Dassault Systèmes Americas Corp., a Delaware Corporation headquartered at 175 Wyman Street, Waltham Massachusetts 02451 U.S.A., (hereinafter “DSAC”) processes Personal Data (as defined below) in the course of its business, including the Personal Data of people browsing the DSAC websites (the "Sites").
Personal data ("Personal Data") means any information relating to an identified or identifiable person. An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to the person.
Non-Personal Data means any information that does not result in the identification of a person.
2. DATA COLLECTED
Visitors are individuals who visit the Sites without registering themselves. Their Personal Data likely includes:
- IP and/or MAC address;
- Cookies (as described in Section 10); and
- any other Personal Data as may be relevant for the purposes listed below.
Personal Data collected from Users (including from those who visit Sites and enter information) for the purposes listed below likely includes:
- first and last name;
- postal address;
- email address;
- telephone number(s);
- login and password;
- university, degree, and courses taken;
- type of organization (company, school, university, etc.), organization name, organization size, department, and job title;
- industry and industry sub-industry sectors;
- people to whom purchases are shipped;
- financial data (credit card number and expiry date, name and address of the cardholder);
- IP and/or MAC address;
- Cookies (as described in Section 10); and
- any other Personal Data as may be relevant for the purposes listed below
In all cases, however, the Personal Data gathered is limited to data necessary for the purposes described in Section 4 below.
For visitors and users of the Sites: In order to use certain functions and features of a Site, DSAC requires that You provide certain Personal Data when visiting or using the Site. You are free to decide whether or not to provide all or part of Your Personal Data. However, if You choose not to provide all or part of Your Personal Data, the purposes as described in Section 4 might not be achieved or not properly achieved, some areas and functions of the Sites may not function properly, and/or You may be refused access to certain pages on the Sites. In particular, You will not be authorized to purchase software licenses or other products or services via the Sites.
3. PROTECTION OF PERSONAL DATA CONCERNING CHILDREN
Dassault Systemes products are not marketed to children under the age of 13 and DSAC does not knowingly collect, or store Personal Data from children under the age of 13. Additionally, DSAC will not collect or store Personal Data, or send email marketing messages to those who are 13, 14, and 15 years old unless permitted by the local data protection laws.
Certain Dassault Systemes products and services may be appropriate for use by children, however, in which case children below the age of consent under local data protection laws must seek consent from their parents or guardians prior to creating a DSAC account or registering a product. Teachers and school administrators may act in the place of parents and guardians and provide consent for the collection of Personal Data from children (schools should always ensure that they have received permission from parents or guardians to do so).
If parents or guardians become aware that their child has provided DSAC with Personal Data without their consent or without a teacher’s or school administrator’s consent, they can ask DSAC to remove such Personal Data and terminate the child’s account by submitting their request here: https://www.3ds.com/privacy-policy/contact. If DSAC becomes aware that it has collected Personal Data from a child below the age of consent under local data protection laws without consent from a parent or guardian, DSAC will take steps to seek the parent’s or guardian’s consent for that processing or to remove such Personal Data and terminate the child’s account.
4. PURPOSES AND LEGAL GROUNDS FOR PROCESSING PERSONAL DATA
Whether you are a visitor or a user, DSAC collects and uses Your Personal Data based on the following legal grounds and for the following purposes:
- Processing activities based on Your prior consent if required by law (e.g., You are a resident of the European Union, Iceland, Liechtenstein, or Norway):
- To improve Your user experience; and
- To recognize that You may have given us information and do not need to provide such information again.
- Processing activities which are based on DSAC’s legitimate interest:
- To enable DSAC to manage surveys
- In addition, when You are a user, 3DS collects Your Personal Data based on the following legal grounds and for the following purposes:
- Processing activities based on Your prior consent if required by law (e.g., You are a resident of the European Union, Iceland, Liechtenstein, or Norway):
- To enable You to request and receive information related to Dassault Systemes and Dassault Systemes products and services from DSAC or a third party engaged by DSAC;
- To ascertain Your requirements and interests and provide You with the most suitable products and/or services;
- To enable DSAC to manage its marketing activities;
- To enable You to register for a seminar, webinar, or event; and
- To enable You to enter a contest;
- To enable You to create a user profile. DSAC provides You with the ability to use its Site (including forums, blogs, and networks), and DS products and services that require You to register and create a user account. User profiles provide You with the option to display personal information about You to other users, including but not limited to Your name, photo, social media accounts, postal or email address, or both, telephone number, personal interests, skills, and basic information about Your company. These profiles may relate to the Site or may also allow You to access DS products and services, or both;
- DSAC may provide some strictly necessary personal data such as a hashed user ID to third-party operated social networks or other web offerings (such as Twitter, LinkedIn, Facebook, Instagram, or Google) where this information is matched against the social networks’ own databases in order to provide more relevant information to You.
Processing activities based on DSAC’s legitimate interest:
- To enable DSAC to manage its marketing activities for similar goods and products if You are already using Dassault Systemes products and services;
- To manage DSAC’ obligations related to applicable export laws, trade sanctions, and embargoes issued, without limitation, by the European Union and its member states, and of the United States of America. This may include (i) automated checks of any user registration data as set out herein and other information You provide about Your identity against applicable sanctioned-party lists; (ii) regular repetition of such checks whenever a sanctioned-party list is updated or when You update Your information; (iii) blocking of access to DSAC services and systems in case of a potential match; and (iv) contacting You to confirm Your identity in case of a potential match; And
- To manage the 3DS Anti-Piracy & Compliance program.
- Processing activities based on performance of a contract:
- To provide You with a personalized interactive use of the Sites;
- To allow You to open and maintain an account in order to obtain specialized documentation and technical assistance;
- To access all the features and options offered by the Sites;
- To enable You to exchange information with other users of the Sites;
- To enable DSAC to manage its business relationships, including sales opportunities, commercial offers, purchasing, contracts, orders, and invoices, and which may include conversational data (e.g., chat, email, and voice messaging data);
- To provide You with commercial or support services;
- To enable You to purchase software licenses, or products or services, download software and/or register software licenses; and
- To manage Your training and/or certification on Dassault Systemes products and services. DSAC may also track users’ learning progress in order to make this information available to them.
Generally, when consent is not required, You cannot opt out of non-marketing related communications that are required for the relevant business relationship. With regard to marketing-related communications (e.g., emails and phone calls), DSAC will (i) where legally required, only send You such communications after You have opted in, and (ii) provide You the opportunity to opt out of receiving further marketing-related communications from DSAC.
When You register for an event organized by DSAC, DSAC may share Your name, company, and email address with other participants and sponsors of the same event for the purpose of communication and the exchange of ideas. In addition, DSAC may ask You for information about Your health for the sole purpose of identifying and being considerate of individuals who have disabilities or special dietary requirements throughout the event.
Subject to applicable local law, by providing Personal Data such as but not limited to an email address, You hereby expressly authorize DSAC and its affiliates and subsidiaries (“3DS Group Companies”) to use it together with other relevant Personal Data to send You commercial or marketing communications. DSAC might also use Your email address for administrative and other non-marketing purposes (for example, to notify You of significant changes to the Sites). Within the 3DS Anti-Piracy & Compliance program, 3DS Group Companies may collect and use Your Personal Data together with additional relevant Personal Data collected through other processing activities.
5. PERSONAL DATA RETENTION PERIOD
DSAC does not store Your Personal Data for more time than necessary. Retention periods may vary depending on the data categories and the processing activities.
Where DSAC is processing and using Your Personal Data as permitted by law or under your consent, DSAC will store Your Personal Data (i) only as long as required to fulfill the purposes set out above, (ii) where DSAC has a legitimate interest in using Your Personal Data, until You object to DSAC’s use of Your Personal Data, or (iii) where You gave Your consent, until You withdraw it. However, where DSAC is required by applicable law to retain Your Personal Data longer or where Your Personal Data is required to assert or defend against legal claims, DSAC will retain Your Personal Data until the end of the relevant retention period or until the claims in question have been settled.
6. TRANSFER OF PERSONAL DATA
Please note that we use standard contractual clauses approved by the European Commission or adopt other means under European Union law for providing adequate safeguards for transfers of Personal Data from the European Union to the United States and other countries where 3DS Group Companies are located which are not subject to an adequacy decision by the European Commission
A list of 3DS Group Companies’ locations is available at https://www.3ds.com/about-3ds/world-presence/.
7. RIGHTS OF ACCESS, TO RECTIFICATION AND OTHER RIGHTS
You have a right to access Your Personal Data. In addition, You have a right to request the rectification, completion, update, and erasure of Your Personal Data. You have a right to restrict processing. You also have a right to obtain a copy of the Personal Data stored by DSAC. You have a right to object, in relation to specific processing of Your Personal Data. Additionally, You may have a right to data portability.
If You have an account, You may be able to exercise Your rights by logging on to Your account. Otherwise, You may exercise Your rights by submitting their request here: https://www.3ds.com/privacy-policy/contact.
If allowed by applicable law and depending on the scope of the request, DSAC reserves the right to charge a reasonable fee to cover any out-of-pocket costs incurred in connection with such access, modification and deletion of Personal Data. DSAC may deny access to Personal Data in limited circumstances, defined by applicable laws and regulations.
8. DATA RECIPIENTS
DSAC will also disclose Personal Data to third parties if DSAC determines that such disclosure is necessary for technical reasons (such as hosting services by a third party) or to protect DSAC’ legal interests (such as in the event of sale of assets to a third company, or a change in control or a total or partial liquidation of DSAC).
Additionally, DSAC may share Your Personal Data with the reseller assigned to You or in the territory where You are located for the purpose of Dassault Systemes business. DSAC may also share Your Personal Data with business partners when DSAC and the business partner sponsor an event together or participate in a marketing promotion together and in which You engage.
DSAC may also disclose such personal information if required by law or if DSAC believes in good faith that such disclosure is reasonably necessary to comply with legal process (for example, a warrant, a subpoena, or other court order) or protect the rights, property, or personal safety of DSAC, DSAC’s customers, or the public.
If allowed by applicable law, DSAC may also share Your Personal Data with third parties in order to offer You targeted marketing or advertising.
9. DATA SECURITY
DSAC undertakes to ensure the protection and security of Personal Data that You choose to communicate, in order to ensure the confidentiality of Your Personal Data and prevent Your Personal Data from being distorted, damaged, destroyed or disclosed to unauthorized parties.
DSAC maintains reasonable physical, electronic, and procedural safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, modification, and destruction. As part of those safeguards, DSAC employs sophisticated technology designed to protect Personal Data during its transmission and prevent transmission errors or unauthorized acts of third parties. However, while DSAC strives to protect Your Personal Data, in light of the inevitable risks of data transmission over the Internet, DSAC cannot guarantee full protection against any error occurring during the course of Personal Data transmission that is beyond DSAC' reasonable control.
Since Personal Data may be confidential, access is limited to employees, contractors, resellers, and vendors of 3DS Group Companies who have a need to know such data in carrying out their tasks. All the people who have access to Your Personal Data are bound by a duty of confidentiality and subject to disciplinary actions and/or other sanctions if they fail to meet these obligations.
However, it is important for You to exercise caution to prevent unauthorized access to Your Personal Data. You are responsible for the confidentiality of Your password and information appearing on Your account. Consequently, You must ensure that You log out of Your session in the event of shared use of a computer.
- improve Your user experience through, for example:
- enabling a service to recognize Your device so You don't have to give the same information several times during one task, and
- recognizing that You may already have given a username and password so You do not need to do so for every web page requested.
- analyze traffic and data on a Site to:
- measure how many people are using the Sites, so they can be made easier to use and navigate and make sure there is enough capacity to ensure the Sites have adequate response times, and
- help DSAC understand how users interact with a Site so DSAC can improve the functionality and performance.
DSAC may also use third-party services (, such as Adobe Analytics, Google Analytics, Piwik, DART, LinkedIn) to perform services on its behalf, in particular to:
- analyze Your browsing habits and measure a Site’s audience,
- analyze Your interests and offer You targeted marketing or advertising, and
- allow You to share content from the Sites with other people on social networks and to let other people know what You are looking at and what You think (e.g., the “Like” button on Facebook).
In such cases, cookies provided by such third party vendors may be used and stored. By transmitting the information generated by these cookies, the cookies’ settings ensure that IP addresses are anonymized before geo-localization and before storage. Our third party vendors will use this information for the evaluation of Your use of the Site, compiling reports on the Site activity for DSAC to provide better services to You suited to Your needs, and provide advertisements to You that are suited to Your needs. Cookies will not associate Your IP address with any other data they hold.
11. LINKS TO WEBSITES NOT CONTROLLED BY DSAC
This Site might offer links to third party Websites that may be of interest to You.
DSAC does not exercise any control over the content of third party websites or the practices of these third parties in connection with the protection of Personal Data that they might collect and are thus not in the control of DSAC. Consequently, DSAC shall have no liability for the content of third party websites or the practices of these third parties concerning the protection of Personal Data.
It is therefore Your responsibility to inform Yourself as to these third parties' privacy policies.
12. DISPUTE RESOLUTION
Although DSAC has put in place reasonable safeguards to protect Personal Data, we recognize that there is no method of transmitting or storing Personal Data that is completely secure.
Unauthorized access to Personal Data or the improper use of Personal Data may constitute offenses under local law.
If Your usual place of residence is in the European Union, Lichtenstein, Norway or Iceland, You have a right to file a complaint with Your competent data protection authority.
15. COUNTRY SPECIFIC ADDENDA
1. Information DSAC Collects
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA's scope, like:
· Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
· Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
The categories of Personal Information set forth above are obtained from the following categories of sources:
- Directly or indirectly from our customers or their agents. For example, from documents that our customers provide to DSAC related to the access and use of DSAC products and/or services.
- Directly and indirectly from activity on our Sites. For example, from submissions through our Sites or website usage details collected automatically.
- From third parties that interact with DSAC in connection with products DSAC provides or the services DSAC perform.
2. Use of Personal Information
3. Sharing Personal Information
· 3DS Group Companies.
· DSAC Service providers.
· Third parties to whom You or Your agents authorize DSAC to disclose Your Personal Information in connection with products or services DSAC provides to You or Your agents. DSAC does not sell Personal Information.
4. Your Rights and Choices
The CCPA provides You with specific rights regarding Your Personal Information. This section describes Your CCPA rights and explains how to exercise those rights.
- Access to Specific Information and Data Portability Rights
· You have the right to request that DSAC discloses to You certain information about DSAC’ collection and use of Your Personal Information over the past 12 months. Once DSAC receives and confirms Your verifiable consumer request, as defined by the CCPA, DSAC will disclose to You:
· The categories of Personal Information DSAC collected about You;
· The categories of sources for Your collected Personal Information;
· Our business or commercial purpose for collecting, or sharing Your Personal Information;
· The categories of third parties with whom DSAC shares Your Personal information, if any;
· The specific pieces of Personal Information DSAC collected about You.
· If DSAC disclosed Your Personal Information for a business purpose, a separate list disclosing: Disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
- Deletion Request Rights
You have the right to request that DSAC deletes any of Your Personal Information that DSAC collected from You and retained, subject to certain exceptions. Once DSAC receives and confirms Your verifiable consumer request, DSAC will delete (and direct DSAC service providers to delete) Your Personal Information from DSAC records, unless an exception applies.
DSAC may deny Your deletion request if retaining Your Personal Information is necessary for it or its service providers to:
· Complete the transaction for which DSAC collected Your Personal Information, provide a product or service that You requested, take actions reasonably anticipated within the context of our ongoing business relationship with You, or otherwise perform a contract with You.
·Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
·Provide You with support services related to DSAC products.
· Exercise free speech, ensure the right of another consumer to exercise his/her free speech rights, or exercise another right provided for by law.
· Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
· Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if You previously provided informed consent.
· Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with DSAC.
· Comply with a legal obligation.
·Make other internal and lawful uses of that information that are compatible with the context in which You provided it.
- Exercising Access, Data Portability, and Deletion Rights.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to the privacy office at 3DS by either:
·Calling 3DS toll free within the US only at (888) 337-0030
· Submitting the request via the following form: https://www.3ds.com/privacy-policy/contact
Only You or a person or a business entity registered with the California Secretary of State to conduct business in California that You authorize to act on Your behalf, may make a verifiable consumer request related to Your Personal Information.
You may also make a verifiable consumer request on behalf of Your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
· Provide sufficient information that allows DSAC or 3DS (collectively referred to hereinafter as “Us” or “We”) as applicable to reasonably verify You are the person about whom DSAC collected Personal Information or an authorized representative.
· Describe Your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.
We cannot respond to Your request if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to You. Making a verifiable consumer request does not require You to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
- Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If We require more time (up to 90 days), We will inform You of the reason and extension period in writing. We will deliver a written response by mail or electronically, at Your option. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request's receipt and/or explain the reasons We cannot comply with a request, if applicable. For data portability requests, We will select a format to provide Your personal information that is readily useable and should allow You to transmit Your Personal Information from DSAC to another entity without hindrance.
We do not charge a fee to process or respond to Your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell You why We made that decision and provides You with a cost estimate before completing Your request.
DSAC will not discriminate against You for exercising any of Your CCPA rights. Unless permitted by the CCPA, DSAC will not:
· Deny You products or services;
· Charge You or suggest You may receive different prices or rates for products or services, including through granting discounts or other benefits, or imposing penalties;
· Provide You or suggest You may receive a different level or quality of products or services (or suggest so).
6. Contact Information
Phone: (888) 337-0030 (toll free within the US only)
Postal Address: Dassault Systèmes Americas Corp.
Attn: Americas Data Protection Officer
175 Wyman Street Waltham
Or by contacting the 3DS Data Protection Officer via the following form: https://www.3ds.com/privacy-policy/contact.
1. Purpose of using Personal Information
· Provision of information on 3DS’ products and services via telephone, email, postal mail, etc.
· Provision of information on events and seminars organized by DSAC or in which DSAC is participating and mailing invitations as well as distribution of related documentation.
· Analysis of Your needs for products, services, wishes etc.
· Provision of Your Personal Information to third parties such as DSAC seminar sponsors, distributors and other business partners.
· Any and other purposes of use included in the above range.
2. Additional Information related to Your Personal Information Processed by DSAC
(A) Names of the Companies processing Your Personal Information
The following companies will process Your Personal Information for the purposes listed below:
Dassault Systèmes S.E.
Dassault Systèmes K.K.
Dassault Systèmes Americas Corp.
SolidWorks Japan K.K.
(B) Your rights
With regard to Your rights to request disclosure of purpose of use, correction, addition, deletion, suspension of use / erasure, stop of third party provision regarding Personal Information held, You may either contact the 3DS Privacy Office by filling in this form https://www.3ds.com/privacy-policy/contact or you can contact:
Dassault Systèmes K.K. Personal Information Inquiries
Tokyo 2-1-1 Osaki, Shinagawa-ku ThinkPark Tower Phone number 03-4321-3500 (main number)