Cookie settings: Change privacy settings | History of privacy settings | Revoke consents
secucard GmbH (hereinafter referred to as "secucard" or "we") takes the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the statutory data protection regulations and in particular the General Data Protection Regulation ("GDPR") and the Federal Data Protection Act ("BDSG") as well as this Privacy Policy.
When you visit this website, various personal data is collected. Personal data is data that can be used to identify you personally. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
secucard GmbH
Goethestrasse 6
01896 Pulsnitz (Germany)
Phone: +49 800 73282273
E-mail: info@secucard.com
Represented by Managing Director: Hans-Peter Weber
As a controller within the meaning of data protection, we determine the purposes and means for the processing of personal data described here, alone or jointly with others.
If you have any questions and/or concerns about data protection, you can contact our data protection officer at the following addresses:
Frau Dominika Juszczyk
IBS data protection services and consulting GmbH
Zirkusweg 1
20359 Hamburg
Germany
Email: privacy@secucard.com
When you visit the website, your data will be collected by our IT systems automatically or with your consent. This is mainly technical data (e.g. Internet browser, operating system or time of page access).
The processing is carried out for the purpose of providing our websites on the basis of an overriding legitimate interest in accordance with Art. 6 para.1(f) GDPR. Our legitimate interests are the provision of technically necessary and expressly requested digital services, the guarantee of the security and trouble-free operation of our IT systems as well as the assertion, exercise and defence of legal claims.
When you visit our websites, we collect pseudonymised connection data that is required to display the desired websites (e.g. IP address, referring URL, target page, time stamp) and store this data in connection logs (server log files) on the web server.
In addition, in certain cases, we store pseudonymised information in your browser (cookies or local storage) insofar as they are necessary to display our websites or to enable necessary functions on our websites (technically necessary services or cookies), such as cookies that are used to carry out the electronic communication process, to provide certain functions desired by you (e.g. for the shopping cart function). In these cases, the storage of information in your terminal device or access to information stored there is absolutely necessary in accordance with Section 25 (2) No. 2 TDDDG in order to provide you with the expressly requested digital services.
If you use a contact form provided by us, we collect the data you enter, at least the information marked as mandatory. The transmission to the web server is encrypted via https (SSL) and then sent to us by email. In all communication by email, in addition to entered data (message content), connection data (e.g. IP address, mail client, time stamp) and metadata (e.g. size of the transmitted data) and, if applicable, attachments with personal data are processed. Emails are always checked for unwanted content (e.g. viruses, spam) in our IT systems by technical facilities.
You must provide this data without any legal or contractual obligation. Without the provision of this information, it is not possible to visit our websites or only possible with restrictions.
This site uses so-called web fonts for the uniform display of fonts, which are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The Google Fonts are installed locally.
here is no connection to Google servers. For more information about Google Web Fonts, see https://developers.google.com/fonts/faq and Google's privacy policy: https://policies.google.com/privacy?hl=de.
The processing is carried out for the purpose of obtaining, managing and proving your consent to the use of non-essential cookies and web services on the basis of an overriding legitimate interest in accordance with Art. 6 para.1 (f) GDPR. Our legitimate interests are the verifiability of compliance with legal requirements in accordance with Art. 5 para. 2 GDPR as well as the assertion, exercise and defence of legal claims.
When you visit our websites, you can give your consent to the web services, or change it at a later date, via an additional interface (Consent Manager). In doing so, we process pseudonymous information (e.g. IP address, time stamp) via the Real Cookie Banner and store your consent in your browser (cookie / local storage) to ensure that only those services to which you have consented are used. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling.
In these cases, the storage of information in your terminal device or access to information stored there is absolutely necessary in accordance with Section 25 para. 2 (2) TDDDG in order to provide you with the expressly requested digital service.
An overview of the managed cookies and website services can be found at the top of this page "Cookie settings" .
You must provide this data without any legal or contractual obligation. Without the provision of this information, it is not possible to visit our websites or only possible with restrictions.
The processing is carried out for the purpose of statistical evaluation of the interaction of website visitors, for the integration of content from other websites on the basis of your consent in accordance with Art. 6 para. 1 (a) GDPR. In accordance with Art. 7 para. 3 GDPR, you have the right to revoke consent you have given for the processing of your personal data at any time with effect for the future. The lawfulness of processing carried out on the basis of your consent in accordance with Art. 6 para. 1 (a) GDPR or Art. 9 para. 2 (a) GDPR remains unaffected until the revocation. Please note that certain features of this website may not be available or may only be available to a limited extent if you have not consented to the use of cookies and/or web services.
If you give us your consent to individual or all web services via the Real Cookie Banner, we collect pseudonymous information (e.g. IP address, timestamp) and store it in your browser (cookie / local storage). Subsequently, the third-party service providers we use will have access to this data in order to provide the desired web services.
In these cases, the storage of information in your device or access to information stored there is based on your consent in accordance with Section 25 (1) TDDDG.
You are not legally or contractually obliged to provide this data. A visit to our websites is generally possible without providing this information.
The following web services are used by us per category in the Real Cookie Banner:
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to verify whether data is entered on this website (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins as soon as the website visitor agrees to the use of Google reCAPTCHA. For analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. The storage and analysis of the data is carried out on the basis of Art. 6 para. 1 (a) GDPR. Your data may also be transferred to Google's parent company in the United States. The transfer of personal data to Google is based on the adequacy decision (Data Privacy Framework).
If you send us enquiries by email, telephone or contact form, your details will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent. The processing of this data is carried out on the basis of Art. 6 para. 1 (b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 (f) GDPR) or on your consent (Art. 6 para. 1 (a) GDPR), if this has been requested; consent can be revoked at any time.
The data collected from you will remain with us until you ask us to delete it, revoke your consent to the storage, or the purpose for which the data is stored no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
To contact us, you are neither contractually nor legally obliged to provide the data. However, it is not possible to process the request without providing certain data about you (mandatory fields), meaning that contact cannot be made without providing this information.
The processing is carried out for the purpose of guaranteeing the rights of the data subject on the basis of compliance with legal obligations pursuant to Art. 6 para. 1 (c) GDPR and for the purpose of safeguarding overriding legitimate interests pursuant to Art. 6 para. 1 (f) GDPR. Our legitimate interest is the assertion, exercise and defence of legal claims.
If you contact us to assert your rights as a data subject, we will collect from you any personal data that you provide to us as part of the request. Alternatively, we may also receive the data from third parties if you have instructed someone to assert your rights on your behalf (e.g. representative, lawyer, guardian) or have contacted other bodies in advance (e.g. data protection officer).
We process this data to ensure your identity, to verify the applicability of the respective rights, to implement your rights and to communicate with you.
There is no legal or contractual obligation for you to provide your data. However, without the provision of certain information that enables you to be identified or to implement your rights, it is not possible to process your request or only to a limited extent.
At secucard GmbH, only those persons receive knowledge of personal data that are responsible for processing it (e.g. administrators, clerks).
Certain activities are not carried out by us, but rather by commissioned service providers (including our affiliated companies) as processors in accordance with Art. 28 GDPR. These are carefully selected by us, contractually bound and regularly reviewed.
In certain individual cases, we pass on personal data to third parties (e.g. legal advisors, auditors, data protection officers, authorities, courts, our affiliated companies) to the extent that this is necessary for the processing and is legally permissible.
Transfers to recipients in third countries outside the EU/EEA or to international organisations only take place to the extent that this is necessary for the respective processing and is legally permissible. In these cases, the transfer is based on an EU adequacy decision or, in the absence of such a decision, on the basis of agreed standard contractual clauses or binding internal data protection rules. If the aforementioned guarantees are not in place, the transfer to third countries outside the EU/EEA is based on an exception pursuant to Art. 49 paragraph 1 GDPR (explicit consent, performance of a contract, assertion, exercise or defence of legal claims).
In order to ensure the principle of storage limitation in accordance with Art. 5 paragraph 1 (e) GDPR, we store personal data in a form that enables the identification of data subjects only for as long as is necessary for the respective lawful purposes.
We have set the following storage periods:
Personal data that must be retained due to commercial or tax regulations in accordance with Section 147 AO, Section 257 HGB will not be deleted before the expiry of 6 years or 10 years. Further storage is carried out for the assertion, exercise or defence of legal claims, e.g. in the case of tax, audit or administrative proceedings that have not been concluded.
Personal data that we process for the assertion, exercise or defence of legal claims is usually deleted after 3 years (regular limitation period in accordance with Section 195 BGB); in certain cases (e.g. claims for damages), the limitation period is 10 years or 30 years from the occurrence of the claim in accordance with Section 199 BGB, whereby the maximum storage period is 30 years from the time of the loss event.
Right to information
Under the provisions of Art. 15 GDPR, you have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to information in accordance with Art. 15 para. 1 GDPR, including a copy of your data in accordance with Art. 15 para. 3 GDPR, provided that the rights and freedoms of other persons are not impaired. This includes trade secrets, intellectual property rights or copyrights.
The right to information can be restricted or rejected in accordance with Section 34 BDSG. In this case, we will inform you of the reasons for the refusal.
Right to rectification
Under the conditions of Art. 16 GDPR, you have the right to demand that we rectify incorrect personal data concerning you without undue delay and, depending on the purpose of the processing, that we complete incomplete data.
Unless this is impossible or involves disproportionate effort, we will notify all recipients to whom we have disclosed your personal data of the rectification. In accordance with Art. 19 sentence 2 GDPR, you have the right to be informed about these recipients.
Right to erasure
Under the provisions of Art. 17 GDPR, you have the right to demand that we delete personal data concerning you without undue delay. We are obliged to delete your data if one of the reasons according to Art. 17 para. 1 GDPR applies.
If we have made data about you public and there is an obligation to delete it, we will take appropriate measures in accordance with Art. 17 para. 2 GDPR to inform other controllers if you have requested the deletion of all links to this data or copies and replications.
Unless this is impossible or involves disproportionate effort, we will notify all recipients to whom we have disclosed your personal data of the deletion. In accordance with Art. 19 sentence 2 GDPR, you have the right to be informed about these recipients.
The right to erasure does not exist in accordance with Art. 17 para. 3 GDPR if the processing of your personal data is necessary for the reasons stated therein. This applies in particular if the storage of your data is still required due to statutory retention obligations (Art. 17 para. 3 (b) GDPR) or if your data is required for the assertion, exercise or defence of legal claims (Art. 17 para. 3 (e) GDPR).
The right to erasure also does not exist in accordance with Section 35 para. 3 BDSG if the storage of your data is necessary due to statutory or contractual retention obligations. In addition, the right to erasure may also be restricted under Section 35 para. 1 BDSG. In this case, the processing of your data will be restricted in accordance with Art. 18 GDPR.
Right to restriction of processing
Under the provisions of Art. 18 GDPR, you have the right to demand that we restrict the processing if one of the conditions specified therein is met.
If the processing of your data has been restricted, your data will continue to be stored in accordance with Art. 18 para. 2 GDPR but will only be processed in a different way if you consent to this or if this is done for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or a Member State.
If your data has been restricted, you will receive a notification before the restriction is lifted. Unless this is impossible or involves disproportionate effort, we will notify all recipients to whom we have disclosed your personal data of the restriction. In accordance with Art. 19 sentence 2 GDPR, you have the right to be informed about these recipients.
Right to data portability
Under the provisions of Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on your consent pursuant to Art. 6 para. 1 (a) GDPR or a contract pursuant to Art. 6 para. 1 (b) GDPR, and the rights and freedoms of other natural persons are not impacted.
Right to object
Under the provisions of Art. 21 GDPR, you have the right to object to the processing of your personal data at any time on grounds arising from your particular situation, provided that this is on the basis of our legitimate interest in accordance with Art. 6 para. 1 (f) GDPR.
The right to object pursuant to Art. 21 para. 1 GDPR does not apply if we prove that we have legitimate grounds for the processing that outweigh your interests, rights and freedoms or if the processing is necessary for the establishment, exercise or defence of legal claims.
Regardless of this, you have the right to object at any time to the processing of your data for the purpose of direct marketing, including profiling in connection with direct marketing, in accordance with Art. 21 para. 2 GDPR. In this case, we will no longer process your data for the purpose of direct marketing.
Withdrawal of consent
If the processing of your personal data is based on consent in accordance with Art. 6 para. 1 (a) GDPR, you have the right to revoke your consent at any time with effect for the future in accordance with Art. 7 para. 3 GDPR.
Automated decision-making in accordance with Art. 22 GDPR
In accordance with Art. 22 para. 1 GDPR, you have the right not to be subject to a decision based solely on automated processing – including profiling – if this produces legal effects vis-à-vis you or similarly significantly affects you.
Right to lodge a complaint pursuant to Art. 77 GDPR
Without prejudice to other administrative or judicial remedies, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR if you believe that the processing of your personal data violates the GDPR. You can contact any supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, including the supervisory authority responsible for us – Sächsische Datenschutz- und Transparenzbeauftragte (Data Protection and Transparency Officer for Saxony), Devrientstraße 5, 01067 Dresden, https://www.datenschutz.sachsen.de/.
We have implemented a comprehensive information security programme that includes technical and organisational measures to secure and protect your data. In particular, we take the following security measures to protect your personal information from unauthorised access, sharing, use, or alteration:
However, due to ever-changing technology and other factors beyond our control, we cannot guarantee that communications between you and our servers will be free from unauthorised access by third parties or that we will not be affected by security breaches.
This Privacy Policy is effective as of 08.04.2025 and supersedes all previous versions.
English (UK) 
Deutsch