Privacy Policy

How we protect your data

Note: This is a convenience translation. Only the German version is legally binding.

Last updated: June 2024

I. General Information

secforge GmbH, Starterzentrum | Campus A1.1, 66123 Saarbrücken, places great importance on protecting the personal data of users of our website www.secforge.de. Below, we would like to inform you in detail about which data we collect from you when you visit our website and use our services, how this data is processed or used, and what rights you have in this regard.

Your personal data is processed by us only on the basis of statutory data protection law, namely the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Digital Services Act (DDG).

The scope of data we collect and process varies depending on whether you only visit our website to retrieve information or also use services offered by us through our website.

II. Data Controller

The controller within the meaning of the General Data Protection Regulation and other data protection provisions is:

secforge GmbH, Starterzentrum | Campus A1.1, 66123 Saarbrücken,

represented by its managing directors Mikhail Kovalev and Steffen Heil.

Contact:
Phone: +49 681 93355400
Email: contact@secforge.de

III. Definitions

Our privacy policy uses the terminology of the EU General Data Protection Regulation (GDPR), which we would like to briefly explain for your easier understanding. These and other definitions can be found in Article 4 of the GDPR.

1. Personal Data

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

2. Data Subject

"Data subject" means any identified or identifiable natural person whose personal data is processed by the controller.

3. Processing

"Processing" means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

4. Restriction of Processing

"Restriction of processing" means the marking of stored personal data with the aim of limiting their processing in the future.

5. Pseudonymization

"Pseudonymization" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

6. Controller

"Controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

7. Processor

"Processor" means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

8. Recipient

"Recipient" means a natural or legal person, public authority, agency, or another body to which the personal data are disclosed, whether a third party or not.

9. Third Party

"Third party" means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

10. Consent

"Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

IV. General Information on Data Processing

1. Categories of Personal Data

We process the following categories of personal data:

  • Master data (e.g., names, addresses, functions, organizational affiliation, etc.);
  • Contact data (e.g., email, telephone/fax numbers, etc.);
  • Content data (e.g., text entries, image files, videos, etc.);
  • Usage data (e.g., access data);
  • Meta/communication data (e.g., IP addresses).
2. Recipients or Categories of Recipients of Personal Data

If we disclose data to other persons and companies such as web hosts, processors, or third parties in the course of our processing, transmit it to them, or otherwise grant them access to the data, this is done on a legal basis.

3. Duration of Storage of Personal Data

The criterion for the duration of storage of personal data is the applicable statutory retention period. After expiration of the period, the corresponding data is routinely deleted, provided it is no longer required for the fulfillment of the contract or the initiation of a contract.

4. Transfers to Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosure or transfer of data to third parties, this only takes place if it is done to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests.

V. Data Processing When Visiting Our Website

1. Log Files

Each time a data subject accesses our website, general data and information are stored in the log files of our system:

  • Date and time of access (timestamp);
  • Request details and destination address (protocol version, HTTP method, referrer, user agent string);
  • Name of the retrieved file and amount of data transferred;
  • Message whether the retrieval was successful (HTTP status code).
2. Malware Detection and Log Data Analysis

We collect log data generated during the operation of our company's communication technology and analyze it automatically, insofar as this is necessary to detect, isolate, or eliminate faults or errors in communication technology or to defend against attacks on our information technology or to detect and defend against malicious software.

3. Cookies and Local Storage

Our website uses so-called cookies and the browser's local storage. Cookies are small text files that are exchanged between the web browser and the hosting server.

4. Hosting

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services that we use for the purpose of operating our website.

VI. Data Processing in Connection with Contacting Us

1. Contact by Email

Contacting our company by email is possible via the email addresses published on our website.

2. Contact by Letter

If you send us a letter, the data you transmit will be stored for the purpose of contacting you and processing your request.

VII. Your Rights

As a data subject, you have the following rights in connection with the processing of your personal data:

1. Right of Access

The data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed.

2. Right to Rectification

The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.

3. Right to Erasure

The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay.

4. Right to Restriction of Processing

The data subject has the right to obtain from the controller restriction of processing.

5. Right to Data Portability

The data subject has the right to receive the personal data concerning him or her in a structured, commonly used, and machine-readable format.

6. Right to Object

The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her.

7. Right to Withdraw Consent

The data subject has the right to withdraw his or her consent to data processing at any time.

8. Right to Lodge a Complaint with a Supervisory Authority

Every data subject has the right to lodge a complaint with a supervisory authority without prejudice to any other administrative or judicial remedy.

VIII. Changes to This Privacy Policy

We reserve the right to change these privacy provisions at any time with effect for the future. A current version is always available on the website.