Who we are
Our website address is: https://www.simcert.org.
Name and Contact of the GDPR Officer
Am Seeberg 1
Phone +49 8023 819552
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We do not use contact forms. Therefore, no data is stored for this purpose. You may contact the administrators of this website by sending and email to firstname.lastname@example.org.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
If you use this website without transmitting data to us in any other way (e.g. by registration or use of the contact form), we collect technically necessary data, which are automatically transmitted to our server, among other things:
- Date and time of the request
- Content of the request
- Access status/HTTP status code
- Language and version of the browser software
- Operating system
This is technically necessary in order to display this website to you. We also use the data to guarantee the security and stability of our website. The legal basis for the survey is Art. 6 para. 1 lit. f DSGVO.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We only process and store your personal data for as long as is necessary to fulfil our contractual obligations towards you. Your data will be blocked or deleted once our contractual obligations have ceased to apply. In addition, there may be legal storage obligations, for example commercial or fiscal storage obligations (e.g. Commercial Code, Tax Code). If such storage obligations exist, we block or delete your data at the end of these storage obligations.
What rights you have over your data
If you have an account on this site, or have left comments, you are entitled to the following rights regarding your personal data. Details can be found in Articles 15-21 of the Basic Data Protection Regulation.
- IP-Right to information
You may request confirmation as to whether we process any personal data that concern you. If this is the case, you can request information about these personal data as well as further information, e.g. the processing purposes, the recipients and the planned duration of storage or the criteria for determining the duration.
- Right to rectification and completion
You may request the correction of inaccurate data. Taking into account the purposes of processing, you may request the completion of incomplete data.
- Right to cancellation (“right to be forgotten”)
You can demand deletion if processing is not necessary. This is the case, for example, if your data are no longer necessary for the original purposes, if you have withdrawn your declaration of consent under data protection law or if the data has been unlawfully processed.
- Right to limitation of processing
You can request the restriction of processing, e.g. if you are of the opinion that the personal data are incorrect.
- Right to data transferability
You have the right to receive your personal data in a structured, common and machine-readable format.
- Right of objection
You may object to the processing of certain personal data concerning you at any time for reasons arising from your particular situation. In the case of direct marketing, you may at any time object to the processing of personal data concerning you for the purposes of such advertising, including profiling in so far as it is linked to such direct marketing.
- Right to revoke your data protection consent
You can revoke your consent to the processing of your personal data at any time with effect for the future. However, the legality of the processing carried out until the revocation is not affected by this.
You can also file a complaint with a data protection supervisory authority at any time, for example if you believe that the data processing does not comply with data protection regulations.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
For processing, we make use of auxiliary persons, especially in the area of IT. As so-called contract processors, they process your data for us and are obliged to handle the data with care. Such order processing exists, for example, when we store data in an external computer centre. We use such service providers in these areas: Hosting Services
We transmit personal data to external parties in order to fulfil our contractual or legal obligations. We are required by law to transfer data to government authorities, e.g. tax authorities, supervisory authorities and law enforcement agencies. When transferring data to external bodies in third countries, i.e. outside the EU or the EEA, we ensure that these bodies treat your personal data with the same care as within the EU or the EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we ensure the careful handling of personal data through contractual agreements or other appropriate guarantees.
Your contact information
When registering with our platform you formally enter a contract with us and we will collect personal data about you. These data will consist of the fields in the respective form and the IP address that you are using. We use these data exclusively for the fulfilment of our obligations from the contract with you. For example, we may use your e-mail address to contact you. The legal basis for the processing of your personal data is the fulfilment of the contract with you pursuant to Art. 6 para. 1 lit. b DSGVO. If you also give your consent, the additional legal basis is Art. 6 Para. 1 lit. a DSGVO.
SimCert is managed by M. Dupuis Engineering Services.