Image

Disclaimer:

This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk. For more information please go to EuroPriSe Terms & Conditions.

Product/Version

Certified Privnote (https://certified.privnote.com)

Function as provided in September 2010

View the Certified Privnote certificate

Cert. No.

DE-100021

Validity

25/10/2010 until 31/10/2012

Public Report

Certified Privnote Public Report [PDF]

Manufacturer/Provider

Baladir S.A.
Iturriaga 3429/1
11300 Montevideo
Uruguay

BEST

Certied Privnote makes use of data minimisation measures: No extra information besides notes' contents and users' IP addresses is required to use the service. Messages are deleted upon initial retrieval or after 30 days if they have not been retrieved at all. IP addresses are not stored but only used for the purpose of communication.

The service guarantees the confidentiality of the notes by using both, a browser and a server site encryption as well as an SSL transport security mechanism.

ATTENTION:

When sending the URL to the recipient of a note, the note's creator should keep in mind that there may be a certain risk that third parties intercept this communication, get knowledge of the URL and thus may be able to access the message in plain text. The actual risk depends on the communication channel of choice (phone, fax, SMS, instant messaging, email etc.).

Miscellaneous

Whenever the Certified Privnote service is used with Mozilla Firefox, it is recommended to verify that the JavaScript - that encrypts the note - is actually running. This is possible by using the add-on JavaScript Deobfuscator. This add-on shows all the java scripts that are embedded in the website and run in the user's browser.

Summary

Certified Privnote is a free web based service that provides users with an easy method to exchange encrypted notes via the Internet. Messages are encrypted and stored on the Certified Privnote server. They can be accessed via a specific URL that is generated from the encryption keys and disclosed to the note's creator. The creator must communicate the URL to the recipient via his communication channel of choice (e.g., phone, fax, SMS, instant messaging, email). After entering the URL in the address bar of his browser, the recipient is able to access, decrypt and read the message.

Details

The exchange of encrypted messages by means of the Certified Privnote service consists of the following steps:

First of all, the user enters the message in the text field on the Certified Privnote website and clicks the "Create Note" button. Thereupon, the note's content is encrypted in the creator's browser with a random key and sent to the Certified Privnote server. Certified Privnote then encrypts the received data with another random key, stores it, and returns this key to the note's creator. Subsequently, the creator's browser generates a unique URL for accessing and decrypting the note by adding the two random keys.

In the next step, the URL is to be communicated to the designated recipient of the message. Therefor, the note's creator sends it to the recipient via his communication channel of choice (phone, fax, SMS, instant messaging, email, etc.). The recipient copies and pastes the URL to the address bar of his browser. This enables him to access, decrypt and read the message.

Once a note is accessed for the first time, its content is destroyed immediately and the link to the note becomes useless. If the URL is retrieved therinafter, the retrieving person is informed that the note does not exist (any more). In event of a URL not being retrieved for a period of 30 days, all the note's data is automatically and fully deleted from Certified Privnote's servers.

The ToE is the  IT-based service Certified Privnote as provided via https://certified.privnote.de.

The ToE does not include:

  • The IT-based service Privnote as provided via https://privnote.com
  • External widgets and applications provided via https://privnote.com

Technical Evaluator

José Luis Rivas López
Santa Marty 52, 1°
36202 Vigo
Spain

Legal Evaluator

Fernado Ramos Suárez Lener
Paseo de la Castellana 23, 1° planta
28046 Madrid
Spain

Image

European Privacy Seal for Certified Privnote

Press Release Image Image

© 2008 - 2019 | EuroPriSe GmbH - European Privacy Seal | Handelsregister-Nr. (Commercial Register No.): Bonn HRB 20387

No responsibility for the accuracy of the information. Contact | Privacy Notice | Imprint

Product/Version

REISSWOLF f.i.t.

v1.5; service function as provided in 05/2018

Qualification: IT product and IT-based service (processor service)

View the REISSWOLF f.i.t. certificate

Version of Certification Criteria

11/2011

Cert. No.

EP-S-X5TSCN

Validity

24/05/2018 - 31/05/2020

Monitoring

01/2019

09/2019

Public Report

f.i.t. Short Public Report Image Image 

Manufacturer/Provider

REISSWOLF Systems GmbH

Im Heegen 13
22113 Oststeinbek
Germany

BEST

Access policies can be used to restrict system usage to specific times of the day and/or IP addresses to reduce the attack vector for third-party access. A user session is controlled by means of a cross-tab synchronised session countdown.

ATTENTION

Regarding the processing of personal data on third persons by means of f.i.t., it must be highlighted that the (usually) corporate users of the service qualify as controllers whereas REISSWOLF Systems GmbH acts as a processor on behalf of the users. Customers are advised that the legitimate use of the service may require the collection of the data subject's consent and/or declaration of release from confidentiality.

SUMMARY

REISSWOLF f. i. t. is a web-based archiving system for data storage and access. It serves the purpose of uploading, storing, managing and exchanging data in the sense of a document management system. f.i.t. is a web application that can be used with common internet browsers. 

DETAILS

REISSWOLF f. i. t. is primarily designed for commercial use. It is distributed by REISSWOLF Systems GmbH and operated as Software as a Service (SaaS) in a data center in Germany.

The ToE includes

  • The web-based service REISSWOLF f.i.t. (for details, please cf. the short public report)

It does not include

  • REISSWOLF f.i.t. mobile app
  • REISSWOLF f.i.t. hotfolder
  • Office module
  • Teamviewer
  • Other alternative interfaces to clients

Technical + Legal Evaluator

Ann-Karina Wrede
Innungsstraße 7
21244 Buchholz
Germany

Initial Certification: 05/2018

REISSWOLF f.i.t. provides a web-based service that enables companies to upload, store, manage and exchange data in the sense of a document management system. Users of the service are controllers in respect of personal data on third persons that is processed by means of f.i.t.. The service is designed in a way that facilitates the users' compliance with EU data protection law.

Image

Disclaimer:

This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk.

Image

European Privacy Seal for REISSWOLF f.i.t.