The GEFEG.Portal (hereinafter referred to as the Portal) features a service for verifying that messages conform to standards and also includes other related functions. Users can upload test messages to the Portal to validate them. The test messages are stored in the Portal but are not backed up. Therefore, the user is responsible for managing his/her data locally and creating backup copies in other locations. GEFEG accepts no liability for any loss of data.
At the instigation of the user, the test data uploaded by the user will be stored either for the duration of one session or longer. If the data are only stored for the duration of one session, they will be deleted when the session ends. A session ends when the user logs out or when it times out automatically due to the inactivity of the user. If the user opts to store the uploaded test data for longer than the session, the data will be deleted automatically after 176 days for security reasons.
GEFEG affirms that the test data uploaded by the user will not be processed, used or passed on to third parties by GEFEG.
Data is encrypted with HTTPS before being transferred to or from the Portal over the Internet. The HTTPS protocol is normally used when sensitive data are transmitted and it meets the generally accepted security requirements which are considered necessary. In the unlikely event that the encryption in the protocol is cracked by hackers, GEFEG accepts no responsibility for any damage sustained.
The Portal was developed subject to the guidelines of the German Federal Office for Information Security (BSI). Therefore, the Portal meets the generally accepted security requirements which are considered necessary. GEFEG affirms that all of the recommendations for preventing conventional attacks considered necessary have been implemented with the utmost care.
The Portal is scheduled to regularly go offline for maintenance for up to two hours at a time. Any necessary downtime will be announced at least three days in advance. The Portal will go offline when the maintenance period begins. Users who visit the Portal during this period will be informed of the downtime by a specific Internet page, provided that the Portal server is available.
If a problem with the Portal is reported, GEFEG will examine the issue and inform the user as soon as a solution is available.
During the Portal registration process, the user will be prompted to enter a user name, password and email address. These data are required for the purposes of administrating the Portal.
Furthermore, the user will be prompted to enter his/her name, company name and phone number. These personal data are required in order to execute the contract for the use of the Portal and to respond to queries. No other personal data of the user will be collected unless provided voluntarily. Personal data will not be disclosed, sold or otherwise transferred to third parties.
Whilst the Portal is in use, the GEFEG servers automatically store usage data associated with the service provided by the Portal for the purposes of system security and statistics. The following data are collected: the action carried out by the user, the version and variant of the standard, the name of the test file, the size of the file, the number of errors detected and the test status. The usage data will be stored for up to three years and then deleted automatically.
GEFEG’s offer contains links to third-party websites over whose content GEFEG has no control. Therefore, GEFEG accepts no responsibility for the content of these third-party websites. The provider or operator of the respective linked websites is always responsible for its content. The linked websites were checked for possible legal violations when the links were created. No illegal content was found when the links were created. However, with no solid indications of a legal violation it would be unreasonable to continuously check the content of all linked websites. If a legal violation is detected, GEFEG will immediately remove the links in question.