Data Protection Statement

As at: 14 November 2018

When you use a product/service provided by ecomed-Storck GmbH we process personal data. This may be when you use our website, when you order our products or when we communicate with each other. We would like to take the opportunity here to explain to you how we protect your data.

The data remains confidential and is only processed for the purpose we inform you about when we collect your data. The processing of your data takes place only within the scope of the statutory provisions. The provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (new version) (BDSG-Neu) form the benchmark for this. We use technical and organisational measures to protect your data against manipulation, loss, destruction and access by unauthorised persons. These measures are reviewed and adapted regularly.

We generally process personal data when this is necessary for the provision of a functioning service or product.

For a uniform and more transparent description we have presented the information for you in chapters on the nature, scope and purpose of the data processing respectively. As well as this you will find the legal bases for the processing and information on the period of storage. If a transfer of data is made to third parties or what are known as third countries, we mention such transfers in the respective chapter.

In the case of data transfer outside the European Union, the high level of European data protection in principle does not exist. In the case of such a transfer it is possible that no adequacy decision by the EU Commission within the meaning of Article 45(1)(3) GDPR yet exists.



Use of our digital products

You can use our digital products at any time with or without registration, depending on the product. This applies for our websites and the mobile applications provided by our company.

For some/special website content, such as the personal area of the online shop (“My Account”), the use of online products, specialist forums and digital newspaper archives, the maintenance of entries in address book databases and the activation of additional downloads for products or the downloading of e-books, it may be necessary to log in after initial registration.



Log files

When you visit our websites we collect data on each access to the server on which this service is located (log files). The log files contain the URL of the website visited, the dataset, date and time of the visit, volume of data transferred, notification of successful data retrieval, the browser type and version, the user’s operating system, the referrer URL (of the website visited before), the IP address and the requesting provider.

As we require this data for technical purposes in order to display our websites and apps to you and to ensure stability and security, and in doing so are able to offer in particular protection against misuse, we have a legitimate interest within the meaning of Article 6(1)(f) GDPR in the data processing, the security of which we guarantee by means of state-of-the-art protective measures.

The data is also stored in our system’s log files. This data is not stored together with any other personal data relating to you. The data is generally deleted after 30 days.

As the collection of the data to provide the website and store the data in log files is essential for operating the website, you have no opt-out option here.

Your data is passed on to our hosting and IT service providers.



Cookies and tracking

Our website uses cookies. Cookies are text files that the Internet browser stores on the user’s computer in order to make the user’s experience more efficient, to provide certain functions or to enable certain analyses. A cookie contains a string of characters which allows the browser to be clearly identified when the website is visited again.

In order to measure the success and reach of our websites we conduct analyses of user behaviour (web analyses). For this we regularly use what are known as tracking tools.

There are three different types:

  • Technically necessary cookies
  • Tracking tools for usage analysis
  • Tracking tools for use-based online advertising (OBA)

 

Technically necessary cookies

We use cookies to make our website more user-friendly. Some elements of our website require the accessing browser to be identified even after changing pages. The legal basis for the setting and processing of technical cookies is the initiation or performance of a contract according to Article 6(1)(1)(b) GDPR as well as our legitimate interest according to Article 6(1)(1)(f) GDPR.

Technically necessary cookies are not essential for the display of our website. However, some functions of the website, such as the shopping basket, personal area, etc. cannot be used properly without these cookies. There is therefore no opt-out option for the user; these cookies can be deactivated by adjusting the settings in the respective browser. Depending on the website and service, different cookies can be used:

These technically necessary cookies are stored for a maximum of 12 months:

  • language: This cookie stores the website’s language for the next visit to the website thereby providing convenience.
  • cookieconsent_dismissed: Stores information as to whether the cookie information has already been displayed to this user, meaning that it does not have to be displayed again.
  • sid, JSESSIONID, mod_auth_openidc_session: Identification number (ID) of the current session to recognise multiple related requests of one user and assign these to one session.
  • BIGipServerlb-hjr-kv_http, BIGipServerlb-hjr-web-5_http, BIGipServerlb-hjr-web-3_http: The cookie set in each case ensures that in the event of a new page access within one session the user is directed to the same server. This is necessary for the security and stability of the data flow during a session, e.g. in the case of payments.
  • __Host-nc_sameSiteCookielax, __Host-nc_sameSiteCookiestrict, ubbt_x: Operation of the website


These technically necessary cookies are valid only for the current session and are deleted after the end of the session:

  • PHPSESSID, ubbt_myid, ubbt_hash, ubbt_mysess, oc[dynamic string of characters]: ID of the current session to recognise multiple related requests of one user and assign these to one session.
  • oc_sessionPassphrase: Encryption/decryption of datasets

Your data is passed on to our hosting and IT service providers.

 


Cookies to control and evaluate banner advertisements

In some of our online content and websites advertising banners are displayed. The frequency of the display of advertising pop-ups is controlled by cookies; these are deleted after 30 days: OAID, OASCAP, OASCAR, OACBLOCK and OABLOCK.

A tracking cookie determines whether and how often a banner is viewed and clicked. Each time a banner is viewed and clicked the IP address is also forwarded to our hosting and IT service providers. The basis for the data processing is our legitimate interest within the meaning of Article 6(1)(f) GDPR. There is no subsequent storage of the IP address, but instead only the aggregated anonymised statistics. As the collection of the data is essential for the provision of the banners, you have no opt-out option in this case. You can, however, prevent the display of advertising banners and thereby also prevent tracking by installing a corresponding ad-blocker plugin in your browser.



Tracking tools for usage analysis

In the case of usage analysis we collect information on the utilisation of our website, e.g. which areas on our site are used and how much. We do not store any information which enables the user to be personally identified. The collected information is merely aggregated and thus evaluated anonymously. The legal basis for this is our legitimate interest according to Article 6(1)(1)(f) GDPR.

We use customary market technology (e.g. “Google Analytics”) to further develop our websites and content to your usage practices.

 

Google Analytics

This website uses Google Analytics, a web-analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google is our contract processor. Google Analytics also uses “cookies”. The information generated by the cookies regarding your use of this website is usually transferred to a Google server in the USA and stored there (safeguard pursuant to Article 44 et seqq. GDPR: Privacy Shield).

We would like to point out that Google Analytics has been extended on this website to include the code “anonymizeIp” in order to guarantee anonymised collection of IP addresses (so-called IP masking). Google uses this to truncate your IP address within member states of the European Union or other signatories to the Agreement on the European Economic Area before sending it to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activity and to provide other services to the website operator relating to website and Internet use. The IP address sent by your browser within the scope of Google Analytics will not be linked to any other data held by Google.

You may prevent cookies being stored on your computer using the appropriate settings on your browser software; however, please note that if you do so you may not be able to use the full functionality of the website. You can also prevent the release of the data generated by the cookies about your use of the Website (including your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Here you can exercise your right to object to the data collection, processing and use by Google Analytics with effect for the future.

You can find more detailed information on the terms and conditions of use and on data protection at https://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/.

If you do not consent to the processing for the purposes mentioned you can object subsequently by the click of a mouse. An opt-out cookie is installed which prevents the collection of your information when you visit this website in the future: Disable Google Analytics?

If you do not object, the following data will be processed:

  • IP address (is stored anonymously): Serves the purpose of creating and changing the cookie information
  • Device-specific data, such as device type, model, operating system, browser type and version: Serves to optimise the website, adapt the content and perform aggregated usage analysis
  • Use-related information such as time of use, duration of use, place of origin: Serves to optimise the website, adapt the content and perform aggregated usage analysis
  • The storage period is 14 months (concerns data at user and event level). Aggregated data is not deleted and is anonymised.

 

Tracking tools for use-based online advertising (OBA)

We use tracking for use-based online advertising to present our users with advertising appropriate to their interests. In addition we use tracking tools to limit the probability of the display of an advertising banner and measure the effectiveness of our advertising measures. We share this information with third parties.

What is evaluated is not the use by you as a person but rather the usage history of your Internet browser (including pages visited, time of visits, session length, etc.). This enables us to present you not simply with general adverts, but also adverts tailored to the web use on your computer.  



Use of Google Remarketing

This website uses remarketing functions provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google is our contract processor. This function presents website users with interest-related adverts within the Google advertising network. The website user’s browser stores cookies, i.e. text files, which are stored on the user’s computer and help to identify them whenever they access websites belonging to the Google advertising network. On these pages the user can then see adverts that relate to content that the user has previously accessed on websites that use Google’s Remarketing function. According to its own information, Google does not collect any personal data during this process. Should you not wish to use Google’s Remarketing function however, you can deactivate this in principle by viewing your ad preferences under https://adssettings.google.com/authenticated and changing the corresponding settings. Alternatively, you can disable the use of cookies for interest-related advertising via the advertising network initiative by following the instructions under http://www.networkadvertising.org/managing/opt_out.asp. Further information on Google Remarketing and Google’s Privacy Policy can be found at: http://www.google.com/privacy/ads/.

If you do not object, the following data will be processed. The legal basis for this is our legitimate interest according to Article 6(1)(1)(f) GDPR. Remarketing cookies last for 90 days; the collected data is also evaluated in an anonymised way with Google Analytics (see ”Google Analytics”).

  • IP address (is stored anonymously): Creation and change of cookie information
  • Device-specific data, such as device type, model, operating system, browser type and version: Recognition of the user when accessing a website in the Google advertising network
  • Usage-based information such as time of use, session length as well as origin: Optimising the presentation of advertisements and adaptation of the related content
  • Website history: Optimising the presentation of advertisements and adaptation of the related content



Login/Registration

Creating a personal account (“My Account”)

You can create a personal account via our website. This is necessary for the use of some of our free and chargeable content.

If you, for example, try out online products without obligation or manage a free subscription to a newsletter via your personal area or wish to activate a download with a download code, we require and collect the following data for the registration:

  • Title, first name and surname to address you directly in your personal account
  • Email address: As a component of your subsequent login
  • Password: To authenticate your login

You can–unless you prefer to place orders as a guest–also use your personal account to purchase items in our online shop. In this case we will require further mandatory information which, however, in the case of a mere account creation is voluntary: Street, house number, postcode, town/city, country for delivery and billing.

You can at any time provide us with further information voluntarily. This includes:

  • Company
  • Title, position or department
  • Telephone number
  • VAT ID

The legal basis for the processing of all data which you provide in your personal account is the initiation or performance of a contract according to Article 6(1)(1)(b) GDPR.

Your account will continue to exist until you revoke or object to this in writing. If you wish to delete your personal account you can request this by email to datenschutz@ecomed-storck.de. You will then no longer be able to benefit from any online content which requires registration.

If you still have any subscriptions or ongoing trial periods for online products, this account cannot for legal reasons be deleted before the end of the agreed (subscription) term.

If you would like to have your personal account deleted, this does not replace the written termination required for an existing subscription for an online product. If you wish to register again for a personal account at a later date, this is possible at any time.

Your data is passed on to our customer service and our hosting and IT service providers.



Social media plugins, social media buttons

You can share the content of our websites on social networks. To integrate social media plugins or social media buttons in a legally watertight way we use the following variants:

Shariff solution

The Shariff solution represents a legally watertight integration of social media plugins or social media buttons. This is a development of the “2 click” solution. The Shariff solution retrieves a script regarding how often a page has already been shared or tweeted. It records the services relating to this contact via the application programming interfaces (APIs) and retrieves the data. The retrieval is made therefore from the server; instead of the user’s IP address only the server address is transferred to Facebook, Google or Twitter. Users are then only directly connected to Facebook, Google or Twitter when they become active. Before this the social networks cannot collect any data about them. This means: As long as the user does not click the link to share content he/she remains invisible to Facebook, Google or Twitter, i.e.no data is processed by the social networks mentioned. If the user clicks the link, the information obligation regarding the collection and processing no longer rests with us, but instead the operator of the social network.

Specific social media plugins or social media buttons used

Content provided by the company use social media plugins form the following providers:

  • Facebook (operator: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA)
  • Twitter (operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)
  • Google+ (operator: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)

These plugins normally collect standard data from you and transfer this to the servers of the respective provider. To safeguard the protection of your privacy we have taken technical measures to ensure that your data cannot be collected by the provider of the respective plugin without your permission. When you access a page on which plugins are integrated, these are initially deactivated. The plugins only become activated when you click the respective symbol and thereby give your consent to your data being transferred to the respective provider. After activation, the plugins also collect personal data such as your IP address and send this to the servers of the respective providers, where this is stored. When you access the website in question, activated social plugins also set a cookie with a unique identification number. This also enables the provider to create profiles about your usage behaviour. This happens even if you are not a member of the social network of the respective provider. If you are a member of the social network of the provider and are logged in to the social network during your visit to this website, your data and information about your visit to the website can be linked to your profile of the social network. We have no influence on the scope of the data collected from you by the respective provider. Please find more detailed information about the scope, nature and purpose of the data processing and about rights and setting options to protect your privacy in the data privacy policy of the respective provider of the social network.

These are available at the following addresses:

Our legitimate interest lies in the aforementioned data processing operations and the purposes pursued by these. The legal basis for this is Article 6(1)(1)(f) GDPR.



Commenting and rating

On our websites you have the option to rate and comment on products and contributions. Your data is passed on to our hosting and IT service providers.

  • Product rating in the shop
    You can submit a star rating and/or comment on products. To do this you will need to create a personal account (see “Creating a personal account”). Your information appears in an anonymised way using your first name and the first letter of your surname. The legal basis for the processing is your consent according to Article 6(1)(1)(a) GDPR. If you at a later date wish to revoke the publication of your rating or comment , please send us an email to datenschutz@ecomed-storck.de, and we will delete your contribution.
  • Commenting on contributions
    You can submit a comment on contributions and be informed by email when new comments have been posted. Your information appears using your name in order to avoid a misuse of the comments function. In order to be able to offer this function we therefore collect your name and your email address. The legal basis for the processing is your consent according to Article 6(1)(1)(a) GDPR. If you at a later date wish to revoke the publication of your comment, please send us an email to datenschutz@ecomed-storck.de, and we will delete your comment.

 

Use of discussion forums

You have the option, for example at www.gefahrgut-foren.de, to exchange views on topics with other users. It is possible to use this forum with a pseudonym. The only precondition for use is the provision of a valid email address. We use this to send system emails (e.g. information about new private messages). You must also provide the country and/or federal state of origin, as discussions can refer to the respective law in the country/state in question. The legal basis for the processing is your consent according to Article 6(1)(1)(a) GDPR. Your data is passed on to our hosting and IT service providers. If you no longer wish to use the forum, please contact us at datenschutz@ecomed-storck.de. We will then delete your account in the forum.



Corporate presence on social networks

ecomed-Storck GmbH maintains a corporate presence on social media. Where we have control over the processing of your data we ensure compliance with the applicable data protection provisions.

Name and address of the controller responsible for the company
As well as ecomed-Storck GmbH, the other controllers responsible for corporate appearances within the meaning on the GDPR as well as other data protection provisions are:

  • Facebook: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
  • Xing: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany
  • YouTube: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

You have autonomous responsibility, however, when you use these platforms and their functions. This applies in particular for the use of the interactive functions (e.g. comments, sharing, rating).
We would like to further point out that in this case your data may be processed outside the territory of the European Union. With respect to US providers that are certified under the “Privacy Shield” scheme, we point out that these providers commit themselves to comply with the data protection standards of the EU.

Purpose and legal basis

We maintain a presence on social media ourselves in order to communicate with visitors to these sites and to inform them in this way about our offerings.
In addition we collect data for statistical purposes in order to develop and optimise the content and make our offerings more attractive. The social networks prepare the data required for this (e.g. total number of page views, website activity and data provided by the visitors, interactions) and make this available. We have no influence over the creation and presentation of this.
In addition, your personal data is processed by the providers of the social media, but also by ecomed Storck GmbH, for market research and advertising purposes. It is therefore possible that, for example, usage profiles are created on the basis of your usage behaviour and the interests becoming evident from this. This enables, among other things, the activation of adverts within and outside the platforms which supposedly match your interests. For this cookies are generally stored on your computer. Independently of this, data can be stored in your usage profile which is not collected directly from your end device. The storage and analysis is also made across multiple devices; this applies in particular, but not exclusively, if you are registered as a member and are logged in on the respective platforms.

Beyond this, we do not collect or process any personal data. The processing of your personal data by ecomed-Storck GmbH is performed on the basis of our legitimate interests in effective information and communication according to Article 6(1)(1)(f) GDPR. If you are asked to consent to data processing, i.e. if you declare your consent by clicking a button or similar (opt-in), the legal basis for the processing is Article 6(1)(1)(a) GDPR, Article 7 GDPR.

Your rights / Opt-out option

If you are a member of a social network and do not wish the network to collect data about you and link your stored member profile on the respective network, you must

  • log out of the respective network before visiting our social media presence,
  • delete the cookies present on your device and
  • close your browser and restart it.
  • After re-registering you are of course recognisable to the network again as a particular user.

For a detailed description of the processing and the opt-out options in each case, please refer to the following links:


Overall you that the following rights with respect to the processing of your personal data: Right to restriction of processing, right of access, right of rectification, right of erasure, right to restriction of processing, right of objection, right to data portability, right to lodge a complaint to the competent authority about the unlawful processing of your personal data.

However, as ecomed-Storck GmbH does not have complete access to your personal data, please contact the providers of the social media directly when asserting these rights as the latter have access to the personal data of their users and can take corresponding action and provide information. Should you still need help, we will of course assist you. Please contact datenschutz@ecomed-storck.de.

Further information / Information on copyright and art copyright legislation

If you wish to publish pictures, text, plans, videos, music, etc. on our Internet presence, you should be aware that in doing so you are possibly assigning all usage rights over to the network, which could ultimately have legal consequences for you if you yourself are not the author and/or right holder.


Embed codes

We use embed codes, i.e. embedded content, e.g. from YouTube, Google Maps or documents and presentations from Google Drive. Technically this is achieved by what is known as framing, a reproduction frame in which the content is displayed by simply adding a supplied HTML link into the code of our website. As soon as the website is accessed, tracking information can be sent and cookies set by the providers of the embeds. If the provider offers what is known as “extended data protection mode”, we make use of this.

Our legitimate interest lies in the aforementioned data processing operations and the purposes pursued by these. The legal basis for this is Article 6(1)(1)(f) GDPR.



EHI

On our website we use the seal “EHI-Approved Online Shop”, a widget of EHI Retail Institute GmbH, Spichernstraße 55, 50672 Cologne (“EHI”). When visiting our website dynamic content (e.g. certificate) is loaded into the widget by EHI servers. In this process your IP address, the previously visited website, date and time of the request, the data volume transferred, the browser type and version, the operating system you use and the requesting provider (referral data) are transferred to the servers of EHI. The data processing is performed on the basis of our legitimate interest in optimising our online content according to Article 6(1)(1)(f) GDPR. Further information on data protection at EHI can be accessed via: http://www.ehi-siegel.de/datenschutz



When you order in our online shop

ecomed-Storck GmbH offers/provides you with many products/services. You can

  • order printed and digital products
  • register for seminars and events for a fee

For this, when you conclude the contract you have to provide your address, contact and communication data as well as possibly, depending on the payment type you selected, your bank and credit card data.

The legal basis for this processing is the initiation or performance of a contract (Article 6(1)(1)(b) GDPR).

After the end of the contract we keep your data for as long as we are required to do so. The deletion usually takes place after no longer than ten years. No automated decision-making, including profiling, takes place.

You have the option of managing your contract data yourself in your personal area (“My Account”). You can find further information on this above under the section Login/Registration.

Your data is also passed on to our payment providers, sales, marketing and collection service providers, such as, for example our delivery and customer service, who support us among other things in the fulfilment of the contract. We bind these providers by contract to neither use your data for their own purposes nor pass it on to third parties, and we regularly monitor compliance with the data protection provisions.



Transfer of data for payment processing

Within the scope of payment processing we pass on your payment data to the bank or respective payment service provider we have commissioned (Article 6(1)(1)(b) GDPR).

The following body processes your bank and/or credit card details for the handling of payments: Heidelberger Payment GmbH, Vangerowstraße 18, 69115 Heidelberg. We would like to point out that Heidelberger Payment GmbH transfers your personal data to further bodies necessary for the processing of the transactions, in particular banks, credit card companies, HPC GmbH, Vangerowstraße 18, 69115 Heidelberg and HUELLEMANN & STRAUSS ONLINESERVICES S.à r.l. 1, Place du Marché, L-6755 Grevenmacher, R.C.S. Luxembourg B 144133, where your personal data is also processed.

Billing data may be transferred to third parties if this is necessary for the purpose of debt collection. In this context we reserve the right in particular to assign our claim to a collection agency or commission such company to collect our claim. We also reserve the right to transfer information about outstanding payments to credit agencies. This always takes place, of course, under strict observance of the statutory provisions.



Transfer for credit checks

If we make a payment or provide a service in advance in order to safeguard our legitimate interests (Article 6(1)(1)(f) GDPR), we obtain a credit check based on mathematical-statistical methods. For first-time orders in our online shop as well as in the case of an order value greater than EUR 150 we also perform a credit check. In these cases the consent required for the transfer of personal data to the credit agency will then be requested.

The credit information is obtained from the following credit agency:

EURO-PRO Ges. für Data Processing mbH
Lindenhof 1- 3
61279 Grävenwiesbach
Tel. 06086 3988-0
Fax 06086 3988-10
info@europro.de
www.europro.de

For this purpose we transmit the personal data required for a credit assessment (first name, surname, address data) to the above credit agency and use the information received on the statistical likelihood of a payment default to make a balanced decision on the justification, execution or termination of the contractual relationship. The credit check may include probability values (score values) calculated on the basis of scientifically recognised mathematical and statistical procedures, taking address data among other things into account. Your interests worthy of protection will be taken into account in accordance with legal requirements.



Online Products

  • Four-week test
    You can request any product via our shop for a four-week free trial. To do this you will need to create a personal account (see “Creating a personal account”). During the trial phase we use your email address to communicate with you about your product trial (initiation of contract according to Article 6(1)(1)(b) GDPR). After the expiry of the trial period your access to the product expires automatically without any further obligation for you. Your personal account will continue to exist until you revoke or object to this.We do not evaluate use within our online products.
  • Activating online components for existing products
    If you have purchased a subscription to products for which online components exist (e.g. in the case of some magazines), you can activate/register for these. During the registration you confirm your activation by email. For this we use the double opt-in-process (DOI), i.e. after registering you receive an email with a confirmation link by which you confirm to us your consent. In this process we collect the following data from you:
    - Time of registration and time of DOI verification: This serves as proof of the DOI
    - Title, first name and surname to contact you personally in connection with the use of the additional components
    - Email address: as a component of your later login
    - Password: To authenticate your login
    - PIN: To establish the authorisation to use the service

    The legal bases for this are your consent (Article 6(1)(1)(a) GDPR) and our contract fulfilment according to Article 6(1)(1)(b ) GDPR.

    The usage right for the additional online components continues to exist for as long as your subscription is active. In addition the login (personal account) continues to exist until you revoke or object to this. If you wish to delete your personal account you can request this by email to datenschutz@ecomed-storck.de.

    Your data is passed on to our customer service and our hosting and IT service providers.



    E-book downloads

    You can purchase an e-book in our online shop or use a download link printed in the book (http://www.ecomed-storck.de/ebook-download).

    If you purchase an e-book in our online shop we require in addition to your data for the processing of the purchase (see “When you order in our online shop“) your email address in order to be able to send you the download link. If you use a scratch code printed in the book we require in addition to the code also the following information:

    • First name, surname to address you directly
    • Email address to send the download link

    The legal basis for this is the fulfilment of the contract according to Article 6(1)(1)(b) GDPR.

    The e-book contains an encrypted digital watermark containing the data of the download (email address, date, time, shop ID, product ID) to protect against abuse of copyright law (unauthorised copying). The legal basis for this is a legitimate interest according to Article 6(1)(1)(f) GDPR.

    Your data is passed on to our hosting and IT service providers as well as to our sales partners for e-books. Your data will continue to be stored for service purposes (e.g. repeated downloads). If an objection/revocation is made in respect of the stored data the service will cease to exist from the time of the objection/revocation.



    Newsletter and messenger services

    Newsletter

    You will receive newsletters from us with specialist content (“Themed newsletters”) if you expressly order these (consent according to Article 6(1)(1)(a) GDPR). For this we use the double opt-in-process (DOI), i.e. after registering on one of our login pages (offered via various websites) you receive an email with a confirmation link by which you confirm to us your consent.
    The following data is collected during registration for the newsletter:

    • Time of registration and time of DOI verification: This serves as proof of the DOI
    • Email address: To send the newsletter and the DOI email
    • Title, first name, surname: Voluntary information if you wish to be addressed personally

    You can unsubscribe from each themed newsletter at any time and revoke your consent to the sending of these by simply clicking the corresponding link at the end of the respective newsletter or by emailing your cancellation/objection to datenschutz@ecomed-storck.de. Once we have received a cancellation/objection for every newsletter and/or there are no longer any specific active subscriptions, the recipient and the related data (see above) is deleted automatically after 14 days. Also in the event that the double opt-in link is not confirmed your data will be deleted after 14 days.

    We evaluate how many people open newsletters by using what are known as tracking pixels, i.e. invisible image files that are linked to the newsletter system. We also evaluate clicks of links in newsletters. Neither are performed on a recipient-specific basis (i.e. personalised), but simply for the entirety of recipients. The collection of this anonymised usage profile enables us to tailor the newsletter content to your interests (legitimate interest, Article 6(1)(1)(f) GDPR). If you do consent to this you can unsubscribe from the newsletter at any time (procedure according to the previous paragraph).

    To evaluate the newsletter use we collect the following data:

    • IP address: Establishment of connection with newsletter system        
    • Click behaviour (measured via prepared links): Measurement of click behaviour
    • Tendency to open newsletter (measured via retrieval of tracking pixels): Measurement of opening behaviour    

    Your data is passed on to our hosting service providers for newsletter management (newsletter system) as well as to IT service providers.  


    Advertising

    By electronic communication (e.g. email)

    We use your email addresses beyond contract-related use also to advertise our own similar goods or services only if you have expressly consented to this (Article 6(1)(1)(a) GDPR) or we are legally entitled to do so (Article 6(1)(1)(f) GDPR).

    If you do not wish to receive any more advertising on this basis you can revoke your consent at any time:

    • by email to datenschutz@ecomed-storck.de
    • by clicking the Unsubscribe link at the end of the email
    • in writing to ecomed‐Storck GmbH c/o Verlagsgruppe Hüthig Jehle Rehm GmbH, Kundenservice, 80289 Munich

    Your personal data is passed on to our newsletter and IT service providers for the advertising purposes mentioned.



    By telephone

    We use your telephone contact details to send you advertising for our similar goods and services only if you only if you have expressly consented to this (Article 6(1)(1)(a) GDPR) or we are legally entitled to do so (Article 6(1)(1)(f) GDPR).

    If you do not wish to receive any more advertising on this basis you can revoke your consent at any time:

    • by email to datenschutz@ecomed-storck.de
    • in writing to ecomed‐Storck GmbH c/o Verlagsgruppe Hüthig Jehle Rehm GmbH, Kundenservice, 80289 Munich

    Your personal data may be passed on to call centre service providers for the advertising purposes mentioned.



    By direct mail

    For our post mailings we sometimes also use addresses offered to us in address trading by address brokers for one-off or multiple use. For the most part we use the following data categories:

    • Surname, first name and address
    • Sector or business name
    • Academic degrees and title
    • Position in the company/institution

    The respective address broker is the controller responsible for compliance with data protection legislation for the original collection of the data, and processes and transfers your data to us on the basis of a balancing of interests according to Article 6(1)(1)(f) GDPR to safeguard legitimate interests of the address broker as well as us as the advertising company. This processing and transfer of data by the address broker occurs only if you have not expressly objected to the aforementioned processing by the broker.
    We also process your data on the basis of a balancing of interests according to Article 6(1)(1)(f) GDPR to safeguard our legitimate interests for advertising purposes and to inform you about our own and similar products or services by post. For these processing activities we are the controller within the meaning of data protection legislation. You can object to the use of your data for advertising purposes both to us and to the relevant address broker at any time with effect for the future:

    • by email to datenschutz@ecomed-storck.de
    • in writing to ecomed‐Storck GmbH c/o Verlagsgruppe Hüthig Jehle Rehm GmbH, Kundenservice, 80289 Munich

    In addition, you will always find on our mailings a data protection statement concerning the relevant address broker stating the relevant address for objections to the address broker.
    If you wish to make use of your right to object to advertising (Article 21(3) GDPR, see Right of objection in this Data Protection Statement), the previously mentioned data necessary to implement the right of objection will be processed for this in a blocking list.



    Competitions

    In the context of competitions, we collect and process the following data relating to you:

    • Email address to notify you of a prize
    • First name, surname, address to be able to send you prizes by post

    The basis for this is a legitimate interest according to Article 6(1)(1)(f) GDPR.

    We are required to keep this personal data of winners for ten years for auditing purposes. Depending on the competition we do not collect the personal data of the remaining participants or we delete this immediately after the end of the competition.

    In all other respects the conditions of participation of the relevant competition apply.



    When you contact us

    To fulfil, execute, maintain and analyse contracts and for market research we may exchange documents by telephone and in writing, but also electronically, e.g. by email (e.g. contract correspondence, billing and debt claim supporting documents, etc.).



    Contact by post, by email, by contact form, etc.

    You have the option to contact us by post, via our email address or by our online contact form. The basis for this is either your consent according to Article 6(1)(1)(a) GDPR, the initiation of a contract or the performance of a contract according to Article 6(1)(1)(b) GDPR.

    In this context we collect and process the following data about you:

    • Title, first name, surname, to be able to address you directly
    • Subject, email address, telephone number, to be able to respond to your matter as directly as possible
    • Address, company address, VAT No., position, customer number, to simplify and improve the processing of your request

    In this process, data that is not absolutely necessary for the type of response requested in the individual case–in particular VAT No., position, customer number–is collected on a voluntary basis.

    The storage time is determined by the respective storage periods applicable under commercial or tax law.

    This data is passed on to our customer service and to internal departments, and is deleted if it is no longer necessary.



    By telephone

    You have the option of contacting us by telephone. For this your telephone number is collected and processed in the telephone system. Depending on the content of your request (e.g. order, request for information about products), your data is recorded, stored and passed on to the relevant responsible contact persons within the company unless you object to this.

    This data is passed on to our customer service and to internal departments, and is deleted if it is no longer necessary.

    The basis for this is either your consent according to Article 6(1)(1)(a) GDPR, the initiation or performance of a contract according to Article 6(1)(1)(b) GDPR, or a legitimate interest according to Article 6(1)(1)(f) GDPR.

    The storage time is determined by the respective storage periods applicable under commercial or tax law.



    Your rights

    The following list covers all data subject rights pursuant to the GDPR. If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:



    Right to information

    You can request confirmation from the controller as to whether we process personal data concerning you.
    If such processing is carried out, you can request details of the following information from the controller:

    1. the purposes for which the personal data is processed;
    2. the categories of personal data which are processed;
    3. the recipients or categories of recipients to whom personal data concerning you has been or will be disclosed;
    4. the planned length of storage of the personal data concerning you or, if it is not possible to provide specific details of this, the criteria for determining the storage period;
    5. the existence of a right to the rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to this processing;
    6. the existence of a right to complain to a supervisory authority;
    7. all available information on the origin of the data, if the personal data is not collected from the data subject;
    8. the presence of automated decision-making including profiling in accordance with Article 22(1) and (4) GDPR and–at least in these cases–meaningful information on the logic involved as well as the significance and the intended consequences of such processing for the data subject.

    You have the right to request information on whether personal data concerning you will be transferred to a third country or to an international organisation. In this regard, you can request information on the appropriate safeguards in accordance with Article 46 GDPR related to the transmission.



    Right to rectification

    You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must carry out the rectification immediately.



    Right to restriction of processing

    Under the following circumstances, you can request the processing of personal data concerning you to be restricted:

    1. for a period enabling the controller to verify the accuracy of the personal data, if you are contesting the accuracy of the personal data concerning you;
    2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of use of the personal data instead;
    3. if the controller no longer needs the personal data for the purposes of the processing, but you need it to establish, exercise or defend your legal rights, or
    4. if you have objected to the processing in accordance with Article 21(1) GDPR and verification of whether the controller’s legitimate grounds override your grounds is still pending.

    If the processing of personal data concerning you has been restricted, this data may, with the exception of storage, only be processed with your consent or to establish, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the EU or of a Member State.

    Where the processing has been restricted under the aforementioned conditions, you will be informed by the controller before the restriction is lifted.


    Right to erasure

    Duty to erase

    You can ask the controller to erase personal data concerning you immediately and the controller is obliged to erase this data immediately where one of the following grounds applies:

    1. The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
    2. You withdraw your consent on which the processing is based in accordance with Article 6(1)(1)(a) or Article 9(2)(a) GDPR and there are no other legal grounds for the processing.
    3. You submit an objection to the processing in accordance with Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you submit an objection to the processing in accordance with Article 21(2) GDPR.
    4. The personal data concerning you was processed unlawfully.
    5. The erasure of personal data concerning you is necessary to fulfil a legal obligation under EU law or the law of a Member State to which the controller is subject.
    6. The personal data concerning you was collected in relation to information society services offered in accordance with Article 8(1) GDPR.

     

    Disclosing information to third parties

    If the controller has made personal data concerning you public and is obliged to delete it in accordance with Article 17(1) GDPR, it shall take reasonable steps, taking into account available technology and implementation costs, including technical measures, to inform controllers who are processing the personal data that you as the data subject, have requested the erasure of all links to this personal data or of copies or replications of this personal data.

    Exceptions

    The right to erasure is not granted if the processing is necessary

    1. to exercise the right to freedom of expression and information;
    2. to fulfil a legal obligation which requires processing in accordance with EU law or the Member States to which the controller is subject or to perform a task that is carried out in the public interest or in the exercise of official authority vested in the controller;
    3. for reasons in the public interest in the area of public health in accordance with Article 9(2)(h) and (i) and Article 9(3) GDPR;
    4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR, if the right set out in (a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or
    5. to establish, exercise or defend legal claims.

     

    Right to information

    If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to inform all recipients to whom the personal data concerning you was disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or would involve a disproportionate effort. You have the right vis-à-vis the controller to information on these recipients.



    Right to data portability

    You have the right to receive personal data concerning you which you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, if

    1. the processing is based on consent in accordance with Article 6(1)(1)(a) GDPR or Article 9 (2)(a) GDPR or on a contract in accordance with Article 6(1)(1)(b) GDPR and
    2. the data is being processed with the help of automated processes.

    In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, where this is technically feasible. The freedom and rights of others may not be adversely affected by this.
    The right to data portability does not apply for the processing of personal data that is necessary to perform a task that is carried out in the public interest or in the exercise of official authority vested in the controller.



    Right to object

    You have the right, for reasons arising from your own particular situation, to object at any time to the processing of personal data concerning you that is performed in accordance with Article 6(1)(1)(e) or (f) GDPR; this also applies to any profiling based on these provisions.

    The controller will no longer process the personal data concerning you, unless it can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing facilitates the establishment, exercise or defence of legal claims.

    Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

    If you object to the processing for direct advertising purposes, the personal data concerning you will no longer be processed for these purposes.

    Notwithstanding Directive 2002/58/EC, you are also entitled in the context of the use of information society services to exercise your right of objection by means of automated procedures for which technical specifications are used.



    Right to withdraw declaration of consent under data protection law

    You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent will not affect the lawfulness of processing carried out based on the consent prior to withdrawal.



    Automated individual decision-making, including profiling

    You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effects for you or similar significant adverse effects for you. This does not apply if the decision

    1. is necessary for the conclusion or fulfilment of a contract between you and the controller,
    2. is permissible under the law of the EU or the Member States to which the controller is subject, and this law contains adequate measures to safeguard your rights and freedoms and your legitimate interests, or
    3. is made with your express consent.

    However, these decisions may not be based on special categories of personal data in accordance with Article 9(1) GDPR, unless Article 9(2)(a) or (g) applies and suitable steps to protect rights and freedoms and your legitimate interests have been taken.

    In the cases stated in (1) and (3), the controller will take suitable steps to safeguard rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your own point of view and to contest the decision.



    Right to lodge a complaint with a supervisory authority

    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you believe that the processing of the personal data concerning you infringes the GDPR. The supervisory authority where the complaint was lodged will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial legal remedy in accordance with Article 78 GDPR.



    Data protection information obligations according to Articles 12, 13, 14 GDPR

    When you use a product/service provided by ecomed-Storck GmbH we process your personal data. At the time of collecting your data we provide you with the most important data protection information concerning processing in a greatly condensed version. We are now providing you with all the detailed information on data protection.

    Data processing controller

    The controller is ecomed-Storck GmbH

    You can contact our data protection officer at datenschutz@ecomed-storck.de  



    The purposes of the data processing and its legal basis

    We process your personal data in the context of fulfilling the contract, customer service and market research and for promotional contact.

    We require your data to be able to fulfil the contract we have concluded with you or in the context of pre-contractual measures made at your request (Article 6(1)(1)(b) GDPR).

    If you have granted us your consent, we also use your data for advertising purposes (Article 6(1)(1)(a) GDPR), provided you have not revoked this consent. For the purposes of verifying your consent we process data according to Article 6(1)(c) in conjunction with Article 7(1) GDPR.

    Insofar as we are legally entitled to use your personal data for advertising purposes we base the processing of your data on Article 6(1)(1)(f) GDPR, i.e. on a legitimate interest. From our point of view our interest in use for advertising purposes is preponderant if this is permissible within the limits set by the law, in particular the Law Against Unlawful Competition (UWG).



    Transfer of data

    We transfer your data, where this is necessary for the above-mentioned purposes, to the following categories of recipient:

    Service providers (internal, intragroup and external) from the areas of delivery, typesetting, printing and logistics, provision/operation/optimisation of online products and data processing systems, customer service/retention, address management, marketing, telecommunication, market research, billing, credit checks, payment processing/tracking as well as certification bodies.
    Under no circumstances do we sell or rent your data to third parties.



    Erasure of your data

    We erase your personal data at the end of the contract, unless statutory retention obligations preclude this. The erasure of your data generally takes place after ten years.

    Your personal data for promotional contact is erased regularly if we have not already processed your consent by this time.

    If you object to the processing, you revoke your consent ,or the legal preconditions for promotional contact no longer apply, we will no longer use your data for promotional contact. For evidence purposes your data will continue to be retained.



    Your rights

    You have the right to information (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of the processing (Article 18 GDPR) and data portability (Article 20 GDPR) as well as a right of objection to the processing (Article 21 GDPR)).

    You also have the right to revoke your consent at any time without affecting the legality of the processing carried out with your consent up to the revocation.

    As we also use your personal data for advertising purposes on the basis of a legitimate interest, we would like to advise you separately about your related right of objection. If you do object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing is intended for the assertion, exercise or defence of legal claims.

    If we process your personal data in order to operate direct advertising, you have under Article 21(2) GDPR the right at any time to object to the processing of your personal data for the purpose of such advertising. If you object to the processing for direct advertising purposes, we will no longer process your personal data for these purposes.

    In addition, you have a right of appeal to the competent data protection authority (Article 77 GDPR).



    Other

    You are neither legally nor contractually required to provide personal data. No automated decision-making, including profiling, takes place. Further information can be found in our T&C at www.ecomed-storck.de/agb.

    Controller and data protection officer
    ecomed-Storck GmbH
    Justus-von-Liebig-Str. 1
    D-86899 Landsberg am Lech

    If you have any questions regarding data protection, please contact us at: datenschutz@ecomed-storck.de

     

    Data protection legal information in the T&C

    We would like to point out that this Data Protection Statement as well as the GDPR information requirements hereby fulfilled apply exclusively for products/services of ecomed-Storck GmbH.

    Please also note the data protection provisions contained in our General Terms and Conditions of Business (T&C), which can be viewed at http://www.ecomed-storck.de/agb. There, we address in particular the processing of your personal data that we require to execute the contracts. In addition, we inform you about the processing of your personal data for the purpose of an identity and credit check.



    Links to other websites

    Our websites may contain links to websites of other providers. We have no influence on these and do not monitor whether other providers comply with the applicable data protection provisions.



    Amendments to the data protection policy

    We reserve the right to change or adapt this Data Protection Statement at any time in compliance with the applicable data protection provisions.

     

    Data Protection Statement as PDF-Download (As at: 14 November 2018)


    You don`t have a PDF Reader? For example you can use the Adobe Reader which you can download here: https://get.adobe.com/de/reader/.

    Log in
     
    How we can help you?
    Customer Service:
    +49 (0)89-2183-7922
    Contact form:

    You are also welcome to use our contact form and we will contact you.

    Contact
    Newsletter subscription

    Subscribe to our Newsletter.

    CUSTOMER SERVICE

    +49 (0)89-2183-7922


    email: service@ecomed-storck.de

    You can also contact us by our
    contact form
    .

     

    PAYMENT METHODS

    Rechnung Bankeinzug Mastercard Visa

    PayPal Giropay Sofortüberweisung

     

    SHIPPING

    dpd 

    SERVICES

     

    LEGAL

    PUBLISHING HOUSE

     

    ONLINE SERVICES

    YOUR BENEFITS

    • Free 4-weeks trial
    • Create fax order form online (via Shopping Cart)
    • Buyer- and Data protection
    • Secure payment with SSL Encryption
    •  

      TESTED FOR SAFETY

       


       

      FOLLOW US

      Facebook ecomed Feuerwehr  XING ecomed-Storck

    All prices are given in EURO including the VAT. The prices are valid by the time of order. For delivery to non-EU countries, please contact us. Please note our shipping info.