Language:

Privacy policy for the application portal for certificate products

Dear Visitor,

In addition to our Privacy Policy, this page provides more information about how your data is processed when you order our certificate products.

1. What data do we process?

When you order certificate products, we process certificate, contact, order and invoice data, revocation password hashes, certificate identification data, results of sanction list checks and export controls, if necessary, copies of ID documents (passport, ID card and other ID documents) as well as documentation of support/service cases.

In the case of copies of ID documents that have not been redacted, the access number (CAN) and special categories of personal data will be transmitted in the form of a photograph (biometric photo). The photograph is a so-called biometric date that enables unambiguous identification. In cases like these, consent to data processing also refers to this date.

In addition, authorized signatories, third parties authorized to revoke and the identifying persons (government employees, chamber employees, notaries [Notarident], officers [WebRA], postal employees [POSTIDENT], embassy employees) process contact data and the confirmation that they have carried out identification.

IP address pairs, access times and encrypted input content of all users of our Internet service are processed.

In legally justified cases, inquiries regarding data subject rights and data transfers will be documented in accordance with section 8 (2) of the German Trusted Services Act (VDG, Vertauensdienstegesetz).

2. Where does the personal data come from?

The data of the requesters, authorized signatories and third parties authorized to revoke is collected directly via the request page or within a WebRA procedure managed by an officer. Within the scope of verifying the request data, identifying persons, authorized signatories, the personnel department or superiors are contacted and involved in clarifying the correctness of the certificate data and authorizations.

The data of persons involved in the identification or confirmation process is collected directly during the course of their work. Service and support enquiries as well as enquiries regarding data subject rights are provided to us in forms or through other contact options chosen by you.

3. How long do we keep your data?

The traceability of the identification which serves as the basis for issuing a certificate is a quality feature of the certificate. The statutory storage periods or those specified in certifications depend on the specific product.

In the case of qualified signature and seal certificates, the provisions of section 16 (4) VDG on permanent storage apply to certificates and identification data including contact data. This corresponds to the entire duration of operations by our company. If we cease to conduct business, the data will be transferred to the Federal Network Agency or another qualified trust service provider, as required by law.

All other certificate identification data will be deleted eight years after the validity of the last certificate issued on the basis of this data has expired. The revocation password hash is deleted at the latest one year after the validity of the last certificate issued on the basis of this data has expired. The copy of the ID card will be scanned after it is received by post. The paper copy will be destroyed 21 days after receipt. The scan will be deleted after the certificate has been activated or the request cancelled.

Documentation of information provided pursuant to section 8 (2) VDG is stored for twelve months.

IP address pairs and access times are kept for two years due to the certification requirement and are then deleted.

4. For what purposes is the data processed?

Your data will be processed for the following purposes: to establish the identity of the applicant, to check a request and for handling, billing, observing documentation obligations, to warrant the certificate life cycle including revocation and operation of the repository service (status information service), checking cost efficiency and quality, for statistical purposes (anonymized) and in individual cases for troubleshooting, especially in the case of support requests.

Data processing is also carried out as part of measures to maintain information security, especially to detect and ward off attacks, including internal and external audits, export control and sanctions list checks.

In the case of enquiries pursuant to section 8 (2) VDG, the information provided is sent to the competent offices.

5. What is the legal basis for processing?

Certificates and certificate identification data, contact data, order data, invoice data, revocation password hashes and documentation of support/service cases are processed in order to perform the contract with you. Art. 6 (1) lit. b GDPR provides the legal basis for this.

eIDAS Regulation (No. 910/2014) and the Trusted Services Act provide the legal framework for trust services.

We request your consent in order to copy the ID card, passport or other ID document.

Section 8 (2) VDG provides the legal basis for sending the information provided to competent offices.

A legitimate interest within the meaning of Art. 6 (1) lit. f GDPR exists in the following cases:

Information security and preventive measures are carried out using technical and organizational measures, including incident handling, in order to assess and prevent possible damage to our company, the data subjects whose data has been processed and to the trust service users.

D-Trust GmbH is part of a company group. Within the meaning of Recital 48 EU GDPR, Bundesdruckerei GmbH, as a company of the Bundesdruckerei Group, has a legitimate interest in processing certain data centrally. Sanctions list and export control checks, dunning, sales activities and parts of the support service are performed by Bundesdruckerei GmbH.

6. Where can your data be forwarded to?

In order to perform support services, the necessary data will be sent to the customer service unit of Bundesdruckerei GmbH and iNCO Spólka z o.o. (a subsidiary of Bundesdruckerei Gruppe GmbH in Poland).

In addition, officers and identifying persons, auditors, supervisory authorities and, if necessary, competent authorities pursuant to section 8 (2) VDG can access the respective data.

Within the scope of export control, the name and, if applicable, the organization are sent to Bundesdruckerei GmbH's sanctions list server. If matches fail, the date of birth, place of birth and nationality as well as the name at birth are used. In addition, the dispatch address, the country of dispatch, the invoice recipient’s address and, if applicable, other partners are assessed by Bundesdruckerei with a view to export control law.

Bundesdruckerei GmbH also performs parts of commercial processing within the scope of contract handling.

If the certificates were ordered or commissioned via a partner of D‑Trust GmbH, the partner will receive the personal data contained in the certificate to process the purchase or commission, respectively.

There is neither a procedure nor any intention to transfer personal data to a third country or to an international organization.

7. Whistleblower system

Ensuring compliance with legal regulations and internal rules, such as our Code of Conduct, and also with our Code of Conduct for Business Partners is a top priority for the Bundesdruckerei Group. This applies to our own business unit as well as to our supply chains.

It is important to us that risks are identified at an early stage and violations are avoided as far as possible. We want to initiate appropriate countermeasures in good time and avoid possible damages for those affected, as well as customers, employees, business partners and our group of companies.

That is why we have set up an independent, impartial and confidential whistleblowing system that allows internal and external whistleblowers to also report anonymously.

With the help of the transparent Complaints Procedure, we create the greatest possible protection for those affected, the whistleblowers and the employees who are involved in clarifying the reported facts. All actual and alleged violations of legal requirements, the Code of Conduct and the Code of Conduct for Business Partners can be reported under the Complaints Procedure. Likewise, the subject of a report may involve human-rights or environmental risks, or breaches of duty along the entire supply chain of our Group companies and in our own business area.

Rapid, standardised processes plus confidential and professional processing of tips by internal experts form the foundation of this system, which is based on the principle of fair proceedings.

Discrimination or punishment of whistleblowers and persons entrusted with the handling of complaints and tips will not be tolerated.

The aformentioned Complaints Procedure is applicable to Bundesdruckerei Group GmbH and the group companies Bundesdruckerei GmbH, Maurer Electronics GmbH, genua GmbH, D-Trust GmbH, Maurer Electronics Split d.o.o, iNCO Sp. z o.o. and Xecuro GmbH (together being the “Bundesdruckerei Group”).

a) Purpose and legal basis of data processing

The purpose of processing personal data is the management of the whistleblower system, including the detection of serious violations or potential violations of applicable law or other serious matters.

The processing of personal data is necessary for the fulfillment of legal obligations to which we are subject; see Art. 6 (1) (1) (c) GDPR. This is the law for better protection of whistleblowers (Whistleblower Protection Act – Hinweisgeberschutzgesetz, HinSchG).

The processing serves to safeguard the legitimate interest in the detection of serious violations or potential violations of applicable law or other serious matters pursuant to Art. 6 (1) (1) (f) GDPR.

As far as the processing of special categories of personal data is concerned, processing on the basis of the Whistleblower Protection Act is necessary for reasons of substantial public interest, see Art. 9 (2) (g) GDPR. Special categories of personal data are processed pursuant to Art. 9 (2) (f) GDPR in conjunction with Art. 6 (1) (1) (f) GDPR for the establishment, exercise or defence of legal claims.

Data subjects are persons who are the subject of the notification. They may be employees, contractual partners or other persons who are professionally associated with us. In addition, we process personal data about whistleblowers even if the contact information or other information transmitted or communicated by them exposes their identity. Whistleblowers must therefore be aware that we may process personal data about them in connection with the processing of the reported case.

b) Categories of personal data

The report can be made anonymously. In this case, no personal data of the whistleblower will be processed.

The categories of personal data processed will depend on the information reported. If the whistleblower reports personal data about another person, including that of the person or persons being reported on, this personal data will also be processed. The following categories of personal data may be processed:

  • General personal data (name, address, e-mail address, telephone number, position, etc.)
  • Personal data relating to criminal convictions or suspicion of such
  • Special categories of personal data (information revealing racial or ethnic origin, political opinions, religious or philosophical convictions or trade union membership, data concerning health and data concerning a person’s sex life or sexual orientation)

We advise the whistleblower only to report information that is of specific relevance to the reported case and, in particular, not to report sensitive information unless it is of central importance for the processing of the reported case.

c) Obligation to provide personal data

There is no obligation to provide the personal data listed under section b, as it is also possible to report anonymously. However, it may not be possible for us to process the report without being provided with personal data.

d) Recipients of personal data

The reports are documented as a process in the WhistleB System at Bundesdruckerei GmbH. Following an assessment, the processes are passed on internally to the relevant departments, and any necessary follow-up measures are initiated. If a report concerns one of the Group companies of the Bundesdruckerei Group, these processes will be forwarded to the responsible persons of the respective Group company and evaluated internally by the responsible person, and any necessary follow-up measures will be initiated. Personal data is only passed on for a specific purpose and in accordance with the principle of data minimisation; in other words, only the personal data that is absolutely necessary to process the notification is passed on.

We disclose personal data about the whistleblower to authorities if this is necessary to deal with serious offences or serious matters or to ensure the right of defending the data subjects. In other cases, personal data about the whistleblower will only be passed on with the consent of the whistleblower. Personal data about persons other than the whistleblower will only be passed on in the context of following up a reported case or to deal with serious offences or serious matters.

The reporting platform is provided by the processor, WhistleB Whistleblowing Centre AB, Stockholm, Sweden. Further information on WhistleB, Whistleblowing Centre AB can be found in the Terms of Use.

e) Storage duration

Personal data that proves to be irrelevant for the processing of a reported case, along with reports that we consider to be unfounded, is immediately categorised as “irrelevant”, and any personal reference (unless it is already an anonymous report) is removed. In order to guarantee compliance with the legally required documentation obligation or statutory deletion period from Sec. 11 (1), (5) HinSchG, this report will then be archived at first (without personal reference), but not yet deleted. Archived cases are used exclusively to fulfil documentation obligations and can therefore no longer be called up for processing.

Reports and personal data collected in the course of processing a report form the basis for further processing and are anonymised as soon as possible. However, if the need for follow-up measures within the meaning of Sec. 3 (8) and Sec. 18 HinSchG arises, it is possible that the anonymisation must be deviated from due to an official order or in order to secure legal claims. In this case, pseudonymisation is generally striven for unless something else has been specified (e.g., by a court order). The documentation will be deleted three years after completion of the procedure. The documentation may be kept for longer to fulfil the requirements of this Act or other legislation, as long as this is necessary and proportionate.

Ensuring compliance with legal regulations and internal rules, such as our Code of Conduct, and also with our Code of Conduct for Business Partners is a top priority for the Bundesdruckerei Group. This applies to our own business unit as well as to our supply chains.

It is important to us that risks are identified at an early stage and violations are avoided as far as possible. We want to initiate appropriate countermeasures in good time and avoid possible damages for those affected, as well as customers, employees, business partners and our group of companies.

That is why we have set up an independent, impartial and confidential whistleblowing system that allows internal and external whistleblowers to also report anonymously.

With the help of the transparent Complaints Procedure, we create the greatest possible protection for those affected, the whistleblowers and the employees who are involved in clarifying the reported facts. All actual and alleged violations of legal requirements, the Code of Conduct and the Code of Conduct for Business Partners can be reported under the Complaints Procedure. Likewise, the subject of a report may involve human-rights or environmental risks, or breaches of duty along the entire supply chain of our Group companies and in our own business area.

Rapid, standardised processes plus confidential and professional processing of tips by internal experts form the foundation of this system, which is based on the principle of fair proceedings.

Discrimination or punishment of whistleblowers and persons entrusted with the handling of complaints and tips will not be tolerated.

The aformentioned Complaints Procedure is applicable to Bundesdruckerei Group GmbH and the group companies Bundesdruckerei GmbH, Maurer Electronics GmbH, genua GmbH, D-Trust GmbH, Maurer Electronics Split d.o.o, iNCO Sp. z o.o. and Xecuro GmbH (together being the “Bundesdruckerei Group”).

a) Purpose and legal basis of data processing

The purpose of processing personal data is the management of the whistleblower system, including the detection of serious violations or potential violations of applicable law or other serious matters.

The processing of personal data is necessary for the fulfillment of legal obligations to which we are subject; see Art. 6 (1) (1) (c) GDPR. This is the law for better protection of whistleblowers (Whistleblower Protection Act – Hinweisgeberschutzgesetz, HinSchG).

The processing serves to safeguard the legitimate interest in the detection of serious violations or potential violations of applicable law or other serious matters pursuant to Art. 6 (1) (1) (f) GDPR.

As far as the processing of special categories of personal data is concerned, processing on the basis of the Whistleblower Protection Act is necessary for reasons of substantial public interest, see Art. 9 (2) (g) GDPR. Special categories of personal data are processed pursuant to Art. 9 (2) (f) GDPR in conjunction with Art. 6 (1) (1) (f) GDPR for the establishment, exercise or defence of legal claims.

Data subjects are persons who are the subject of the notification. They may be employees, contractual partners or other persons who are professionally associated with us. In addition, we process personal data about whistleblowers even if the contact information or other information transmitted or communicated by them exposes their identity. Whistleblowers must therefore be aware that we may process personal data about them in connection with the processing of the reported case.

b) Categories of personal data

The report can be made anonymously. In this case, no personal data of the whistleblower will be processed.

The categories of personal data processed will depend on the information reported. If the whistleblower reports personal data about another person, including that of the person or persons being reported on, this personal data will also be processed. The following categories of personal data may be processed:

  • General personal data (name, address, e-mail address, telephone number, position, etc.)
  • Personal data relating to criminal convictions or suspicion of such
  • Special categories of personal data (information revealing racial or ethnic origin, political opinions, religious or philosophical convictions or trade union membership, data concerning health and data concerning a person’s sex life or sexual orientation)

We advise the whistleblower only to report information that is of specific relevance to the reported case and, in particular, not to report sensitive information unless it is of central importance for the processing of the reported case.

c) Obligation to provide personal data

There is no obligation to provide the personal data listed under section b, as it is also possible to report anonymously. However, it may not be possible for us to process the report without being provided with personal data.

d) Recipients of personal data

The reports are documented as a process in the WhistleB System at Bundesdruckerei GmbH. Following an assessment, the processes are passed on internally to the relevant departments, and any necessary follow-up measures are initiated. If a report concerns one of the Group companies of the Bundesdruckerei Group, these processes will be forwarded to the responsible persons of the respective Group company and evaluated internally by the responsible person, and any necessary follow-up measures will be initiated. Personal data is only passed on for a specific purpose and in accordance with the principle of data minimisation; in other words, only the personal data that is absolutely necessary to process the notification is passed on.

We disclose personal data about the whistleblower to authorities if this is necessary to deal with serious offences or serious matters or to ensure the right of defending the data subjects. In other cases, personal data about the whistleblower will only be passed on with the consent of the whistleblower. Personal data about persons other than the whistleblower will only be passed on in the context of following up a reported case or to deal with serious offences or serious matters.

The reporting platform is provided by the processor, WhistleB Whistleblowing Centre AB, Stockholm, Sweden. Further information on WhistleB, Whistleblowing Centre AB can be found in the Terms of Use.

e) Storage duration

Personal data that proves to be irrelevant for the processing of a reported case, along with reports that we consider to be unfounded, is immediately categorised as “irrelevant”, and any personal reference (unless it is already an anonymous report) is removed. In order to guarantee compliance with the legally required documentation obligation or statutory deletion period from Sec. 11 (1), (5) HinSchG, this report will then be archived at first (without personal reference), but not yet deleted. Archived cases are used exclusively to fulfil documentation obligations and can therefore no longer be called up for processing.

Reports and personal data collected in the course of processing a report form the basis for further processing and are anonymised as soon as possible. However, if the need for follow-up measures within the meaning of Sec. 3 (8) and Sec. 18 HinSchG arises, it is possible that the anonymisation must be deviated from due to an official order or in order to secure legal claims. In this case, pseudonymisation is generally striven for unless something else has been specified (e.g., by a court order). The documentation will be deleted three years after completion of the procedure. The documentation may be kept for longer to fulfil the requirements of this Act or other legislation, as long as this is necessary and proportionate.

This privacy policy is current as of 21/12/2023.