Data Privacy Statement DENIC ID

1. Who is responsible for the processing of my personal information?

Controller for all processing of personal information as outlined below is:

DENIC eG
Kaiserstraße 75 - 77
60329 Frankfurt am Main
Phone: + 49 69 27 235 0
Fax: +49 69 27 235 238
E-Mail: info[at]denic[dot]de

2. Does DENIC have a data protection officer?

DENIC has appointed a data protection officer according to the requirements of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Law. This data protection officer is being supported by our data privacy team. The data protection offer at DENIC eG is:

Herr Ingo Wolff
tacticx Consulting GmbH
Walbecker Straße 53
47608 Geldern
E-Mail: privacy[at]denic[dot]de

3. What is subject to this data privacy statement?

This data privacy statement applies only to the use and content of our websites at https://id.denic.de. For linked external content, other data privacy and data security provisions are applicable. Who is responsible for those linked sites can be seen from the imprint on the respective website.

4. Which personal information will be processed by DENIC when visiting the website?

The following information may be processed when visiting the website:

4.1 What is the legal basis for data processing when visiting the website?

Processing of data in this context is based on Article 6(1) (f) of the GDPR. DENIC eG (hereinafter referred to as “DENIC” or “we”) processes your personal information only to the extent required for providing a functional website and our content and services.

4.2 What is the purpose of data processing when visiting the website?

Processing and temporary storage of the IP address is required to enable delivery of the website to your device. For this purpose, the IP address of the user needs be stored for the duration of the session. Log files may contain IP addresses and other information data that might facilitate identification of a user. Data is stored in log files to ensure proper functioning of the website. Moreover, this data is used to optimise our website and to ensure the security of our IT systems. Your e-mail address is stored so that we can provide you with a unique link via e-mail to reset your password.

5. For how long will my personal information be stored?

Personal information that is processed while visiting a DENIC ID website will be deleted as soon as the purpose of retaining such data no longer applies. If personal information is processed during a visit to the website, storage of such information for the purpose of data analysis will occur after your IP addresses were deleted or truncated in a way that prevents identification of the user.

6. Are cookies being used?

We use cookies in various places on our website. If a user visits a page on our website, a cookie may be stored on your device. A cookie includes a characteristic string of characters that allows the browser to be uniquely identified when the user returns to our website. Cookies include and transmit the following data:

6.1 What is the purpose and legal basis for using cookies?

Cookies are used to make our website more user-friendly. The legal basis for the processing of personal data using cookies is Article 6(1) (f) of the GDPR. Cookies are stored on the device of the user and will be transmitted from the device to DENIC's website.

6.2 Can I prevent the use of cookies?

Users may change their browser settings to deactivate or restrict the transmission of cookies. Cookies that have been stored may be deleted at any time. If cookies are deactivated for our website, it may no longer be possible to use all functionality of our website.

7. Which measures are being taken to protect my information?

DENIC has technical and organisational safety measures in place to protect your personal information from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We continuously improve our security measures in line with technological evolution.

8. What are my rights?

If DENIC processes your personal data, you are considered a data subject within the meaning of Article 4(1) of the GDPR, which gives you the following rights with respect to DENIC:

If you intend to exercise one of the following rights, please contact our data protection officer at privacy[at]denic[dot]de.

Please be aware that under certain circumstances we may request additional information from you in order to verify your identity. This allows us to ensure that, e.g. when exercising the Right of Access, we do not disclose personal information to unauthorized persons.

8.1 Right of Access

Pursuant to Article 15 of GDPR you have the right to obtain information about your personal information processed by DENIC. Please provide a sufficient level of detail in your request to access such information to facilitate assembling the requested information at DENIC.

8.2 Right to Rectification

Pursuant to Article 16 of the GDPR, you have the right to request DENIC to rectify and/or complete any inaccurate personal data concerning you.

8.3 Right to Erasure

Pursuant to Article 17 of the GDPR, you have the right to request DENIC to delete your personal data without undue delay. Your entitlement to deletion of data is subject to a potential further need for such data to perform our contractual or legal duties.

8.4 Right to Restriction of Processing

Pursuant to Article 18 of the GDPR, you have the right to demand restriction of processing of your personal data. If you claim your right to the restriction of processing, we may no longer be able to provide the DENIC ID service until the matter has been settled.

8.5 Right to Data Portability

Pursuant to Article 20 of the GDPR, you have the right to receive your personal data which you have made available to DENIC in a structured, commonly used and machine-readable format, so that you can forward such data to another data processor.

8.6 Right to Object

Pursuant to Article 21 of the GDPR, you are entitled to object at any time, for reasons relating to your specific situation, to the processing of your personal information which is based on Article 6(1) (e) or (f) of the GDPR. In this case, DENIC will no longer process your personal data, unless DENIC demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing is necessary to assert, exercise or defend any legal claims.

8.7 Right to Lodge a Complaint with a Supervisory Authority

If you consider our processing of your personal information to be illegitimate, you may file a complaint with any supervisory data protection authority. The supervisory authority responsible for DENIC is:

Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163
65021 Wiesbaden
E-Mail: poststelle[at]datenschutz.hessen[dot]de

Last update: April 2019