Skip to content
Close
SEARCH
en
de
en
de
CORPORATE TRUST SERVICES

Cryptography-based trust services to protect your digital identities, data and business secrets.

READ MORE
QUALIFIED TRUST SERVICES

Legally compliant digital signatures (eIDAS) to drive forward the digitalization of your business processes.

READ MORE
TRUST COMPONENTS

Everything to do with smartcards, tokens, readers, certificates and signatures.

ONLINE SHOP

INNOVATIVE AND SECURE PERSPECTIVES FOR A DIGITAL WORLD.

PKI & CRYPTOGRAPHY SOLUTIONS

STRONG AUTHENTICATION
Phishing-resistant with certificates or FIDO

ENTERPRISE PKI
for Zero-Trust & IoT

CERTIFICATES LIFE CYCLE MANAGEMENT

ENCRYPTION & KEY MANAGEMENT
for on-premise & Cloud

ENTERPRISE PORTAL FOR PUBLIC CERTIFICATES
s/MIME & SSL

HSM, HARDWARE SECURITY MODULES

POST QUANTUM MIGRATION

PKI & CRYPTOGRAPHY PRODUCTS

egofy CARD
Smart Cards & Token

primeID VSC
Virtual Smard Card

primeID ONDEMAND
Remote VSC platform

primeID SELF SERVICE
Self Service for Smart Cards

primeID DISCOVER
Monitor certificates

primeID VALIDATE
Enterprise OCSP

TECHNOLOGY PARTNER

eIDAS / QUALIFIED SIGNATURES & SEALS

Integrate signatures into your application
for OEM via API

Signatures & seals for your employees
with primesign as an enterprise solution

Sign a document online & instantly
for individuals and as an entry point for companies

primesign Products & Services

SUPPORT

Simply integrate our experts into your ITSM structure / remote support up to 24/7

MORE
MANAGED SERVICES

We take care of the complete operation of your trust services in our data centers, you take care of your business.

MORE

THE USABILITY OF OUR SOLUTIONS ENSURES HIGH ACCEPTANCE.

ONLINE SHOP
Everything to do with smartcards, tokens, readers, certificates and signatures.
GENERAL

We are happy
to help.
T +43 1 35553 - 0

CONTACT
SALES

We are happy to support you.
T +43 1 35553 - 200

CONTACT
SHOP

You are a store customer and have a question or need support.
T +43 1 35553 - 300

SALES
SHOP SUPPORT
STANDARD SUPPORT

You have a standard support contract and need assistance.
T +43 1 35553 - 800

CONTACT
SUPPORT PORTAL PREMIUM

You have a Premium Support contract and need assistance.

PORTAL
LOCATIONS
OUR LOCATIONS

Information pursuant to Article 13 GDPR of CRYPTAS International GmbH as the controller

The protection of your privacy is important to us. We only process personal data to the extent necessary and in accordance with the applicable legal provisions. Below we inform you about which data we process in the context of the use of this website and our business communication, as well as about your rights in this regard


1.  Data Processing When Using Our Website 


1.1 Hosting

Our website is hosted by HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA. HubSpot provides the technical infrastructure for the operation and processing of website data.

In doing so, HubSpot processes personal data that is automatically transmitted when you visit our website. This includes in particular:

  • IP address of the requesting device,
  • date and time of access,
  • name and URL of the file accessed,
  • website from which access was made (referrer URL),
  • browser used and, where applicable, the operating system of your device and the name of your access provider.

This data is processed for the following purposes:

  • ensuring a smooth connection to the website,
  • ensuring convenient use of our website,
  • evaluation for system security and stability purposes.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in technically stable and secure operation). Where additional services are integrated that require consent, their processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR.

Personal data is stored only for as long as necessary to achieve the purposes described or as required by statutory retention obligations.

Website data is stored on HubSpot servers located in the European Union, in particular in Germany. As HubSpot is headquartered in the USA, it cannot be excluded that personal data may also be processed there. HubSpot uses standard contractual clauses approved by the EU Commission to ensure an adequate level of data protection.

For more information on data processing by HubSpot, please visit: https://legal.hubspot.com/privacy-policy

1.2 Cookies

Our website uses cookies. These are small data files stored on your device via your internet browser when you visit our website. Cookies do not contain programs and cannot transmit malware. We use technically necessary cookies as well as — subject to your consent — analytics and marketing cookies.

Where cookies are strictly necessary for the operation of the website, their use is based on Art. 6(1)(f) GDPR. All other cookies are set exclusively on the basis of your express consent pursuant to Art. 6(1)(a) GDPR.

We use the integrated cookie consent tool provided by HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA, to manage the legally required consents for the use of cookies. Technically necessary cookies cannot be deactivated via this tool. However, you may delete or block cookies at any time via your browser settings. Please note that some features of the website may no longer be fully available in that case.

 

1.3 Services used

1.3.1 Cloudflare

Our website uses the service of Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA, to ensure the security and performance of the website. Cloudflare acts as a Content Delivery Network (CDN) and protects the website against malicious access (e.g. DDoS attacks). In doing so, Cloudflare processes technical access data such as IP addresses. Cloudflare also sets technically necessary cookies (including _cf_bm, _cfuvid) that are required to detect malicious access and distinguish legitimate users.

Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest in the security and functionality of the website). No consent is required for this.

The use of Cloudflare may result in data being transferred to the USA. The transfer is based on standard contractual clauses approved by the EU Commission.

For more information, please visit: https://www.cloudflare.com/privacypolicy/

 

1.3.2 Google Tag Manager

Our website uses Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager allows us to centrally manage and deploy analytics and marketing scripts on our website. Google Analytics is loaded on this website via Google Tag Manager (see section 1.3.3).

Google Tag Manager itself does not store any personal data and does not set cookies. However, it triggers tags that may collect data in turn. The required consent is obtained in advance via our cookie consent tool.

The legal basis for using Google Tag Manager is Art. 6(1)(f) GDPR (legitimate interest in the efficient and privacy-compliant management of our website services).

It cannot be excluded that data may also be transferred to the USA when using Google Tag Manager. Google uses standard contractual clauses approved by the EU Commission as well as the EU-U.S. Data Privacy Framework to ensure an adequate level of data protection.

For more information, please visit: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

 
1.3.3 Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics is loaded via Google Tag Manager (see section 1.3.2) and helps us analyse user behaviour on our website and improve our offering. The following data may be processed, among other things:

  • pages visited and navigation paths,
  • time spent on the website,
  • devices and browsers used,
  • truncated (anonymised) IP address,
  • approximate location (based on the anonymised IP).

IP addresses are automatically anonymised by Google Analytics, so that no conclusions can be drawn about a full IP address. Data retention in Google Analytics is limited to a maximum of 14 months.

In certain cases, it cannot be excluded that processing also takes place in the USA. Google has committed to compliance with the EU-U.S. Data Privacy Framework and also applies standard contractual clauses approved by the EU Commission.

Processing is carried out exclusively on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by adjusting the cookie settings on our website or by deleting stored cookies in your browser.

For more information on data processing by Google, please visit: https://policies.google.com/privacy

 

1.3.4 HubSpot Tracking

As our website is hosted on the HubSpot platform (HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA), the HubSpot tracking code is automatically integrated into the website. It is used to analyse website usage and optimise our marketing activities. The following personal data may be processed, among other things:

  • IP address,
  • usage data (pages visited, clicks, time spent),
  • device and browser information,
  • unique user ID (via HubSpot cookie).

HubSpot uses cookies to analyse user behaviour across pages and, where applicable, to link it to an existing HubSpot contact (e.g. if you have previously submitted a form).

Processing is carried out exclusively on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by adjusting the cookie settings on our website or by deleting stored cookies in your browser.

As HubSpot is headquartered in the USA, it cannot be excluded that data may also be processed there. HubSpot uses standard contractual clauses approved by the EU Commission to ensure an adequate level of data protection.

For more information on data processing by HubSpot, please visit: https://legal.hubspot.com/privacy-policy

 


2. Email Communications to Business Contacts 

CRYPTAS sends occasional and regular email communications (e.g. product information, event invitations, industry news) to existing and prospective business contacts.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest consists in keeping our business contacts informed about relevant products, services and events in the field of information security and trust services.

Data processed includes in particular:

  • first and last name,
  • business email address,
  • company and job title,
  • usage data from email communications (e.g. opens, clicks).

Sending and data storage: For the sending of emails and the management of our contacts, we use HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA (see section 1.1). Contact data collected in our CRM system is transferred to HubSpot for the purpose of email delivery and processed there. A data processing agreement pursuant to Art. 28 GDPR is in place with HubSpot.

Retention period: Data is stored for as long as a legitimate interest in communication exists or until you object to processing.

Right to object: You have the right to object at any time to the processing of your personal data for direct marketing purposes (Art. 21(3) GDPR). You may submit an objection informally by email to office@cryptas.com or via the unsubscribe link included in every email communication. Following receipt of your objection, we will no longer process your data for these purposes.

 


3.  Scope of data collection for online inquiries to CRYPTAS, support and sales inquiries 

CRYPTAS collects and processes the following of your data when you contact us via an online inquiry or submit an online support or sales request:

  • First name
  • Last name
  • Email address
  • Company name
  • The subject and your request

The following information is optional; if you provide it, the data will also be processed:

  • Your role within the company
  • Company address, telephone/fax number, and website

This data will be stored for the duration of one calendar year (unless there is a legitimate reason for further processing).

 

4. Google reCAPTCHA

reCAPTCHA is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, that protects websites against spam and abusive automated access. reCAPTCHA is used to verify whether data entries on our website (e.g. in contact forms) are made by a human or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website is accessed. The following data may be processed, among other things:

  • page accessed and referrer URL,
  • IP address,
  • device settings (language, browser, location),
  • time spent, mouse movements and keystrokes,
  • screen and window resolution,
  • time zone and installed browser plugins.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in protecting the website against spam and abuse).

The data collected is forwarded to Google Ireland Limited. Transfer to the USA is based on the EU-U.S. Data Privacy Framework (Art. 45 GDPR in conjunction with EU Commission Adequacy Decision C(2023) 4745). For more information on Google reCAPTCHA and Google's privacy policy, please visit https://policies.google.com/privacy and https://www.google.com/recaptcha

 


5. Rights of Data Subjects

Subject to the applicable legal requirements, you have the following rights under the GDPR:

Right of access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR) and objection to processing (Art. 21 GDPR).

Where processing is based on your consent, you have the right to withdraw that consent at any time with effect for the future (Art. 7(3) GDPR), without affecting the lawfulness of processing carried out prior to withdrawal.

You also have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data is not lawful:

Austrian Data Protection Authority Barichgasse 40–42, 1030 Vienna Email: dsb@dsb.gv.at

 


6. Responsible Body

CRYPTAS it-Security GmbH
Franzosengraben 8/4.OG
1030 Vienna, AUSTRIA
Phone +43 (1) 3 555 3 - 0
Fax. +43 (1) 3 555 3 - 990
E-Mail: office@cryptas.com

Information obligations pursuant to Art. 13 GDPR for the processing of personal data in the context of our activities as the PrimeSign trust service

  • Controller: PrimeSign GmbH, Wielandgasse 2, 8010 Graz E-Mail: office@prime-sign.com; Phone: +43 (316) 25 830
  • Purpose of processing: Proof of identification of natural persons for the purpose of issuing a (qualified) certificate. The data will not be used for other purposes.
  • Legal basis: Art 6 para 1 lit b GDPR (performance of a contract), Art 24 eIDAS Regulation
  • Duration of storage: 30 years after expiry of the validity of the issued certificate or 30 years from the date of issue of the certificate (Section 10 (3) SVG)
  • Processed data: Identity data, data for proof of identity, certificate data

If the legal requirements are met, you have the following rights under the GDPR: right of access, rectification, erasure, restriction of processing, data portability, objection to processing.

You have the right to lodge a complaint with the following supervisory authority if you believe that your personal data is being processed unlawfully Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, e-mail: dsb@dsb.gv.at

Do you have any questions or need more information?
CONTACT US