Privacy Policy for the E-Mail Encryption Gateway Web Portal

General information

Deutsche Telekom Security GmbH operates this web portal on behalf of its customers, who have the e-mails they send encrypted by Deutsche Telekom Security. These customers have entered into the necessary data protection agreements with Deutsche Telekom Security for this purpose.

In this context, Deutsche Telekom Security acts as processor for its respective customers, who are responsible for the personal data collected here. The person responsible for your personal data is the sender of the encrypted e-mail which you have received and which you want to decrypt on this portal.

This data protection information explains to you which personal data is collected, how it is used and which design options you have.

1. Where can I find the information that is important for me?

This data protection notice provides an overview of the points that apply to the processing of your data in this web portal.

2. Who is responsible for data processing? Who can I contact if I have questions about data privacy at Telekom?

The data controller is the sender of the encrypted e-mail that you have received and for whom Deutsche Telekom Security acts as processor. If you have any questions, please contact our customer service or our data protection officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany, datenschutz@telekom.de.

3. What rights do I have?

You have the right,

1. To request information on the categories of the processed data, processing purposes, any recipients of the data, the planned storage period (Art. 15 GDPR);
2. to request the correction or completion of incorrect or incomplete data (Art. 16 GDPR);
3. revoke your consent at any time with future effect (Art. 7 Para. 3 GDPR);
4. to object to data processing that is to be carried out on the basis of a legitimate interest for reasons that arise from your particular situation (Article 21 (1) GDPR);
5. in certain cases within the framework of Art. 17 GDPR to request the deletion of data - in particular if the data is no longer required for the intended purpose or is processed unlawfully, or you revoke your consent in accordance with (c) above or an objection in accordance with the above (d) have declared;
6. to request the restriction of data under certain conditions, insofar as deletion is not possible or the deletion obligation is in dispute (Art. 18 GDPR);
7. on data portability, i.e. You can save the data you have provided to us in a common machine-readable format such as Receive CSV and if necessary transmit it to others (Art. 20 GDPR);
8. to complain to the competent supervisory authority about data processing (for telecommunications contracts: Federal Commissioner for Data Protection and Freedom of Information; for the rest: for Deutsche Telekom Security State Commissioner for Data Protection and Freedom of Information Hessen for the person responsible for the State Commissioner for Data Protection and Freedom of Information in the federal state in which the person responsible has its registered office.).

4. Who does Deutsche Telekom Security GmbH share my data with?

To subcontractors, these are companies that we instruct to process data within the legal framework, Art. 28 GDPR and which have been approved by the controller as additional processors. In this case, the person responsible remains responsible for the protection of your data. Subcontractors are used in particular in the following areas: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing.

To the customer (responsible) in the context of order processing for the customer.

Due to legal obligation: In certain cases, we are legally obliged to transmit certain data to the requesting government agency.

5. Where is my data processed?

Your data will generally be processed in Germany and other European countries. If your data is processed in exceptional cases in countries outside the European Union (i.e. in so-called third countries), this will take place insofar as you have expressly consented to this or it is necessary for us to provide our services or it is required by law (Art. 49 GDPR). In addition, your data will only be processed in third countries if certain measures ensure that there is an adequate level of data protection (e.g. adequacy decision of the EU Commission or so-called suitable guarantees, Art. 44ff. GDPR).

6. What data is collected, how is it used and how long is it stored?

• Technical features: When you visit our website, the web server temporarily records the domain name or the IP address of your computer, the client's file request (file name and URL), the http response code and the website from which you are visiting us and the email address used.
  The logged data is used exclusively for data security purposes, in particular to prevent attempts to attack our web server (Art. 6 Para. 1 f GDPR). They are neither used for the creation of individual user profiles nor passed on to third parties and will be deleted after 7 days at the latest. We reserve the statistical analysis of anonymized data records.
• Others:
  The data required to use the "Email Encryption Gateway" service include
  • Name (optional)
  • Own email address
  • Email (when using the WebMail interface)
  • Date email sent

The data is used to fulfill the purpose of secure email transmission. The deletion takes place either automatically after the period contractually agreed with your communication partner, after termination of the contract, on request (see 3.e) or if its storage is not permitted for other legal reasons.

7. Techniques

Cookies
We use cookies for certain offers. These are small text files that are saved on your computer. This way it can be recognized if you visit websites repeatedly from the same computer.

Session Cookies are cookies that are only stored on your computer for the duration of an internet session and are required for transactions (e.g. for logging in or processing a purchase). They only contain a transaction ID.

You have the option of setting your browser so that these cookies are not saved at all or that the cookies are deleted at the end of your internet session. Please note, however, that in this case you may not be able to use all the functions of our website. For information on browser settings, see: https://www.sicherdigital.de/sicher-surfen#sicher-surfen-browsereinstellungen

JavaScript
JavaScripts are used to call up the application and transfer the collected parameters to the respective service provider / measurement pixel provider.

Techniques used on these websites and their uses:

On the websites www.meine-cookies.org or www.youronlinechoices.com you can read more information about cookies and the individual providers.
There you also have the option to object to usage-based online advertising by individual or by all companies at http://www.youronlinechoices.com/de/praferenzmanagement/
We have voluntarily submitted to the self-regulation of the German Data Protection Council for Online Advertising (DDOW).