For the website: pgp.governikus.de
1.2 Deviating provisions do not apply unless they are expressly recognized in writing by Governikus KG.
In detail, the application includes the following functions,
- Extraction of first and last names as well as possible academic degrees from the identity card.
- Creation of the user identifier, which is composed of the read data (first and last name and the specified e-mail address),
- Uploading the PGP public key via a web form, which is transmitted to the Governikus server, compared with the user identifier and assigned to it if it matches,
- Signature of the user identifier with the private key by means of an electronic signature without trust level
- Encryption of the signed certificate with the user's public key and transmission to the user's e-mail address.
The actions described in a) to e) together constitute the OpenPGP key attestation. This attestation is not an attestation within the meaning of the Attestation Act.
2.2 Only the electronic identity data from the ID card or the electronic residence permit or the Union citizen card is compared with the user identifier of the PGP key. No further checks, such as the cryptographic suitability of the key, are performed.
3.1 To authenticate a PGP key, the following are required
- a previously created PGP key,
- an identity card, or an electronic residence permit or a Union citizen card with activated online ID function,
- knowledge of the PIN for one of the means of identification mentioned under b),
- A card reader or NFC-enabled terminal device and the ID card app, as well as
- An e-mail address
of the users is needed.
3.2 Users may only use the service personally. It is not permitted to provide an e-mail address that is not assigned to the user.
Governikus KG provides the service free of charge.
5. technical availability of the service
No assurances are made regarding the availability of the service. Governikus KG will strive for high availability by means of quality assurance measures.
The service may not be used for unlawful purposes, whether in violation of applicable law, regulatory requirements or third party rights. The Service may not be represented to third parties as its own service.
There is no entitlement to support or user assistance in any form.
8. revocation instruction (right of revocation for consumers:inside)
8.1 Right of revocation
You have the right to revoke this contract within fourteen days without giving any reason. The withdrawal period is fourteen days from the date of conclusion of the contract.
To exercise your right of withdrawal, you must send us (Governikus GmbH & Co. KG, Hochschulring 4, 28359 Bremen, Germany, telephone number: +49 421 204 95-0, e-mail address: firstname.lastname@example.org) by means of a clear declaration (e.g. a letter sent by post, e-mail) of your decision to revoke this contract.
8.2 Consequences of revocation
If you withdraw from this contract, we must refund all payments we have received from you, including delivery costs (with the exception of additional costs resulting from the fact that you have chosen a type of delivery other than the cheapest standard delivery offered by us), without delay and at the latest within fourteen days from the day on which we received notification of your withdrawal from this contract.
For this repayment, we will use the same means of payment that you used for the original transaction, unless expressly agreed otherwise with you; in no case will you be charged for this repayment.
9. data security, data protection
Governikus KG complies with the applicable data protection regulations, in particular those resulting from the EU General Data Protection Regulation (GDPR). Governikus KG will use the personal data transmitted to it solely for the purpose of authenticating OpenPGP keys and will not store it permanently. Everything else follows from the data protection declaration for the OpenPGP key authentication service.
10 Liability and warranty
10.1 Governikus KG assumes no liability for damages resulting from the use of the service, except in cases of gross negligence or intent.
10.2 Governikus KG is liable according to the legal regulations in case of intent or gross negligence, in case of injury of life, body or health of a person.
10.3 Governikus KG is not liable for the loss of data.
10.4 Since the service is provided free of charge, Governikus KG does not assume any warranty.
11. final provisions
11.3 With regard to the entire offer of Governikus KG, the law of the Federal Republic of Germany applies exclusively.
11.4 Place of performance and exclusive place of jurisdiction shall be the Free Hanseatic City of Bremen.