Voluntary Commitment

The legal situation in the Federal Republic of Germany allows German companies to manufacture and distribute IT security products with discretionarily strong encryption and without hidden access contingencies (“backdoors”). This constitutes an essential competitive edge in international comparison and is emphasized by the „IT Security Made In Germany“ (ITSMIG) initiative.

As a member of the ”ITSMIG” initiative, gateProtect wants to assure our customers that our security products do not contain security risks due to hidden access contingencies or weakened encryption mechanisms.

Against this background we commit ourselves to manufacture only security products that do not contain any hidden access contingencies. To achieve this objective, i.e. to offer verifiable security solutions, a maximum of transparency may be required. Such transparency will be provided in justified cases.


Our commitment to manufacture only products without hidden access contingencies in particular covers the following aspects:

1. Our products do not contain any hidden access identifiers or mechanisms that would give a third party an uncontrolled access to a customer’s computer system or enable said parties to deactivate security relevant functionalities.
   
   
2. Our access control systems do not contain hidden identifiers or bypasses known to the manufacturer that would allow a third party unauthorized access to a customer’s computer system.
   
   
3. If we obtain knowledge about access control system vulnerabilities or bypasses we will close these as quickly as possible so that third parties cannot use them as hidden access possibilities.
   
   
4. Our products do not provoke a concealed transmission of partial or full cryptographic codes or access identifiers.
   
   
5. Our products will not contain deliberately weakened encryption algorithms (e.g. artificially shortened codes, incorrectly implemented encryption algorithms, weakened random generators, concealed master keys or concealed transmissions that could facilitate decoding).
   
   
6. For reasons of having to comply with statutory provisions, court orders or provisions of law enforcement authorities, we may have to implement mechanisms for a partial or complete handover of communication contents, cryptographic codes or access
   identifiers to local law enforcement authorities. We obligate ourselves to inform the involved customer if this is the case, as far as legally allowed.
   
   
7. No self-contained claims or liability claims in particular may be derived from the statements made in sections 1. through 6.. A legally binding obligation is subject to the conclusion of an agreement such as a purchase order, license agreement or deliverables contract, which may be entered into with the purchase of an IT security product.