You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close

Website Privacy

Version: January 2020


I. General Information 🔗︎

Thank you for visiting our Maltego Website. As you may know, website access includes the processing of data through both kinds, automatically (such as log files) through the servers behind it and in direct contact with the visitor (e.g. by entering personal information in request forms).

This Policy shall inform you about the processing of personal related data and your rights as the affected individual.

What Data is Personal Data?

Personal data means any information relating to an identified or identifiable natural person such as you, the visitor of our website. This is clear in case we ask you for you name or E-Mail Address but also other direct or indirect identifyers, such as IP addresses, Phone numbers, Customer IDs, and any other data that can make a natural person identifiable, is regarded as personal data and is as such protected.

What Data Processing means:

‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

The legal basis for the processing of personal data Data in the EU is governed by the EU-General Data Protection Regulation (GDPR). We will take reference to that regulation wherever necessary and appropriate.

The information below follow the Rules of Section 13 and 14 GDPR, depending from whether we collect data from you directly or indirectly.

II. Information about the Data Controller 🔗︎

The data controller in accordance with Article 4 Nr. 7 of GDPR is

Maltego Technologies GmbH

Paul-Heyse-Straße 29, 80336 Munich

contact@maltego.com (see our legal notice).

III. Contact Data of the Data Protection Officer 🔗︎

Maltego Technologies GmbH, att.: Data Protection Officer,

Paul-Heyse-Straße 29, 80336 Munich

dataprotection@maltego.com

The data protection officer is your first point of contact for all data related questions or any information you may want additionally or according to this policy and the processing of personal data.

IV. Processing of Personal Data when interacting with us 🔗︎

What data do we process:

We store the data you disclose when contacting us by email or using a contact form (your email address and, if provided by you, your name, department, license key and order number) to answer your questions. For order purposes we may furthermore request payment details, your invoice and shipment address or any other required details. For the processing of order and registration data, please refer to the separate Data Privacy Policy. If you access our recruiting portal, please refer to the Recruiting Privacy Policy.

Why do we need this data It is necessary to enter a valid email address so we can find out by whom the request is from and to enable us to respond to it. Further information can be given on a voluntary basis and may be necessary for the individual request or order. You can contact us for different purposes. The single purpose will be visible in the respective contact page:

  • Price inquiry
  • Ticket Submission (e.g. for product info, purchase order, issue reporting, partner requests)
  • Partner signup
  • E-Mail contact
  • Job Application
  • Product Order in Webshop

The legal basis for it

The processing of data for the purposes of contacting us is carried out according to Article 6 (1) sentence 1 lit. a GDPR on the basis of your freely given consent. For purchase order submission or support requests the legal basis is Article 6 (1) sentence 1 lit. b

How long do we store your data

After the storage is no longer required for getting in contact with you we delete all data collected in this context. That means unless you consented otherwise, we will delete or we restrict the processing, if there are legal obligations to retain such data.

In case we engage service providers for individual functions offered on our website or we want to use your data for marketing purposes, we will provide detailed information on these processes below. We also define the criteria determined for the duration of the storage below.

V. Processing of personal data when visiting our website 🔗︎

What data do we process

In case you use the website for informational purposes only and you choose not to register or provide information to us in another way, we only collect the personal data your browser transfers to our server. This information is temporarily stored in a so-called log file on a regular basis. This exclusively concerns information which does not permit any conclusions to be drawn about you as a person and that is produced inevitably when using the Internet. Anonymous information of this kind is evaluated by us for statistical purposes in order to optimize our website and the technology behind it:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Volume of data transferred in each case
  • Website the request comes from
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

If you use our website for product order or product access, please refer to the data policy for our products.

Why do we need this data

When you look at our website, we collect the data above because it is technically necessary in order to be able to display our website to you and to ensure the stability and security.

Furthermore the data mentioned is processed by us for the following purposes:

  • Ensure a smooth connection set-up of the website,
  • Ensure a comfortable use of our website,
  • Ensure the system security and stability including the detection and prevention of technical or fraud attacks, as well as
  • For further administrative purposes.

The legal basis for it

The legal basis for this is Article 6 (1) sentence 1 lit. f GDPR).

Our legitimate interest results from the data collection purposes listed above.

How long do we store your data

The data relevant for fraud and attack-prevention (IP-Adress and the name of your Internet provider) we store for security reasons for a limited period of time in order to safeguard website abuse. After that the other data mentioned above will allow no reference to you and will as such be fully anonymous.

VI. Cooperation with third parties 🔗︎

We partially use external service providers to process your data on our behalf. These have been carefully selected and commissioned by us. They are bound by our instructions and controlled regularly.

Third Parties that act on our behalf for selected purposes

We use third party providers for the following functions on our website:

  • process contact requests through contact forms
  • operate the webshop including shipment/download provision and billing
  • operate the jobportal
  • operate data centers for the processing of our data

Third parties commissioned by us will process the date only based upon our instructions and they will not process the data for own purposes unless you are otherwise informed and consented in the relevant sections of our website.

Third parties to whom we transfer data for other purposes

We may also pass on your personal data to third parties if we offer participations in campaigns, competitions, contracts or similar services in cooperation with other partners. Further information on this will be made available to you when entering your personal data or at the description of the service.

There may also be a legal obligation or permission to pass data over to third parties e.g. if requested for a legal reason by public authorities or if necessary to pursue fulfilment duties or claims and defences.

Employees of our company and service providers who support us in data processing within the scope of order processing (service providers for IT operation, website operation and contact processing) have access to your personal data to the extent necessary to fulfil the purposes. Any existing deviations are expressly described. We are legally obliged in individual cases to transmit personal data to authorities (e.g. requests for information from investigating authorities) or natural/legal persons (e.g. to assert claims).

What is the legal basis for third party transfer?

Your personal data is not transferred to third parties for purposes other than those listed in the following. We only pass on your personal data to third parties, if:

  • you have explicitly given your consent to this in accordance with Article 6 (1) sentence 1 lit. a GDPR, or
  • the transfer pursuant to Article 6 (1) sentence 1 lit. f GDPR is necessary for the establishment, exercise or defence of legal claims and there is no reason to believe that you have an overriding legitimate interest in not passing on your data, or
  • there is a legal obligation to transfer personal data according to Article 6 (1) sentence 1 lit. c GDPR or
  • this is permitted by law and - in accordance with Article 6 (1) sentence 1 lit. b GDPR - necessary to process contracts we concluded with you.

VII. Place of data processing 🔗︎

We process your personal data in principle only in Germany and in the European Union. Service providers who process personal data on our behalf outside the European Union (so-called third countries) will only be used if there is a “adequacy decision” of the European Commission (Art. 45 GDPR) for this third country, “suitable guarantees” (Art. 46 GDPR) or “internal data protection regulations” (Art. 47 GDPR) for the recipient. General information on the adequacy decisions can be found at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries.de, on the available suitable guarantees at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de and https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_de, and on the internal data protection regulations at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/binding-corporate-rules_de. For further information, please contact our data protection officer. In addition, your personal data will be processed in third countries if it is necessary to fulfil the contract, if you have consented or if there is a legal obligation.

As far as our service providers or partners have their registered office in a country outside the European Economic Area (EEA), we will provide information on the consequences of this fact in the description of the service.

VIII. Information on the use of cookies, pixels and similar technologies 🔗︎

We at Maltego use cookies on this website. Cookies are small text files on your computer, among other things to recognize you as a user. Cookies help us to make our online services user-friendly and tailor-made. We use our own cookies and cookies from third parties. You can configure the setting of cookies at any time. For example, you can set your browser so that it informs you beforehand when cookies are set or completely refuses cookies.

Technically required cookies

Necessary cookies help to make a website usable und smoothly functioning by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies, so they are absolutely necessary for the operation of the website. Their legal use is based upon Art. 6 Para 1 b) GDPR.

As a technically required Cookie we use an inline script “CookieConsent” that stores the cookie approval of the user as offered in the Cookie Banner or on the cookie acceptance page. The following cookies are being used:

personio_session: tracks a visitors session on our job portal as provided by Personio.

kl.locale: used to identify the users language to provide the shop in the users language

kl.pageId: used for the webflow that is the basis of the shopsystem. It is needed to provide a correct checkout experience

rc::c: used to distinguish between humans and bots.

Preference Cookies

Preference cookies allow our Web page to remember information that affects the way our Web page behaves or looks, such as your preferred language or the region you are in.

You can give your consent after displaying a corresponding note, by checking the box ”Preferences” in the note displayed before the use of our Website or giving your consent at a later stage. The revocation of your consent does not affect the legality of the processing that took place on the basis of your consent until you revoke your consent.

The legal use of these cookies is based upon Art. 6 Para 1 b) GDPR.

As a preference cookie, we use the cookies “CookieConsentBuldSetting and CookieConsentBulkTicket. Both Cookies activate your approval to use cookies for several of our websites. If you don´t accept these cookies, you may be asked for extra cookie approval on each of our sub-pages.

Cookies for anonymous tests & statistics

These cookies can be used to measure the reach of our own offering or to understand how you interact with our website by collecting information anonymously. The set cookie enables us to track, among other things, which website was visited before our website was accessed and how our website was used. We use this data, among other things, to optimise our website by evaluating the campaigns we have carried out.

The legal use of these cookies is based upon Art. 6 Para 1 b) GDPR.

The data is stored in such a way that no inference can be made about you as a person (visitor to our website).

You can give your consent after displaying a corresponding note, by checking the box ”Statistics” in the note displayed before the use of our Website or giving your consent at a later stage. The revocation of your consent does not affect the legality of the processing that took place on the basis of your consent until you revoke your consent.

As statistic cookies we use third party cookies operated by Google LLC (Mountain View, California) in the United States. Google is compliant with the EU Data Privacy Shield. The following cookies are being used:

_gid: registers a unique ID being used to generate statistical data about the visitor´s website use.

_hjid and hjViewportID: Create a unique session ID. This helps to understand user behaviour on the website.

_collect: Used in order to send google analytics data about the used device and the user behaviour. It tracks the user across devices and marketing channels.

_hjincludedInSample: determines if the user navigation should be registered in a particular statistical place holder.

_hjRecordingEnabled: Used to identify the user and to optimize marketing relevance by collecting visitor data from different websites. This exchange of user data is normally provided by a third party data center or ad-exchange service.

_kl.redirectUrl: This cookie hands the referrer to the webshop for information on the user’s origin.

Cookies for marketing purposes

Marketing cookies are used to follow visitors to websites. The intent is to display ads that are relevant and appealing to the individual user and are therefore more valuable to publishers and third party advertisers. When you visit another website, your browser’s cookie is recognized and selected advertisements are displayed based on the information stored in this cookie. These cookies are only activated if you have given your consent according to Art. 6 para. 1 a) GDPR.

You can give your consent after displaying a corresponding note, by checking the box ”Marketing” in the note displayed before the use of our Website or giving your consent at a later stage. The revocation of your consent does not affect the legality of the processing that took place on the basis of your consent until you revoke your consent.

IX. Analytic tools 🔗︎

What are Analytic tools?

Analytic tools, also called tracking tools, typically examine where visitors come from, which areas of a website are visited and how often and for how long which subpages and categories are viewed. They are mainly used to optimize the website and to better achieve website goals (e.g. frequency of visits, increase in page views, orders, newsletter subscriptions). Basically, Web Analytics can differentiate between evaluation procedures for permanent measurement of site effectiveness and methods for finding weak points in the site and opportunities for improvement.

For what purpose do we use analytic tools?

With the methods of tracking used, we want to ensure a demand-oriented design and the continuous optimization of our website. Apart from that, we make use of methods of tracking to keep statistic records of the use of our website and to evaluate these for the purposes of optimizing our offer for you.

What is the legal basis for it?

The methods of tracking used by us - which are listed below - are performed on the basis of Article 6 (1) sentence 1 lit. f GDPR. These interests are considered to be legitimate according to the above-mentioned provision.

When using these analysis tools, data can be transferred to servers located in the USA and processed there. Please note the following: From the point of view of the European Union, there is no “adequate level of protection” for the processing of personal data in the USA that corresponds to EU standards. However, this level of protection can be replaced for individual companies by certification according to the so-called “EU-U.S. Privacy Shield”.

Which analytic tools do we use and which data do they process?

Name Provider with address Processed data categories Purposes of data processing Ability to stop data processing Further information / Data protection notices of the provider
Hotjar Hotjar, an analysis software program by Hotjar Ltd. (“Hotjar”) (https://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe) The information that is thereby generated by the tracking code and cookie regarding your visit to our website is sent to the Hotjar server in Ireland, where it is stored. The following information is collected by the tracking code: a) Device-dependent data: The following information can be recorded by your device in your browser: •Your device’s IP address (collected and stored in an anonymous format) •Your device’s screen size •Device type and browser information •Geographic location (only the country) •The preferred language in which to present our website •Log data b) The following data is automatically generated by our server when Hotjar is used: •Referring domain •Webpages visited •Geographic location (only the country) •The preferred language in which to present our website •Date and time of access With Hotjar it is possible to gauge and evaluate usage behavior (clicks, mouse movements, scroll height, etc.) on our website. Hotjar will use data to evaluate your use of our website and to generate reports on your use as well as to provide other services related to your use of the website and internet analyses of the website. You can prevent Hotjar from recording data by clicking on the following link and following the instructions: https://www.hotjar.com/opt-out. Hotjar also uses third-party services to provide its service, for example Google Analytics and Optimizely. These third-party entities can store information that your browser sends during your visit to our website, for example cookies or IP inquiries. For more information on how Google Analytics and Optimizely store and use data, please see their corresponding data protection declarations. Optimizely’s data protection declaration can be found under the following link: https://www.optimizely.com/de/privacy/ The cookies used by Hotjar have different lifespans; some remain valid for up to 365 days, others only during the current visit.
Google Analytics a web analytics service provided by the Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). Google is being certified according to the EU-U.S. Privacy Shield. In this context pseudonymized user profiles are created and cookies are used. The information on your usage of the website generated by the cookie like browser-type/-version, used operating system, referrer URL (the previously visited website), host name of the accessing computer (IP address), time of the server request, For the purposes of a demand-oriented design and the continuous optimization of our website This information is used to evaluate the use of the website, to generate reports on the activity of the website and to perform further services in connection with the usage of the website and the internet for the purposes of market research and a demand-oriented design of these websites. Where appropriate, this information is also transferred to third parties, as far as this is required by law or to the extent that third parties process this data on behalf of Google. Under no circumstances will Google associate your IP address with any other data held by Google. The IP addresses are rendered anonymous, which makes an association impossible (IP masking). You can prevent the installation of cookies by adjusting your browser settings appropriately; however, please note you may not be able to fully use all features of this website in this case. Furthermore, you can prevent the collection of data generated by the cookie and related to your usage of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de). Find further information on data protection in connection with Google Analytics in the Google Analytics Help Centre (https://support.google.com/analytics/answer/6004245?hl=de).

X. Other embedded third party connections 🔗︎

We include third-party content on our website. For this purpose, your browser may connect to these third party servers and transmit personal information to these servers. Below you will find information about the content involved and the data processing that occurs:

Name Provider with address Processed data categories Purposes of data processing Ability to stop data processing Further information / Data protection notices of the provider
YouTube / YTMG.com YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA ( vertreten durch Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA) IP address, URL of the page visited, HTTP header information (e.g. the browser used, the operating system used, the resolution and the language set); Link to existing Google user profile if necessary Viewing YouTube videos Disabling Javascript in browser settings advanced privacy mode enabled, YouTube does not set cookies; https://policies.google.com/privacy?hl=en&gl=en
Cloudflare Cloudflare, Inc. 101 Townsend Street San Francisco, California 94107 Online properties identification data, professional life data, personal life data, connection data, or localization data (including IP addresses) Necessary for the provision of the Service, as CDN (“Content Delivery Network”) to secure this website and optimize loading times Cloudflare also operates under the EU-US “Privacy Shield”-Agreement. Privacy Policy:  https://www.cloudflare.com/privacypolicy/
Personio Personio GmbH, Rundfunkplatz 4, 80335 München, Deutschland Name (first and last names), E-mail address, Phone number, LinkedIn profile (optional), Channel through which you found us Furthermore, you can choose to upload expressive documents such as a cover letter, your CV and reference letters. These may contain additional personal data such as date of birth, address etc Management of recruitment process, processing of applications to open positions, contract preparation Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers a human resource and applicant management software solution (https://www.personio.com/legal-notice/)

XI. Your rights 🔗︎

You have the right:

  • according to Article 15 GDPR to access information on your personal data which has been processed by us. In particular, you may access the information on the purposes of processing, the categories of personal data, the categories of recipients to whom your personal data has been or will be disclosed, the envisaged period of storage, the existence of the right to rectification, erasure, restriction of processing data or objection, the existence of the right to lodge a complaint, the source of your data, insofar as it was not collected on our part, as well as the existence of automated decision-making, including profiling and, if applicable, meaningful information on the details;
  • according to Section 16 GDPR to claim rectification of inaccurate personal data or the completion of incomplete personal data that is stored with us;
  • According to Section 17 GDPR to claim the erasure of the personal data stored with us GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • according to Article 18 GDPR to claim the restriction of processing of your personal data as far as the accuracy of the personal data is contested, the processing is unlawful but you oppose to the erasure and we no longer need the data, but you require them for the establishment, exercise or defense of legal claims or you have objected to the processing of your personal data in accordance with Article 21 GDPR;
  • to receive the personal data you provided to us in a structured, commonly used and machine readable format or to claim the transmission to another controller according to Article 20 GDPR;
  • to withdraw your given consent at any time by notifying us in accordance with Article 7 (3) GDPR. This has the consequence that we cannot continue the data processing which was based on this consent in the future and
  • to complain with a supervisory authority in accordance with Article 77 GDPR. In general, you may turn to the supervisory authority of your habitual residence or your place of work or of the locations of our law office.

You also have the right to lodge a complaint with a supervisory authority regarding the processing of your personal data by us.

XII. Right to object 🔗︎

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning yourself which is based on Article 6 (1) sentence 1 lit. f of the GDPR (processing on the basis of a balance of interests).

In case you object we shall no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.

In individual cases we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning yourself for such marketing purposes.

XIII. Objection or withdrawal concerning the processing of your data 🔗︎

(1) If you have given consent to the processing of your data, you can withdraw this consent at any time. After notifying us, this withdrawal has influence on the legitimacy of the processing of your data.

(2) As far as the processing of your personal data is based on the balance of interests, you can object to the processing. This is the case, if the processing is particularly not required for the performance of a contract with you. In each case we outline this in the following description of the functions. When exercising such a right to object, we kindly ask you to set out the reasons why we should not process your personal data the way we do. In the case of a reasoned objection we shall consider the situation and then either stop or modify the data processing or point out compelling legitimate grounds based on which we will continue the processing.

(3) You may, of course, object to the processing of your personal data for marketing purposes and data analysis at any time. You can inform us on your objection against advertising via the following contact details:

Maltego Technologies GmbH

Paul-Heyse-Straße 29, 80336 Munich

dataprotection@maltego.com

XIV. Data security 🔗︎

(1) In order to protect the security of your data during the transfer we use the latest encryption method (such as SSL) via HTTPS. You can find out whether a single page of our website is transmitted encrypted by looking for the icon showing a closed key or padlock in the lower status bar of your browser.

(2) Apart from that we use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against access by unauthorized third parties. Our security measures are continuously improved in line with technological development.

XV. Updates and changes of this Website Privacy Policy

(1) This Website Privacy Policy is currently valid and is dated as of January 2020.

(2) We reserve the right to adjust this Website Privacy Policy occasionally to make sure it always complies with the current legal requirements or to implement changes to our services in the Website Privacy Policy, for example, if new services are introduced. In case you visit our website again, the new Website Privacy Policy shall apply.

(3) You can access and print the latest version of the Website Privacy Policy on the website (https://www.maltego.com/website-privacy/) at any time.

Pick the right product and get started.