Data privacy information

Data privacy information
for Falcon Complete by Crowdstrike

Status 10/2022

 

In the Technoform Group, we use the “Falcon Complete” software from Crowdstrike to improve IT security. This software detects suspicious actions and files on the company's own computers, in addition to searching for other suspicious devices in the used networks (company network, private network in the remote office or networks of customers, partners or public networks).
With the following information for employees, customers and business partners, we would like to inform you about the data processing related to this product:


1. Party responsible for data processing

The following companies of the Technoform Group are jointly responsible for operating this product:

  • Technoform Bautec Kunststoffprodukte GmbH
    Hannoversche Straße 2
    34134 Kassel, Germany

    T +49 561 9583-400
    F +49 561 9583-521
    E privacy [dot] oisde1 [at] technoform [dot] com
     
  • Technoform Caprano + Brunnhofer GmbH
    Friedrichsplatz 8
    34117 Kassel, Germany

    T +49 561 9583-200
    F +49 561 9583-221
    E info [at] technoform [dot] com

If you have any questions regarding data protection, please feel free to contact us at any time using the aforementioned contact details.


2. Purpose and legal basis

We process your data based on the EU General Data Protection Reguloation (GDPR), the Federal Data Protection Act (BDSG) and all other data protection laws relevant to us.

With the “Falcon Complete” software, the following data are collected and logged from company-owned computers (managed assets):

  • Device names
  • Device information
  • IP and MAC addresses
  • File names and locations of suspicious files
  • User data
  • Times of user logins

Device names, IP addresses and file names can be used to establish a personal reference. However, this information is only evaluated in specific, suspicious cases and so as to eliminate IT problems.

The following data can be collected and logged from devices (unmanaged assets and unsupported assets) that are located in the same networks as the company's own computers:

  • Device names
  • Device information
  • IP and MAC addresses

Device names and IP addresses may be used to identify individuals. However, this information is only evaluated in specific, suspicious cases and do so to eliminate IT problems.

We process the data on the basis of our legitimate interest (Section 6 Para. 1 lit. f GDPR) for the secure operation of our IT systems. Ensuring IT security is both a legal requirement and of great interest to the Technoform Group, all employees, customers, and business partners.

The logged data is normally deleted again after 90 days. In specific cases of suspicion, the data is stored until the incident has been clarified.

 

3. Organization of the processing

Technoform Caprano + Brunnhofer GmbH has concluded a contract for the system with the provider Crowdstrike for commissioned processing in accordance with Section 28 GDPR and is responsible for all matters relating to this service provider. Each individual Technoform company is independently responsible for all other needs arising from data privacy legislation.

 

4. Recipients of personal data

We only pass on your data to third parties if this should become necessary for fulfilling this purpose. Furthermore, data may be disclosed to authorities on the basis of statutory provisions pursuant to Section. 6 Par. 1 lit. c and e GDPR.

The use of the Crowdstrike provider may result in data transfers outside the EU. In this case, the level of data privacy is ensured by a contract that is based on the standard data privacy clauses pursuant to Section 46 Para. 2 lit. c GDPR.

 

5. Your rights

Regarding your personal data, you have the following rights with respect to us:

 

6. Data Protection Supervisor

We have appointed an external data protection supervisor:

Stefan Pietsch

Contact details:

Pietsch IT GmbH
Wilhelmshöher Straße 1
34590 Wabern, Germany

T +49 5683-923440
E datenschutz [at] pietsch-it [dot] de
www.pietsch-it.de

 

7. Actuality and change of this data privacy information

This data privacy information is currently valid (see status in the heading). Due to the continued development of our services or following changes in legal or regulatory requirements, it may become necessary to amend this data privacy information.

 

Appendix A

For operation in home networks, there may be technical possibilities to separate the company devices from the home network. These requirements may vary for each location and home network. For more information, please contact your local IT and management.