement has been updated to amend the information around Product Usage Data.