Product/Version

Image

Test Data Migration Server (TDMS)
Version 4.0

Qualification: IT product

View the TDMS v4.0 Certificate

Cert. No.

DE-120028

Validity

25/09/2012 until 30/09/2014

Monitoring

Not applicable (IT product)

Public Report

TDMS v4.0 Short Public Report [PDF] Image

TDMS v4.0 Kurzgutachten [PDF] Image

Manufacturer

Image

SAP AG
Dietmar-Hopp-Allee 16
69190 Walldorf
Germany

BEST

Data avoidance & minimisation

TDMS facilitates data avoidance and minimisation by providing efficient functionalities to reduce and scramble personal data. Temporary data on the sending system (production system) are deleted immediately after the transfer of data to the receiving system.

Transparency

Users of TDMS v4.0 (who qualify as data controller) are informed  about relevant data protection issues by means of specific notes on data protection. Details of the scrambling process are described in a particular document that is made available to users.

ATTENTION:

TDMS v4.0 facilitates privacy-compliant use. Responsibility for the processing of personal data by means of TDMS lies with the user of the product who is the data controller. In particular, the responsibility to check whether adequate data reduction and scrambling rules are applied (on a case by case basis) remains the task of the user.

Summary

Test Data Migration Server (TDMS) is a software that transfers relevant business data from an SAP  production system to a development, test, quality assurance, or  training system (non-production system).

By means of TDMS users may reduce the amount of data to be transferred to a non-production system to the extent strictly necessary for the particular purpose. In addition, TDMS enables users to perform data scrambling to data that are to be transferred.

Details

The focus of TDMS is scrambling. (Personal) data may be scrambled (e.g.) by means of deleting or randomly modifying data values and by inheriting scrambling rules for single data fields to other data fields. Users may make use of some predefined scrambling rules (in particular for SAP ERP HCM) and/or define rules on their own.

It is the user's responsibility to assess the appropriateness of  the applied scrambling rules in each single case.  It is important to check whether the  application of the defined scrambling rules results in an anonymisation or  pseudonymisation of personal data. The use of predefined scrambling rules does not always guarantee proper anonymisation and/or pseundonymisation of personal data. If users want to initiate the transfer of data to a non-production system without having specified any scrambling rules, they will receive an alert.

Prior to the scrambling of data, users may reduce the amount of data to the extent strictly necessary for the respective purpose ( e.g., by means of selecting only data originating from a specific time period).

Target of Evaluation (ToE) is TDMS v4.0. The ToE includes the following components:

  • TDMS plugin on the sending system (sender)
  • TDMS server, consisting of a central system and a control system
  • TDMS plugin on the receiving system (receiver)

Technical Evaluator

Ralf von Rahden
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen

Legal Evaluator

Dr. Irene Karper
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen

Formerly Certified Versions

n.a.

Image

Disclaimer:

This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk. For more information please go to EuroPriSe Terms & Conditions.

Image

European Privacy Seal for TDMS

Press Release Image Image

© 2008 - 2019 | EuroPriSe GmbH - European Privacy Seal | Handelsregister-Nr. (Commercial Register No.): Bonn HRB 20387

No responsibility for the accuracy of the information. Contact | Privacy Notice | Imprint

Product/Version

REISSWOLF f.i.t.

v1.5; service function as provided in 05/2018

Qualification: IT product and IT-based service (processor service)

View the REISSWOLF f.i.t. certificate

Version of Certification Criteria

11/2011

Cert. No.

EP-S-X5TSCN

Validity

24/05/2018 - 31/05/2020

Monitoring

01/2019

09/2019

Public Report

f.i.t. Short Public Report Image Image 

Manufacturer/Provider

REISSWOLF Systems GmbH

Im Heegen 13
22113 Oststeinbek
Germany

BEST

Access policies can be used to restrict system usage to specific times of the day and/or IP addresses to reduce the attack vector for third-party access. A user session is controlled by means of a cross-tab synchronised session countdown.

ATTENTION

Regarding the processing of personal data on third persons by means of f.i.t., it must be highlighted that the (usually) corporate users of the service qualify as controllers whereas REISSWOLF Systems GmbH acts as a processor on behalf of the users. Customers are advised that the legitimate use of the service may require the collection of the data subject's consent and/or declaration of release from confidentiality.

SUMMARY

REISSWOLF f. i. t. is a web-based archiving system for data storage and access. It serves the purpose of uploading, storing, managing and exchanging data in the sense of a document management system. f.i.t. is a web application that can be used with common internet browsers. 

DETAILS

REISSWOLF f. i. t. is primarily designed for commercial use. It is distributed by REISSWOLF Systems GmbH and operated as Software as a Service (SaaS) in a data center in Germany.

The ToE includes

  • The web-based service REISSWOLF f.i.t. (for details, please cf. the short public report)

It does not include

  • REISSWOLF f.i.t. mobile app
  • REISSWOLF f.i.t. hotfolder
  • Office module
  • Teamviewer
  • Other alternative interfaces to clients

Technical + Legal Evaluator

Ann-Karina Wrede
Innungsstraße 7
21244 Buchholz
Germany

Initial Certification: 05/2018

REISSWOLF f.i.t. provides a web-based service that enables companies to upload, store, manage and exchange data in the sense of a document management system. Users of the service are controllers in respect of personal data on third persons that is processed by means of f.i.t.. The service is designed in a way that facilitates the users' compliance with EU data protection law.

Image

Disclaimer:

This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk.

Image

European Privacy Seal for REISSWOLF f.i.t.