Terms of Use

1. Purpose of communication by means of Cryptshare
For the secure electronic exchange of information with third parties, in particular their business partners, the Robert Koch Institute uses the web application Cryptshare of Befine Solutions AG. The web application Cryptshare is not an e-mail system. The system only has the function of an electronic mailbox. The respective sender provides the information for retrieval on the system. The recipient is systematically informed via e-mail about files provided for retrieval.

 

2. Restriction of the communication content
The communication via Cryptshare serves only for the exchange of confidential or sensitive information. For the purposes of this regulation, the following information shall be deemed to be confidential or to be protected

  • Trade secret of the Robert Koch Institute
  • Occupational and trade secrets of / by third parties
  • it is sensitive personal data within the meaning of § 3 Federal Data Protection Act.

The Robert Koch Institute does not accept any legal statements or orders via Cryptshare.
Excluded from the transmission by means of Cryptshare are all communication contents, which fall under the classified information instruction of the federation.

 

3. Confidentiality / data security
To protect the data from unauthorized knowledge and to maintain confidentiality

  • For the transmission of the data, the protocol TLS 1.2 is used in combination with Perfect Forward Secrecy and is therefore based on the minimum standard according to § 8 Abs. 1 Satz 1 BSIG,
  • the data is stored on the Cryptshare system in encrypted form,
  • Access to the file stored in the Cryptshare system is protected with a password assigned individually.

The procedure used for the encryption corresponds to the recognized technical standard. With the retrieval of the data, these are not deleted immediately on the Cryptshare system, but are available for further calls until the notified expiration date (section 4. Access to information / timely data retrieval).
The addressee / user has to ensure that no unauthorized persons are informed of the communicated password.

 

4. Access to information / timely data retrieval
The files set in Cryptshare are regarded as received by the addressee with the successful retrieval (download). It is up to the addressee to ensure timely retrieval of the files provided for him. The maximum retention period depends on the respective user group.

User group

max. volume

max. retention period
 

5GB

14 days

Functional mailboxes*

100GB

7 days

Special**

max. 200GB

max. 30 days

The Robert Koch Institute expressly points out that the retention period of the data provided by Cryptshare differs per user group, but does not exceed a maximum of 30 calendar days. The period of retrieval begins with the time the files are deployed. It is not possible to retrieve the data after this period has expired.

 

5. Logging
As part of communication (file exchange), the following events are logged:
Sender:

  • date and time of filing on the Cryptshare system,
  • the e-mail address of the sender and the recipient,
  • the full file name of the dropped file,
  • the file size in megabytes,
  • a file identification automatically assigned internally by the system

Recipient: (at his e-mail address)

  • date and time of filing on the Cryptshare system,
  • the full filename of the retrieved file,
  • The file identification internally assigned automatically by the system during file storage

For technical reasons u.a. the following data, which your internet browser transmits to us, additionally recorded:

  • Browser type and version
  • used operating system
  • Date and time of your access
  • Your Internet Protocol (IP) address in anonymous form

The storage takes place in accordance with the guideline for the processing and administration of documents in federal ministries, which is implemented in the RKI as a registry directive (RegR). Log data will be deleted at the earliest after 91 days and at the latest after 120 days.

 

6. Liability
The Robert Koch Institute accepts no liability for disruptions or problems communicating with Cryptshare outside their area of ​​responsibility. Incidentally, the liability of the Robert Koch Institute for disorders / communication problems, as far as it does not concern the injury to life, limb or health, is limited to intent and gross negligence.

 

7. Changes concerning communication via Cryptshare
The Robert Koch Institute is not obliged to the users, the possibility of communication over