Gimel Data Privacy
(FAQ)

Which data privacy standards does Gimel ID comply with?
Gimel ID and its operator, Gimel Technology, are being performed in line with European regulation. Gimel ID complies with GDPR standards of the European Union amongst others. Also, we aim at being certified in line with further regulation, e.g. we aim at certification as per the earliest in line with eIDAS 2.0 standards. In Germany for example, the BSI is currently working on setting up such certification team.
Can I reset my password even though I have changed my security device and cannot confirm the transaction?

You can reset your password, even if your security device is no longer present, using your recovery PUK. This requires disabling your two-factor authentication. You can disable your two-factor authentication as follows:

a) perform the “Reset password” function  
b) after you set a new password, you will be asked to confirm your transaction on the security device  
c) click on “problems with your account” 
d) select “unlink security device” 
e) you will now be prompted to deactivate your two-factor authentication 
f) confirm this with “Continue” 
g) then enter your six-digit recovery PUK and click on “Confirm” 
h) the two-factor authentication has now been successfully deactivated 
i) perform the “Reset password” function again to set a new password 

Will all my data be deleted when I delete my account?
If you delete your Gimel ID account, we will delete all data, which are not subject to the retention obligation according to the GDPR.
Which personal data do partners get from Gimel ID?

The contracts Gimel Technologies enters into with all application partners regulate the use of the service and guarantee the high security and data protection standards. Inside the application, the users decide on an individual level which service providers/partners can access which data. The service providers do not know which other services a user sets up – every service provider is only provided with the data relevant to their services. This excludes the disclosure of one service provider’s users data to another. This excludes cases where the user has given the wilful consent for the disclosure of data between partners i. e. for combined use cases.

What requirements must my Gimel ID password meet?
Your Gimel ID password should contain at least eight characters. It must include upper- and lower-case letters, special characters and at least one number. Please note that the following special characters cannot be used: ” § ° ` ´ €
What can I do in that case that an unauthorized person got access to my log-in credentials?

In case of a theft of the login data to your Gimel account, there is always the possibility to block your account via the customer service. This also blocks the associated online services accessing your data. To deactivate your account please log in and select “settings”. Afterwards select “My Gimel” and the option “deactivate account”. Afterwards you are guided through the deactivation of the account. To protect your account against unauthorized access you should always use a second factor. With a second factor nobody can access your account, even if your password has been stolen.

Where can I check who is using my data?

At any time, you can check which online service you used and with whom you shared data. Just go to “My Activities” in your Gimel account.

Scroll to Top