Identity Verification – Why Is It Required?

We, Mailboxde.com GmbH, are a registered postal service provider in the provider directory of the Federal Network Agency (Section 4 (1) PostG) and holder of a postal license.

As such, we are obliged to ensure that our activities do not endanger public security and order and, in particular, that no legal provisions are violated. To meet these requirements and protect our customers, we carry out an identity check of our users. This serves in particular to ensure the proper and lawful provision of our services.

Our particular interests in this regard are:

  1. Protection of the sender
  2. Public interest
  3. Abuse prevention

II. What is the legal framework?

As already mentioned, our services must not endanger public security and order. This is expressly stipulated in Section 4 (4) No. 3 of the Postal Act (PostG). In the event of a violation, even a revocation of our entry in the provider directory may be threatened pursuant to Section 4 (5) Sentence 2 PostG!

Public security generally includes the entirety of the legal order and thus every statutory or applicable legal provision. We are therefore obliged to observe all applicable legal norms when providing postal services.

In particular, we must take into account the following aspects:

1. Anti-money laundering

The legislator has enacted a comprehensive set of rules with the Anti-Money Laundering Act, which is intended to combat money laundering. Money laundering means any act aimed at concealing the origin of assets derived from criminal offenses in order to later introduce them as seemingly legal assets into regular business transactions. Acts of money laundering are also punishable in Germany under Section 261 of the Criminal Code (StGB). Such an act also occurs when assets from criminal offenses are sent abroad. In order not to (even unknowingly) participate in such acts, the identification of our users is necessary. Unfortunately, there are repeated cases of illegal shipments (see: https://www.mailboxde.com/prohibited-goods.html) via our services. Identification is intended to prevent any misuse of our service and eliminate the risk of exposing ourselves to criminal prosecution.

2. Customs regulations

Our service enables users to receive shipments from all over the world, including from non-EU countries. As soon as a shipment is sent to a non-EU country, all customs regulations must be observed. This is stipulated in Article 1 of the Union Customs Code (UCC). Customs law requires, among other things, that customs authorities be provided with information about the content of the shipment for certain consignments. These so-called customs declarations must also contain information about the recipient of the shipment. For customs law purposes, it is important that this information is complete and, above all, truthful. The identification of our users also serves this purpose, ensuring that the information we transmit is correct.

In addition, the European Union regularly issues regulations (e.g., Regulation (EU) 2024/386) for the purpose of preventing the financing of terrorism, which prohibit the transfer of funds or economic resources to certain persons. It is therefore prohibited to arrange shipments to such persons or organizations. The regulations go so far that not only the final recipient but also intermediaries must be checked. Identification allows us to cross-check with the lists contained in the regulations and thereby exclude participation in terrorist financing.

3. Employee protection

As a responsible employer, we try to protect our employees from all dangers to their health or life. For this purpose, we particularly observe the provisions of the Occupational Health and Safety Act (ArbSchG). Section 3 of this Act stipulates that an employer is obliged to take all necessary measures to ensure the safety and health of employees. Section 4 No. 2 ArbSchG requires that hazards be eliminated at their source. Unfortunately, in the past, our services have repeatedly been misused for sending highly toxic (prohibited) substances. This has created life-threatening dangers for our employees (and other persons in the transport chain), which we cannot and must not accept. The sending of prohibited and partly highly toxic contents represents an unauthorized use of our services and was carried out using a false identity. Verification therefore also serves to prevent users from misusing our service and thus reduce risks to our employees.

III. How does the verification process work?

We offer two possible procedures for verification:

As a rule, we use the service Veriff, where you upload your ID (valid identity card or passport) and a short video of your face yourself via mobile app or webcam. It is important that you upload the ID yourself, as Section 20 of the Identity Card Act contains requirements in this regard.

Veriff is a licensed provider of electronic identification services based in the EU and holder of the international certification ISO/IEC 27001:2022. The processing of your personal data takes place in accordance with the provisions of the General Data Protection Regulation (GDPR). Supervision is exercised by the Estonian Data Protection Authority.

Veriff processes the data collected exclusively for the purpose of identity verification and deletes it automatically after a maximum of 90 days.

This method is quick, convenient and secure – verification usually takes place within a few minutes. The costs, currently amounting to 0.80 EUR, are deducted from your credit balance.

We also offer a free alternative in the form of a bank transfer when recharging your credit from an account in your name / company. Once payment is received, verification is carried out without further cost.

IV. Withdrawal

Consent to identification is voluntary. Without such consent, however, it is not possible for us to properly provide the postal service, and we are unfortunately unable to offer our services. The data collected is used solely for the proper provision of the postal service and may only be used for this purpose, including the fulfillment of other legal obligations and fraud prevention. It is possible to revoke consent to data processing at any time (a written notice in text form, e.g., by e-mail or letter, is sufficient). If such a revocation is made, our services can unfortunately no longer be used.

V. Who is responsible?

Mailboxde.com GmbH
Dresdner Str. 9, 02763 Zittau, Germany
support@mailboxde.com

For further information on data processing, please refer to our privacy policy.