Specifications According to § 13 sec. 1 TMG (German Teleservice Act)

DATEV's Online Data Security Principles

1. Collecting and Processing Personal Data

1.1. Accessing Public Websites

When accessing our public websites, anonymous web server logbooks are created which DATEV saves for statistical purposes (e.g. how often was the website accessed), or for error tracking. Furthermore, DATEV saves personal usage data for protecting operability (e.g. as identification in case of attacks) up to 2 months. Further analysis of your data will not be carried out without your consent.

1.2. Use of Online Applications with Access Protection

When using online applications (business processes between DATEV and its customers), the following user information may be collected for the purpose of error and performance analysis, within the framework of customer care, as well as tracking executed transactions:

  • user identification (with SmartCard: SmartCard ID, certificate, SmartLogin, mobile TAN or similar; with the DATEV user account: user name or similar)
  • customer identification (via membership number, if available)
  • time of your enquiry and our answer
  • transmitted data volume
  • transactions called (URLs)
  • error messages of authentication procedures and application

User-specific details are stored up to a maximum of 2 months. This data is exclusively analyzed for the above mentioned purposes. Information aggregated on the level of consultant number (such as which consultant number called which transaction on which day) is stored in the context of legal provisions (such as retention periods according to German Commercial Code and General Fiscal Law). The same applies to application-specific information that is collected for billing purposes.

1.3. Software Downloads

Software downloads are not only provided via DATEV download server but also via external download servers. The external download provider saves your IP address in order to provide these download services for this specific purpose and delets it shortly after, within a fortnight at the latest. Further information can be found in the information datebase (doc. no. 1080715 , in German).

1.4. Personal Data

In addition, your personal data is only saved if you specifically state this, for example, in the context of a survey or an order. Your data is used only for the purpose indicated on the respective page, for example, in order to process your order.

If you call pages and files within this offer, and you are prompted to enter personal data, please note that this data is transmitted unsecured via the internet. Therefore, the data can be reviewed or falsified by unauthorized third parties. These risks do not exist in the non-public area of our website since the data transmission is encrypted.

2. Handling Email Addresses

When sending us an email, we use your email address only for correspondence with you.

3. Security

DATEV applies technical and organizational security measures to protect the data we manage for you. We protect it from manipulation, loss, destruction, and unauthorized access. Our security measures are continuously improved according to technological developments.

4. Cookies

Cookies are small amounts of data which the operator of a website stores onto your computer.

On its website, DATEV uses temporary cookies as well as permanent ones. As the term implies, temporary cookies are only valid for a limited time and contain data such as an identification number (a so-called session ID). They enable the server to allocate successive browser enquiries to the same user. As soon as the user exits the browser the cookies are automatically deleted.

However, permanent cookies are saved even if the user exits the browser. DATEV uses cookies to facilitate work with the SmartCard. Furthermore, DATEV uses permanent cookies for non-personalized statistics. By doing so, we improve and enhance our offer. Personal data is not analyzed. You can opt out of both data collection and storage for these statistics with effect for the future at any time. The collected data is deleted after 3 years at the latest.

5. Links to Other Websites

If you call an external website from our site (external link), the external providers may receive information from which website you reached him from your browser. The external provider is responsible for this data. Like any other provider, we are not able to influence this process.

6. Encrypting Data During Transmission

Information transferred via the internet is normally not coded. Since the way of the data between the server and the local personal computer can never be exactly predicted, the transferred data can be viewed in many spots of the way.

As a matter of principle, sensitive information is transmitted encrypted between the non-public area of our website to your personal computer.

When using a SmartCard, the keys required for this technology are stored on the SmartCard. Therefore, the non-public areas can only be accessed when using a SmartCard.

When using a DATEV user account, the data transmitted via the DATEV user account are SSL encrypted. Basic browser mechanisms are used for server authentification and SSL encryption.

7. Information

In case DATEV has stored personal data, you can request information on this stored data free of charge. Please inform us if we have stored incorrect information about you so we can correct, block, or delete it.

8. Contact Us

Data protection officer:
Dr. Jörg Spilker
Paumgartnerstraße 6 - 14
90429 Nuremberg, Germany
Tel.: +49 911 319-0
Email: datenschutz@datev.de

As of 1 August 2017