Use and Compliance Data Policy

Version 2019.2

Synopsys Plug-ins - Use and Compliance Data Policy

The Synopsys Plug-ins reports Use and Compliance Data for each data collection tier described below (each a “Data Collection Tier”) through Automated Reporting.  These Plug-ins include:

  • Synopsys Code Sight 
  • Coverity Desktop
  • Coverity CodeXM Language
DATA COLLECTION TIER DESCRIPTION
Plug-in Usage

Plug-in Usage includes the following data:
Anonymized user GUID (generated), IDE type/version, Plug-in/Controller version, OS type/version/architecture, Java/.NET version, Server/Analysis Tools version, RAM size, number of CPU cores, GTK/glibc version (linux only), Feature enablement state, Plug-in feature events (generically recorded), Plug-in feature event results (succeeded or failure and generalized reason for failure), total number of different message types, issues and/or messages the user is encountering

Note that the terms below have the following meanings with respect to the Synopsys Plug-ins:

Automatic Reporting” means the Synopsys Plug-ins will automatically transmit encrypted data of the Use and Compliance Data as identified in the table above to Synopsys via Microsoft Application Insights (https://azure.microsoft.com/en-us/services/monitor/).

Use and Compliance Data” means limited information about the Customer’s use of the Licensed Product as identified in the Data Collection Tier above. Use and Compliance Data does not include (i) any software code owned or licensed by the Customer that the Licensed Product is being used on; or (ii) any personal information from Customers.

Synopsys collects Use and Compliance Data though the Synopsys Plug-ins and uses collected data to provide Maintenance Services and to improve features of the Licensed Product most important to our Customers. Subject to Sections 3 (Confidentiality) and 8.1 (Promotion), as applicable or where such numbering scheme has been changed for Customer’s applicable license terms, the applicable Confidentiality and/or Promotion clause, of the End User Software License and Maintenance Agreement, Synopsys may also use the Use and Compliance Data on an anonymous, aggregated basis for Synopsys product marketing purposes.

Use and Compliance Data by the Synopsys Plug-ins is collected without personally identifying Licensed Product users and without specifically identifying the names of any Code Base or Team (as applicable) comprising the data. Collected data may be stored or processed in the United States or any other country in which Synopsys or its affiliates or contractors maintain facilities.

Customers are permitted to stop the transmission of the Use and Compliance Data to Synopsys by blocking the transmission of data to Microsoft Application Insights on the Customer's computer.

Should Customer attempt to tamper with or modify the Synopsys Plug-ins and / or the Licensed Product in any way (other than as permitted by the terms and conditions of the license to the Licensed Product), Synopsys shall not be responsible regarding the operation of the Synopsys Plug-ins and / or the collection and transmission of Use and Compliance Data.

Synopsys Coverity Connect License Manager - Use and Compliance Data Policy

The Coverity Connect License Manager reports Use and Compliance Data for each data collection tier described below (each a “Data Collection Tier”) through Automated Reporting or Customer Generated Reporting. The License Manager does not report Use and Compliance Data to either Customer or Synopsys when set to Reporting Disabled.

DATA COLLECTION TIER DESCRIPTION
Compliance Compliance includes the following data: number of lines of code scanned; users (including active users and total number of users created), languages analyzed, last commit time; components excluded from analysis (e.g. third party files, Open Source Software)..
Aggregate Usage Aggregate Usage includes the following data: total number of users who have assigned, triaged and/or fixed defects, total number of new, triaged, dismissed, and/or fixed defects by project.
Detailed Usage Detailed Usage includes the following data: defect totals by checker (including fixed, dismissed, total defects by checker), component-level defect totals, stream level defect totals, build and analysis times, individual user activity breakdowns.

Note that the terms below have the following meanings with respect to the Coverity Connect License Manager:

Automatic Reporting” means the License Manager will automatically generate an encrypted data file of Use and Compliance Data as identified in the table above at the frequencies identified above. Use and Compliance Data is transmitted to Synopsys via encrypted email.

Customer Generated Reporting” means the License Manager will generate an encrypted data file of Use and Compliance Data and share it with Synopsys as identified in the table above upon a Synopsys-initiated request.

Reporting Disabled” means the Automatic Reporting will be disabled to both Synopsys and Customer.

Use and Compliance Data” means limited information about the Customer’s use of the Licensed Product identified in each of the Data Tiers. Use and Compliance Data does not include (i) any software code owned or licensed by the Customer that the Licensed Product is being used on; or (ii) any personal information from Customers.

Synopsys collects Use and Compliance Data though the License Manager and Synopsys uses collected data to confirm Customer compliance with the terms and conditions of the Licensed Product license terms, provide Maintenance Services and to improve features of the Licensed Product most important to our Customers. Subject to Sections 3 (Confidentiality) and 8.1 (Promotion), as applicable or where such numbering scheme has been changed for Customer’s applicable license terms, the applicable Confidentiality and/or Promotion clause, of the End User Software License and Maintenance Agreement, Synopsys may also use the Use and Compliance Data on an anonymous, aggregated basis for Synopsys product marketing purposes.
Use and Compliance Data by the License Manager is collected without personally identifying Licensed Product users and without specifically identifying the names of any Code Base or Team (as applicable) comprising the data. Collected data may be stored or processed in the United States or any other country in which Synopsys or its affiliates or contractors maintain facilities.

Should Customer attempt to tamper with or modify the License Manager and / or the Licensed Product in any way (other than as permitted by the terms and conditions of the license to the Licensed Product), Synopsys shall not be responsible regarding the operation of the License Manager and / or the collection and transmission of Use and Compliance Data.