Data protection for B2B products

Privacy Policy

With G DATA Antivirus Business / Client Security Business / Endpoint Protection Business / Managed Endpoint Security (“G DATA Business Software“) we provide protection against viruses, Trojans, phishing and other types of malware. G DATA Business Software contains several components in which we process personal data. Detailed information on individual modules can be found below:

Malware detection

G DATA Business Software uses multiple modules (e.g. malware scan, bank guard, exploit protection) to identify malware, detect suspicious behaviour of applications and improve our detection techniques. If the G DATA Business Software identifies malware we process unique identifiers (e.g. installation identifiers, unique malware identifiers, your operating system and your IP address) and checksums about files identified by our application as potentially malicious and their respective file path for each device and application installation. The processing of this data will be carried out to fulfil our contract with you regarding the use of G DATA Business Software. We also use this data for statistical analysis of detected malware and its spread and to improve our analysis methods. You may opt-out from future transfers of this data to G DATA by visiting the settings of the respective G DATA Business Software.

Registration

You may test G DATA Business Software for a limited time free of charge. To activate your test version, we require you to provide your name and email address during the registration process. You may also enter your address. If you decide to activate a paid license we connect this data with your registration number. You may also provide the name of the partner through which you obtained your license. We use this information to activate your respective license and ensure proper licensing of our application. This data is processed in order to fulfil our contract with you regarding the use of G DATA Business Software.

Updates

G DATA Business Software performs regular signature updates to maintain malware protection. We process your IP address and the information provided at registration to verify your license status. This data is processed in order to fulfil our contract with you regarding the use of G DATA Business Software.

Web protection / Web filtering

If you activate the Web protection / Web filtering modules, G DATA Business Software sends URLs accessed by your device to our server. We process this data in order to provide you with an assessment of the security of the accessed URL. Also, we categorise accessed URLs to determine if they match restrictions set by your system administrator. This data is processed in order to fulfil our contract with you regarding the use of G DATA Business Software. To maintain a connection between our server and any requesting computer, we need to process the requesting computer’s IP address. We do not store IP addresses in these cases. If a website is blocked we use the IP address to determine the country that the request originated from. After this the IP address will be deleted and cannot be used to identify any requesting computer or their user. We also use this data for statistical analysis of detected malware and its spread and to improve our analysis methods.

Spam Filter

If you activate the Spam Filter module, G DATA Business Software will process incoming emails to determine if they are spam messages. To categorise emails and to compare them with known spam messages, we transmit a hash of incoming emails to our technology partner Cyren. In some cases it may be possible that we transmit email content (e.g. header information) to Cyren. This is also done to categorise emails and to compare them with known spam messages. This data is processed in order to fulfil our contract with you regarding the use of G DATA Business Software.

iOS Mobile Device Management

G DATA Business Software allows you to manage mobile iOS devices via the G DATA ActionCenter. To register or connect your device with the G DATA ActionCenter, we process unique device identifiers and your data provided during registration. The Apple Push Notification Service is used to communicate with the iOS device to assign the configured profile. After assigning an iOS device to a ManagementServer, certain device information is available, such as the phone number and IMEI.

This data is processed in order to fulfil our contract with you regarding the use of G DATA Business Software.

 

Android Mobile Device Management

G  DATA Business Software allows you to centrally manage mobile Android devices. To perform certain emergency actions on the Android device remotely via the G  DATA ManagementServer, it is necessary to use a Firebase Cloud Messaging account. When an emergency action is triggered, a unique device identifier is processed through the Firebase Cloud Messaging account. Within the scope of the G  DATA ManagementServer it is also possible for administrators to make settings for the use of Android apps. Administrators get an overview of all apps installed on the devices they manage. This data is processed in order to fulfil our contract with you regarding the use of G  DATA Business Software.

Network Monitoring

Using G DATA Business Software it is possible to monitor performance indicators of the own network or the devices connected to the G DATA ManagementServer (e.g. CPU load, number of processes, network throughput). For this purpose, unique identifiers of the potentially monitored devices are processed by the G DATA ActionCenter. This data is processed in order to fulfil our contract with you regarding the use of G DATA Business Software.

Right to object to processing

In the event of the processing of personal data for the performance of a task carried out in the public interest (Article 6(1)(1)(e) of the GDPR) or for the purposes of legitimate interests (Article 6(1)(1)(f) of the GDPR), you can object to the processing of your personal data at any time with future effect. In the event of an objection, we must refrain from all further processing of your data for the aforementioned purposes, unless

  • •    There are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or

•    The processing is necessary for the establishment, exercise, or defense of legal claims

As stipulated in Article 21(1) of the GDPR, data subjects have the right to object to data processing on grounds relating to their personal situation.

 

How can I exercise my rights?

To exercise these rights, please write to G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany or send an e-mail to gdpr@remove-this.gdata.de

 

The right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority. To do so, you can contact the data protection supervisory authority responsible for your place of residence or our company headquarters. The mailing address of the supervisory authority responsible for G DATA CyberDefense AG is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany

 

Contact

If you have additional questions (such as ones pertaining to personal data relating to you that we have stored), please do not hesitate to contact us.

G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany. G DATA CyberDefense AG is the controller under the meaning of data protection regulations. You can submit contact requests to gdpr@remove-this.gdata.de.

Our data protection officer is Sabrina Brameshuber, LL.M., Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. She can be reached directly at datenschutz@remove-this.bitkom-consult.de. You can submit additional questions regarding data protection to gdpr@remove-this.gdata.de.

Version 08/19