Last Modified February 14, 2022
  1. Home
  2. Overviews
  3. Getting Started
  4. GDPR Compliance

GDPR Compliance

  1. Introduction
  2. DNA GDPR Policy
  3. Viewing GDPR Info
  4. Personal Information in software_DNA
  5. Deleting GDPR Info

The European Union GDPR (General Data Protection Regulation) regulation concerns data protection and privacy for all individuals within the European Union. The GDPR aims primarily to give control back to citizens and residents over their personal data and becomes effective on May 25, 2018.

If you have End-Users based in the EU, then the GDPR regulation applies to your relationship with your customers and applies to our relationship with you as a "processor" of End-User personal data on your behalf.

There are many excellent sources of information on GDPR available on the internet and how to prepare for this new regulation.

 

software_DNA GDPR Policy

As part of our preparation towards GDPR compliance, we have completed a detailed internal review including:

  • Review of all End-User "Personal Information" stored in the software_DNA system, the justification for storing this information, and which information should be stored in encrypted form. For example, we will no longer store IP address information related to License events

  • Review and update of our Encryption Key Management policies

  • Development of new functions in the DNA Control Panel to view and erase "Personal Information"

  • Review and update of our Information Policy

The following summarizes some of the key GDPR principles and our response / actions:

  • Explicit consent from the End-User for capturing and storing of "personal information"

    It is your reponsibility to ensure your EULA with your End-User includes the personal information that we store while providing our Licensing Management services. See below for our GDPR Policy and details.

  • End-user must be able to get access to the "personal information" stored by the software_DNA System

    End-Users may request from you details on what "Personal Information" you have.

    In order to help you in answering these requests, we have provided a new function in the DNA Control Panel View GDPR Info in the Code View screen. A button will appear if the License Code of an ACTIVE product has been activated, and will display the "Personal Information" currently stored by software_DNA for that License. (see below)

  • Security of personal data

    "Personal Information" is stored in encrypted form in the software_DNA system.

    Management of Encryption Keys is governed by our Data Security policies and overseen by our Data Protection Officer.

  • Right to be forgotten

    End-Users may request that you erase all "Personal Information" that you retain or that 3rd parties retain on your behalf.

    In order to help you in complying with these request, we have provided a new function in the DNA Control Panel that allows you to delete any "Personal Information" of an End-User related to a specific License. You can access this function from the Code View screen by clicking on View GDPR Info (see below).

    The License will continue to be ACTIVE, but some restrictions will apply. You also have the option of Banning / Disabling the License.

  • Breach Notification

    As stated in our revised "Information Privacy", we are commited to inform our Customers of any breach of "Personal Information" and provide any assistance required for your communication with your customers.

 

Personal Information in software_DNA

End User information stored in the software_DNA system:

  • One-way Hash: Information that identify parts of the computer are put through a special function (called a "one-way hash") that turns the information into one code number that is unique to the end user’s computer but cannot be deciphered (or reverse engineered) to determine what those components are. Only this hash value is sent to the activation server and not the details on the computer parts.
  • Computer Name / ID
  • License Activation Email - optional
  • License Activation Password - optional
  • Registration information as collected by your software application - optional

This information is stored in encrypted form on our servers. If none of the optional information is provided (email address and registration information) then no personal information will be transferred and stored. We suggest that no important personal passwords be used for the activation password, or a password that personally identifies the end user.

We do not share this information with 3rd parties.

 

Viewing GDPR Info

To view the "Personal Information" of a given End-User in the software_DNA system:

  1. From the Codes -> View / Search menu item, enter the User’s License Activation code or their email address provided during the License Activation process.

    Code Search

    If you searched using an email address and the User has multiple Licenses, then a list of License Activation codes will be displayed and you can select one to view.

  2. In the Code View screen, click on View GDPR Info (will be displayed if the Product is ACTIVE and the License has been activated)

    View GDPR

  3. All the "Personal Information" stored in the software_DNA system related to this License will be displayed

    GDPR Info

 

Deleting GDPR Info

When viewing the GDPR Info of a License as explained above, you will be able to erase all "Personal Information" by clicking on Delete Info (you will be asked to confirm).

This will delete all Personal Information about the User associated with this License from the software_DNA system, except for the Evaluation Code Email.

It is recommended, in order to comply with the User Request, to delete all information contained in the Info Tags. If you determine that no Personal information is contained in the Info Tag, and this information is required for continued management of the License, you have the option of not deleting the Info Tags.

Evaluation Code Email (if stored) must be retained as it is used to ensure only one Evaluation License Code is issued per Email address.

The License will continue to be ACTIVE in software_DNA and the User can continue to use your Application, although some Personal Information may be collected during normal license management, such as Computer ID and InfoTags, and there will be some limitations for the User:

  • User will not be able to retrieve a "Lost License Password"
  • User will not be able to retrieve License information from the License Manager Portal using his email address

If you wish to Ban / Disable the License at this time so that no possibility exists of collecting further Personal Information, then check the option.