Product Privacy Policy
License Management System
1- Scope of this Notice
This Product Privacy Notice describes how Four Js Development Tools Europe (“Four Js”, “we”) processes personal data collected through its License Management System (the “System”), which is used to activate, validate and monitor licensed use of Four Js software products.
Four Js may update this Notice to reflect changes to the System or applicable data protection laws. Any material changes will be made available through the same channels where this Notice is published.
2. Categories of Personal Data Processed
Based on information provided by the engineering and licensing teams, the System may process the following data categories strictly required for license activation and verification:
- Device identifiers (machine ID or equivalent)
- IP address
- License key or activation token
- Activation and validation timestamps
- Basic usage metrics, such as usage frequency
No marketing, behavioural profiling, or geolocation data is collected through the System.
3. Purposes and Legal Basis
The personal data listed above is processed solely for the following purposes:
| Purpose of Processing | Legal Basis |
|---|---|
| Activating and validating software licenses | Article 6(1)(f) GDPR – legitimate interest |
| Monitoring compliance with license terms | Article 6(1)(f) GDPR – legitimate interest |
| Detecting and preventing unauthorized or fraudulent use | Article 6(1)(f) GDPR – legitimate interest |
Four Js’ legitimate interest is limited to ensuring proper functioning of its licensing
mechanisms and protecting its intellectual property.
4. Source of the Data
Data is obtained:
- directly from the software during activation and use of licensed products; or
- where applicable, from ISVs involved in facilitating license activation.
5. Role of Four Js
For these processing activities, Four Js acts as an independent data controller within the meaning of the GDPR.
6. Recipients and Access
Access to personal data is strictly limited to:
- Four Js licensing and product support teams,
- service providers supporting the operation of the System (e.g., hosting or infrastructure providers).
These recipients act under appropriate confidentiality and data protection obligations.
7. International Data Transfers
Where data is accessed from outside the European Union, such access is secured through one of the mechanisms permitted under Chapter V GDPR (e.g., adequacy decision or Standard Contractual Clauses).
8. Retention Period
Personal data is retained only for the time necessary to activate and validate licenses, monitor compliance, and meet applicable legal obligations. It is then deleted or anonymized in accordance with Four Js’ internal retention rules.
9. Security Measures
Four Js implements technical and organizational measures consistent with Article 32 GDPR, including access controls, infrastructure safeguards and logging mechanisms appropriate to the nature of the processing.
10. Data Subject Rights
Individuals may exercise their GDPR rights (access, rectification, restriction, objection, etc.) by contacting: privacy@4js.com