Version: 23.12.2020 – This page is updated at irregular intervals. In order to ensure optimum transparency, we therefore recommend that you frequently visit this page.
When you use the services that constitute our online offering (hereafter referred to as “offering”), you declare your acceptance as a user that we, as the responsible body (detailed information in Item 6) in the sense of the data protection, will collect, process and use the listed data in the manner described. Should you request us to, we will be happy to provide you with a list of all our online offerings.
Furthermore, within the context of your rights in accordance with Article 12 ff. of the General Data Protection Regulation (GDPR), this webpage informs you about the nature, purpose and scope of the collection, as well as the use of personal data as part of our offering. The legal framework for this is provided, among other legislation, by the EU’s General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), the Telemedia Act (TMG), as well as further detailed regulations. We update this information where required and recommend that you visit this webpage again the next time you visit the website.
If you wish to contact us to defend your rights as a user, please refer to Item 6 for the appropriate contact. No fees apply in this case except for the transmission fees in accordance with the base rates.
1. Legal basis
2. Methods, extent and purpose of collecting, processing and using data; data recipient
3. Procedures used to optimise our offerings
4. Additional applications of our offering (third-party providers & social media)
5. Protecting your rights as the aggrieved party (example)
6. Contact for further questions/suggestions relating to data protection
We only collect, save and use the data that you provide when using our online offering within the legally permissible framework, and on the basis of
Personal data are information that allow a conclusion to be made with respect to you as an individual. This includes data such as names, contact details, photographs, information regarding interests and hobbies or memberships, as well as data collected in technical systems such as, for example, the IP address of your Internet provider (ISP or web host).
We collect data in the form of service log files every time our offering is accessed. These log files contain the name, date and time the website was visited, file names, transmitted data volumes, server-access status (file transmitted, file not found, command not carried out, etc.), type and version of browser, as well as the specific browser settings such as country or language characteristics, user’s operating systems, device information (e.g. device number such as UDID, type of device), previously visited websites (referrer), IP address, enquiring provider, and the access method/function sought by the requesting computer (PC, mobile, remote access etc.).
We only use these protocol data for the purpose of evaluating the operation, as well as the security and optimisation of your offering. No references to individuals exist, nor are such envisaged. In individual cases, we reserve the right to examine protocol data in detail if concrete indications exist that give rise to justified suspicions of illegal use.
We are currently offering a symptom checker for COVID-19. We have put together a few questions about your state of health that you can use to pre-assess typical factors for the disease. Your answers on this special page are particularly sensitive information about your state of health. To ensure that these are optimally protected, we have implemented our symptom checker so that your personal data remain exclusively with you.
You enter your data yourself in an Internet browser locally on the Internet-enabled device of your choice. The same applies to the print function. Your answers will not be passed on either to Thieme Compliance or to any third parties.
When you contact us using a contact form, by e-mail or over the telephone, we save and use your details within the context of the indicated business purpose or in order to process your enquiry. We do not pass on your data to third parties without there being a legal basis to do so and we of course do not sell your data.
If you wish, we will be happy to send you information on our products and services. For this purpose, you can sign up to receive various newsletters. For this we require your e-mail address, which we will check with respect to validity before the order becomes effective. Furthermore, we ask for your title, first name and surname in order to offer you optimum service (addressing with the correct name, for example).
You can also provide your business address in the case of offering enquiries.
If you digitally transmit your application documents to us, we will process them within the course and for the duration of the application process of the position you have indicated. In the case of an unsolicited application, we will allocate you to positions you may be eligible for. After the advertised position has been filled, your data will be kept on file for six months at most to enable us to address any legal claims. Upon expiration of this retention period, the data will be deleted immediately in compliance with applicable data protection law. If indicated, we may request your written consent to retain your data for a longer period (of up to two years) if there is the option to take you into consideration for any later vacancies.
Registration function, presupposed and / or express consent
If you would like to use a specially protected application of our offering, e.g. our portal solution or the request for a demo version of our software, we need – partly legally required – mandatory data to process your request and/or order. The contact forms follow the principle of data minimisation; mandatory fields are identified accordingly.
Where we may presuppose your consent to the use of the data you have provided us with or where an expressly demonstrable consent is actively required from you, we will inform you before sending your data about the purposes of the processing and your rights.
You must explicitly confirm any consent you have actively given online and subsequently by e-mail. Only then will we record your consent in our customer database. The data transfer is encrypted in accordance with the current security standard. If you revoke your consent, the entry in the customer database will be updated accordingly. In addition, we include your contact details in our “internal block list,” which is kept separate from the database. This is the only way we can avoid your being unintentionally contacted again, for example due to a reset of your status by a back-up data recovery of the database.
Within the framework of your order, whether submitted online, orally, in writing, by telephone, by fax or by e-mail, we collect, process and save the business data required for the transaction. The use of data is done so on the basis of the contract or contract initiation.
As part of our ISO certification, we are obligated to perform a short customer satisfaction survey at regular intervals (approx. four times a year). Depending on the product or service, this entails that you will either get an online notification or an e-mail with a link to where you can provide your feedback online. We would appreciate it if you took some time to let us know whether you are satisfied or possibly see some opportunities to improve. The survey is voluntary and anonymous, and its only purpose is quality assurance for our products and services. If you do not wish to receive this evaluation e-mail (any longer), please just send a short notice to email@example.com.
We offer various courses on patient education as an e-learning solution. It often happens that customers want to purchase additional products from the publishing group. We therefore manage the purchase and use of our e-learning products partly via the online shop, the billing routine and the support service of the Georg Thieme publishing group. You buy your desired license from the online shop of Georg Thieme Verlags GmbH. In this way, you only have to register once for all products offered by the publishing group.
For the purpose of invoicing, the Georg Thieme Verlags GmbH informs us by e-mail about the you have products. For this purpose we need the date of purchase, name, address, product descriptions, invoice amount and any special features of your order. As a rule, the relevant e-mails are forwarded to us.
The technically up-to-date secure registration process, your activation as a customer, your login, the user administration as well as the generation of the codes for the activation of the courses you have purchased are carried out in the Thieme data centre in Stuttgart on the basis of the software eRights of the company Atypon (5201 Great America Pkwy Student Boardroom, Santa Clara, CA 95054, United States).
You will complete your chosen course on the proven learning platform of BPS Bildungsportal Sachsen GmbH, Bahnhofstr. 6, 09111 Chemnitz.
Depending on the payment method you choose, payment is made directly via one of the payment methods offered (see section “Payment method”).
In the case of chargeable offerings, you usually have the choice between different payment options. Our carefully chosen and certified Swiss payment partner SIX Payment Services (Germany) GmbH, headquartered in Germany at Langenhorner Chaussee 92-94, 22415 Hamburg, is responsible for completing SEPA direct debit or credit card transactions, e.g. in the case of our online portal. You can also use the online payment service PayPal (Europe) S.à.r.l. & Cie, S.C.A, located at 22-24 Boulevard Royal, L-2449 Luxembourg.
In any case, you will only transmit your relevant data to the payment service of your choice exclusively for the agreed purpose . A specialised payment platform is integrated in our offering for this purpose. After successful payment you will be redirected to our site.
This data transmission is of course encrypted in accordance with the current data-security standards. Furthermore, the procedures of both payment partners meet the requirements of the Payment Card Industry Data Security Standards (PCI DSS).
In accordance with the requirements of the GDPR with respect to products and services that we market on the European (German) market, we offer a wide range of different approaches to the appropriate technical design, as well as data protection-compliant defaults. This applies to our entire product range. Further information is available upon request.
You can find detailed data protection information on the use of our video apps "Doctor Film" and "Patient Film" here.
If you register for one of our online seminars, we will retain and use the data you have provided for this purpose for online invitation management including confirmation e-mail, dial-in data and reminder e-mail. After the end of the online seminar, all interested parties will receive a final e-mail. In addition, the participants will receive a link to provide feedback online. We would appreciate it if you take some time to let us know whether you are satisfied or possibly see some opportunities to improve. The survey is voluntary and only serves quality assurance purposes. If subsequent questions arise, we will use your data to handle them in our system. The online invitation management and performance of the online seminars are provided by our carefully selected partner LogMeIn, 320 Summer Street, Boston, MA 02210, USA, on its cloud-based platform. Since the provider is globally active, data is processed globally. Therefore, they provide particularly extensive information on data protection at https://www.logmeininc.com/legal/privacy itself.
We process the data received for the purpose of providing optimum customer service to our users in cooperation with the respectively required body within our corporate group. In this way, we can, for example, save you unnecessary multiple inquiries and can provide you with exactly one contact who will provide you with comprehensive consultation in relation to your specific concern.
We have carefully selected all our partners according to the criteria of the GDPR and contractually committed them to compliance and confidentiality. Each of them will only have access to the personal data needed to fulfil the contractually agreed services.
We will be happy to provide you with a list of all providers who are involved in our online offering (data processor commissioned by us) upon request.
We do not pass on your data to third parties and we of course do not sell your data.
Unless expressly described in the following for individual cases, no processing of personal information outside of the European Union (EU) or the European Economic Area (EEA) takes place, nor is such planned.
Please be aware that when you use our offering on a mobile digital device (e.g. mobile telephone or tablet), you may possibly have allowed for the technical collection, use and transmission of precise location data, including the geographical location of your device. The same applies within the scope of usage terms and conditions of your respective telecommunication provider. We exert no influence over this.
Using our websites is generally possible without providing any personal information. All of the following elements for range measurement and statistics relating to the behaviour of our users serve our legitimate interest in optimising and disseminating our content and products. We work with a pseudonymised form of your data since we do not combine information on user behaviour with personal user profiles. Therefore, even your IP address remains unconnected to any personal information.
Cookies are very small text files that are stored on your computer. They do not cause any damage there and do not contain any personal data about you.
Our publicly accessible offering is basically usable using only the technically necessary cookies (absolutely necessary cookies). These cookies are necessary for the website to function.
On various pages of our offering, additional cookies of different types are used: performance cookies, cookies for marketing purposes and functional cookies. The device-related information stored in the cookies enables us to analyze the use of our offering without personal reference and to recognize your device on your next visit. This makes the use of our website more convenient for you (user-friendliness) and gives us the opportunity to optimize our offering for you.
If you would like to use (or deselect) these and other benefits at a later time, clicking on the cookie settings in the lower right corner of each page will take you back to the Cookie Preference Center.
You can, of course, continue to set your browser to inform you when cookies are set, decide for yourself whether to accept them on a case-by-case basis, or generally exclude acceptance. Further details on this can be found at https://www.aboutcookies.org.
Should you allow cookies, additional detailed information follows below.
Individual pages (demo course on our e-learning courses) and subdomains (aufklaerungsfilme.thieme-compliance.de, e-news.thieme-compliance.de) only use the technically necessary cookies.
By linking to the main domain www.thieme-compliance.de and the Google Analytics used there, Google Analytics cookies (_gid, _gat, _ga) are automatically set on these pages and subdomains as well. A separation between the main domain and the pages or subdomains is not technically possible at this point. Google Analytics is not active on these pages or subdomains and the cookies set thus remain passive. The cookies are not used, the data is not utilized, and there is no user tracking.
We round off our offerings for you in part by linking to carefully selected third-party providers. We cannot assume any liability whatsoever for their own content, nor for their data protection provisions. For technical reasons, third parties will usually also receive at least your IP address. In consideration of our shared responsibility in accordance with GDPR, and in keeping with your best interests, we endeavour to only offer such content where the providers only use the IP address to deliver the content. However, we do not have any influence over whether the third-party providers also store the IP address, e.g. for statistical purposes. If we are aware of it, we will inform you about it.
We offer you the opportunity to intensify your interest in special topics by creating collections of links. We have compiled these Internet sites with care and we check them at regular intervals. However, their rules apply to their offerings, including the processing of your data when you switch to such external websites.
We offer you the opportunity to show your interest in our offering on the social media platforms Xing, Facebook and YouTube.
For this purpose, we have installed the popular “Like” button at the bottom of each page. In order to protect your privacy, we use the “1-click solution,” for which you must first actively click on the provider’s button before your data can be transmitted to them.
If you don’t want these social media networks to assign the data attained via our offering immediately to your respective profile, generally you should log out of the corresponding social media networks prior to visiting one of our offerings. You can also control or prevent the plugins from loading with the corresponding add-on applications for your Internet browser, for example, with a script blocker such as “NoScript” (noscript.net). Alternatively, you can use a browser that offers improved control possibilities for advanced users by default (please see Section 2).
Below are the provider-specific details for the services we provide for you.
If you wish to use some of our other online offerings, we offer access to them via web links on our sites. The official “share” buttons of platforms such as Xing, LinkedIn, Facebook and YouTube transmit personal data when accessing a website containing such elements. Since you do not have any control over this initially, we use icons only containing a link to our offerings on these platforms instead of these active share buttons. In specific sections (e.g. media) for which we assume that you would particularly like to share content with other interested parties, we offer the “Shariff” solution. As in any other case mentioned, the following applies: data are transmitted to the respective platform only after you actively use one of the aforementioned “share” functions. The transmitted data are pseudonymised information only, such as e.g. the IP address, not data directly pertaining to you as an individual.
Our online shop uses social plugins (“plugins”) of the social network facebook.com operated by Facebook Inc., 1601 Willow Rd, Menlo Park, CA 94205, USA ("Facebook"). The plugins can be recognised by means of one of the Facebook logos (white “f” on a blue tile or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin.” You can view the list and appearance of the Facebook social plugins here: https://developers.facebook.com/docs/plugins.
If you access pages of our online shop containing such a plugin, your browser establishes a direct link to the Facebook servers. The content of the plugin is directly transmitted from Facebook to your browser, which integrates it into the website. Therefore, we do not have any influence on the extent of the data collected by Facebook by means of this plugin and therefore inform you according to our level of knowledge.
By integrating the plugin, Facebook receives the information that you have accessed the respective page of our website. If you are logged in with Facebook, Facebook can associate the visit with your Facebook account. If you interact with the plugins, for example by pressing the like button or making a comment, the corresponding information is directly transferred by your browser to Facebook and is stored there. If you are not a member of Facebook, there is still the possibility that Facebook could find and save your IP address.
Please refer to the data privacy provisions of Facebook to learn about the purpose and extent of data collection and its processing and use by Facebook as well as your associated rights and setting options to protect your privacy: http://www.facebook.com/policy.php.
If you are a Facebook member and do not want Facebook to collect data about you using our website and link them with your member data stored by Facebook, you have to log out prior to visiting our website.
You can block social plugins with add-on applications for your browser, in this case for example with the “Facebook Blocker.”
Our online offerings use the “+1′′ button of the social network Google Plus operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). The button can be identified by a “+1” sign on a white or coloured background. If you access a page of our offerings including one or several of those buttons, the browser establishes a direct connection to the Google servers. The content of the buttons is directly transmitted from Google to your browser, which integrates it into the website. We do not have any influence on the extent of the data collected by Google by means of this button.
According to Google, no personal information is collected by clicking on the button. Such data, including the IP address, are collected and processed only for members who are logged in. Please refer to the data privacy provisions of Google to learn about the purpose and extent of data collection and its processing and use by Google as well as your associated rights and setting options to protect your privacy: https://policies.google.com/privacy.
Our websites use applications of Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
As a comfortable way to plan your route to us, we offer Google Maps on our site. If you use our online offerings, you consent to the additional collection, processing and storage of your data by Google, its representatives or third parties.
You can find detailed, current information on data processing by Google at the following links:
- Further details in the data safety centre: http://www.google.de/intl/de/policies/privacy
- Special usage terms and conditions for Google Maps: https://www.google.com/intl/de_US/help/terms_maps.html
With the WhatsApp “Share” button, we offer you the option of directly and straightforwardly sending interesting content to selected contacts. This function is a hyperlink which is transmitted to WhatsApp on your device and only contains referrer information (name of the website). Any other functionality remains completely within your sovereignty of use on the device. In contrast to other platforms such as Facebook, no transmission takes place to publicly accessible websites.
We round off our offerings to you by linking to carefully selected third-party providers. Thieme Compliance GmbH will check the offerings of these providers but, in the end, it cannot accept any responsibility for their content or data privacy provisions. Therefore, you should always exercise caution.
We implement a wide range of technical and organisational measures to adequately protect your data while it is processed. This entails us pursuing the protection goals of confidentiality, integrity (completeness and correctness of data), availability and accountability (authenticity). Below are a few examples of our concept.
If you access third-party sites and files within our offerings and thereby transmit personal information, please note that this transmission of data on the Internet may be unsecured and data may therefore come to the attention of unauthorised persons.
Please be aware that we currently (still) have no influence over the collection and use of your data if you visit or use offerings from us made available by third parties (for example on YouTube, as described above). This applies for all interaction possibilities offered, such as the leaving of image/audio material or comments, unless these are transmitted to our company in a manner that would be expressly recognisable for you, e.g. by e-mail. The responsible body is the operator of the platform you have visited and used. The data protection notifications and declaration there apply.
Thieme Compliance GmbH, Am Weichselgarten 30a, 91058 Erlangen
Telephone: +49 9131 93406-40, E-Mail: firstname.lastname@example.org.
Data Protection Officer
You can contact our Data Protection Officer Ms. Blossey at any time should you have any questions or enquiries relating to data-protection matters. She can be best reached via e-mail: email@example.com.
Competent Supervisory Authority
You can exercise your right to submit a complaint with any supervisory authority; the one responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht [Bavarian State Office for Data Protection Supervision] (BayLDA)
Postal address: Promenade 18, 91522 Ansbach
Telephone: +49 981 180093-0, E-Mail: firstname.lastname@example.org.
Here you can find the data protection information.