Privacy Policy Securepoint VPN Client

With “Securepoint VPN Client”, we provide you with an app that you can download to your mobile device and use as a VPN client in one of two ways:

  1. With your VPN server: If you configure this app for use as a generic VPN client, no data is collected by Securepoint.
  2. With Securepoint services for businesses: If you configure this app for use with Securepoint services for businesses, we will inform you below about the processing of your personal data.

1 Controller

The controller in relation to your personal data is:

Securepoint GmbH
Bleckeder Landstraße 28
21337 Lüneburg

Phone: +49(0)4131/2401-0
email: info@securepoint.de

(hereinafter: Securepoint, „we“, „us“)

2 Contact details of the Data Protection Officer

The Data Protection Officer of Securepoint can be reached at the following contact details:

Securepoint GmbH
Datenschutzbeauftragter
Bleckeder Landstraße 28
21337 Lüneburg Germany

email: datenschutz@securepoint.de

3 Type and scope of data processing

The app makes it possible to establish secure connections from an end device to a server or network defined in the VPN configuration.

It is compatible with any SSL VPN services.

The app can be used as a generic VPN client or configured for use with Securepoint services for businesses.

  1. If the app is used as a generic VPN client: If the app is used as a generic VPN client with a service selected by the user, Securepoint will not collect any data. Neither your browsing activities nor any other data will be monitored or stored by Securepoint.
  2. If the app is used with a configuration for use with Securepoint services for businesses: These configurations can be set up by the user's administrator via our Unified Security Portal. All of the following subsections of this section 3 describe the processing of personal data if the app has been configured for use with Securepoint services for businesses.

3.1 Public key exchange

3.1.1 Which of your data is processed

The following data is processed:

3.1.2 Description and purpose of data processing

When using our service, the public key of your app installation is sent to our backend server via HTTP request. This forwards the key to your target VPN server to provide the service.

The backend server automatically creates server logs for each HTTP request. The temporary storage of the IP address by the system is necessary to enable the transfer of data. For this purpose, the user's IP address must remain stored for the duration of the request. The log data is created to ensure the functionality of the service.

3.1.3 Legal basis for data processing

The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.

3.1.4 How long your data is stored

Log Data will be deleted after no more than 90 days.

3.1.5 Who receives your data

The data collected remains with Securepoint and is not passed on to third parties or subcontractors.

3.2 Logging for access to help page

3.2.1 Which of your data is processed

The following data is processed:

3.2.2 Description and purpose of data processing

When the help page is opened and our website is accessed, a server request is made. This generates log data on the server.

The temporary storage of the IP address by the system is necessary to enable the transmission of data. For this purpose, the user's IP address must remain stored for the duration of the session. Log data is created to ensure the functionality of the service.

3.2.3 Legal basis for data processing

The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.

3.2.4 How long your data is stored

You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.

3.2.5 Who receives your data

The data collected remains with Securepoint and is not passed on to third parties or subcontractors.

3.3 Logging of IP address check

3.3.1 Which of your data is processed

The following data is processed:

3.3.2 Description and purpose of data processing

The app offers the option of testing and displaying your own public IP. When the test of the public IP is started, an HTTP request is sent to https://checkip.spdyn.de.

The temporary storage of the IP address by the system is necessary to enable the transmission of data. For this purpose, the user's IP address must remain stored for the duration of the session. Log data is created to ensure the functionality of the service.

3.3.3 Legal basis for data processing

The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.

3.3.4 How long your data is stored

You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.

3.3.5 Who receives your data

The data collected remains with Securepoint and is not passed on to third parties or subcontractors.

3.4 License check

3.4.1 Which of your data is processed

The following data is processed:

3.4.2 Description and purpose of data processing

Your data is used to ensure that only licensed devices use our service. This detects and prevents potential misuse, which ultimately protects the network and IT systems.

3.4.3 Legal basis for data processing

The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.

3.4.4 How long your data is stored

You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.

3.4.5 Who receives your data

The data collected remains with Securepoint and is not passed on to third parties or subcontractors.

3.5 Statistics in the Unified Security Portal

3.5.1 Which of your data is processed

The following data is processed:

3.5.2 Description and purpose of data processing

When you use our service, websites visited may be collected to create statistics and reports. These can be viewed by your administrator.

3.5.3 Legal basis for data processing

The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.

3.5.4 How long your data is stored

Data will be deleted after no more than 65 days.

3.5.5 Who receives your data

The data collected remains with Securepoint and is not passed on to third parties or subcontractors.

3.6 Check for valid VPN configurations

3.6.1 Which of your data is processed

The following data is processed:

3.6.2 Description and purpose of data processing

If you use our service and an error occurs, the app can check whether your VPN configuration has been deactivated on the server side by your administrator. In this case, the app can notify you.

3.6.3 Legal basis for data processing

The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.

3.6.4 How long your data is stored

You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.

3.6.5 Who receives your data

The data collected remains with Securepoint and is not passed on to third parties or subcontractors.

4 Your data subject rights

We also draw your attention to your further data subject rights within the meaning of Chapter 3 GDPR. In particular, you have the right to/of

Your data is not subject to decisions based solely on automated processing - including profiling (Art. 22 GDPR).

Of course, you can assert your rights with us by sending us an informal message via our contact form on our website, by e-mail to info@securepoint.de or datenschutz@securepoint.de or to our postal address. Of course, we will also support you by telephone.

Furthermore, you have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR at any time.

The personal data collected by the app is necessary if you want the app to perform its function. Failure to provide your data will result in the inability to provide the service or function in question.

5 Change of Privacy Policy

Advancing technology, legal requirements or even changed processes may also affect Privacy Policy, among other things. We therefore reserve the right to change this Privacy Policy at any time with effect for the future. The current version of this Privacy Policy can be found on this website. Please visit it regularly to inform yourself about the applicable provisions.