alsim CLOUD

Data Protection Declaration

In the following Data Protection Declaration we provide you with transparent information about the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data. As far as EU law is concerned, we refer to EU General Data Protection Regulation (GDPR). You can of course read this GDPR online on EUR-Lex, the access to EU law, at link

Data Controller

The Data Controller within the meaning of the EU General Data Protection Regulation and other national data protection laws of the EU member states as well as other data protection regulations is:

ESS Engineering Software Steyr GmbH
Berggasse 35, 4400 Steyr, Austria

The website operator takes your data protection very seriously and treats your personal data confidentially and in accordance with the legal regulations. Since new technologies and the continuous development of this website may result in changes to this privacy policy, we recommend that you read through the privacy policy again at regular intervals. This Data Protection Declaration applies to the internet offer of ESS Engineering Software Steyr GmbH, which can be accessed under the domain as well as the subdomains (in the following referred to as "our website").

Collection and Processing of Personal Data

Access Data

We, the Data Controller, collect data about accesses to the website on the basis of our legitimate interest (see Art. 6 para. 1 lit. f. GDPR) and store them as "server log files" on the website server. The following data is logged in this way:

Reach measurement & cookies

This website uses cookies for pseudonymous range measurement, which are transmitted to the user's browser either by our server or the server of a third party, on the basis of our legitimate interest (see Art. 6 para. 1 lit. f. GDPR). Cookies are small files that are stored on your terminal device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website. If you do not want cookies to be stored on your end device for range measurement, you can object to the use of these files here:

Popular browsers offer the setting option to not allow cookies. Note: It is not guaranteed that you will be able to access all functions of this website without restrictions if you set the appropriate preferences. Required cookies: Storing the session id – one session number Google analytics – three entries needed by google analytics

Registration/Creation of a user account

On our website, we offer you the opportunity to register by providing personal data. With the processed data, we create an individualised user account for you, with which you can use certain contents and services such as simulation of aerosols on our website. We process your e-mail address so that we can send you new access data if you should forget it. The following overview shows you in detail which personal data we process when you register:

In accordance with Art. 6 para. 1 lit. a GDPR, the processing of the personal data presented is based on the declaration of consent voluntarily submitted by you during registration. The declaration of consent is made unambiguously, in an informed manner, relates to the specific processing and has not yet been revoked. A revocation is possible at any time with effect for the future under the above-mentioned contact option of the data protection officer. As soon as the registration or the user account on our website is deleted or modified, the data processed during the registration process will be deleted. Further storage will take place in individual cases if required by law. You have the option to delete the user account at any time. You can also have the data stored about you changed at any time. In case of doubt, please contact our data protection officer at the above-mentioned e-mail address. Earlier deletion of the data is only possible insofar as this does not conflict with contractual or legal obligations. If the processed data is required to fulfil a contract or to carry out pre-contractual measures, deletion is not possible until the purpose has been achieved.

Handling of Contact Data

If you contact us through the contact options offered, your following personal data will be stored so that we can use them to process and respond to your request. The data processing described above for the purpose of contacting you is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of the declaration of consent voluntarily submitted by you during the sending process. As soon as your request has been dealt with and the matter in question has been conclusively clarified, the personal data processed via the contact form will be deleted. Further storage may take place in individual cases if this is required by law.

Dealing with comments and contributions

If you leave a contribution or comment on this website, your IP address will be stored. This is done on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR and serves the legitimate aim of ensuring the prosecution of illegal content. As soon as you delete the contribution or comment, the personal data processed in the context of your contribution or comment will be deleted. Further storage may take place in individual cases if this is required by law.

Google Analytics

This website uses the "Google Analytics" service on the basis of our legitimate interests in optimizing and analyzing our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR the service "Google Analytics", which is provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The service (Google Analytics) uses "cookies" - text files that are stored on your terminal device. The information collected by the cookies is usually sent to a Google server in the USA and stored there. Google LLC complies with European data protection law and is certified under the Privacy Shield agreement:

IP anonymization is used on this website. The IP address of the user is shortened within the member states of the EU and the European Economic Area and in the other contracting states of the agreement. Only in individual cases is the IP address initially transmitted unabbreviated to a Google server in the USA and shortened there. This shortening eliminates the personal reference of your IP address. The user's IP address transmitted by the browser is not combined with other data stored by Google.

As part of the agreement on the order data agreement, which we as website operators have concluded with Google Inc., the latter uses the information collected to create an evaluation of website use and website activity and provides services associated with internet use.

The data collected by Google on our behalf is used to evaluate the use of our online offering by individual users, e.g. to create reports on website activity in order to improve our online offering.

You have the option of preventing cookies from being stored on your device by making the appropriate settings in your browser. It is not guaranteed that you can access all functions of this website without restrictions if your browser does not allow cookies.

Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google Inc. The following link will take you to the corresponding plugin: Alternatively, you can prevent Google Analytics from collecting data about you within this website by clicking on this link (IMPORTANT: insert opt-out link). By clicking on the above link, you will download an "opt-out cookie". Your browser must therefore generally allow the storage of cookies for this purpose. If you delete your cookies regularly, you will need to click on the link again each time you visit this website.

Here you can find more information about the use of data by Google Inc:

Use of social media plugins

Due to our legitimate interest in the analysis, optimization and operation of our online offer (within the meaning of Art. 6 para. 1 lit. f. GDPR), this website uses the Facebook social plugin, which is operated by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The integrations are recognizable by the Facebook logo or the terms "Like", "Like", "Share" in Facebook's colors (blue and white). Information on all Facebook plugins can be found via the following link: Social Plugins - Documentation - Meta for Developers Facebook Inc". complies with European data protection law and is certified under the Privacy Shield agreement:Privacy Shield

The plugin establishes a direct connection between your browser and the Facebook servers. The website operator has no influence on the nature and extent of the data that the plugin transmits to the servers of Facebook Inc. Information on this can be found here: What information does Facebook get when I visit a site with the Like button? | Facebook Help Center The plugin informs Facebook Inc. that you as a user have visited this website. There is a possibility here that your IP address will be stored. If you are logged into your Facebook account during your visit to this website, the aforementioned information will be linked to it.

If you use the functions of the plugin - for example, by sharing or "liking" a post - the corresponding information will also be transmitted to Facebook Inc.

If you would like to prevent Facebook. Inc. linking this data to your Facebook account, please log out of Facebook before visiting this website and delete the stored cookies. Via your Facebook profile, you can make further settings regarding data processing for advertising purposes or object to the use of your data for advertising purposes. You can access the settings here:

What data, for what purpose and to what extent Facebook collects, uses and processes data and what rights and settings options you have to protect your privacy, you can read in the privacy policy of Facebook. You can find them here: Meta Privacy Policy - How Meta collects and uses user data

Secured data transfer and processing

We only transfer or process data to countries outside the EU (partner countries) if you consent to this processing, if this is required by law or contractually necessary, and in any case only to the extent that this is generally permitted. Your consent is in most cases the most important reason that we have data processed in partner countries. Processing personal data in partner countries such as the U.S., where many software vendors provide services and have their server locations, may mean that personal data is processed and stored in unexpected ways. We explicitly point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. Data processing by US services (such as Google Analytics) may result in data not being processed and stored anonymously, where applicable. Furthermore, US government authorities may be able to access individual data. In addition, it may happen that collected data is linked with data from other services of the same provider, if you have a corresponding user account. Where possible, we try to use server locations within the EU, if this is offered.

Rights of the user

As a data subject of a processing of personal data, you have the following rights under the GDPR:

To assert your rights, please contact Alternatively, you can contact the supervisory authority. In Austria, the Datenschutzbehörde ( is responsible for this.

Right to object

When your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the case of direct advertising, you have a general right of objection, which is implemented by us without specifying a particular situation.

Data processing security

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. In this way, we make it as difficult as possible, within the scope of our possibilities, for third parties to infer personal information from our data.

Art. 25 GDPR refers to "data protection through technical design and data protection-friendly default settings" and thus means that both software (e.g., forms) and hardware (e.g., access to the server room) are always designed with security in mind and that appropriate measures are taken. If necessary, we will go into more detail on specific measures below.


Data Security – TISAX

The ENX Association supports with TISAX (Trusted Information Security Assessment Exchange) on behalf of VDA the common acceptance of Information Security Assessments in the automotive industry. The TISAX Assessments are conducted by audit providers that demonstrate their qualification at regular intervals. TISAX and TISAX results are not intended for general public.

For the Engineering Software Steyr GmbH confidentiality, availability and integrity of information have great value. We have taken extensive measures on protection of sensitive and confidential information. Therefore, we follow the question catalogue of information security of the German Association of the Automotive Industry (VDA ISA). The Assessment was conducted by an audit provider, in this case the TISAX audit provider DEKRA ( DEKRA | Alles im grünen Bereich)