Initital Certification: 02/2018
VBL. Versorgungsanstalt des Bundes und der Länder proved that the publicly available parts of the website www.vbl.de comply with EU data protection law. Visitors of www.vbl.de can be sure that processing of personal data that results from the interaction between their browsers and VBL’s webserver is in line with EU data protection law.
Note: Information on the previous pilot certification of www.vbl.de (2015/08) is available at https://www.european-privacy-seal.eu/EPS-en/vbl-wwwvblde-pilot.
Website
Function as provided in February 2018
View the www.vbl.de certificate
Version of Certification Criteria
Criteria Catalogue for Website Certification v1.1 (04/2016)
based on Directive 95/46/EC and Directive 2002/58/EC as amended by Directive 2009/136/EC
An overview of the certification criteria is available here.
Cert. No.
EP-W-TWX1KG
Gültigkeit
06/02/2018 – 29/02/2020
Monitoring
08/2018 (O.K.)
02/2019 (O.K.)
08/2019 (O.K.)
Website Owner
VBL. Versorgungsanstalt des Bundes und der Länder
Hans-Thoma-Straße 19
76133 Karlsruhe
Deutschland
Scope
Website certification covers the publicly available parts of a website. It focuses on the interaction between a visitor of a website and the website when the visitor browses the publicly available parts of the website. By contrast, it does not cover data protection issues related to website content (e.g., published pictures, videos and personal data in textual format).
Access restricted parts of a website are out of scope, but may be certified as an IT-based service according to the respective EuroPriSe requirements. The same holds true for other website offerings that qualify as an IT-based service (e.g., web shops).
In the case at hand, it must be stressed that the customer portal “Meine VBL” is out of scope of the EuroPriSe website certification.
Zertifizierungsgegenstand
Applicable packages as addressed by the EuroPriSe certification criteria for website certification:
- Basic package
- Web hosting
- Web analytics
- Forms on a website
- Newsletter
More precisely, the target of evaluation of the website certification project www.vbl.de includes:
- All information (DE+EN) on the website that ensures transparency towards website visitors as far as data protection issues are concerned, namely
- the imprint,
- the privacy policy,
- the information that is provided via the cookie banner and
- the cookie policy;
- Processing of visitors’ IP addresses;
- Use of browser cookies;
- Processing of personal data submitted by means of forms;
- Processing of personal data upon subscription to VBL’s newsletter.
The ToE does not include:
- Hosting of the webserver by a third party (contract + TOMs);
- Customer portal “Meine VBL”.
Evaluation Result
The legal and technical evaluation by the EuroPriSe Experts confirmed that visitors of the publicly available parts of the website www.vbl.de can be sure that VBL complies with all relevant requirements of the General Data Protection Directive (95/46/EC) and of the Directive on Privacy and Electronic Communications (2002/58/EC) as amended by Directive 2009/136/EC as far as interaction between website visitors’ browsers and the webserver is concerned.
Technical Evaluator
Alexey Testsov
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen
Deutschland
Legal Evaluator
Dr. Irene Karper, LL.M. Eur.
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen
Deutschland