With the app “Securepoint VPN Client” we provide you with a mobile application that you can download onto your mobile device. The following information explains how your personal data is processed when using our app.
The controller in relation to your personal data is:
Securepoint GmbH
Bleckeder Landstraße 28
21337 Lüneburg
Phone: +49(0)4131/2401-0
email: info@securepoint.de
(hereinafter: Securepoint, „we“, „us“)
The Data Protection Officer of Securepoint can be reached at the following contact details:
Securepoint GmbH
Datenschutzbeauftragter
Bleckeder Landstraße 28
21337 Lüneburg
Germany
email: datenschutz@securepoint.de
The VPN client is used to establish a secure connection from an mobile device to the Securepoint network/server. A library written by Securepoint based on the OpenVPN protocol and the official WireGuard library is used for this purpose. The data - collected in connection with establishing the VPN connection and opening up the Unified Security Console (USC) - is sent to the Unified Security Portal (USP) and processed as described below. To ensure that the user does not require privileged user rights to establish the connection, the VPN client uses a service that is installed on the device.
When establishing a VPN connection to an UTM or another WireGuard / SSLVPN service, no additional information other than that described below is transmitted and Securepoint does not access your end device.
3.1.1 Which of your data is processed
The following data is processed:
3.1.2 Description and purpose of data processing
If the device is registered as a MDM device, the device transmits a unique identifier to our backend system to identify the installation. The identifier is used to provide a device-specific Mobile Security VPN configuration.
3.1.3 Legal basis for data processing
The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.
3.1.4 How long your data is stored
The data is deleted when the memory limit is exceeded or the app is deleted.
3.1.5 Who receives your data
The data collected remains with Securepoint and is not passed on to third parties or subcontractors.
3.2.1 Which of your data is processed
The following data is processed:
3.2.2 Description and purpose of data processing
When the device is prompted by the administrator to install mobile security configurations, it performs an HTTP request to our backend server. The backend server automatically creates server logs for each HTTP request.
The temporary storage of the IP address by the system is necessary to enable the transmission of data. For this purpose the user's IP address must remain stored for the duration of the session. The logging takes place in order to ensure the functionality of the service.
3.2.3 Legal basis for data processing
The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.
3.2.4 How long your data is stored
You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.
3.2.5 Who receives your data
The data collected remains with Securepoint and is not passed on to third parties or subcontractors.
3.3.1 Which of your data is processed
The following data is processed:
3.3.2 Description and purpose of data processing
Log data is automatically created and saved within the app for the purpose of helping to diagnose and fix any issues in the functioning of the app (troubleshooting). This data can be viewed in the app.
3.3.3 Legal basis for data processing
The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future either by deleting the app or by opting out of the diagnostic function within the app.
3.3.4 How long your data is stored
The data can be deleted in the app by the user. Furthermore, the data is deleted when the memory limit is exceeded or the app is deleted.
3.3.5 Who receives your data
The data collected remains with Securepoint and is not passed on to third parties or subcontractors as long as not actively shared by the user with the share function of the user device.
3.4.1 Which of your data is processed
The following data is processed:
3.4.2 Description and purpose of data processing
When the help page is opened, thereby accessing our website, a server request is performed. This generates log data in the server.
The temporary storage of the IP address by the system is necessary to enable the transmission of data. For this purpose the user's IP address must remain stored for the duration of the session. The logging takes place in order to ensure the functionality of the service.
3.4.3 Legal basis for data processing
The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.
3.4.4 How long your data is stored
You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.
3.4.5 Who receives your data
The data collected remains with Securepoint and is not passed on to third parties or subcontractors.
3.5.1 Which of your data is processed
The following data is processed:
3.5.2 Description and purpose of data processing
The app includes the possibility to test and display the own public IP. When the public IP test is started, an HTTP request is sent to https://checkip.spdyn.de.
The temporary storage of the IP address by the system is necessary to enable the transmission of data. For this purpose the user's IP address must remain stored for the duration of the session. The logging takes place in order to ensure the functionality of the service.
3.5.3 Legal basis for data processing
The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.
3.5.4 How long your data is stored
You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.
3.5.5 Who receives your data
The data collected remains with Securepoint and is not passed on to third parties or subcontractors.
3.6.1 Which of your data is processed
The following data is processed:
3.6.2 Description and purpose of data processing
Your data is used to recognize cloned devices and thereby detect and prevent potential abuse of the service, which ultimately protects the network and IT systems.
3.6.3 Legal basis for data processing
The legal basis for processing your data or accessing your mobile device is your consent pursuant to Art. 6 Para. 1 lit. a GDPR or Section 25 Para. 1 Sentence 1 German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG). You can withdraw your consent at any time with effect for the future by deleting the app.
3.6.4 How long your data is stored
You can prevent further data collection by deleting the app. Log Data will be deleted after no more than 90 days.
3.6.5 Who receives your data
The data collected remains with Securepoint and is not passed on to third parties or subcontractors.
We also draw your attention to your further data subject rights within the meaning of Chapter 3 GDPR. In particular, you have the right to/of
Your data is not subject to decisions based solely on automated processing - including profiling (Art. 22 GDPR).
Of course, you can assert your rights with us by sending us an informal message via our contact form on our website, by e-mail to info@securepoint.de or datenschutz@securepoint.de or to our postal address. Of course, we will also support you by telephone.
Furthermore, you have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR at any time.
The personal data collected by the app is necessary if you want the app to perform its function. Failure to provide your data will result in the inability to provide the service or function in question.
Advancing technology, legal requirements or even changed processes may also affect Privacy Policy, among other things. We therefore reserve the right to change this Privacy Policy at any time with effect for the future. The current version of this Privacy Policy can be found on this website. Please visit it regularly to inform yourself about the applicable provisions.