The following data protection information addresses users of the Outlook add-in ‘IYS-Phishing-Attack-Marker’.

This document sets out how Increase Your Skills GmbH (hereafter ‘IYS’) uses and protects the data that you may provide to us when using the application ‘IYS-Phishing-Attack-Marker’.

IYS may change or add to this data protection information at any time, especially with regard to adjustments that take into account legal, governmental, jurisprudential, or technological developments. In such a case, the date of the update will be indicated at the top of this data protection information. Any such changes will be binding on users as soon as they are published online. For this reason, users are requested to check this data protection information periodically to ensure that they are aware of any changes to it.

The add-in ‘IYS-Phishing-Attack-Marker’ is connected with our Phishing Attack Simulator. This application allows users to report suspicious phishing emails in connection with phishing campaigns.
You can find our general privacy policy here.

We are responsible for processing your data within the framework of the GDPR:

Increase Your Skills GmbH
Katharinenstraße 21
04109 Leipzig

Tel.: (+49) 341 392 934 14
E-Mail: info@increaseyourskills.com

If you have any questions about the processing of your personal data, please contact datenschutz@increaseyourskills.com.

Our solution comprises an add-in that extracts aggregated message information (lexical and syntactic) from emails in the form of statistics. This data is necessary to determine whether the messages are emails from a phishing campaign that was initiated by our Phishing Attack Simulator.

IYS processes the emails reported by the users in an automated manner in order to extract the aggregated message information that is required by our algorithms to determine whether the reported email is an email from a phishing campaign by the Phishing Attack Simulator. The email body is not stored. The email messages are discarded once the processing and extraction of the required information have been completed.

We store the sender email addresses from your INBOX in encrypted form using a hashing algorithm. As the data mentioned above is encrypted by a hashing algorithm, your security and privacy are protected.

We do not store any information other than the data mentioned above.

IYS is the only recipient of your data, which will be analysed in automated manner. This data will not be passed on to any third parties individually or in aggregated form. All data is exclusively processed on our servers in German data centres.

No, we do not intend to transfer your data to a third country, i.e., a country outside the EU.

We will store the data for the duration of one year from the date it was provided. After this period, your data will be deleted. You will not be informed of the deletion of your data.

As a user of the add-in, you generally have the following data protection rights, although restrictions may apply in individual cases. You can contact us any time by sending an email to datenschutz@increaseyourskills.com in order to exercise your rights.

a) Right to information
You have the right to know from us in particular which of your personal data we process, the purposes they are used for as well as which recipients we disclose your personal data to and how long we store your data. If you request information, you can ask us for a copy of your processed personal data. The legal basis for your right to information is Art. 15 of the GDPR.

b) Right to rectification, erasure and restriction of processing
You have the right to request us to correct your personal data if your stored data is incorrect or no longer up to date, Art. 16 of the GDPR. Furthermore, you may request that we delete or restrict your personal data, Art. 17, 18 of the GDPR.

c) Right to data portability
You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format, Art. 20 of the GDPR.

d) Right to object
If we collect personal data from you on the basis of Art. 6(1)(f) of the GDPR (legitimate interest), you have the right to object to the processing of such data on grounds relating to your particular situation, Art. 21 of the GDPR. In principle, we will no longer process your personal data. An exception applies if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims. You can send your objection in writing or by email to datenschutz@increaseyourskills.com.

e) Right to withdrawal

If you have given us your permission to process your personal data in accordance with Art. 6(1)(a) of the GDPR or Art. 9(2)(a) of the GDPR, you have the right to revoke your consent at any time, Art. 7(3) of the GDPR. However, your revocation only affects the future so that the processing of your personal data which took place before the revocation, is not affected. You can revoke your consent informally in writing or by sending an email to datenschutz@increaseyourskills.com.

f) Right of appeal
If you believe that we are unlawfully processing your personal data, you have the right to lodge a complaint with the data protection supervisory authority, Art. 77 of the GDPR. Your right of appeal is not affected by any other administrative or judicial remedy.

No, it is up to you whether you would like to download the add-in.

Last updated: February 2021