Secure file sharing and editing with

e-Col

e-Col for collaboratively achieving common goals
e-Col is Content Collaboration Platform.

It does so by enabling file sharing, file syncing and
collaboratively and simultaneously editing common office documents such as Word*, Excel* and Powerpoint* files.

e-Col instances run on separate servers, usually outside of the client's own IT environment. Clients have complete control over users and their access rights. The IT environment is GDPR compliant.

Users of e-Col may share all kinds of documents (not restricted in file types). Online-editing, however, is limited to Word, Excel, PowerPoint, OpenOffice, and regular Text files (txt, html, etc).

e-Col has been developed to enable online editing of these documents simultaneously with other users of e-Col, or even with guests.

e-Col uses
NextCloud and OnlyOffice in an integrated work space.


* These are registered trademarks of Microsoft Inc.

 
e-Col - Technical details and functionality
e-Col is entirely server based.

Installation of a software at the user computer is not required.

e-Col is completely browser-operated and is therefore available and
functional on all systems (incl. mobile devices) using standard browsers.

The system is available is
many languages (e.g. German, English, French, Spanish, Greek and others).

e-Col features include
daily backups enabling the restoration of different file versions for several months. Backups are stored on separate servers.

The
highest level of security can be realised by restricting access via an IP filter.

File sharing


  • Easy access anywhere via browser on any device
  • File encryption possible, however, this leads to limited editing functionality
  • Complete control over access rights
  • Highest security measures while remaining user friendly
  • Share, collaborate and communicate across organisational boundaries
  • Enhanced productivity through built-in features
    • Notifications after file modifications
    • Chat, audio calls, comments on files
  • Project management features such as mail integration, calendar, tasks/to do lists
  • Automated back-ups with versioning

File editing


  • View, edit and collaborate on documents, spreadsheets and presentations
  • 100% compatible with Microsoft Office formats; save on-line documents on your computer in standard formats
  • Easy access anywhere via browser on any device
  • Fonts and styles, format text, adjust line and paragraph spacing, change the page layout as you are used to do
  • Insert objects, move, resize, align them, change wrapping styles, fill with colour or pattern, etc.
  • Collaborate on documents with your team:
    • use the track change modus
    • discuss the process in the built-in chat
  • Use your spreadsheet files online to build, check and discuss your calculations
  • Generate your presentations in real-time with colleagues

 

Security & GDPR


  • Closed environment - company or project internal access only
  • Connections are secured by several layers: ssl certificates, latest secure protocol suite, high grade encryption key) and by use of https and specific certificates
  • Underlying technology is used by the German Federal administration for secure file exchange
  • 2-server-configuration: file sharing and file editing functionalities use different servers
    • editing server protected by additional passphrases
  • Backups stored encrypted on separate servers
  • Special measures to prevent brute force attacks
  • All servers are dedicated root servers and are located in computer centers in Germany (location in other countries possible); the computer centers are certified according to ISO/IEC 27001:2013
  • Administrative access to servers additionally secured by IP filtering
  • Using a high performance database engine for file sharing offers much more benefits than standard database engines; thousands of users are possible


General information
Data protection
The operator of the e-col service and related pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.
Whenever you use a website serving the e-col product, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith inform you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.

Information about the responsible party (referred to as the „controller“ in the GDPR)
The data processing controller on this website is:
ConsulTech GmbH
Morgensternstrasse 24
D-12207 Berlin
Phone: +49 30 7720 5920
Fax: +49 30 7720 59229
E-mail: e-col@consultech.de
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to the processing of your data
A wide range of data processing transactions are possible only with your expressed consent. You can also revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
In the event that data are processed on the basis of Art. 6 Sect. 1 lit. e or f GDPR, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. To determine the legal basis, on which any processing of data is based, please consult this Data Protection Declaration. If you log an objection, we will no longer process your affected personal data, unless we are in a position to present compelling protection worthy grounds for the processing of your data, that outweigh your interests, rights and freedoms or if the purpose of the processing is the claiming, exercising or defence of legal entitlements (objection pursuant to Art. 21 Sect. 1 GDPR).
If your personal data is being processed in order to engage in direct advertising, you have the right to at any time object to the processing of your affected personal data for the purposes of such advertising. This also applies to profiling to the extent that it is affiliated with such direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objection pursuant to Art. 21 Sect. 2 GDPR).


Right to log a complaint with the competent supervisory agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.

Right to data portability
You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract with you in machine readable format. If you demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognise an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Information, blocking, deletion
Within the scope of the applicable statutory provisions, you have the right to demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data at any time. You may also have a right to have your data rectified, blocked or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time at the address provided above.

Right to demand processing restrictions
You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time at the address provided above. The right to demand restriction of processing applies in the following cases:
  • In the event that you should dispute the correctness of your data stored by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
  • If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
  • If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
  • If you have raised an objection pursuant to Art. 21 Sect. 1 GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

Recording of data on our website
Server log files
The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:
• The type and version of browser used
• The used operating system
• Referrer URL
• The hostname of the accessing computer
• The time of the server inquiry
• The IP address
These data is not merged with other data sources.
Thes data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimisation of the operator’s website. In order to achieve this, server log files must be recorded.

Request by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
e-Col specific privacy information
As a response to the General Data Protection Regulation (GDPR), more specifically Art. 6 Abs. 1 lit. a, this document describes why, how and under which conditions ConsulTech GmbH stores personal data for providing its cloud service.
  1. ConsulTech GmbH provides an IT platform termed “e-Col”. This platform is set-up specifically for a client and is separated from e-Col platforms of other clients. Thereby, a client's information and data stored are separated from another client's information and data.
  2. Users need to register for accessing and using e-Col.
  1. During this registration process personal information is requested, required and stored in the e-Col system and in ConsulTech’s reference database. This personal information includes data needed to provide optimal services related to e-Col and includes name, email and eventually phone and fax number and employer's name.
  2. The cloud is a collaborative tool: in order to share information and to collaboratively work together – in other words: to fulfil the function of e-Col – this personal information may be shared with other users of a client's e-Col system.
  3. ConsulTech does not and will not share personnel data of users of e-Col with third parties unless we are forced by Law to do so.
  4. ConsulTech is bound by separate confidentiality agreements with employers of the users or other contracts – such as Consortium Agreements – with employers of the users. Therefore, neither personnel data nor other data will be shared by ConsulTech with third parties.
  5. By registering at C-col and using e-Col, users accept the conditions described in this document.
  1. e-Col is accessed and used through internet browsers only via secure connections.
  2. For optimal performance of e-Col including security and safety features, e-Col stores cookies locally on the computers used for accessing the cloud. These cookies are not used by ConsulTech or somebody else to track or analyse what users are doing in e-Col. Most of the cookies are automatically deleted after logging out of the cloud or after switching off the browser. You may even delete cookies after logging out without affecting the functionality of the cloud.
  3. Users of e-Col may store and share only information therein which are compliant with the general and specific laws. The information stored may include personnel information of any kind. Such information cannot be accessed by other users of e-Col unless this information is either stored in folders accessible for others (shared folders) or shared with other users by the user owning/providing the information. ConsulTech GmbH as the provider of this platform is not responsible and cannot be made responsible for any legal issues resulting from misuse of information stored in the e-Col system.
  4. Each e-Col user has access to a manual in order to read and understand how the cloud operates. Cloud user may contact ConsulTech at any time to ask specific questions in regard to the functionality of the cloud system. ConsulTech will do its best to respond within 24h at working days.
  5. Personnel data of a given user as described under 2.A. is deleted when this user wants them to be deleted. Users may ask ConsulTech anytime to delete his/her personnel data or ask which personnel data are stored by ConsulTech. The deletion of personnel data coincides with removing the user off the cloud resulting in a complete deletion of his/her account and all associated data and information which have not been shared.
  6. Users may ask any time to correct personnel data stored.
  7. Personnel data of a given user as described under 2.A. is stored as long as the account exists.
  8. The IT systems (that is the computers) that provide e-Col functionality is outsourced by ConsulTech to an IT service provider. ConsulTech and this provider have their physical and legal location in Germany and the IT systems are located in Germany. Therefore, German legislation applies. The computer center of this IT service provider is certified according to DIN ISO/IEC 27001. ConsulTech has a contract in place this IT service provider with regard to data processing according to art. 28 GDPR. The IT service provider regularly let check its technical and organisational measures according to art 32 GDPR by an external data-protection agency.
  1. The IT system providing the cloud automatically stores access to the cloud in so called “log-files”. In this case, “access” means that if the cloud system is called for using the browser the IT system automatically stores some general - nevertheless personal information according to GDPR information - including but not limited to: operating system, browser type and version, IP address of the user, time and date of the access.
  2. ConsulTech or the service provider do not use this information to analyse user activity.
  3. Storing this information is necessary to deliver the functionality of the cloud and the security of the cloud and represents therefore a justified interest pursuant to Art. 6 (1) (f) GDPR.
  4. A user does not have the option to object storing this data if he/she wants to use the cloud.
  5. In principle, ConsulTech or the service provider have access to the computer storing and serving e-Col and its data stored. That means that in principle ConsulTech or the service provide have access to data stored in e-Col. However, unless ConsulTech or the service provider are specifically asked for by an authorised person (this might be a user, its employer or some German legal authority - list not concluded) to do so the data will not accessed by ConsulTech or the service provider.
  1. Storing personal information as described above constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
  2. If you have any question, comments or requests, please contact us anytime using the contact details provided on several occasions on the website.