Privacy Policy

In the following, we will inform you about the processing of personal data when using our website. These mean all data, which relate to you personally, e.g. name, address, e-mail addresses, user behaviour. We would like to take this opportunity to inform you about our processing operations and at the same time, fulfil the statutory requirements, particularly from the EU General Data Protection Regulation (GDPR).


1.    Controller contact details

Software AG – Stiftung
Am Eichwäldchen 6
D-64276 Darmstadt
Tel.: +49 6151 916 65-0
E-Mail: stiftung(at)

Management Board:
Dr. h. c. Peter Schnell (Chairman)
Peter Augustin
Achim Grenz
Dr. Johannes Stellmann
Markus Ziener

(see Legal Notice)


2.    Data Protection Representative contact details

We have appointed a Data Protection Representative for our foundation:

Christian Zappe
Unternehmensberatung für Datenschutz und IT-Sicherheit
Mecklenburger Str. 2a
49205 Hasbergen
Tel.: +49 152 33655830

You can reach our Data Protection Representative at datenschutz(at) or via our postal address with the supplement “Date Protection”.


3.    Information about the collection of personal data

(1) When making contact with us by e-mail, the data that you have provided (your e-mail address, your name and telephone number, where applicable) are stored by us to answer your questions. We will delete the data generated in connection with this, if the enquiry is attributed to a grant application, otherwise, after storage is no longer necessary, or we will restrict the processing, if statutory retention duties exist.

(2) If we use commissioned service providers as part of our foundation work, we will always select/monitor these service providers diligently and inform you in detail about the respective procedures below. In doing so, we will also specify the defined criteria for storage duration.


4.    Your rights

(1) You have the following rights regarding the personal data relating to you:

  • Right to disclosure (Art. 15 GDPR)
  • Right to correction (Art. 16 GDPR)
  • Right to deletion (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to data portability (Art. 20 GDPR)

To exercise your rights, you may contact us under the contact details provided above.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. You can determine the supervisory authority responsible for you under the following link:

(3) The supervisory authority that is responsible for us is:

The Hesse Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Tel.: +49 611 1408 0
E-Mail: poststelle(at)


5.    Processing of personal data when visiting our website

If you only view our website (informational use), we process the personal data that your browser sends to our server. The data described below are technically required by us to display our website to you and ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 Para. 1 S.1 Letter f GDPR:

  • IP address
  • Date and time of the enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (visited site)
  • Access status/HTTP status code
  • Respective transferred data volume
  • Previously visited site
  • Browser
  • Operating system
  • Language and version of the browser software


6.    Cooperation with partners and external service providers

(1) To some extent, we use external service providers for processing your data. These are carefully selected by us, are bound to our instructions and are checked on a regular basis.

(2) Furthermore, we can pass on your personal data to third parties, if services are offered by us in cooperation with partners. Depending on the service, your data can also be collected under the partners’ own responsibility. You can obtain further information when providing your data or during the course of this explanation.

(3) If our service providers or partners have their registered office outside of the European Economic Area (EEA), we will inform you about this circumstance in the description of the offer.


7.    Objection or revocation to the processing of your data

(1) If you have granted consent to the processing of your data, you can revoke this at any time. Such a revocation influences the admissibility of the processing of your personal data, after you have declared it to us. The admissibility of processing your data will remain unaffected until the time of your revocation.

(2) Insofar as we base the processing of your personal data on the balancing of interests, you can file an objection against the processing. This is the case, if the processing is specifically not required for the fulfilment of a contract with you, which will be respectively presented by us in the following description of the functions. When exercising such an objection, we request the explanation of the reasons for why we should not process your personal data in such a way as we have. In the event of your objection, we will review the situation and will either discontinue and/or adapt the data processing or explain our compelling legitimate grounds, on the basis of which we will continue the processing.

(3) You can naturally object to the processing of your personal data for data analysis purposes at any time. You may exercise your objection to us under the above-mentioned contact details.


8.    Processing of data from your terminal devices (“Cookie Policy”)

(1) Processing of data from your terminal devices (“Cookie Policy”)In addition to the above-mentioned data, during your use of our website, we use technical aids for various functions, particularly cookies, which can be stored on your terminal device. When accessing our website and at any time later on, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. We will initially describe cookies below from a technical perspective (2), before we go into your individual selection options in detail, by describing technically necessary cookies (3) and cookies that you voluntarily select or deselect (4).

(2) Cookies are text files or information in a database, which are stored on your hard disk and are allocated to the browser that you use, so that specific information can flow to the party setting the cookie. Cookies cannot execute any programs or transfer viruses to your computer, their primary purpose is to make the Internet service faster and more user-friendly. This website uses the following types of cookies, the functionality and legal basis of which we will explain below:

  • Transient cookies: Such, particularly session cookies, will be deleted automatically when closing the browser or by logging out. They contain a so-called Session-ID. This way, various queries of your browser can be allocated to a common session and it is possible to recognise your end device if you return to our website.
  • Persistent cookies: Such cookies are deleted automatically after a specific duration, which is defined differently depending on the cookie. You can view the set cookies in your browser settings and the durations at any time and delete these manually.

(3) Compulsory, technically necessary functions for displaying the website: The technical structure of the website requires us to use techniques, particularly cookies. Without these techniques, our website cannot be displayed (completely correctly) or the support functions cannot be enabled. In principle, these are transient cookies, which are deleted after the end of your visit to the website, no later than when you close your browser. You cannot deselect these cookies, if you would like to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for this processing is Art. 6 Para. 1 S.1 Letter f GDPR.

(4) Optional cookies upon granting your consent: We set various cookies only after your consent, which you can select when you first visit our website using the Cookie Consent Tool. The functions are exclusively activated in the case of your consent and can specifically be used for analysing and improving your visits to our website, simplifying use through various browsers or terminal devices or recognising you when you visit. The legal basis for this processing is Art. 6 Para. 1 S.1 Letter a GDPR. The revocation of your consent is possible at any time without the admissibility of processing being affected until revocation.

Below, we will describe the functions that we use, which you select individually via the Consent Manager and can revoke again at any time.


9.    Use of Matomo

(1) The Matomo web analysis service is used on this website to analyse and check the use of our offers. We can improve this using the statistics obtained and design it to be more interesting for you, as users.

(2) No Matomo cookies are stored on your computer for the purpose of web analysis. For the analysis of the website use, your IP address and information such as a time stamp, visited websites and your language settings are recorded. We store the information collected in this way on our server.

We use Matomo with the “AnonymizeIP” extension. This way, IP addresses are processed further in an abbreviated form and a direct personal reference can be excluded. The IP address sent by your browser via Matomo will not be associated with any other data stored by us. The legal basis for the use of the Matomo is Art. 6 Para. 1 S. 1 Letter f GDPR.

(3) The use of Matomo can be prevented by removing the following tick and thereby enabling the opt-out plug-in:


In this case, a cooked will be stored in your browser that excludes Matomo from storing usage data. If you delete your cookies, this results in the Matomo opt-out cookie also being deleted. The opt-out must be re-enabled when visiting our website again.

(4) The Matomo program is an open source project. Information about the third-party provider for data privacy can be obtained at


10.    Job applications

(1) We are offering you the opportunity to apply with us (e.g. by e-mail or by post). In the following, we will inform you about the scope, purpose and use of your personal data collected as part of the job application process. We guarantee that the collection, processing and use of your data will occur in accordance with the valid data privacy law and all other statutory provisions and that your data will be handled with strict confidentiality.

(2) If you send us a job application, we will process your associated personal data (e.g. contact and communication data, application documents, notes as part of interviews etc.), provided that this is necessary for deciding on the establishment of an employment relationship. The legal basis is Section 26 BDSG (initiation of an employment relationship), Art. 6 Para. 1 S. 1 Letter d GDPR (general contract initiation) and – if you have granted a consent – Art. 6 Para. 1 S. 1 Letter a GDPR. A consent is revocable at any time. Your personal data will exclusively be disclosed within our foundation to persons, who are involved in processing your job application. If the job application is successful, the data, which you have submitted, will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6 Para. 1 S. 1 Letter b GDPR for the purpose of implementation of the employment relationship.

(3) If we cannot offer you a position, you reject a position, withdraw your application, revoke your consent to data processing or ask us to delete the data, the data, which you have sent, including any remaining physical application documents, will be stored and/or retained for a maximum of six months (retention period) after the completion of the application procedure, in order to be able to comprehend the details of the application process in the case of discrepancies. The legal basis is Art. 6 Para. 1 S.1 Letter f GDPR.

(4) You may object to the storage of your data, if your legitimate interests outweigh our interests.

(5) After the retention period has elapsed, the data will be deleted, unless a statutory retention duty or other legal grounds exist for continued storage. If it appears that the retention of your data will be necessary after the retention period has elapsed (e.g. due to a threatened or pending legal dispute), deletion will only occur, once the data have become redundant. Other statutory retention duties shall remain unaffected.


11.    Topicality and amendment of this privacy policy

This privacy policy is currently valid and has the status of March 2022.

We reserve the right to adapt this privacy policy, so that it always complies with the current legal requirements or to implement changes to your services in the privacy policy, e.g. for the introduction of new services. The new privacy policy will then apply to your next visit.