Privacy policy of
Zertificon Solutions GmbH

The protection of your privacy when processing personal data is an important concern for us. We process any personal data in accordance with the General Data Protection Regulation (GDPR). Z1 Global TrustPoint may contain links to websites of other providers to which this data protection declaration does not extend.

I. General statements on the collection, use and storage of your personal data and on your data subject rights

Zertificon Solutions GmbH, Tempelhofer Weg 62, 12347 Berlin, Germany ('Zertificon') is the data controller for the processing carried out on the Website https://www.globaltrustpoint.com (hereinafter referred to as the 'Website').

Our data protection officer is

Dr. Michael Funke
JBB Data Consult GmbH
Friedrichstrasse 95
10117 Berlin

Email: datenschutz@zertificon.com

1. Collection of personal data when visiting our Website

We collect personal data when you send us an email. Certain technical data is also automatically collected by our IT systems when you visit the Website (e.g. Internet browser, operating system or time of page view).

2. Use and disclosure of personal data and purpose limitation

Zertificon will not pass on data to third parties, except where described in this privacy policy. Zertificon also uses your personal data for strictly defined purposes. The transfer of personal data to state institutions and authorities may be carried out within the framework of mandatory national legal provisions. Our employees are obliged by us to maintain confidentiality.

Notwithstanding, we use service providers as processors who are strictly bound to our instructions for services that we cannot or cannot reasonably provide ourselves. These are mainly technical services such as website hosting.

3. Data subject rights, in particular the right to object

The General Data Protection Regulation guarantees you certain rights, which you can assert against us – insofar as the legal requirements are met.

Art. 15 GDPR – Right of access: You have the right to obtain confirmation from us as to whether personal data relating to you are being processed and, if so, what these data are and the detailed circumstances of the processing.

Art. 16 GDPR – Right of rectification: You have the right to ask us to rectify incorrect personal data concerning you immediately. You also have the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.

Art. 17 GDPR – Right to deletion: You have the right to demand that we delete any personal data relating to you immediately.

Art. 18 GDPR – Right to limit processing: You have the right to request us to limit processing.

Art. 20 GDPR – Right to data portability: You have the right, in the event of processing based on consent or for the fulfilment of a contract, to receive the personal data concerning you which you have provided us with in a structured, common and machine-readable format and to transfer this data to another responsible party without hindrance from us or to have the data transferred directly to the other responsible party, insofar as this is technically feasible.

Art. 77 GDPR in conjunction with Art. 19 BDSG – Right to complain to a supervisory authority: You have the right to lodge a complaint with a supervisory authority at any time, in particular in the Member State in which you are resident, your place of work or the place where the suspected infringement is committed, if you consider that the processing of personal data relating to you is contrary to the law.

In particular Art. 21 GDPR – Right of objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is necessary based on a legitimate interest on our part or in order to carry out a task in the public interest, or which is carried out in the exercise of official authority.

If you object, we will no longer process your personal data unless we can prove compelling legitimate grounds for processing that override your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

If we process your personal data for direct marketing purposes, you have the right to object to the processing at any time. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

In order to exercise your right of objection, for example, you can send us an email to one of the email addresses mentioned on our contact page.

Withdrawal of consent

If you have given us your informed consent, you have the right to withdraw your consent at any time. In this case, all data processing that we have carried out until your withdrawal remains lawful.

II. Functions of our Websites

1. Z1 Global TrustPoint Certificate search and certificate publication

Purpose: At https://www.globaltrustpoint.com you can search for certificates based on an email address or a PGP key ID. You can also publish your user, domain or CA certificates so that they can be found, validated and downloaded by third parties.

Storage and processing: We process the data contained in the certificate upon its publication. The legal basis for this processing is Art. 6 (1) (b) GDPR. Insofar as personal data is processed during a search, this is based on our legitimate interest in being able to offer our search function (Art. 6 para. 1 lit. f) GDPR).

Deletion: When you publish a certificate we will store it permanently. However, you have the option to remove it manually at any time. If you wish to delete your certificate, please contact us at one of the email addresses listed on our contact page. Personal data is not permanently stored within the scope of the search function.

2. Collection of technical data

We collect automated data, in particular to ensure error-free provision of the Website and to optimise our web presence.

a) Cookies

Cookies are small files that are stored on your device. We use cookies to increase the usability and security of the Website. Most cookies are 'session cookies', which are automatically deleted at the end of each browser session. Other cookies will remain on your terminal device either for a certain period or until you delete them actively. These cookies enable us to recognise your device on your next visit. We may use these cookies in order to track your preferences, optimize our Website and to perform online advertisement. Only the cookie on your computer is identified.

You can visit our Website without cookies by selecting *do not accept cookies* in your browser settings. Please refer to the manual of your browser to find out exactly how this works. Additionally, you can delete cookies already set on your computer at any time. If you do not accept cookies, however, this can lead to functional restrictions of our offers.

b) Log files

We collect certain information about accesses to our pages and store them as server log files. We log the following information:

  • IP address
  • Date and time of access
  • Visited website
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Browser used

Storage and processing: We store and process data for security purposes, e.g. to be able to clarify cases of misuse. If data has to be retained as evidence in case of an incident, it will be exempt from deletion until the incident has been clarified. We will also analyse the data to create statistics and to improve our Website. The legal basis for these processings is Art. 6 para. 1 lit. f) GDPR, whereby the mentioned purposes respectively constitute our legitimate interests.

Deletion: We store the log files for a maximum of 30 days and will then delete them.

c) Analysis tools

We use analysis and advertising tools to evaluate the behaviour of users on our Website.

Google Analytics

This Website uses Google Analytics, a web analytics service provided by Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland ('Google').

Google Analytics uses cookies. The information generated by the cookie about your use of the Website will be transferred to and stored by Google and may be transferred to servers in the United States. However, your IP address will be truncated beforehand within the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases the full IP address may be transmitted to a Google server in the USA and shortened there. Google will use this information to evaluate your use of our Website, compile reports on website activity and providing other services for us relating to the website activity. We have concluded standard contractual clauses of the European Commission, which you can access at https://privacy.google.com/businesses/processorterms/mccs/. The IP address of your device will not be merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings in your browser settings, however, please note that if you do this you may not be able to use the full functionality of this Website. You can also prevent the collection of data generated by the cookie and related to your use of the Website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link https://tools.google.com/dlpage/gaoptout?hl=en

You can also prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set, which prevents the future collection of your data when visiting this Website:

Disable collection for Google Analytics

The legal basis for the use of Google Analytics is your consent. The data will be stored until its withdrawal.

For more information on terms of use and data protection, please visit https://marketingplatform.google.com/about/analytics/terms/us/ or https://policies.google.com/?hl=en&gl=en.

III. Security

Zertificon uses technical and organizational measures in order to protect the data we process against manipulation, loss, destruction and against access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

IV. Data Protection Officer

Our data protection officer is: Dr. Michael Funke. You can reach him at our postal address or at datenschutz@zertificon.com .