+49 9131 93406-40 Rückruf Support Kontakt Newsletter
| Kontakt | Thieme Gruppe

Data Protection Information

Version: 30.07.2018 – This page is updated at irregular intervals. In order to ensure optimum transparency, we would therefore recommend that you frequently visit this page.

When you use the services that constitute our online offering (in the following referred to as “offering”), you declare your acceptance as a user that we, as the responsible body (detailed information under item 5) in the sense of the data protection, will record, process and use the listed data in the manner described. Should you request us to, we will be happy to provide you with a list of all our online offerings.

Furthermore, within the framework of your rights in accordance with Article 12 ff. of the General Data Protection Regulation (GDPR), this web-page informs you about the nature, purpose and scope of the recording, as well as the use of the personal data as part of our offering. The legal framework for this is provided, among other legislation, by the EU’s General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), the Telemedia Act (TMG), as well as further detailed regulations. We update this information where required and recommend that you visit these web-page once again the next time you visit the website.

If you wish to contact us to defend your rights as a user, please refer to item 6 for the appropriate contact partner. No fees apply in this case except for the transmission fees in accordance with the base rates.

Table of contents

1. Legal basis
2. Methods, extent and purpose of collecting, processing and using data, data receiver
3. Procedures used to optimise our offerings
4. Additional applications of our offering (third-party provider & social media)
5. Protecting your rights as the aggrieved party (example)
6. Contact for further questions/suggestions relating to data protection

1. Legal basis

We only record, save and use the data that you provide when using our online offering within the legally permissible framework, and on the basis of

  • a contract or a relationship of trust similar to that created by a contract (Art. 6 (1b) GDPR), e.g. using copyright protected content,

  • a statement of consent (Art. 6 (1a) GDPR), e.g. newsletter order,

  • a legal obligation (Art. 6 (1c) GDPR), e.g. provider identification in the imprint,

  • the justified interests of our company (Art. 6 (1f) GDPR), as long as the interests, fundamental rights and basic freedoms of the person effected do not outweigh the interests indicated first; justified interests are, for example, proper functioning, the safety and ease with which the user interface for our online offering can be used with the help of the optimisation procedure (please see Chapter 3) or also the announcement made by our company on Internet platforms such as Xing, LinkedIn, YouTube or Facebook.

2. Methods, extent and purpose of collecting, processing and using data, data receiver

Personal data are information that allow a conclusion to be made with respect to you as a person. This includes data such as, for example, names, contact details, but also photographs, information regarding interests and hobbies or memberships, as well as data recorded in technical systems such as, for example, the IP address of your Internet provider (Provider or Hoster).

Data collected by the system and protection of your personal privacy

We record data on each time our offering is accessed in the form of service log files. These log files contain the name, date and time the website was visited, file names, transmitted data volumes, server-access status (file transmitted, file not found, command not carried out etc.), type and version of browser, as well as the specific browser settings such as, for example, country or language characteristics, user’s operating systems, device information (e.g. device number such as UDID, type of device), previously visited websites (Referrer), IP address, enquiring provider, the access method/function wanted by requesting computer (PC, mobile, remote access etc.).

We only use these protocol data for the purpose of evaluating the operation, as well as the security and optimisation of your offering. No references to persons exist and are not envisaged. In individual cases, we reserve the right to examine protocol data in detail if concrete indications exist that give rise to justified suspicions of illegal use.

Enquiries & Newsletter

When you contact us, using a contact form, by e-mail or over the telephone, we save and use your details within the framework of the indicated business purpose or in order to process your enquiry. We do not pass on your data to third parties without there being a legal basis to do so and we of course do not sell your data.

If you wish, we will be happy to send you information on our products and services. For this purpose, you can sign up to receive various newsletters. For this we require your e-mail address, which we will check with respect to validity before the order becomes effective. Furthermore, we ask for the salutation, your first name and surname in order to offering you optimum service (addressing with the correct name, for example).

You can also provide your business address in the case of offering enquiries.

Orders & Purchases

Within the framework of your order, which you have submitted either online, orally, in writing, by telephone, by fax or by e-mail, we record, process and save the business data required for the transaction. The use of data is done so on the basis of the contract or contract initiation.

Payment function

In the case of chargeable offerings, you usually have the choice between different payment possibilities. Our carefully chosen and certified Swiss payment partner SIX Payment Services (Germany) GmbH, head-quartered in Germany, Langenhorner Chaussee 92-94, 22415 Hamburg, is responsible for completing SEPA direct debit or credit card transactions, e.g. in the case of our online portal. In this case, you yourself transmit your personal data to this company for the purposes agreed upon. A special payment platform is integrated into our offering for this purpose.

This data transmission is of course encrypted in accordance with the current data-security standards. Furthermore, the procedures of both payment partners meet the requirements of the Payment Card Industry Data Security Standards (PCI DSS).

Product data protection

In accordance with the requirements of the GDPR with respect to products and services that we market on the European (German) market, we are offering a wide range of different approaches for the corresponding technical design, as well as fundamentally data-protection-compliant pre-settings. This applies to our entire product range. Further information is available upon request.

Data transfer

We process the received data for the purpose of providing optimum customer service to our users in conjunction with the respectively required body within our corporate group. In this way, we can, for example, save you from submitting unnecessary multiple inquiries and can provide you with exactly one contact partner who will provide you with comprehensive consultation in relation to your specific issue.

We will be happy to provide you with a list of all providers who are involved in our online offering (data processor commissioned by us) should you request this.

We do not pass on your data to third parties and we of course do not sell your data.

Unless expressly described in the following for individual cases, no processing of personal information outside of the European Union (EU) or the European Economic Area (EEA) is taking place and this is also not being planned.

Mobile use

Please be aware that when you use our offering on a mobile digital device (e.g. mobile telephone or tablet), you may possibly have allowed for the technical recording, usage and passing-on of precise location data, including the geographical location of your device. In addition, further data is collected, processed and used within the scope of usage terms and conditions of your respective telecommunication provider. We exert no influence over this.

3. Procedures used to optimise our offerings

On principle, using our web sites is possible without providing any personal information. All the elements named in the following for the range measurement and statistics relating to the behaviour of our users serve our justified interest in optimising and disseminating our content and products. In the process we are offering the pseudonymised form of your data as we do not link information on user behaviour to the personal profiles of individual users. Therefore, even your IP address remains unconnected to any personal information.

Cookies

Different types of cookies are used on various pages of our offerings. Cookies are very small text files which are stored on your computer. They do not do any damage there and do not contain any personal data about you whatsoever. This device-specific information saved in the cookies enables us to analyse the usage of our offerings without any references to persons and to recognise the device you are using when you are visiting again. This makes it easier for you to use our websites (user-friendliness) and gives us the possibility to optimally shape our offering to meet your needs.

In your browser, you can adjust your settings so you are informed about cookies being applied. You can decide yourself whether you accept them on a case-by-case basis or exclude acceptance on principle. You can find more detailed information for example at https://www.aboutcookies.org.

If you do not approve of the saving and evaluation of your data for optimisation and marketing purposes using one of the individual technologies, you can prevent this by using one of the following methods put in place by the respective provider. In this case, a so called “Opt-Out” cookie is saved on your browser, which recognises that no data on the website visit may be recorded.

Please be aware that the complete deletion of all your cookies by means of the corresponding browser settings will also delete such “Opt-Out” cookies and you will be required to reactivate these once again.

Web trends

In order to make using our online services as simple and comfortable as possible for you, we are working with technology of Webtrends Inc., 555 SW Oak Street, Suite 300, Portland, OR, 97204 USA (http://www.webtrends.com) to collect and store user data in an anonymised form for the purpose of optimisation. These data are used to prepare usage profiles exclusively using pseudonyms. Therefore, no direct link to any person is present. This is another purpose for which cookies can be used (see usage of cookies above) which collect and store data in pseudonymous form exclusively, however. The data are not used to identify the user of this website personally; they are not linked to data about the user of a pseudonym. You can find further detailed information on the Provider by going to http://www.webtrends.com/terms-policies/privacy/privacy-statement/.

Google Analytics

This website uses Google Analytics, a Web analytics service provided by Google, Inc. (‘Google’). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. Generally, the information generated by the cookie about your use of the website is transmitted to and stored by Google on a server in the United States. IP anonymisation was activated on this website, so that your IP address will be truncated in Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the whole IP address be transmitted to a Google server in the United States and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet use. The IP address conveyed by your browser within the scope of Google Analytics will not be associated with any other data held by Google. You may refuse the storage of cookies by selecting the appropriate settings in your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. You can also prevent the data (including your IP address) generated by the cookie on your use of the website from being collected and used by Google by downloading and installing the Opt-out Browser Add-on under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

4. Additional applications of our offerings (third-parties & social media)

We will round off our offerings for you in part by linking to carefully selected third-party providers. We cannot assume any liability whatsoever for their own content, nor for their data protection provisions. For technical reasons, third parties will usually also receive at least your IP address. In consideration of our shared responsibility in accordance with GDPR, and in keeping with your bests interests, we endeavour to only offer such content where the providers only use the IP address to deliver the content. However, we do not have any influence on it if the third-party providers also store the IP address, e.g. for statistical purposes. If we are aware of it, we will inform you about it.

Collection of links

We offer you the possibility to intensify your interest in special topics by creating collections of links. We have put together these Internet sites with care and we check them at regular intervals. However, their rules apply to their offerings, in other words, also their processing of your data when you switch to such external websites.

Use of social plug-ins or simple links

We offer you the possibility of displaying your interest in our offering on the social media platforms Xing, Facebook or YouTube.

For this purpose, we have installed the popular “Like” button at the respective bottom of such websites. In order to protect your privacy in this case, we use the so-called “1-click solution”, in which case you first actively click on the provider’s buttons, before your data can be transmitted to them.

If you don’t want that social-media networks can assign the data attained via our offering immediately to your respective profile, generally you should log-out of the corresponding social-media networks prior to visiting other offerings (like one of ours for example). You can also control or prevent that plug-ins are loaded with the corresponding add-on applications for your Internet browser, for example, with the script blocker such as “NoScript” (noscript.net). Alternatively, you can use a browser, which offers improved control possibilities for advanced users as standard (please see number 2).

In the following you will see the provider-specific details for the services provided by us.

Social-media plug-ins

If you wish to use some of our other online offers, we are offering them on our sites via a web link. The official “share” buttons of platforms such as Xing, LinkedIn, Facebook and YouTube transmit personal data when accessing a website containing such elements. Since you do not have any control over this initially, we are using icons only containing a link to our offers on these platforms instead of these active share buttons. In specific sections (e.g. media) for which we are assuming that you would particularly like to share content with other interested parties, we are offering the “Shariff” solution. As in any other of the mentioned cases, the following also applies in this one: Data are transmitted to the respective platform only after you actively use one of the aforementioned “share” functions. The transmitted data are pseudonymised information only, such as e.g. the IP address, not data directly pertaining to you as a person.

Facebook

Our web shop uses social plug-ins (“plug-ins”) of the social network facebook.com operated by Facebook Inc., 1601 Willow Rd, Menlo Park, CA 94205, USA ("Facebook"). The plug-ins can be recognised by means of one of the Facebook logos (white “f” on a blue tile or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. You can view the list and appearance of the Facebook social plug-ins here: https://developers.facebook.com/docs/plugins.

If you access pages of our web shop containing such a plug-in, your browser establishes a direct link to the Facebook servers. The content of the plug-in is directly transmitted to your browser by Facebook and is integrated in the website by it. Therefore, we do not have any influence on the extent of the data collected by Facebook by means of this plug-in and do therefore inform you in line with our present knowledge.

By integrating the plug-in, Facebook receives the information that you have accessed the respective page of our website. If you are logged in with Facebook, Facebook can associate the visit with your Facebook account. If you interact with the plug-ins, for example by pressing the like button or making a comment, the corresponding information is directly transferred to Facebook by your browser and is stored. If you are not a member of Facebook, there is still the possibility that Facebook finds out your IP address and saves it.

Please refer to the data privacy provisions of Facebook to learn about the purpose and extent of data collection and further progressing and use of data by Facebook and your associated rights and setting options to protect your privacy: http://www.facebook.com/policy.php.

If you are a Facebook member and do not wish that Facebook collects data about you using our website and links them with your membership data stored by Facebook, you have to log out prior to visiting our website.

You can block social plug-ins with add-on applications for your browser, in this case for example with the “Facebook Blocker).

+1 button by Google

Our online offerings use the “+1″ button of the social network Google Plus operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). The button of Google+ can be identified by a “+1” sign on a white or coloured background. If you access a page of our offerings including one or several of those buttons, the browser establishes a direct connection to the Google servers. The content of the buttons is directly transmitted to your browser by Google and is integrated in the website by it. We do not have any influence on the extent of the data collected by Google by means of this button. According to Google, no personal information is collected by clicking on the button. Only if members are logged in, such data, among others the IP address, are collected and processed. Please refer to the data privacy provisions of Google to learn about the purpose and extent of data collection and further progressing and use of data by Google and your associated rights and setting options as a user to protect your privacy www.google.com/intl/de/+/policy/+1button.html with regard to the “+1” button and the answers to the most frequently asked questions to this topic (FAQ) https://developers.google.com/+/web/+1button/#frequently-asked-questions.

Google AdServices & Google Maps

Our web sites use applications of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Adservices uses cookies to collect information on user behaviour. In addition, Google uses “web beacons”, invisible graphics transmitting personal information and activities to the servers of Google in the USA via the IP address which are then processed or stored. You can prevent collecting and further processing of your data by this application by deactivating the execution of Java scripts in your browser or installing an application suppressing such scripts.

As a comfortable way to plan your route to us, we offer Google Maps on our site. If you use our online offerings, you consent to the additional collection, processing and storage of your data by Google, its representatives or third parties.

You can find detailed information on data processing by Google as last updated in the following links:

- Further details in the data privacy centre: http://www.google.de/intl/de/policies/privacy
- Special usage terms and conditions for Google Maps: https://www.google.com/intl/de_US/help/terms_maps.html

XING

We are offering the “XING share button” to you. This service is provided by XING AG, Dammtorstraße 30, 20354 Hamburg, Germany. When accessing this website, a connection to servers of XING AG (“XING”) is established through your browser; these provide the XING share button functions (in particular calculating/displaying the counter value). XING does not store any of your personal information by your accessing this website; in particular, it does not store any IP addresses. Your user behaviour will not be analysed by means of using cookies in connection with the “XING share button”. You can find the data protection information as last updated on this website: https://www.xing.com/app/share?op=data_protection.

LinkedIn

Part of our online presence is offering you the share button of the “LinkedIn” Internet platform. This service is offered by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If you access a page of our website including this button, the browser establishes a direct connection to the LinkedIn servers. The provider will be informed of your visit on our website, including your IP address. No evaluation of how you use the website takes place via the use of cookies. You can find more information at https://www.linkedin.com/legal/privacy-policy?_l=de_DE.

WhatsApp

With the WhatsApp sharing button, we are offering you the option of directly and straightforwardly sending interesting content to selected contacts. This function is a hyperlink which is transmitted to WhatsApp on your terminal unit and only contains referrer information (name of the website). Any other functionality remains completely within your sovereignty as the user of such terminal unit. In contrast to other platform such as Facebook, no transmission takes place to publicly accessible websites.

Linking to offerings from other providers (third-parties)

We will round off our offerings for you by linking to carefully selected third-party providers. Thieme Compliance GmbH will check the offerings of these providers but in the end, it cannot accept any responsibility for their content or data privacy provisions. Therefore, fundamental caution should also be exercised in this case.

5. Protecting your rights as the aggrieved party (example)

We implement a wide range of technical and organisational measures in order to be able to properly protect your data when being processed. This entails us pursuing the protection goals of confidentiality, integrity (completeness and correctness of data), availability and imputability (authenticity). In the following are a few examples of our concept.

  • The data transfer of our offering is encrypted in accordance with the current security standard.

  • The access to and accessing of the data processing systems is done so by means of a dedicated authorisation procedure, which is subject to regular checks. Statistics relating to the use of our online offering are either drafted by the system or our service provider, they also do not contain any personal reference.

  • Evaluations of recorded data are usually at least pseudonymised and are exclusively carried out by authorised workers who are obligated to maintain data protection and who are regularly trained and sensitized with respect to the importance of compliance.

  • If business partners are working on our behalf within the framework of the data processing (outsourcing), these were carefully selected and contractually obligated to maintain data protection in compliance with the legal provisions. The compliance with the agreement is controlled directly on-site should this be necessary.

  • You can revoke the consent for the saving and use of the data that you have provided to us at any time, as long as this is not required in order to fulfil the terms of the contract or is required in order to fulfil legal requirements (e.g. prescribed storage deadlines). You can direct your revocation in any form you wish with effect for the future to the competent authority as listed at the end of the document. You will not incur any further costs apart from the connection costs at basic tariffs. Your revocation will be compared with a so-called internal block list prior to each new selection in order to ensure that you will not be addressed by us again by accident. You can also revoke this use at any time, however, we could then not rule out that we will address you again, e.g. after purchasing addresses or a back-up data recovery.

  • The duration that your data are saved with respect to our online offering is based on the purpose for which it was transmitted and is done so in compliance with the legal provisions. It is also in our interest not to hold your data in our system for longer than is necessary. We determine the minimum duration of storage within the framework of the description of our processing activities; by means of suitable technical rules or processing techniques, the deletion deadlines are determined and the destruction of required data is initiated, as far as technically possible.

  • As user, you have the right to receive information about the personal data saved about your person free of charge. You also have the right to have any incorrect data corrected, it’s usage limited or have your personal data deleted to the extent that it is not required in order to fulfil the contract and when the deletion is not in contradiction of the legal storage obligations. No fees arise for you in this case except for the transmission fees in accordance with the base rates. The right to have your data transferred is currently not foreseen in our online offering because you do not provide us with any suitable information online. If you are of the opinion that our data processing is not in compliance with the legal requirements, we would be grateful if you would correspondingly notify us of this. Your right to lodge a complaint with a supervisory authority remains unaffected by this.

  • In order to ensure the effectiveness and sustainability of implemented data protection measures, not only the company management (as those responsible), the data protection and the compliance department, but also a standardised approach to continuous optimisation of our data protection level and experienced external data protection experts are available.

If you access third-party sites and files within the frame of our offerings and are requested to transfer personal information, please note that this transmission of data on the Internet may be unsecured and data may therefore come to the attention of unauthorised persons.

Please be aware that we currently (still) have no influence over the recording and use of your data if you visit or avail of offerings from us made available by third parties (for example on YouTube as described above). This applies for all interaction possibilities offered such as the leaving behind of image/audio material or comments, as far as these are not transmitted to our company in a manner that would be expressly recognisable for you, e.g. by e-mail. The responsible body is the respective operator of the platform that was visited and used by you. The data protection notifications and declaration there apply.

6. Contact for further questions/suggestions relating to data protection

Responsible Party
Thieme Compliance GmbH, Am Weichselgarten 30a, 91058 Erlangen
Telephone: +49 9131 93406-40, E-Mail: info@thieme-compliance.de.

The Data Protection Officer
You can contact our Data Protection Officer Ms. Blossey at any time should you have any questions or enquiries relating to data-protection matters. She can be best reached via e-mail: datenschutz@thieme-compliance.de.

The Competent Supervisory Authority
You can exercise your right to submit a complaint with all supervisory authorities; who are responsible for us:

Bayerisches Landesamt für Datenschutzaufsicht [Bavarian State Office for Data Protection Supervision] (BayLDA)
Postal address: Promenade 27 (Schloss), 91522 Ansbach
Telephone: +49 981 53 1300, E-Mail: poststelle@lda.bayern.de.


Here you can find the data protection information.

Thieme einfach besser