This form lets external parties — in particular service providers and suppliers — confidentially raise security, data protection or compliance concerns. A report can be submitted without an account and without providing an email address.
The controller is Bergx2 GmbH (see Imprint). Your report is processed solely to handle security and compliance concerns (Art. 6(1)(f) GDPR). The only recipient is the responsible internal office. The report is stored for up to 3 years after the case is closed and then deleted. Your IP address is processed only briefly for spam prevention and is not stored with your report. No external services are used. You have the right to access, rectification, erasure and restriction, as well as the right to lodge a complaint with a supervisory authority.