The service provider has declared that the e-mail service has been tested in accordance with the requirements of the Technical Guideline for Secure e-mail Transport BSI TR-03108. He further declares that it meets all mandatory requirements of the aforementioned Technical Guideline at the time of application and that it maintains them for the duration of the validity of the IT Security Label. In addition, the service provider declared that the recommended requirements of the aforementioned Technical Guideline are also met at the time of application and maintained for the terms duration, unless a contrary declaration of justified deviations was submitted with this application.

For the terms duration, the service provider assured to inform the Federal Office for Information Security unsolicited if the declared characteristics of the service change as soon as they become known to it, including (temporary) disruptions of the information security of the e-mail  service and security vulnerabilities.

For the duration of the approval, the service provider also assured that it would immediately fix any security vulnerabilities it becomes aware of with regard to the e-mail service and notify the Federal Office for Information Security (BSI) of the status of the measures taken to this end in accordance with section 3 para. 4 sentence 2 BSI-ITSiKV (Ordinance on the IT Security Label of the German Federal Office for Information Security).