Term of use
1. The CTR-portal and the provided services there may only be used for the intended purposes. A misuse is not allowed.
Especially, it is not allowed to access the CTR-portal by other protocols beside HTTPS or to perform load tests.
2. The user credentials (user name, password) may not be passed to thirds. This means that only you are allowed to login to CTR-portal.
3. The safety and protection of the data downloaded from CTR-portal to your computer, is in your area of responsibility.
Data protection declaration
1. Name and address of the responsible
The provision and technical administration of the portal environment is managed by DATANET GmbH on instruction of multiple customers. The provision of services and the corresponding data processing is provided by DATANET GmbH as the processor for these customers. The respective customer is the controller for the processing of personal data in the terms of data protection laws, if relevant. DATANET GmbH's data protection officer can provide you information on the controllers for each customer project on request.
The controller in terms of the EU General Data Protection Regulation (GDPR) is:
Hardtbrücke 7 – 13
53902 Bad Münstereifel
Tel.: +49 2257 9528 0
2. Name and address of the data protection officer
The designated data protection officer of the controller is:
Hardtbrücke 7 – 13
53902 Bad Münstereifel
Tel.: +49 2257 9528 0
3. General about data processing
3.1 Scope of processing personal data
Acting as a processor, DATANET GmbH provides various services defined within the framework of a data processing agreement in accordance with Article 28 of the General Data Protection Regulation (GDPR). These services include the provision of this website, which can be used only via a personalized user account. Visiting this website leads to the processing of personal data even without accessing the password secured area. In the following points you will find a detailed description on this.
3.2 Legal basis for the processing of personal data
The legal basis is generally specified by the controller of the data processing. The following policy therefore is given with the reservation that the controller has not specified a different legal basis in the respective customer project. The legal basis is basically defined by the GDPR. They may also be specified in special laws, in particular Art. 26 BDSG (German Federal Data Protection Act) for the field of labour law.
Processing performed by this platform is necessary to fulfil a valid purpose in the meaning of Art. 6 para. 1 lit. f GDPR. The valid purpose is to supply a customer portal environment to provide the functionalities (e.g. reporting or contract management) and data (see chapter 4.3) agreed with the responsible persons as well as to secure the portal environment against unauthorized use.
3.3 Data erasure and storage periods
Any personal data of the person affected will be erased or blocked as soon as the purpose for storing the data is no longer applicable or as soon as the erasure periods defined in a contract according to Article 28 GDPR are exceeded. Furthermore, data may be stored if the European or national legislation provides for this in EU regulations, laws or other regulations to which the controller is subject. Storage periods are generally determined by the controller for data processing to be implemented through us. The relevant periods can be obtained from the controller (see also Chapter 4). If the controller is not known, the data protection officer of DATANET GmbH can be contacted for further information.
4. Recording and storing personal data, plus the nature and purpose of their use
4.1 Website provision and log file creation
With every visit of this website our system automatically records data and information from the calling computer system.
The following data is recorded:
After authenticating the user on the website, following additional data are collected:
The data are also stored in the system log files. These data are not stored in combination with other personal data. The data mentioned above are processed for the following purposes:
The legal basis for the processing is Art. 6 para. 1 lit. f GDPR and Art. 28 GDPR. Our legitimate interest follows from the purposes for data recording listed above. The default storage period for the listed data is 180 days. Different storage periods may be agreed in individual customer projects with the controller. The controller can provide information on this upon request. The data protection officer of DATANET GmbH will provide you with information on the controller for each customer project on request.
4.2 Usage of cookies
This website uses session cookies. Cookies are text files which are stored in the Internet browser or by the Internet browser on the user's computer. If a user loads a website, a cookie may be stored on the user's computer.
The session cookies include a unique session ID that allows the user's browser and our servers to communicate explicitly. Thus, a user does not need to log in each time he or she navigates to a new page.
This type of cookie and the related data processing is based on the legitimate objective according to Art. 6 para. 1 lit. f GDPR, whereby the legitimate objective is to offer a technical solution that is common on the market and as compatible as possible. After closing the web browser, the session cookie including the user data is deleted automatically from the user's computer.
4.3 Provision of customer-specific data by agreement
The object of the recording, processing and / or the use of personal data are the data types / categories agreed on with the respective controller in the data processing agreement. The following data can be included:
(e.g. telephone number, connection identification, contract number, customer number)
Persistent data required for regular processing will be stored for the duration of the project, but for no longer than the time required for processing and specified by the controller. This includes organisational data, personal master data and technical data. The default storage periods are 24 months for invoice and usage data and 3 months for usage data. Different storage periods may be agreed in individual customer projects with the controller. The controller can provide information on this upon request. The data protection officer of DATANET GmbH will provide you with information on the controller for each customer project on request.
5. Disclosure of data
Data will only be disclosed to third parties within the scope of the services required and upon instructions by the client or in cases for which we are legally obliged to disclose the data. (Art. 6 para. 1 1 lit. c GDPR). The controller will be informed immediately about the disclosure in the specific case.
6. Rights of the data subject
You have the right to:
Insofar as your personal data has been made available to us by the processor in the course of a data processing agreement, we will forward your request to the processor and accept corresponding instructions from him.
7. Data security
We use the common TLS (Transport Layer Security) method for our website. Usually the best encryption level is agreed between browser and server. The locked key or lock icon in the address bar of your browser indicates whether an individual page of our website is being transmitted in encrypted form.
In order to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by thirds, we define, implement and regularly check appropriate technical and organisational security measures. Our security measures are continuously improved following technological developments.
This data protection declaration represents the currently valid version (as of October 2020). As a result of the ongoing development of our website and services provided through it or due to any changes in legal or official requirements, it may become necessary to update this data protection declaration.
You can access and print out the current data protection declaration at any time on the website ctr.datanet.de/pages?pageid=40.
This website uses SwissSign SSL certificates for secure e-commerce and the exchange of confidential information.
About SSL certificates