Recertification: 03/2018
DRACOON GmbH proved that its IT product and IT-based service "DRACOON" complies with EU data protection law. DRACOON is a web-based, virtual data space which can be used for uploads, downloads, storage, management and transmission of data. Providing the service, DRACOON GmbH processes customer data in line with EU data protection law. Users of DRACOON are controllers in respect of personal data that may be uploaded to DRACOON. They are provided with guidance on how to comply with EU data protection law in a data protection leaflet. Thus, they can be sure to comply with EU data protection law if they follow this guidance.
DRACOON
(previously marketed as Secure Data Space)
Version: 4. (Subversion 4.5.0) - Function as provided in January 2018
Qualification: IT product and IT-based service (processor service)
View the DRACOON V4 Certificate
EP-S-1W6P7H
15/03/2018 - 31/03/2020
Recertification No. 1 (SDS v3.0): June 29, 2015
Initial certification (SDS v2.1) on April 28, 2015
11/2018 (O.K.)
07/2019 (O.K.)
2018 Short Public Report DRACOON v4
2015 Short Public Report SDS v3
DRACOON GmbH
(previously traded under the name SSP Europe GmbH)
Galgenbergstrasse 2a
93053 Regensburg
Germany
DRACOON enables users to make use of secure encryption technology at the client side. A leaflet provides users with understandable information on how to use DRACOON in a data protection compliant manner.
Data that are uploaded to a data room by the user may contain personal data and even special categories of personal data. In this respect, the users of DRACOON are controllers whereas DRACOON GmbH acts as a processor on their behalf. This means that users of DRACOON must ensure that this processing of personal data complies with all relevant requirements of EU data protection law. Users are provided with detailed information on this topic in a data protection leaflet.
DRACOON is a web-based virtual data space which can be used for uploads, downloads, storage, management and transmission of data. DRACOON is designed for B2B relationships. It is accessible via https://dracoon.team.
Depending on the individual usage scenario, data may qualify as personal data and even as special categories of personal data. Confidentiality of (personal) data can be ensured by means of encryption technology at the client side. DRACOON GmbH advises the users to choose this option when processing personal data by means of DRACOON in a data protection leaflet.
Recertification 03/2018:
The following changes have been made to the ToE since the previous recertification:
The results of the re-evaluation by the EuroPriSe experts demonstrated that DRACOON meets all applicable requirements of EuroPriSe's "GDPR-ready" criteria catalogue.
Recertification 06/2015:
SDS v3.0 introduces the following improvements:
The following versions of SDS v3.0 are covered by the EuroPriSe certification:
The ToE includes:
The ToE does not include:
Since recertification no. 2 (201803):
Alexey Testsov
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen
Germany
Until recertification no. 1 (201506):
Ralf von Rahden
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen
Germany
Dr. Irene Karper
datenschutz cert GmbH
Konsul-Smidt-Str. 88a
28217 Bremen
Germany
v3.0
v2.1