...

Because the product does not store any data outside the client’s device—and we have no access to that data—we currently have no plans to pursue cloud-related certifications such as TSIAX.

Data Privacy

• Outside the scope of licensing data all data is 100% privateAll data—beyond the minimal information required for licensing—is fully private and resides on the user’s device.

• No server communication

  with data

  occurs outside

  the scope

  of license

  check

  checks.

• License information

  contains only required licensing data

  Logging only is limited to essential licensing details only.

• Logs are generated exclusively for licensing and downloading of the tool

  Automatically

  tool-download events, and are automatically deleted after 14 days.

• Users are responsible for data ensuring the safety in context of storage

  • IndexDB is not acceptable permanent data storage user have to save json and pdf files

  • Creation of full backup

  • Creation of report/document saves

Security & Risks

• Servers are Linux low rights servers @Microsoft Azure that are regularly pen tested to avoid delivery of comprised version

• Security Risks due to data communication are negligible due to 100% offline execution

  • Licensing requests are based on minimal required data

• Security Risks for data by our products are low because data is not exchanged

  • IndexDB access is only possible for the correct domain

• Security risks existing only by compromised machines the tool is executed on

  • IndexDB data is protected by the user account the user is using on the device

• Some products allow additional local user logins and also AES data encryption

Copyright

• The software is protected under copyright laws and international agreementsof their locally stored data.

• IndexedDB is not intended for long-term storage; users must back up data by saving JSON and PDF files.

• The tool supports creating full backups and saving reports/documents for data preservation.

Security & Risks

• Secure Server Infrastructure

  • Our servers run on Linux with restricted privileges, hosted in Microsoft Azure.

  • Regular penetration testing ensures no compromised versions are delivered.

• Minimal Data Transmission

  • The software executes fully offline, limiting potential security threats from data communication.

  • Licensing requests transmit only the minimal data required.

• Local Data Storage

  • All product data remains on the user’s device, with no online exchange.

  • IndexedDB access is restricted to the correct domain and protected at the operating system level under the user account.

  • Some products support additional local user logins and AES encryption for enhanced security.

• User-Specific Risks

  • The primary risk arises if the user’s device is compromised; otherwise, security risks are minimal given the local-only data model.

Copyright Notice

This software is protected by copyright laws and international treaties. Any unauthorized reproduction, distribution, or use of this program, in whole or in part, may

...

result in significant civil and criminal penalties, and will be prosecuted to the fullest extent permitted by law. © VDA QMC. All rights reserved.

...

Sales, Distribution & Support

• VDA-QMC (https://vda-qmc.de/en/ ) https:// andwebshop.vda.de/QMC/en/apps):
  DevelopmentSales, distribution, Technical Support and Service Desk management by InfoSysC (https://and non-technical support

• InfoSysC (infosysc.de/impressum):
  Development, technical support, and service desk management