+49 9131 93406-40 Rückruf Support Downloadbereich Kontakt Newsletter
| Kontakt | Thieme Gruppe

Data Protection Information

Version: 10.06.2020 – This page is updated at irregular intervals. In order to ensure optimum transparency, we therefore recommend that you frequently visit this page.

When you use the services that constitute our online offering (hereafter referred to as “offering”), you declare your acceptance as a user that we, as the responsible body (detailed information in Item 6) in the sense of the data protection, will collect, process and use the listed data in the manner described. Should you request us to, we will be happy to provide you with a list of all our online offerings.

Furthermore, within the context of your rights in accordance with Article 12 ff. of the General Data Protection Regulation (GDPR), this webpage informs you about the nature, purpose and scope of the collection, as well as the use of personal data as part of our offering. The legal framework for this is provided, among other legislation, by the EU’s General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), the Telemedia Act (TMG), as well as further detailed regulations. We update this information where required and recommend that you visit this webpage again the next time you visit the website.

If you wish to contact us to defend your rights as a user, please refer to Item 6 for the appropriate contact. No fees apply in this case except for the transmission fees in accordance with the base rates.
 

Table of contents

1. Legal basis
2. Methods, extent and purpose of collecting, processing and using data; data recipient
3. Procedures used to optimise our offerings
4. Additional applications of our offering (third-party providers & social media)
5. Protecting your rights as the aggrieved party (example)
6. Contact for further questions/suggestions relating to data protection

1. Legal basis

We only collect, save and use the data that you provide when using our online offering within the legally permissible framework, and on the basis of

  • a contract or a relationship of trust similar to that created by a contract (Art. 6 (1b) GDPR), e.g. using copyright protected content,
     
  • a statement of consent (Art. 6 (1a) GDPR), e.g. newsletter order,
     
  • a legal obligation (Art. 6 (1c) GDPR), e.g. provider identification in the imprint,
     
  • the legitimate interests of our company (Art. 6 (1f) GDPR), as long as the interests, fundamental rights and basic freedoms of the person affected do not outweigh the former interests; legitimate interests are, for example, proper functioning, the safety and ease with which the user interface for our online offering can be used with the help of the optimisation procedure (please see Section 3) or also the announcement made by our company on Internet platforms such as Xing, LinkedIn, YouTube or Facebook.

2. Methods, extent and purpose of collecting, processing and using data; data recipient

Personal data are information that allow a conclusion to be made with respect to you as an individual. This includes data such as names, contact details, photographs, information regarding interests and hobbies or memberships, as well as data collected in technical systems such as, for example, the IP address of your Internet provider (ISP or web host).

Data collected by the system and protection of your personal privacy

We collect data in the form of service log files every time our offering is accessed. These log files contain the name, date and time the website was visited, file names, transmitted data volumes, server-access status (file transmitted, file not found, command not carried out, etc.), type and version of browser, as well as the specific browser settings such as country or language characteristics, user’s operating systems, device information (e.g. device number such as UDID, type of device), previously visited websites (referrer), IP address, enquiring provider, and the access method/function sought by the requesting computer (PC, mobile, remote access etc.).

We only use these protocol data for the purpose of evaluating the operation, as well as the security and optimisation of your offering. No references to individuals exist, nor are such envisaged. In individual cases, we reserve the right to examine protocol data in detail if concrete indications exist that give rise to justified suspicions of illegal use.

Symptom checker for the novel coronavirus

We are currently offering a symptom checker for COVID-19. We have put together a few questions about your state of health that you can use to pre-assess typical factors for the disease. Your answers on this special page are particularly sensitive information about your state of health. To ensure that these are optimally protected, we have implemented our symptom checker so that your personal data remain exclusively with you.

You enter your data yourself in an Internet browser locally on the Internet-enabled device of your choice. The subsequent evaluation of your answers is also carried out locally on this page using a Javascript function. This enables the evaluation during the active session to be carried out exclusively locally in the Internet browser on the device that you use. The same applies to the print function. Your answers will not be passed on either to Thieme Compliance or to any third parties.

Enquiries & newsletter

When you contact us using a contact form, by e-mail or over the telephone, we save and use your details within the context of the indicated business purpose or in order to process your enquiry. We do not pass on your data to third parties without there being a legal basis to do so and we of course do not sell your data.

If you wish, we will be happy to send you information on our products and services. For this purpose, you can sign up to receive various newsletters. For this we require your e-mail address, which we will check with respect to validity before the order becomes effective. Furthermore, we ask for your title, first name and surname in order to offer you optimum service (addressing with the correct name, for example).

You can also provide your business address in the case of offering enquiries.

Digital job applications

If you digitally transmit your application documents to us, we will process them within the course and for the duration of the application process of the position you have indicated. In the case of an unsolicited application, we will allocate you to positions you may be eligible for. After the advertised position has been filled, your data will be kept on file for six months at most to enable us to address any legal claims. Upon expiration of this retention period, the data will be deleted immediately in compliance with applicable data protection law. If indicated, we may request your written consent to retain your data for a longer period (of up to two years) if there is the option to take you into consideration for any later vacancies.

Registration function, presupposed and / or express consent

If you would like to use a specially protected application of our offering, e.g. our portal solution or the request for a demo version of our software, we need – partly legally required – mandatory data to process your request and/or order. The contact forms follow the principle of data minimisation; mandatory fields are identified accordingly.

Where we may presuppose your consent to the use of the data you have provided us with or where an expressly demonstrable consent is actively required from you, we will inform you before sending your data about the purposes of the processing and your rights.

You must explicitly confirm any consent you have actively given online and subsequently by e-mail. Only then will we record your consent in our customer database. The data transfer is encrypted in accordance with the current security standard. If you revoke your consent, the entry in the customer database will be updated accordingly. In addition, we include your contact details in our “internal block list,” which is kept separate from the database. This is the only way we can avoid your being unintentionally contacted again, for example due to a reset of your status by a back-up data recovery of the database.

Orders, purchases & customer satisfaction

Within the framework of your order, whether submitted online, orally, in writing, by telephone, by fax or by e-mail, we collect, process and save the business data required for the transaction. The use of data is done so on the basis of the contract or contract initiation.

As part of our ISO certification, we are obligated to perform a short customer satisfaction survey at regular intervals (approx. four times a year). Depending on the product or service, this entails that you will either get an online notification or an e-mail with a link to where you can provide your feedback online. We would appreciate it if you took some time to let us know whether you are satisfied or possibly see some opportunities to improve. The survey is voluntary and anonymous, and its only purpose is quality assurance for our products and services. If you do not wish to receive this evaluation e-mail (any longer), please just send a short notice to service@thieme-compliance.de.

E-learning offerings for medical facilities and / or individual users

We offer various courses on patient education as an e-learning solution. It often happens that customers want to purchase additional products from the publishing group. We therefore manage the purchase and use of our e-learning products partly via the online shop, the billing routine and the support service of the Georg Thieme publishing group. You buy your desired license from the online shop of Georg Thieme Verlags GmbH. In this way, you only have to register once for all products offered by the publishing group.                                                          

For the purpose of invoicing, the Georg Thieme Verlags GmbH informs us by e-mail about the you have products. For this purpose we need the date of purchase, name, address, product descriptions, invoice amount and any special features of your order. As a rule, the relevant e-mails are forwarded to us.

The technically up-to-date secure registration process, your activation as a customer, your login, the user administration as well as the generation of the codes for the activation of the courses you have purchased are carried out in the Thieme data centre in Stuttgart on the basis of the software eRights of the company Atypon (5201 Great America Pkwy Student Boardroom, Santa Clara, CA 95054, United States).

You will complete your chosen course on the proven learning platform of BPS Bildungsportal Sachsen GmbH, Bahnhofstr. 6, 09111 Chemnitz.

Depending on the payment method you choose, payment is made directly via one of the payment methods offered (see section “Payment method”).

Payment method

In the case of chargeable offerings, you usually have the choice between different payment options. Our carefully chosen and certified Swiss payment partner SIX Payment Services (Germany) GmbH, headquartered in Germany at Langenhorner Chaussee 92-94, 22415 Hamburg, is responsible for completing SEPA direct debit or credit card transactions, e.g. in the case of our online portal. You can also use the online payment service PayPal (Europe) S.à.r.l. & Cie, S.C.A, located at 22-24 Boulevard Royal, L-2449 Luxembourg.                                                          

In any case, you will only transmit your relevant data to the payment service of your choice exclusively for the agreed purpose . A specialised payment platform is integrated in our offering for this purpose. After successful payment you will be redirected to our site.

This data transmission is of course encrypted in accordance with the current data-security standards. Furthermore, the procedures of both payment partners meet the requirements of the Payment Card Industry Data Security Standards (PCI DSS).

Product data protection

In accordance with the requirements of the GDPR with respect to products and services that we market on the European (German) market, we offer a wide range of different approaches to the appropriate technical design, as well as data protection-compliant defaults. This applies to our entire product range. Further information is available upon request.

You can find detailed data protection information on the use of our video apps "Doctor Film" and "Patient Film" here.

Online seminar

If you register for one of our online seminars, we will retain and use the data you have provided for this purpose for online invitation management including confirmation e-mail, dial-in data and reminder e-mail. After the end of the online seminar, all interested parties will receive a final e-mail. In addition, the participants will receive a link to provide feedback online. We would appreciate it if you take some time to let us know whether you are satisfied or possibly see some opportunities to improve. The survey is voluntary and only serves quality assurance purposes. If subsequent questions arise, we will use your data to handle them in our system. The online invitation management and performance of the online seminars are provided by our carefully selected partner LogMeIn, 320 Summer Street, Boston, MA 02210, USA, on its cloud-based platform. Since the provider is globally active, data is processed globally. Therefore, they provide particularly extensive information on data protection at https://www.logmeininc.com/legal/privacy itself.

Data transfer

We process the data received for the purpose of providing optimum customer service to our users in cooperation with the respectively required body within our corporate group. In this way, we can, for example, save you unnecessary multiple inquiries and can provide you with exactly one contact who will provide you with comprehensive consultation in relation to your specific concern.

We have carefully selected all our partners according to the criteria of the GDPR and contractually committed them to compliance and confidentiality. Each of them will only have access to the personal data needed to fulfil the contractually agreed services.

We will be happy to provide you with a list of all providers who are involved in our online offering (data processor commissioned by us) upon request.

We do not pass on your data to third parties and we of course do not sell your data.

Unless expressly described in the following for individual cases, no processing of personal information outside of the European Union (EU) or the European Economic Area (EEA) takes place, nor is such planned.

Mobile use

Please be aware that when you use our offering on a mobile digital device (e.g. mobile telephone or tablet), you may possibly have allowed for the technical collection, use and transmission of precise location data, including the geographical location of your device. The same applies within the scope of usage terms and conditions of your respective telecommunication provider. We exert no influence over this.

3. Procedures used to optimise our offerings

Using our websites is generally possible without providing any personal information. All of the following elements for range measurement and statistics relating to the behaviour of our users serve our legitimate interest in optimising and disseminating our content and products. We work with a pseudonymised form of your data since we do not combine information on user behaviour with personal user profiles. Therefore, even your IP address remains unconnected to any personal information.

Cookies

Different types of cookies are used on the various pages of our offerings. Cookies are very small text files which are stored on your computer. They do not do any damage there and do not contain any personal data about you whatsoever. This device-specific information saved in the cookies enables us to analyse the usage of our offerings without any references to individuals and to recognise your device on your next visit. This makes it easier for you to use our websites (user-friendliness) and gives us the opportunity to optimally shape our offering to meet your needs.

In your browser, you can adjust your settings so you are informed about cookies being applied. You can decide whether you prefer to accept them on a case-by-case basis or generally exclude acceptance. You can find more detailed information for example at https://www.aboutcookies.org.

If for any individual tool you do not approve of the saving and evaluation of your data, you can prevent this by using the method put in place by the respective provider described below. In this case, an “Opt-Out” cookie is saved on your browser, which recognises that no session data may be collected.

Please be aware that the complete deletion of all your cookies by means of the appropriate browser settings will also delete such “Opt-Out” cookies and you will be required to reactivate these on future visits.   

We are currently working on a solution that will allow you to give or revoke selective consent for different types of cookies. Until the earliest possible implementation, we ask you for your implied consent to be allowed to use the data as before and/or we invite you to use the above-mentioned options to actively prevent unwanted cookies.

Google Analytics & Google ReCAPTCHA

This website uses Google Analytics, a web analytics service provided by Google, Inc. (‘Google’). Google Analytics uses cookies to help the website analyze how users use the site. Generally, the information generated by the cookie about your use of the website is transmitted to and stored by Google on a server in the United States. IP anonymisation was activated on this website, so that your IP address will be truncated in Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the whole IP address be transmitted to a Google server in the United States and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet use for the website operator. The IP address conveyed by your browser within the scope of Google Analytics will not be associated with any other data held by Google. You may refuse the storage of cookies by selecting the appropriate settings in your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. You can also prevent your site use data (including your IP address) generated by the cookie from being collected and used by Google by downloading and installing the Opt-out Browser Add-on at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Our websites partially use the ReCAPTCHA service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA to protect you when contacting us using an online form. The monitoring is intended to distinguish whether the input is made by a human or abusively by automated computer processing (spam). The monitoring includes transmission of your IP address and possibly additional data required by Google for the ReCAPTCHA service to Google, who processes your input in this application. If you wish to avoid your IP address being associated with your Google profile, you should log out from Google before using our contact form.

For more information on the use of your data by Google, please refer to the service provider’s privacy policy at https://policies.google.com/privacy?hl=de.

4. Additional applications of our offerings (third-parties & social media)

We round off our offerings for you in part by linking to carefully selected third-party providers. We cannot assume any liability whatsoever for their own content, nor for their data protection provisions. For technical reasons, third parties will usually also receive at least your IP address. In consideration of our shared responsibility in accordance with GDPR, and in keeping with your best interests, we endeavour to only offer such content where the providers only use the IP address to deliver the content. However, we do not have any influence over whether the third-party providers also store the IP address, e.g. for statistical purposes. If we are aware of it, we will inform you about it.

Collection of links

We offer you the opportunity to intensify your interest in special topics by creating collections of links. We have compiled these Internet sites with care and we check them at regular intervals. However, their rules apply to their offerings, including the processing of your data when you switch to such external websites.

Use of social plugins or simple links

We offer you the opportunity to show your interest in our offering on the social media platforms Xing, Facebook and YouTube.

For this purpose, we have installed the popular “Like” button at the bottom of each page. In order to protect your privacy, we use the “1-click solution,” for which you must first actively click on the provider’s button before your data can be transmitted to them.

If you don’t want these social media networks to assign the data attained via our offering immediately to your respective profile, generally you should log out of the corresponding social media networks prior to visiting one of our offerings. You can also control or prevent the plugins from loading with the corresponding add-on applications for your Internet browser, for example, with a script blocker such as “NoScript” (noscript.net). Alternatively, you can use a browser that offers improved control possibilities for advanced users by default (please see Section 2).

Below are the provider-specific details for the services we provide for you.

Social media plugins

If you wish to use some of our other online offerings, we offer access to them via web links on our sites. The official “share” buttons of platforms such as Xing, LinkedIn, Facebook and YouTube transmit personal data when accessing a website containing such elements. Since you do not have any control over this initially, we use icons only containing a link to our offerings on these platforms instead of these active share buttons. In specific sections (e.g. media) for which we assume that you would particularly like to share content with other interested parties, we offer the “Shariff” solution. As in any other case mentioned, the following applies: data are transmitted to the respective platform only after you actively use one of the aforementioned “share” functions. The transmitted data are pseudonymised information only, such as e.g. the IP address, not data directly pertaining to you as an individual.

Facebook

Our online shop uses social plugins (“plugins”) of the social network facebook.com operated by Facebook Inc., 1601 Willow Rd, Menlo Park, CA 94205, USA ("Facebook"). The plugins can be recognised by means of one of the Facebook logos (white “f” on a blue tile or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin.” You can view the list and appearance of the Facebook social plugins here: https://developers.facebook.com/docs/plugins.

If you access pages of our online shop containing such a plugin, your browser establishes a direct link to the Facebook servers. The content of the plugin is directly transmitted from Facebook to your browser, which integrates it into the website. Therefore, we do not have any influence on the extent of the data collected by Facebook by means of this plugin and therefore inform you according to our level of knowledge.

By integrating the plugin, Facebook receives the information that you have accessed the respective page of our website. If you are logged in with Facebook, Facebook can associate the visit with your Facebook account. If you interact with the plugins, for example by pressing the like button or making a comment, the corresponding information is directly transferred by your browser to Facebook and is stored there. If you are not a member of Facebook, there is still the possibility that Facebook could find and save your IP address.

Please refer to the data privacy provisions of Facebook to learn about the purpose and extent of data collection and its processing and use by Facebook as well as your associated rights and setting options to protect your privacy: http://www.facebook.com/policy.php.

If you are a Facebook member and do not want Facebook to collect data about you using our website and link them with your member data stored by Facebook, you have to log out prior to visiting our website.

You can block social plugins with add-on applications for your browser, in this case for example with the “Facebook Blocker.”

+1 button by Google

Our online offerings use the “+1′′ button of the social network Google Plus operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). The button can be identified by a “+1” sign on a white or coloured background. If you access a page of our offerings including one or several of those buttons, the browser establishes a direct connection to the Google servers. The content of the buttons is directly transmitted from Google to your browser, which integrates it into the website. We do not have any influence on the extent of the data collected by Google by means of this button.

According to Google, no personal information is collected by clicking on the button. Such data, including the IP address, are collected and processed only for members who are logged in. Please refer to the data privacy provisions of Google to learn about the purpose and extent of data collection and its processing and use  by Google as well as your associated rights and setting options to protect your privacy: https://policies.google.com/privacy.

Google AdServices & Google Maps

Our websites use applications of Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.  

Google Adservices uses cookies to collect information on user behaviour. In addition, Google uses “web beacons,” invisible graphics transmitting personal information and activities to the servers of Google in the USA via the IP address, where they are further processed or stored. You can prevent the collection and further processing of your data by this application by deactivating the execution of Java scripts in your browser or installing an application that suppresses such scripts.

As a comfortable way to plan your route to us, we offer Google Maps on our site. If you use our online offerings, you consent to the additional collection, processing and storage of your data by Google, its representatives or third parties.

You can find detailed, current information on data processing by Google at the following links:

- Further details in the data safety centre: http://www.google.de/intl/de/policies/privacy
- Special usage terms and conditions for Google Maps: https://www.google.com/intl/de_US/help/terms_maps.html

XING

We offer you the use of the XING “Share” button. This service is provided by XING AG, Dammtorstraße 30, 20354 Hamburg, Germany. When you access this website, a connection to the servers of XING AG (“XING”) is established through your browser; these provide the button functions (in particular calculating/displaying the counter value). XING does not store any of your personal information when you access this website; in particular, it does not store any IP addresses. There is no analysis of your usage behavior via the use of cookies in connection with the XING “Share” button  The current data protection information can be found on this website: https://www.xing.com/app/share?op=data_protection.

LinkedIn

We offer you the use of the LinkedIn “Share” button. This service is offered by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If you access a page of our website including this button, the browser establishes a direct connection to the LinkedIn servers. The provider will be informed of your visit on our website, including your IP address. No analysis of how you use the website takes place via the use of cookies. You can find more information at https://www.linkedin.com/legal/privacy-policy?_l=de_DE.

WhatsApp

With the WhatsApp “Share” button, we offer you the option of directly and straightforwardly sending interesting content to selected contacts. This function is a hyperlink which is transmitted to WhatsApp on your device and only contains referrer information (name of the website). Any other functionality remains completely within your sovereignty of use on the device. In contrast to other platforms such as Facebook, no transmission takes place to publicly accessible websites.

Links to offerings from other providers (third-parties)

We round off our offerings to you by linking to carefully selected third-party providers. Thieme Compliance GmbH will check the offerings of these providers but, in the end, it cannot accept any responsibility for their content or data privacy provisions. Therefore, you should always exercise caution.

5. Protecting your rights as the aggrieved party (example)

We implement a wide range of technical and organisational measures to adequately protect your data while it is processed. This entails us pursuing the protection goals of confidentiality, integrity (completeness and correctness of data), availability and accountability (authenticity). Below are a few examples of our concept.

  • The data transfer of our offering is encrypted in accordance with the current security standard.
     
  • The access to and accessing of the data processing systems is done by means of a dedicated authorisation procedure that is checked regularly. Statistics relating to the use of our online offering are either created by the system or our service provider, and they also do not contain any personal reference.
     
  • Collected data are usually at least pseudonymised for analysis, which is exclusively carried out by authorised employees who are obligated to maintain data protection and who are regularly trained and sensitized with respect to the importance of compliance.
     
  • If business partners work for us as part of  data processing (outsourcing), they are carefully selected and contractually obligated to maintain data protection in compliance with the legal provisions. The compliance with the agreement is checked on site as needed.
     
  • You can revoke the consent for the storage and use of the data that you have provided to us at any time, as long as this is not required in order to fulfil the terms of the contract or a corresponding legal requirement (e.g. prescribed retention periods). You can direct your revocation in any form you wish with effect for the future to the competent authority as listed at the end of the document. You will not incur any further costs apart from the connection costs at basic tariffs. Your revocation will be compared with an internal blacklist prior to each new selection to ensure that we will not contact you again unintentionally. You can also revoke this use at any time; however, we could then not rule out our contacting you again, e.g. after purchasing addresses or a back-up data recovery.
     
  • The duration that your data are saved with respect to our online offering is based on the purpose for which it was transmitted and is carried out in compliance with the legal provisions. It is also in our interest not to hold your data in our system for longer than is necessary. We determine the minimum duration of storage within the context of the description of our processing activities; appropriate technical rules and procedures are used to determine the deletion deadlines and initiate the destruction of data that is no longer required, as far as technically possible.
     
  • As a user, you have the right to receive information about the personal data saved about your person free of charge. You also have the right to have any incorrect data corrected, its usage limited or have your personal data deleted to the extent that it is not required in order to fulfil the contract and when the deletion is not in contradiction of the legal storage obligations. No fees apply in this case except for the transmission fees in accordance with the base rates. The right to have your data transferred is currently not foreseen in our online offering because you do not provide us with any suitable information online. If you are of the opinion that our data processing is not in compliance with the legal requirements, we would be grateful if you would notify us. Your right to lodge a complaint with a supervisory authority remains unaffected.
     
  • In order to ensure the effectiveness and sustainability of the data protection measures implemented, not only the company management (as those responsible), the data protection and the compliance departments are available, but also a standardised approach to continuous optimisation of our data protection level and experienced external data protection experts.

If you access third-party sites and files within our offerings and thereby transmit personal information, please note that this transmission of data on the Internet may be unsecured and data may therefore come to the attention of unauthorised persons.

Please be aware that we currently (still) have no influence over the collection and use of your data if you visit or use offerings from us made available by third parties (for example on YouTube, as described above). This applies for all interaction possibilities offered, such as the leaving of image/audio material or comments, unless these are transmitted to our company in a manner that would be expressly recognisable for you, e.g. by e-mail. The responsible body is the operator of the platform you have visited and used. The data protection notifications and declaration there apply.

6. Contact for further questions/suggestions relating to data protection

Responsible Party
Thieme Compliance GmbH, Am Weichselgarten 30a, 91058 Erlangen
Telephone: +49 9131 93406-40, E-Mail: info@thieme-compliance.de.

Data Protection Officer
You can contact our Data Protection Officer Ms. Blossey at any time should you have any questions or enquiries relating to data-protection matters. She can be best reached via e-mail: datenschutz@thieme-compliance.de.

Competent Supervisory Authority
You can exercise your right to submit a complaint with any supervisory authority; the one responsible for us is:

Bayerisches Landesamt für Datenschutzaufsicht [Bavarian State Office for Data Protection Supervision] (BayLDA)
Postal address: Promenade 18, 91522 Ansbach
Telephone: +49 981 180093-0, E-Mail: poststelle@lda.bayern.de.


Here you can find the data protection information.

Thieme einfach besser