Privacy Policy

October 9, 2023


KuppingerCole Analysts AG ("KuppingerCole") and its affiliates are committed to protecting your information. Please read this Privacy Policy ("the Policy") carefully as it sets out important information relating to how we handle your personal information.

KuppingerCole as the Data Controller and Issuer of this Privacy Policy

In this Policy, references to "we," "us," or "KuppingerCole" are references to

KuppingerCole Analysts AG
Wilhelmstr. 20-22
65185 Wiesbaden

and all its group companies doing business under the KuppingerCole name. Certain KuppingerCole products and services may have additional privacy policies; if so it is stated together with the terms of use for these products and services.

Data Protection Officer; Personal Data Requests

Questions, comments and requests regarding this Privacy Policy should be addressed to our Data Protection Officer by completing the online form, via email at, or regular mail at:

KuppingerCole Analysts AG
Data Protection Office
Wilhelmstr. 20-22
65185 Wiesbaden

Contact details for our Data Protection Officer:
Oscar Hernandez
KuppingerCole Analysts AG

This Policy sets out how we collect and use personal information, and your choices and rights regarding our use of your personal information.

When does KuppingerCole Collect Information from you?

KuppingerCole collects information when you

  • create, activate and use a KuppingerCole user account and/or license,
  • express an interest in or have signed up for our conferences or products including newsletters, apps, extensions, webinars, and e-books;
  • register for, and attend a virtual, on-site or hybrid KuppingerCole Event; or
  • visit our websites (including our public and/or member-based websites) or social media sites or use one of our mobile applications.

This Policy also applies to information we collect from you via surveys or diagnostic tools as outlined in more detail below. You may be shown an additional confidentiality notice before participating in some of our services. Please note that in cases where the terms of any such survey- or other service related confidentiality notice conflict with any terms in this Policy, the terms of that notice will take precedence over the terms in this Policy. We will not use information we collect via our surveys or other tools to contact you for marketing purposes.

What Kind of Information does KuppingerCole collect?

  • Contact information you may choose to provide while visiting or registering on our Site, including registrations to attend our events. This information may include your: name, address, company name, job title, telephone number, email address, and the name and email of third parties you may provide to us.
  • Contact and other information you make available on social media sites or that is available from public sources.  KuppingerCole may also collect information included in communications between you and representatives from KuppingerCole through emails, social media sites or other virtual platforms regarding products and services that may be of interest to you or your organization.
  • Contact information you may choose to provide for the purpose of participating in KuppingerCole research.
  • If you register to participate in KuppingerCole (virtual) communities i.e. related to a virtual or hybrid event or other shared areas of the Site, you may be asked to create a profile. Your profile may be made available to other members of the shared site(s) and may include the registration information you provide as well as other information you choose to add such as work history and education.
  • Behavioral information about how you use the Site, marketing e-mails you open, e-mail links you click on, that you have responded to an e-mail and your IP address.
  • If you are applying for a job at KuppingerCole we may also collect your resume, work history, and education if you choose to provide or upload your resume via the Site.

How does KuppingerCole use the information?

For Services available and consumend on our website

  1. KuppingerCole uses information that makes you personally identifiable and you share with us to fulfill contractual obligations that may include providing products or services that you or your employer purchased, answer your contract administration related inquiries or communicate with you about your account or transactions with us, and send you information about features on the Site, or changes to our policies or events for which you registered.
  2. We frequently receive briefings or information from third parties willing to participate in its research.  We use any contact information provided in such instances to schedule interviews or conduct surveys.
  3. KuppingerCole regularly analyzes data pertaining to visitor trends, research consumption, and research grading to improve our research, plan site enhancements, measure overall site effectiveness and the effectiveness of e-mail campaigns.
  4. IP addresses are collected in order to maintain our Site security and ensure access to restricted portions of the Site is limited to authorized users.
  5. We may also disclose certain data to third party contractors or vendors in connection with their performance of services to us. Contractual agreements between us and such third parties provide that your information will be kept confidential and secure.

For Services related to KuppingerCole On-site, Virtual and Hybrid Events

KuppingerCole may make available a third-party mobile application during certain events for engagement and networking purposes. When registering for those events you may choose to have your name, company and title be available to event attendees on the mobile application and in form of delegate lists. KuppingerCole also uses a third-party event platform for events in any mentioned format, be it on-site, virtual, or any combination of live and virtual (hybrid events). Your name, company and title will be displayed on KuppingerCole's third-party virtual event platform and will be available to other event attendees in the same way your name, company and title is displayed on your badge during on-site attendance of an event.

KuppingerCole transfers certain information of event registrants and attendees to its event sponsors. Use by sponsors of the information you choose to share with them is subject to GDPR regulation and each sponsor’s Privacy Policy. Please click the link found in the Registration Terms and Conditions of the specific Event for further information. KuppingerCole shares your information with sponsors in the following way:

Pre-Event Lists

Sponsors of a KuppingerCole event are provided with a “Pre-Event List” for event staffing purposes. The list contains job level, industry, country and company name of individuals that have registered for the event. The list may also include whether the individual registered to attend live or virtually. The list does not contain names and contact information of individuals that registered for the event.

3rd Party Opt-In

In addition to the job level, industry and company information stated above, prior to the start of the event you may opt-in to sharing your name, title, company and e-mail address with the sponsors of the event. Should you opt-in you may receive communications from sponsors related to the event. The list may also include whether the individual registered to attend live or virtually.

On-Site & Post Event Delegate Lists

On-site event attendees are provided with badges having QR (or similar) Codes that may be scanned at sponsored activities or sponsor booths. Attendee contact information (first name, last name, title, company, email, work phone, work address, work state, work zip code, country) is transferred to any sponsor that scans the badge for the sponsor’s use in marketing. The list may also include whether the individual registered to attend live or virtually.

Virtual Event Delegate Lists

When visiting a virtual event, the sponsor is able to see your name, title, and company in real-time. If you download information or attend online-sessions, then your contact information (first name, last name, title, company, email, work phone, work address, work state, work zip code, country) is transferred to the sponsor in real-time for the sponsor’s use in marketing. The list may also include whether the individual registered to attend live or virtually.

How we store and delete your data

We store your personal data for as long as we are obligated to do so by applicable laws and regulations or contracts with 3rd parties, or, in lack of the foregoing, until the purpose of processing your personal data has been reached.

In event we enter into a contract with you, we will store your personal data until the ending of this contract and beyond, in as far as we are obligated to do so by applicable laws and regulations, or in event we need this data to fulfill our post-contractual duties under the business relationship, or to rebut claims raised against us.

Where processing your personal data is based purely on your consent, we store your personal data until the purpose of processing your personal data has been reached or you should withdraw your consent, whichever will occur first unless we are obligated to store your personal data for a longer period by applicable laws and regulations.

You can at any time check, amend or delete the personal data made available to us by logging in to your user account and processing the data yourself or by submitting a Data Subject Request via this form. If you delete your user account once and for all, the data stored in the user's user account is automatically totally deleted. A request for deletion is not required. If you want the stored data to be deleted, following your request this will also be deleted immediately. If, for legal reasons, deletion is not possible, the respective data will be blocked instead. Please note however that, if your data is deleted, we are no longer able to offer you the services described here.

If the user deletes his/her user account once and for all, the data record stored in the user's user account is automatically totally deleted.

Consent & Revocation

You can opt out of any data processing that is based on Art. 6 (1) (a) GDPR („consent“) at any time with effect for the future. To do so please submit a Data Subject Request via this form.

Social media platforms and plug-ins

On our website you will find links to social media platforms from Facebook, YouTube, Instagram, Twitter, LinkedIn and Xing where we are present and offer content.

We are present on social media to get in touch with our customers, with interested parties and with other users and to inform about products, events, etc. Please note that personal data is collected and processed by the respective provider when you visit the corresponding pages. The legal basis for the processing of the users' personal data is Art. 6 (1) f) DS-GVO. The legitimate interest of KuppingerCole Analysts AG is the optimal design and improvement of the company presentation.

If you use our offers in the respective social network as a logged-in member, you give your consent to data processing pursuant to Art. 6 (1) a) DS-GVO vis-à-vis the social media platform. In order to understand and improve our activities, we use corresponding evaluations in the form of statistics provided to us by the respective provider.


We use the technical platform of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland for the aforementioned information service.

Please note that you use this Facebook page including its functions under your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

When you visit our Facebook page, Facebook records your IP address, among other things. This and other information is used to provide us, as operators of the Facebook pages, with statistical data about the use of our Facebook page. Facebook provides more detailed information on this under the following link:

The data collected about you may be stored and processed by Facebook Ltd. outside the European Union. We cannot provide any information about whether and how Facebook uses data from visitors to our Facebook page for its own purposes. Likewise, we have no information on whether your data is passed on to third parties, merged with data from other Facebook offers, how long Facebook stores data and whether page visits are assigned to individual users. You can read about what information Facebook actually receives and how Facebook uses it in Facebook's Data Use Policy. In the data usage guidelines, you will also find further contact options for Facebook as well as the setting options for advertisements. You can find the data usage guidelines here:

Facebook's complete data policy can be found here:

We ourselves do not collect and process any further data from your direct use of Facebook.

According to Facebook, Facebook stores your IP address when you visit our Facebook page. According to Facebook, this is anonymized and deleted after a storage period of 90 days (German IP addresses). In addition, Facebook stores information of the end devices that you use for the visit. Through the assignment of IP addresses, it is possible that individual users can be identified here.

Facebook stores cookies with your Facebook ID on your terminal device when you are logged into Facebook. Through this cookie, Facebook can track your page views within Facebook. This also applies to the Facebook page. If you use a Facebook button that is embedded in a website, Facebook can associate this usage with your profile. This enables Facebook to offer you advertising that results from your user behavior.

You can avoid this by logging out of Facebook before visiting our Facebook page and deactivating the "stay logged in" function. In addition, you must delete all cookies from your end device and restart your browser. You will then be able to use our Facebook page without your Facebook identification being processed.

If you would like to avoid Facebook placing cookies and prevent the associated processing of your data, set your browser so that no cookies from third-party providers or from Facebook are permitted.


Selected videos are displayed on our website. The videos are made available on the video portal of YouTube LLC., 901 Cherry Ave., 94066 San Bruno, CA, USA, (YouTube) by the brands. In addition, we maintain our own YouTube channel.

YouTube is a subsidiary of Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

Videos are used by us exclusively within the framework of the "Extended Data Protection Mode". According to YouTube, this function only transmits user data to YouTube when a video is actually started.

If you start a video as a logged-in YouTube member, the call-up of the video is linked to your YouTube account. You can prevent the linking of this information if you log out of your YouTube account before visiting our website. Alternatively, you can also make the necessary settings in your YouTube user account.

YouTube stores permanent cookies on your terminal device in order to ensure functionality, according to its own statement, and to analyze user behavior. You can prevent cookies from being stored on your end device by making the appropriate settings in your browser.

Under the following link you will find more information about data collection by Google and about your rights against Google:


We use the technical platform of Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland or Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) for the aforementioned service. Instagram stores personal data about you when you visit this page.

It is likely that the data collected about you by Facebook Ltd. will be stored and processed outside the European Union.

As an Instagram user, you can influence the storage of data and the collection of user behavior by Instagram in your profile settings by making the appropriate settings.

For more information, see the Facebook and Instagram settings:

or the form for the right of objection at:

For more information about Facebook's handling of personal data on Instagram, please see their privacy policy at or under


We use the technical platform and services of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA for the short message service offered here.

Please note that you use Twitter including its functions on your own responsibility. This applies especially to the use of interactive functions (e.g. commenting, sharing, rating).

When you use Twitter, data about you will be stored and processed outside the European Union. The data that may be transferred includes your IP address, the application used and information about the terminal device you are using. Data regarding your location and web pages accessed may also be affected.

Twitter links this collected data to your Twitter account and may thus be able to create a behavioral profile. We cannot influence the type and scope of the data collected by Twitter. We also have no influence on whether Twitter passes on your data to third parties or for what purposes Twitter uses the stored data beyond this.

Under the following link you will find relevant information about what data Twitter says it collects and processes:

If you have a Twitter account and would like to view information about the data we hold about you on Twitter, you can do so by following the link below:

Furthermore, you have the option of directing your questions about data protection to Twitter via the Twitter data protection form. In addition, you have the option of downloading your Twitter archive:

We do not collect or process any other personal data from your direct use of Twitter. We use Twitter Analytics for a statistical evaluation of our activities on Twitter. This function enables us to optimize our presence on Twitter and does not allow any conclusions to be drawn about the data of individual users.

In the settings of your Twitter account, you have the option to restrict the processing of your data by Twitter ("Privacy and security"). Here you also have the option to restrict Twitter's access to your contact and calendar data, photos and location data on your end device. Information in this regard can be found on Twitter under the following links:


We have integrated components of the LinkedIn Corporation on this website.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection matters outside the USA is LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, responsible. Further information on the LinkedIn plug-ins can be found at

In this case, only the LinkedIn button is embedded on the website as a graphic, which contains a link to the corresponding website of the provider. By clicking the graphic, you will be redirected to the services of the provider. Only then will your data be sent to the provider. If you do not click on the graphic, there will be no exchange of any kind takes place between you and the provider of the social media button.

The applicable data protection provisions of LinkedIn are available at

LinkedIn (Insight-Tag)

We also use conversion tracking on our website with LinkedIn Insights Tag, a tool from LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland. For this purpose, the LinkedIn Insight tag is integrated on our website and a cookie is set on your device by LinkedIn. LinkedIn is informed that you have visited our website and your IP address is collected. Timestamps and events such as page views are also stored. This enables us to statistically evaluate the use of our website in order to constantly optimize it.

We learn, for example, which LinkedIn ad or interaction on LinkedIn brought you to our website. This allows us to better control how our ads are displayed.

For more information on Conversion Tracking, see

Please be aware that LinkedIn's data can be stored and processed so that a connection to the respective user profile is possible and LinkedIn can use the data for its own advertising purposes. For more information, please see LinkedIn's privacy policy at You can prevent LinkedIn from analyzing your usage behavior and from displaying interest-based recommendations at


We have integrated components of Xing on this website. The operating company of

Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. Further information about the Xing plug-ins can be found at

In this case, only the Xing button is integrated on the website as a graphic, which contains a link to the corresponding website of the provider. By clicking on the graphic, you are thus redirected to the services of the provider. Only then will your data be sent to the provider. Unless you click on the graphic, no exchange takes place between you and the provider of the social media button.

The data protection provisions published by Xing, which can be accessed at , provide information about the collection, processing and use of personal data by Xing. Furthermore, Xing has published a privacy policy at PUBLIC data protection information for the XING share button.

Further indications

If you wish to assert your rights against the aforementioned social media platforms, it is advisable that you contact the respective platform directly with your request for information. Even if a joint responsibility arises from the cooperation, the platforms alone have the possibility to provide you with full information about your data stored there. However, if our support is required, you can contact us at any time. If you have any questions about data protection, please contact our data protection officer

Marketing and analysis tools


We use Matomo as a web analytics platform in order to measure, collect, analyse and report visitors data for purposes of understanding and optimizing our website.

Matomo is used to analyse the behaviour of the website visitors to identify potential pitfalls; not found pages, search engine indexing issues, which contents are the most appreciated… Once the data is processed (number of visitors reaching a not found pages, viewing only one page…), Matomo is generating reports for website owners to take action, for example changing the layout of the pages, publishing some fresh content… etc.

Matomo is processing the following personal data:

  • IP address (which is, however, anonymized before further processing)
  • User ID (anonymized)
  • Location of the user (anonymized IP)

And also:

  • Date and time
  • Title of the page being viewed
  • URL of the page being viewed
  • URL of the page that was viewed prior to the current page
  • Screen resolution
  • Time in local timezone
  • Country, region, city

We use Matomo in an anonymised form, in order to exclude the direct individualization of persons, the collected data is stored on our servers in Germany only for the indicated use and for the strictly necessary period of time (at least 30 minutes and no longer than 13 Months)


We use the Salesforce Pardot marketing automation tool to distribute our marketing newsletter. Pardot is marketing automation software by EMEA Limited (Salesforce), village 9, floor 26 Salesforce Tower, 110 Bishopsgate, London, UK, EC2N 4AY. The personal data you share with us when subscribing to our marketing newsletter is also processed in the U.S. for the purposes of mailing the marketing newsletter and for marketing activities. We transmit that information to EMEA Limited (Salesforce). We also use Salesforce Pardot software for the purposes stated above with regard to customer data. Thus, in cooperation with we are better able to customize our communications by evaluating the specific interests of our customers. We believe that communications that specifically address our customers' interests also benefit the customers. Please note that we will analyse your user behaviour when we mail the marketing newsletter. For the purpose of this analysis, the emails that are sent contain web beacons or tracking pixels. For the analyses, we link the data transmitted via these tracking pixels with your e-mail address and a personalized ID. We use the information thus obtained to create a user profile so that we can tailor the marketing newsletter to your particular interests. We record when you read our marketing newsletters and which links you click on in order to infer your personal interests. We link this data to actions that you carry out on our website. If you do not want us to do this, you should cancel your subscription. Tracking of this nature will also not be possible if your email application default settings have disabled the display of images. In this case, you will not see the full content of the newsletter and may not be able to use all its features. If you display the images manually, the tracking referred to above will take place. If you have subscribed to our marketing newsletter and we, as described above, analyse your user behaviour, we will share the information collected in the process for internal marketing purposes only.

The legal basis for processing your data is based on Art. 6 (1) (f) GDPR.


We use Salesforce Inc's cloud platform to manage our customer and potential customer portfolio. In order to do so, we must collect and process certain Personal Data from you. Such Personal Data can include your contact details (e.g. name, email), account creation details (e.g. username, password, security questions) as well as details about your relationship with us (interest in products and services, previous purchase history). The legal basis for the processing are Article 6 (1)(b) of the GDPR, Article 6 (1)(f) of the GDPR under which it is within our legitimate interests to maintain an efficient method of managing our customers as well as with consent, under Art 6 (1)(a) of the GDPR.


We utilize Cvent for managing our webinars and onsite & hybrid events. Cvent is provided by Cvent Inc., located at 1765 Greensboro Station Place, 7th Floor, Tysons, VA 22102, USA.

Cvent ensures an adequate level of data protection for international data transfers. It implements appropriate safeguards, including the use of Standard Contractual Clauses (SCC) approved by the European Commission, to govern the transfer of personal data outside the European Union (EU). Detailed information about these safeguards can be found in the Cvent Data Processing Addendum (DPA), which can be accessed at the following link

For comprehensive details on how data is processed and protected, please refer to Cvent's Privacy Policy, available at the following link
Execution of a Data Processing Agreement

To ensure compliance with German and European data protection requirements, we have entered into a data processing agreement with Cvent. This agreement allows us to implement necessary measures and adhere to the stipulations outlined by German and European data protection authorities when using Cvent.

Data protection rights, your rights as a user

You shall have the right to

  • obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, obtain access to the personal data (Art. 15 GDPR, „right of access“)
  • obtain from us the rectification of inaccurate personal data concerning you and to have incomplete personal data completed (Art. 16 GDPR, „right to rectification“)
  • obtain from us the erasure of personal data concerning you, unless processing is necessary for exercising the right of freedom of expression and information; For compliance with a legal obligation; for reasons of public interest or for the establishment, exercise or defense of legal claims (Art. 17 GDPR, „right to be forgotten“)
  • obtain from us restriction of processing where the accuracy of the personal data is contested by you; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; we no longer need the personal data for the purposes of the processing but they are required by you for the establishment, exercise or defense of legal claims; or you have objected to processing according to Art. 21 GDPR (Art. 18 GDPR, „right to restriction of processing“)
  • receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Art. 20 GDPR, „right to data portability“).

In order to exercise your aforementioned rights, please submit a Data Subject Request via this form.

Right to object

Where data processing is based on Art. 6 (1) (e) or (f) GDPR, we hereby inform you on your right to object at any time to processing of your personal data for aforementioned legitimate interests, based on grounds relating to your particular situation. In this event, we shall no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise or defense of legal claims. Where personal data is processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

In order to object, please submit a Data Subject Request via this form.

Right to lodge a complaint

We shall hereby inform you about your right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR, “right to lodge a complaint”).

Protecting the personal data stored by us

We undertake to protect your personal data. To prevent a loss or unauthorized use of the personal data stored by us, we take extensive technical and organizational security precautions that are checked regularly and are adapted to technological progress. For example, we make use of firewalls, data encryption as well as access control and even physical measures to protect your personal data.

Transfer of data to companies outside the EU/EEA

In some cases, we transfer personal data according to this Privacy Policy to our sponsors or to other entities within the KuppingerCole group that are based in countries outside the EU / EEA. Where data is being transferred outside the EU / EEA, we will provide for an adequate level of data protection by concluding EU Standard Contractual Clauses, unless the recipient of the data is validly registered with the US Data Privacy Shield or other Data Privacy Shields, the exemptions of Art. 49 GDPR applies, or the EU Commission has decided that the recipient country provides for an adequate level of data protection. You shall be entitled to receive a copy of those guarantees safeguarding the protection of your personal data at any time at please submit a Data Subject Request via this form.

Changes and Amendments

As changes in legislation or our internal processes may render it necessary to modify this Privacy Policy, we must reserve the right to do so from time to time. The current Privacy Policy can be retrieved, saved and printed out at any time by accessing our website at Please check regularly.