For the website: pgp.governikus.de
In the following, we inform you about which personal data is processed when you use the service Authenticate OpenPGP keys from Governikus GmbH & Co. KG and what options you have in this regard.
The protection of your personal data has a high priority for Governikus KG. The EU General Data Protection Regulation (DSGVO) applies to Governikus KG.
Governikus GmbH & Co. KG carries out the processing of personal data described below as a data controller within the meaning of Art. 24 DSGVO. The contact details are as follows:
Governikus GmbH & Co. KG, Hochschulring 4, 28359 Bremen, Germany
The company data protection officer of Governikus GmbH & Co.KG can be reached at:
Corporate Data Protection Officer, Governikus GmbH & Co. KG, Hochschulring 4, 28359 Bremen as well as by e-mail at email@example.com
Data processing when calling the website
When you access our website, the browser used on your end device automatically sends information to the server of our website and temporarily stores it in a so-called log file. We have no influence on this. The following information is collected without your intervention and stored until automatic deletion:
- the IP address of the requesting Internet-enabled device,
- the date and time of access,
- the name and URL of the retrieved file,
- the website from which the access was made (referrer URL),
- the browser you use and, if applicable, the operating system of your Internet-enabled computer as well as the name of your access provider.
The processing of the aforementioned data is based on Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interest follows from the purposes of data processing listed below. No direct conclusions about your identity are possible from the collected data.
The IP address of your terminal device and the other information listed above are used by us for the following purposes:
- Ensure smooth connection establishment,
- Ensuring a comfortable use of our website/app,
- Evaluation of system security and stability.
The site is hosted on Governikus servers with locations within Germany.
The data is stored for a period of ... days and then automatically deleted.
Process flow of the application "Authenticate PGP keys with AusweisApp".
On this website ( https://pgp.governikus.de), the personal PGP key can be authenticated free of charge using the online ID card function of the ID card or electronic residence permit and the ID card app. The service is provided by Governikus GmbH & Co. KG on behalf of the German Federal Office for Information Security (BSI).
For this purpose, the first name, last name and academic degree are collected from the ID document, as well as the user's e-mail address and public key. This is used to verify the uploaded key so that the user can use it to authenticate the signature. After the signature has been applied, the data is deleted. There is no storage of personal data. The complete processing takes place in a German data center.
Disclosure of collected personal data
A transfer of data to third parties does not take place in principle. Data will only be passed on in exceptional cases, and only if you have given your express consent, the transfer is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data, or if there is a legal obligation for the transfer.
Cookies are used on the website, which are valid for the time of the visit to the website. Most browsers are set to accept cookies automatically. However, the storage of cookies can be disabled or the browser can be set so that cookies are only stored for the duration of the respective connection to the Internet. However, complete deactivation of cookies may mean that you cannot use all the functions of our website.
- Only technically necessary cookies are used to operate the https://pgp.governikus.de website. These are session cookies which are only stored in the browser for a limited period of time and are automatically deleted after closing.
Data subject rights
You have the right:
- Request information about your personal data processed by us,
- request the correction of incorrect data or the completion of stored data,
- demand the deletion of the stored personal data,
- to request the restriction of the processing of your personal data, insofar as the correctness of the data is disputed by you, the processing is unlawful, but you object to its deletion and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims.
- To revoke a consent once given to us at any time,
- complain to a supervisory authority.
Right of objection
If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing of your data. If you wish to exercise your right of revocation or objection, simply send an e-mail to firstname.lastname@example.org.
Within the website visit, we use the widespread SSL procedure in connection with the highest encryption level supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted encrypted by the closed display of the lock symbol in the lower status bar of your browser.
In the event of complaints, you can contact the competent supervisory authority of the Union or the member states at any time. The State Commissioner for Data Protection and Freedom of Information of the Free Hanseatic City of Bremen, Dr. Imke Sommer, is responsible for our company.
Our data protection officer:
Christian Drews LL.M.Eur.
Director Law & Regulation
Governikus GmbH & Co. KG
Hochschulring 4, 28359 Bremen