In consultation with your employer and the data protection officer of your company, we will receive a list with the e-mail address data of all employees. This list contains the correct salutation (Mr/Ms), first name and surname, e-mail address, language and an optional assignment to a usergroup (e.g. department or location). This data is required by us in order to carry out the phishing simulation. 

Your employer receives an aggregated and anonymous evaluation of the handling of the e-mails. This evaluation does not allow any conclusions to be drawn about the behaviour of individual persons. All data is processed by us exclusively within the framework of the existing contractual agreements with your employer (data processing agreement). In the course of this, we take extensive measures to protect all data.