Initial Certification: 05/2018
REISSWOLF f.i.t. provides a web-based service that enables companies to upload, store, manage and exchange data in the sense of a document management system. Users of the service are controllers in respect of personal data on third persons that is processed by means of f.i.t.. The service is designed in a way that facilitates the users’ compliance with EU data protection law.
v1.5; service function as provided in 05/2018
Qualification: IT product and IT-based service (processor service)
Version of Certification Criteria
24/05/2018 – 31/05/2020
REISSWOLF Systems GmbH
Im Heegen 13
Access policies can be used to restrict system usage to specific times of the day and/or IP addresses to reduce the attack vector for third-party access. A user session is controlled by means of a cross-tab synchronised session countdown.
Regarding the processing of personal data on third persons by means of f.i.t., it must be highlighted that the (usually) corporate users of the service qualify as controllers whereas REISSWOLF Systems GmbH acts as a processor on behalf of the users. Customers are advised that the legitimate use of the service may require the collection of the data subject’s consent and/or declaration of release from confidentiality.
REISSWOLF f. i. t. is a web-based archiving system for data storage and access. It serves the purpose of uploading, storing, managing and exchanging data in the sense of a document management system. f.i.t. is a web application that can be used with common internet browsers.
REISSWOLF f. i. t. is primarily designed for commercial use. It is distributed by REISSWOLF Systems GmbH and operated as Software as a Service (SaaS) in a data center in Germany.
The ToE includes
- The web-based service REISSWOLF f.i.t. (for details, please cf. the short public report)
It does not include
- REISSWOLF f.i.t. mobile app
- REISSWOLF f.i.t. hotfolder
- Office module
- Other alternative interfaces to clients
Technical + Legal Evaluator