Privacy Policy

As of: May 2026

Data protection and the protection of your personal data are of the utmost importance to us. Below, we inform you about the processing of your personal data on our website and within our company. Personal data is processed in accordance with the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the applicable provisions of the German Telecommunications Digital Services Data Protection Act (TDDDG).

A. Name and Address of the Person Responsible

Greenbone AG
Neumarkt 12 49074 Osnabruck
Board of directors: Elmar Geese
Telephone: + 49 541-760278-0
E-mail: info@greenbone.net

B. Contact Details of the Data Protection Officer

Matthias Wöstemeyer, c/o C&S Consulting, Mittelheide 11, 49124 Georgsmarienhütte, Germany
E-mail: datenschutz@greenbone.net

C. Processing of Personal Data on our Website

1 Provision of the Website and Creation of Log Files

It is not necessary for you to provide personal data simply to visit our website and retrieve the information contained therein.

During your visit to our website, we only collect and use data that your internet browser automatically transmits to us:

  • date and time of access to one of our web pages
  • information about the browser and operating system used
  • your IP address
  • the pages visited

The processing of this data is carried out exclusively for the technical provision, stability and security of the website as well as to ensure IT security, in particular for the detection and prevention of attacks on our systems.

The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f GDPR.

2 Personal Data

Personal data is only collected if you provide it voluntarily as part of a contact inquiry, as part of a newsletter order or when registering on the Community Portal.

3 Contact Forms, Inquiries

There are several contact forms on our website which can be used for electronic contact. When using these options, the data entered in the input mask is transmitted to us and stored. This data depends on the respective form:

  • Name
  • Company
  • E-mail address
  • Telephone number
  • Street, house number
  • Postcode, place of residence
  • Country
  • Content of the message

For the processing of data, your consent may be obtained in the context of the contact request and reference is made to this data protection declaration. The data sent via the form will be transmitted to us in encrypted form. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

4 Newsletter/Community Forum

Registration/Login/Use/Delete Account As soon as a new account is created in the Community Forum by a data subject, the following personal information is stored in our database:

  • IP address of the data subject
  • User name
  • Password (encrypted)
  • E-mail address

Registration in the Community Forum takes place via your e-mail address, a user name (pseudonym) and a password. The user name is visible to everyone. Only the portal operator or an administrator has access to the e-mail address. Optionally and voluntarily, the following data can also be entered:

  • Avatar
  • Name
  • Two-factor authentication
  • Time zone
  • Location
  • Signature

If a data subject chooses the option to become a member, the controller will send an automatic confirmation e-mail to verify, through the double opt-in process, that the owner of the e-mail address provided has indeed opted in to this option. By registering as a member, the user is further sent weekly summaries of popular posts by e-mail. During active use by a data subject (registered user), the following technically necessary (personal) data, among others, are collected by the forum software in the database:

  • Time of the last login
  • Time of the last post
  • Number of failed login attempts
  • Number of warnings
  • IP address
  • Access logs/client headers
  • Statistical data such as:
    • Number of posts
    • Number of visited and created
    • Number of likes received/given
    • Duration of reading time

There will be no disclosure of this collected personal data to third parties, unless such disclosure is required by law or serves the legal defense of the data controller. Note: All contributions published in the forum can be viewed by anyone and are therefore public. If you want your account to be deleted, simply send us your request for deletion to the following e-mail address: communityportal@greenbone.net. However, your request for deletion must come from the e-mail address to which the account is registered in the forum in order to ensure that you are indeed the owner. Note: When deleting an account, the posts you have made will still be publicly viewable.

5 Purposes and Legal Bases for Data Processing on the Website

The processing of personal data from the input masks serves us solely to process the contact on the basis of a legitimate interest (Art.6 para.1 letter f DSGVO). If the contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 letter b DSGVO. By registering in our Community Portal, we regularly inform you in the forum as well as by e-mail newsletter about interesting offers, news and stories about the company and our products. The legal basis for the processing of the data is the existence of consent in accordance with Art. 6 (1) a DSGVO. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) (f) DSGVO. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 letter b DSGVO.

6 Duration of Storage for Data Processing on the Website

The data for sending newsletters and registration in the Community Portal are stored until the data subject objects to the sending of the newsletter with effect for the future or deletes their account in Community Portal, as long as this does not conflict with statutory retention obligations. Contact forms/e-mail contact: if the purpose for storing the data no longer applies, the personal data will be blocked or deleted as long as this does not conflict with statutory retention obligations.

7 Recipients or Categories of Recipients of the Data (if Data Is Transmitted)

Within the company, those departments/employees will receive your data that need it to process your request; order processors used by us may also receive your data for these purposes.

8 Information on the Rights of those Affected

Every data subject has the following data protection rights under the GDPR:

  • Right to information according to Art. 15 GDPR
  • Right to correct incorrect data according to Art. 16 GDPR
  • Right to deletion according to Art. 17 GDPR
  • Right to restriction of processing according to Art. 18 GDPR
  • Right to data portability according to Art. 20 GDPR
  • Right to object according to Art. 21 GDPR

To exercise your above-mentioned rights or to withdraw your consent, please contact the above-mentioned data controller, You have the right to complain to a supervisory authority. You may exercise this right by contacting a supervisory authority in the Member State of your residence, place of work or the place of the alleged infringement. Before contacting the competent supervisory authority with a complaint, we would like to ask you to clarify this matter with our data protection officer.

9 Transfer to a Third Country

There are currently no data transfers to third countries and there are no plans to do so in the future.

D. Cookies/Integration of Services and Content from Third Parties

We use technically necessary cookies on our website. These cookies are required to provide basic website functionality, security features and operation of the Community Portal.

These cookies include, in particular, session cookies and settings related to privacy and security functions.

The storage of these cookies is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR and § 25 para. 2 no. 2 TDDDG, as they are technically necessary for the operation of the website.

No tracking, analytics or marketing cookies are used.

Our website can generally also be used without cookies. However, individual functions of the Community Portal may be technically restricted if cookies are completely disabled in the browser.

E. Social Networks

We do not integrate any plugins or trackers that transmit data to social networks. However, we would like to point out here that we provide links that lead to these platforms.

1 Youtube

Our website may contain links to the YouTube platform. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

No data is automatically transferred to YouTube when visiting our website.

Further information on data protection at YouTube can be found at:
https://policies.google.com/privacy

2 LinkedIn

Our website may contain links to the LinkedIn platform. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

No data is automatically transferred to LinkedIn when visiting our website.

Further information on data protection at LinkedIn can be found at:
https://www.linkedin.com/legal/privacy-policy

3 X

Our website may contain links to the platform X (formerly Twitter). The provider of this service is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

No data is automatically transferred to X when visiting our website.

Further information on data protection at X can be found at:
https://twitter.com/en/privacy

F. Safety Measures

We use technical and organizational security measures to protect personal data, in particular against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. We would like to point out that, despite all security measures, the transmission of data via the Internet may result in third parties taking note of or falsifying such data.

G. Contact

If you have any questions or suggestions regarding this data protection declaration, please contact us at the address given in the imprint.

H. Updating our Data Protection Policy

The ongoing technical development in the area of IT technology and the Internet also requires an adjustment of the existing data protection declaration. We therefore reserve the right to make additions or changes to this data protection declaration.