Business Contacts Privacy Notice (GDPR)

If you are located in the European Economic Area or the United Kingdom and are either personally a customer, prospect, supplier, contractor, service provider or other business partner, or a representative of a current or prospective corporate business partner, of Synopsys, Inc. or any of its global affiliates (such company you do business with is hereafter referred to as "Synopsys", "we," or “us”), this privacy notice is issued to you by Synopsys as the controller responsible for the processing of your personal data.

DATA CATEGORIES COLLECTED

You may provide to us, or we may collect about you, contact information (such as your name, business address, home address, email, phone number), professional information (including, for example, the name of your company, company ID, business title and any social media aliases), identifying information such as preferred name and preferred pronoun, citizenship or residency, data related to purchasing and interactions (e.g., contract negotiations, executed purchase, sales and services agreements, customer support cases, etc.), location information such as country of business, marketing information (e.g., declarations of consent, opt-out requests, physical event attendance such as RSVPs and actual attendance, date and time of engagement with Synopsys, inquiries about products and services and related responses, etc.), accounting and billing information (invoices, banking information, bank records and credit history etc.) and data concerning related IT support and technology requests. Data that you do not provide to us directly is either collected from publicly available sources such as company websites or professional networking sites or provided by another business professional in your field.

PURPOSES OF PROCESSING

We process this data to be able to

• do business with you and contact you about business opportunities;
• interact with prospective and existing customers;
• to identify prospective customer contacts for follow-up by sales and market Synopsys products and services to you;
• advance, enter into, track and perform sales and services agreements with you or the business you represent, including, without limitation, bookkeeping, general ledger, accounts payable, accounts receivable, invoicing, collections, etc.;
• provide customer support and similar services to you; and to
• comply with applicable regulatory obligations.

LEGAL BASES FOR PROCESSING

We process your personal data on several different legal bases, as follows:

1. Based on necessity to perform contracts we might have entered with you personally: We need to process your personal data to fulfill sample requests and orders, answer questions and requests, provide customer support, and to provide similar services as specified above.
2. Based on legitimate interests: We process your personal data in the context of contracts we might have entered into with the business you represent, to send marketing communications (when and as permitted by law), for security and safety reasons, to detect and prevent fraud, to protect and defend the rights or property of others, or our own rights and interests. We consider your privacy interests in this regard and redact personal information to the largest extent practicable to avoid affecting your privacy rights.
3. Based on compliance with legal obligations: We may need to process your personal data to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal process.

YOUR RIGHTS AND CHOICES

You can contact us to obtain copies of your personal data or information about their processing by us. Subject to the applicable statutory prerequisites, you can also ask us to correct or erase your personal data, object to their processing based on legitimate interests, or request the restriction of processing or portability. You can exercise these rights by contacting us at privacy@synopsys.com. You also have the right to lodge a complaint with a supervisory authority. You should understand that having a business relationship with us is voluntary, but it may be impossible to work with you without processing some personal data about you such as your contact information.

SHARING AND INTERNATIONAL TRANSFERS OF PERSONAL DATA

We share your personal data with our affiliates and service providers such as our CRM provider, Salesforce.com. We and our affiliates and service providers process and store your personal data on servers in the United States, which has not received an unqualified adequacy decision by the European Commission. We provide adequate protection for your personal data by having entered into data processing agreements and data transfer agreements that include standard contractual clauses approved by the European Commission. Such data processing agreements and data transfer agreement are available upon request by contacting us at privacy@synopsys.com.

DATA RETENTION

We retain your personal data as long as it is necessary to process the data based on your business relationship with us, and in compliance with applicable law. More information about record retention periods and practices can be obtained by contacting us at privacy@synopsys.com.

DATA PROTECTION OFFICER

You may contact us at privacy@synopsys.com Where applicable, the data protection officer (DPO) of Synopsys GmbH can be contacted at bernhard@synopsys.com.

REPRESENTATIVE

Synopsys' representative in the European Union is Synopsys International Limited, Blanchardstown Corp Park, Block 1, Blanchardstown, Dublin 15, Ireland.