TeamViewer Vulnerability Disclosure Policy: Privacy Notice

We at TeamViewer embrace any responsible disclosure in order to make our products and services better. Therefore, we offer a clear guideline for ethical hackers by providing a VDP (Vulnerability Disclosure Policy). Our aim is to challenge ourselves by allowing you to investigate and discover various bugs or vulnerabilities pertaining to security exploits of our software. The Vulnerability Disclosure Policy as well as a secure way to submit vulnerabilities can be found here.

This privacy notice aims at providing you information on who is responsible for processing your personal data in this connection, how we will process your personal data and other privacy-related information:

1. Controller: TeamViewer Germany GmbH (“TeamViewer”), Bahnhofsplatz 2, 73033 Göppingen, [email protected], is controller of your personal data pursuant to Art. 4 para. 7 General Data Protection Regulation (“GDPR”).
2. Data Protection Officer: TeamViewer appointed Mrs. Hauser as external data protection officer, who can be reached at [email protected] or at intersoft consulting services AG, DSB TeamViewer, Dürener Str. 189, 50931 Cologne, Germany.
3. Categories of Data: You may participate in the Program anonymously. However, if you decide to submit your personal data, we may process it in order to properly identify you (e.g., your name, last name, pseudonym) as well as your contact information (e.g., email, postal address, phone number), your credentials, your country of residence and other personal information, as submitted by you.
4. Purpose of the processing: the purpose of the processing is to work with you in order to resolve the bug and any associated topics around it. As mentioned above, you may also participate within the Program anonymously.
5. Duration of the processing: your personal data will be stored with us as long as it is necessary for processing the bug report. Once the purpose for processing has ceased to exist and statutory retention periods have lapsed, TeamViewer will delete the data in accordance with data protection obligations.
6. Legal basis: Legal basis of the processing is Legal basis for such processing is your consent, i.e., Art. 6 para. 1 lit. a) GDPR.
7. Recipients: We cooperate with YES WE HACK, 14 rue C harles V, 75004 Paris, France to bring the Program to life. YES WE HACK processes your personal data as our processors and is bound to our instructions.
8. Your rights: Under the Art. 12 to 22 GDPR, you have the right to (i) access the information we hold about you, (ii) request a copy of your personal data, (iii) rectify your personal data, (iv) demand erasure, (v) restrict the processing, (vi) portability, (vii) object the processing, (viii) object to the automated decision making, incl. profiling. In addition, you have the right to lodge a complaint with a supervisory authority in relation to the processing of your personal data. In order to file a complaint, please contact the supervisory authority competent for your place of residency or alternatively, you may contact “Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit, Königstraße 10a, 70173 Stuttgart, Germany“.

Should you have any questions, please contact [email protected].