Privacy policy

As of: March 08, 2023

Data protection and the protection of your personal data is our top priority. We inform you below about the processing of your personal data on our website and in the company. Personal data is processed in accordance with the provisions of the General Data Protection Regulation (DSGVO), the new Federal Data Protection Act (BDSG-neu) and the Telemedia Act (TMG).

A. Name and address of the person responsible

Greenbone AG
Neumarkt 12
49074 Osnabruck

Represented by the Board of Directors:
Dr. Jan-Oliver Wagner (CEO), Elmar Geese

Telephone: + 49 541-760278-0
E-mail: info@greenbone.net

B. Contact details of the data protection officer

Matthias Wöstemeyer, c/o C&S Consulting, Mittelheide 11, 49124 Georgsmarienhütte, Germany
E-mail: datenschutz@greenbone.net

C. Processing of personal data on our website

1 Provision of the website and creation of log files

It is not necessary for you to provide personal data simply to visit our website and retrieve the information contained therein. During your visit to our website, we only collect and use data that your internet browser automatically transmits to us:

  • the date and time of access one of our websites
  • your browser type
  • your browser settings
  • your IP address
  • the pages you visited

We use this data to enable you to visit our site technically. Furthermore, we use this data for statistical purposes and to improve the design and layout of our website. We store the IP address for the purposes of guaranteeing and maintaining IT security (e.g., detection and defense against so-called DOS attacks) and functionality. The legal basis for the temporary storage of the data is Art. 6 para. 1 letter f DSGVO.

2 Personal data

Personal data is only collected if you provide it voluntarily as part of a contact inquiry, as part of a newsletter order or when registering on the Community Portal.

3 Contact forms, inquiries

There are several contact forms on our website which can be used for electronic contact. When using these options, the data entered in the input mask is transmitted to us and stored. This data depends on the respective form:

  • Name
  • Company
  • E-mail address
  • Telephone number
  • Street, house number
  • Postcode, place of residence
  • Country
  • Content of the message

For the processing of data, your consent may be obtained in the context of the contact request and reference is made to this data protection declaration. The data sent via the form will be transmitted to us in encrypted form. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

4 Newsletter/Community Portal

Registration/Login/Use/Delete Account As soon as a new account is created in the Community Portal by a data subject, the following personal information is stored in our database:

  • IP address of the data subject
  • User name
  • Password (encrypted)
  • E-mail address

Registration in the Community Portal takes place via your e-mail address, a user name (pseudonym) and a password. The user name is visible to everyone. Only the portal operator or an administrator has access to the e-mail address. Optionally and voluntarily, the following data can also be entered:

  • Avatar
  • Name
  • Two-factor authentication
  • Time zone
  • Location
  • Signature

If a data subject chooses the option to become a member, the controller will send an automatic confirmation e-mail to verify, through the double opt-in process, that the owner of the e-mail address provided has indeed opted in to this option. By registering as a member, the user is further sent weekly summaries of popular posts by e-mail. During active use by a data subject (registered user), the following technically necessary (personal) data, among others, are collected by the forum software in the database:

  • Time of the last login
  • Time of the last post
  • Number of failed login attempts
  • Number of warnings
  • IP address
  • Access logs/client headers
  • Statistical data such as:
    • Number of posts
    • Number of visited and created
    • Number of likes received/given
    • Duration of reading time

There will be no disclosure of this collected personal data to third parties, unless such disclosure is required by law or serves the legal defense of the data controller. Note: All contributions published in the forum can be viewed by anyone and are therefore public. If you want your account to be deleted, simply send us your request for deletion to the following e-mail address: communityportal@greenbone.net. However, your request for deletion must come from the e-mail address to which the account is registered in the forum in order to ensure that you are indeed the owner. Note: When deleting an account, the posts you have made will still be publicly viewable.

5 Purposes and legal bases for data processing on the website

The processing of personal data from the input masks serves us solely to process the contact on the basis of a legitimate interest (Art.6 para.1 letter f DSGVO). If the contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 letter b DSGVO. By registering in our Community Portal, we regularly inform you in the forum as well as by e-mail newsletter about interesting offers, news and stories about the company and our products. The legal basis for the processing of the data is the existence of consent in accordance with Art. 6 (1) a DSGVO. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) (f) DSGVO. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 letter b DSGVO.

6 Duration of storage for data processing on the website

The data for sending newsletters and registration in the Community Portal are stored until the data subject objects to the sending of the newsletter with effect for the future or deletes their account in Community Portal, as long as this does not conflict with statutory retention obligations. Contact forms/e-mail contact: if the purpose for storing the data no longer applies, the personal data will be blocked or deleted as long as this does not conflict with statutory retention obligations.

7 Recipients or categories of recipients of the data (if data Is transmitted)

Within the company, those departments/employees will receive your data that need it to process your request; order processors used by us may also receive your data for these purposes.

8 Information on the rights of those affected

Every data subject has the following data protection rights under the GDPR:

  • Right to information according to Art. 15 GDPR
  • Right to correct incorrect data according to Art. 16 GDPR
  • Right to deletion according to Art. 17 GDPR
  • Right to restriction of processing according to Art. 18 GDPR
  • Right to data portability according to Art. 20 GDPR
  • Right to object according to Art. 21 GDPR

To exercise your above-mentioned rights or to withdraw your consent, please contact the above-mentioned data controller, You have the right to complain to a supervisory authority. You may exercise this right by contacting a supervisory authority in the Member State of your residence, place of work or the place of the alleged infringement. Before contacting the competent supervisory authority with a complaint, we would like to ask you to clarify this matter with our data protection officer.

9 Transfer to a third country

There are currently no data transfers to third countries and there are no plans to do so in the future.

D. Cookies/Integration of services and content from third parties

We use so-called “cookies” on our website. These are small text files that are sent from our web server to your computer in order to identify it for the duration of your visit. We do not collect any personal data via these cookies. The presentation of our website is also possible without the storage of cookies. You can deactivate the storage of cookies in the settings of your browser or set it in such a way that it informs you of the intended storage by an Internet site. In this case, you decide whether to accept the cookie. However, for the full functionality of our website, it is necessary for technical reasons to allow temporary cookies in their entirety.

1 etracker Analysis tool

Our website uses the analysis service etracker. The provider is etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. The service provider has been obligated on our part with a corresponding contract according to Art. 28 DSGVO. Usage profiles can be created from the data under a pseudonym. The data collected with the etracker technologies will not be used to personally identify visitors to our website without the separately granted consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its web offer and its website (Art. 6 para. 1 lit. f DSGVO). To object to the data collection and storage of your visitor data for the future, click on the following button:

This sets an opt-out cookie with the name “_et_oi_v2” from etracker. This has the effect that no visitor data from your browser will be collected and stored by etracker for this domain in the future. Please do not delete this cookie as long as you wish to maintain your objection. You can find more information in the etracker privacy policy: https://www.etracker.com/en/data-privacy/

E. Social networks

We do not integrate any plugins or trackers that transmit data to social networks. However, we would like to point out here that we provide links that lead to these platforms.

1 Youtube

Within our online offer, there are diagrams and buttons that redirect to the YouTube platform. The provider of this platform is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If the users are members of the YouTube platform, YouTube can assign the call-up of the above-mentioned content and functions to the user’s profile there. In order to prevent YouTube from collecting the above-mentioned data through your forwarding from our website, please log out of YouTube before clicking on any links. You can find the data protection information of the social network at: Privacy Policy: https://policies.google.com/privacy?hl=en

2 LinkedIn

Within our online offer, there are diagrams and buttons that forward to the LinkedIn platform. The provider of this platform is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. If the users are members of the LinkedIn platform, LinkedIn can assign the call-up of the above-mentioned content and functions to the user’s profile there. To prevent LinkedIn from collecting the above-mentioned data through your forwarding from our website, log out of LinkedIn before activating any links. You can find the data protection information of the social network at: Privacy Policy: https://www.linkedin.com/legal/privacy-policy

3 X

Within our online offer, there are diagrams and buttons that forward to the X platform. The provider of this platform is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. If the users are members of the X platform, X can assign the call-up of the above-mentioned content and functions to the user’s profile there. In order to prevent X from collecting the above-mentioned data through your forwarding from our website, please log out of X before clicking on any links. You can find the data protection information of the social network at: Privacy Policy: https://twitter.com/en/privacy

4 Facebook

Within our online offer, there are diagrams and buttons that redirect to the Facebook platform. The provider of this platform is Meta Platforms Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. If the users are members of the Facebook platform, Facebook can assign the call-up of the above-mentioned content and functions to the user’s profile there. In order to prevent Facebook from collecting the above-mentioned data through your forwarding from our website, please log out of Facebook before clicking on any links. You can find the data protection information of the social network at: Privacy Policy: https://www.facebook.com/about/privacy/

F. Safety measures

We use technical and organizational security measures to protect personal data, in particular against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. We would like to point out that, despite all security measures, the transmission of data via the Internet may result in third parties taking note of or falsifying such data.

G. Contact

If you have any questions or suggestions regarding this data protection declaration, please contact us at the address given in the imprint.

H. Updating our data protection policy

The ongoing technical development in the area of IT technology and the Internet also requires an adjustment of the existing data protection declaration. We therefore reserve the right to make additions or changes to this data protection declaration.