Privacy Policy

26.06.2026

Wenn Sie ein Angebot der ecomed-Storck GmbH nutzen, verarbeiten wir personenbezogene Daten. Das kann bei der Nutzung dieser Webseiten sein, bei der Bestellung unserer Produkte oder wenn wir miteinander kommunizieren. Wir möchten an dieser Stelle darstellen, wie wir Ihre Daten schützen.

save as PDF

We take data protection seriously: as a matter of principle, we only process personal data if this is necessary for the provision of a service or offer or if it is provided voluntarily by the user. We also use technical and operational security measures to protect personal data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We regularly review and modernise these precautions.

Privacy policy for applications

If you have applied for a job with us, you will find the necessary data protection information here.

Data protection at a glance

What data do we collect?

  • Inventory data (e.g., names, addresses)
  • Contact details (e.g., email, phone numbers)
  • Content data (e.g., entries in online forms)
  • Payment data (e.g., bank details, invoices, payment history)
  • Contract data (e.g., subject matter of the contract, term)
  • Usage data (e.g., websites visited, interest in content, access times)
  • Meta/communication data (e.g., device information, IP addresses, ID)

How do we collect the data?

We collect the data that is generated when you access our digital offers automatically. Otherwise, we collect data based on your entries or messages or through the use of cookies or similar technologies.

What do we use the data for?

Do we share data?

If you have given your consent or we are otherwise legally authorized to do so, we will pass on your personal data to service providers (e.g., hosting, marketing, sales partners, payment service providers) for the above-mentioned purposes. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data to protect your data.

We transfer personal data to other companies within our group of companies or grant them access to this data for administrative purposes. This transfer of data is based on our legitimate business and economic interests or takes place if it is necessary to fulfill our contractual obligations or if the consent of the data subjects or legal permission has been obtained.

Do we transfer data to third countries?

In order to use our digital services, it may be necessary to transfer certain personal data to third countries, i.e. countries where the GDPR does not apply. However, we only allow your data to be processed in a third country if the specific requirements of Art. 44 ff. GDPR are met and thus an adequate level of data protection is guaranteed in that country. This means that the third country must either have an adequacy decision by the European Commission or suitable safeguards in accordance with Art. 46 GDPR or one of the conditions of Art. 49 GDPR. Unless otherwise stated below, we use the currently valid [standard contractual clauses](https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/? uri=CELEX:32021D0914&from=DE “current version of the standard contractual clauses”) for the transfer of personal data to processors in third countries.

How do we secure the data?

In order to protect your privacy and ensure a level of protection appropriate to the risk, we take technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of threats to the rights and freedoms of natural persons. These measures ensure the confidentiality, integrity, availability, and resilience of your data. This includes, among other things, the use of recognized encryption methods (SSL or TLS) and pseudonymization.

However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions outside our area of responsibility. In particular, unencrypted data disclosed, e.g., by email, may be read by third parties. We have no technical influence on this.

When do we delete the data?

We delete or anonymize your personal data as soon as it is no longer required for the purposes for which we collected or used it.

However, we may still need to store your data until the expiry of the retention obligations and periods imposed by the legislator or supervisory authorities, which may arise from the German Commercial Code, the German Fiscal Code, and the German Money Laundering Act (usually 6 to 10 years). In addition, we may retain your data until the expiry of the statutory limitation periods (i.e., usually 3 years, but in individual cases up to 30 years) if this is necessary for the assertion, exercise, or defense of legal claims. After that, the relevant data will be deleted.

What rights do you have?

  • Information
  • Deletion
  • Correction
  • Objection

You can contact the data protection officer with your request by mail or by email at swmh-datenschutz@atarax.de.

This privacy policy is updated from time to time. The date of the last update can be found at the beginning of this information.

You will find detailed data protection information below.

How we make our content available to you

You can use our digital services at any time, with or without registration, depending on the service. This applies to visiting our websites and using our apps and digital services.

For some/specific services—such as the personal area of the online store (“My Account”), the use of online products, expert forums, and digital magazine archives, as well as the activation of downloads and additional downloads for products or the downloading of e-books—you may be required to log in after completing an initial registration.

Cookies and similar technologies

If cookies, device identifiers, or other personal data are stored or accessed on your device for processing purposes, this is done on one of the legal bases of Art. 6 GDPR.

In order to be able to provide the telemedia service you have expressly requested, we also take into account the provisions of Section 25 of the German Telecommunications Digital Services Data Protection Act (TDDDG), in particular the requirement under Section 25 (2) No. 2 TDDDG.

You can find an overview of the technologies used under Privacy settings.

Types and functions of cookies

Cookies are text files that contain data from visited websites or domains and are stored by a browser on users' devices. A cookie primarily serves to store information about a user during or after their visit to an online offering. The stored information may include, for example, language settings on a website, login status, a shopping cart, or video interactions. The term “cookies” also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as “user IDs”).

There are the following types of cookies and functions:

  • Temporary cookies (also known as session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their browser.
  • Permanent cookies: Permanent cookies remain stored even after the browser is closed. This allows, for example, the login status to be saved or preferred content to be displayed directly when the user visits a website again. Similarly, the interests of users, which are used for reach measurement or marketing purposes, can be stored in such a cookie.
  • First-party cookies: First-party cookies are set and used by us to process user information.
  • Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) or other partners to process user information.
  • Strictly necessary (also: essential or necessary) cookies: These cookies ensure functions without which these digital offerings could not be used as desired. They may be absolutely necessary for the operation of a website, for example to store logins or other user entries, or for security reasons.
  • Analysis and statistics cookies: These cookies enable us to analyze the use of our digital offerings, in particular to measure reach—i.e., clicks, visits, and visitor numbers. The aim is to statistically determine the number of visits and visitors and their surfing behavior (duration, origin) and thus obtain market-wide comparable values. The information collected is evaluated in aggregate form in order to derive improvements and optimizations for our products.
  • Marketing and personalization cookies: Cookies are also used to store a user's interests or behavior (e.g., viewing certain content, using functions, etc.) in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This process is also referred to as “tracking,” i.e., tracking the potential interests of users. If we use cookies or tracking technologies, we will provide separate information about this in our privacy policy or when obtaining consent.

Technical provision and security

When our offer is used, we automatically employ essential technologies and process the following information:

  • Information about the accessing device and the software used
  • Date and time of access
  • Websites from which the user accesses our website or which the user visits via our website
  • IP address

The collection of these logs and their temporary storage and processing are necessary to ensure system security and integrity (in particular to ward off and defend against attempts at attack or damage) and are carried out in accordance with our legitimate interest (§ 25 (2) No. 2 TDDDG, Art. 6 (1) f GDPR).

The storage period for this log data is usually seven days; for reliable detection of AI bots, it is 30 days. From this point on, this specific server log data is anonymized based on our legitimate interest in statistical evaluation to assess AI bots and their impact on our content (Art. 6 (1) f GDPR).

The legal basis for the aforementioned data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

Essential technology

The following tools and cookies are strictly necessary technologies, i.e., essential for providing our services as requested by the user.

The legal basis for the data processing described below is our legitimate interest pursuant to Art. 6 (1) (f) GDPR.

EHI Geprüfter Online-Shop

Wir nutzen auf unserer Website das Siegel „EHI Geprüfter Online-Shop“, ein sogenanntes Widget der EHI Retail Institute GmbH, Spichernstraße 55, 50672 Köln („EHI“). Beim Besuch unserer Website werden von Servern der EHI dynamische Inhalte (z. B. Zertifikat) in das Widget geladen. Dabei werden Ihre IP-Adresse, die zuvor besuchte Website, Datum und Uhrzeit des Abrufs, die übertragene Datenmenge, der Browsertyp nebst Version, das von Ihnen genutzte Betriebssystem und der anfragende Provider (Referrer-Daten) an die Server von EHI übermittelt.

Die Verarbeitung erfolgt aufgrund unseres berechtigten Interesses an einer Optimierung unseres Angebotes nach Art. 6 Abs. 1 S. 1 lit. f) DSGVO.

Weitere Informationen zum Datenschutz bei EHI finden Sie unter: http://www.ehi-siegel.de/datenschutz

Functionality

Cookie Purpose Duration
sid, JSESSIONID, mod_auth_openidc_session Identification number (ID) of the current session, used to recognize multiple related requests from a user and assign them to a single session. 12 months
BIGipServerlb-hjr-kv_http, BIGipServerlb-hjr-web-5_http, BIGipServerlb-hjr-web-3_http The respective cookies ensure that users are redirected to the same server when they refresh a page within a session. This is necessary for the security and stability of data flow during a session, for example, during payments. 12 months
Host-nc_sameSiteCookielax, Host-nc_sameSiteCookiestrict, ubbt_x Website operation 12 months
PHPSESSID, ubbt_myid, ubbt_hash, ubbt_mysess, oc (dynamically generated string) ID of the current session, used to identify multiple related requests from a user and assign them to a session. for the current session
oc_sessionPassphrase File encryption/decryption For the current session
sp_helper_cookie Bot protection 12 months
.AspNet.ApplicationCookie, RequestVerificationToken User authentication Session

Your data is shared with our hosting and IT service providers.

Google Tag Manager

The Google Tag Manager service is an organizational tool that enables us to control services. The tool only uses the IP address to establish a connection to the server and to function technically. Otherwise, no personal data is processed by the tool itself. Tag Manager ensures that other services are only executed if the conditions (tags) specified in Tag Manager are met. This allows us to ensure, for example, that tools requiring consent are only loaded after you have given your consent. Tag Manager does not access the data processed by the tools.

Cookie Purpose Duration Type
consentUUID UniqueUserID to store the user's consent status 12 months Cookie
_sp_su Identification of users for sampling consent rates reporting 12 months Cookie
_sp_user_consent UniqueUserID to retrieve the user's consent status stored in our database if necessary Unlimited Local storage
_sp_local_state Determines whether a user has seen the consent banner so that it is only shown once unlimited local storage
_sp_non_keyed_local_state Information about the metadata and the user's UniqueUserID unlimited local storage

Embeds

We use embeds, i.e., embedded content, such as from YouTube and Google Maps. Technically, this is achieved through a process known as “framing,” a display frame in which the content is shown simply by inserting a provided HTML link into the code of our websites. As soon as the page is accessed, the providers of the embeds may send tracking information and set cookies. If the provider offers what is known as “enhanced privacy mode,” we use it.

Data processing is carried out with your consent (Art. 6(1)(a) GDPR).

Google Maps

Auf einigen Seiten nutzen wir Google Maps (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland) zur Darstellung von Landkarten und geografischen Positionen. Die Nutzung von Google Maps erfolgt im Interesse einer ansprechenden Darstellung unserer Online-Angebote und einer einfachen Auffindbarkeit der angegebenen Orte und erfolgt mit Ihrer Einwilligung nach Art. 6 Abs. 1 S. 1 lit. a) DSGVO.

Bei dem Aufruf einer Webseite mit einer Karte von Google Maps werden von Ihrem Browser automatisch Daten an Google Maps übertragen. Diese Daten werden von Google erfasst und genutzt. Google setzt Cookies ein.

Hier finden Sie nähere Informationen zu Zweck und Umfang der Datenverarbeitung durch Google und Ihre diesbezüglichen Einstellungsmöglichkeiten zum Schutz Ihrer Privatsphäre.

To the top of the section

Social Media Plugins, Social Media Buttons

You can share the content of our websites on social media. To ensure that social media plugins or social media buttons are integrated in a legally compliant manner, we use the following method:

Shariff Solution

The so-called “Shariff” solution provides a legally compliant way to integrate social media plugins or social media buttons. This is a further development of the so-called “2-click” solution. With the Shariff solution, a script retrieves information on how many times a page has already been shared or tweeted. It contacts these services via their application programming interfaces (APIs) and retrieves the data. The request is thus made from the server; instead of the visitor’s IP address, only the server address is transmitted to Meta Platforms, Google, or Twitter. Users are only directly connected to Meta Platforms, Google, or Twitter once they take action. Before that, the social networks cannot collect any data about them. This means that as long as the user does not click on the link to share content, they remain invisible to Meta Platforms, Google, or Twitter—that is, no data is processed by these social networks. However, if the user clicks on the link, the obligation to provide information regarding data collection and processing no longer lies with us but with the operator of the social network.

Eingesetzte Social Media Plugins/Buttons

We use social media plugins from the following providers:

  • Meta Platforms (Operator: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
  • Twitter (Operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)

By default, these plugins typically collect data from you and transmit it to the respective provider’s servers. To ensure the protection of your privacy, we have implemented technical measures that prevent the providers of the respective plugins from collecting your data without your consent (see Shariff solution). When you visit a page that includes these plugins, they are initially disabled. Only when you click on the respective icon are the plugins activated, and by doing so, you consent to your data being transmitted to the respective provider. Once activated, the plugins also collect personal data such as your IP address and send it to the respective provider’s servers, where it is stored. In addition, when you access our digital products, activated social plugins set a cookie with a unique identifier. This allows the providers to create profiles based on your usage behavior. This occurs even if you are not a member of the respective provider’s social network. If you are a member of the provider’s social network and are logged in to that social network while visiting our digital products, your data and information regarding your visit to this website may be linked to your profile on the social network. We have no control over the exact scope of the data collected from you by the respective provider. For more information about the scope, nature, and purpose of data processing, as well as your rights and privacy settings, please refer to the privacy policy of the respective social network provider.

These are available at the following addresses:

The aforementioned data processing activities are carried out only with your consent (Art. 6(1)(a) GDPR).

Comments and Reviews

On our website, you have the option to rate and comment on products or posts. Your data will be shared with our hosting and IT service providers.

  • Commenting on Posts
    You can post a comment on a post and receive email notifications when new comments are posted. Your information will appear alongside your name to prevent misuse of the comment feature. To provide this feature, we therefore collect your name and email address.

The legal basis for this processing is your consent pursuant to Article 6(1)(a) of the GDPR.

Wenn Sie der Veröffentlichung Ihrer Bewertung oder Ihres Kommentars im Nachhinein widersprechen möchten, schicken Sie uns bitte eine E-Mail an datenschutz@ecomed-storck.de und wir löschen Ihren Beitrag bzw. Kommentar.

Nutzung von Diskussionsforen

Zum Beispiel auf www.gefahrgut-foren.de haben Sie die Möglichkeit, sich thematisch mit anderen Nutzern auszutauschen. Die Nutzung dieses Forums ist mit einem Pseudonym möglich. Einzige Voraussetzung zur Nutzung ist die Angabe einer gültigen E-Mail-Adresse. Diese nutzen wir zum Versand von Systemmails (z. B. Information über neue Privatnachrichten) sowie zur Verifizierung des Nutzeraccounts (ggf. verbunden mit einer Kontaktaufnahme durch den Moderator). Außerdem kann das Herkunfts- bzw. Bundesland angegeben werden, da Diskussionen sich auf das jeweilige Recht im betreffenden Land beziehen können. Rechtsgrundlage der Verarbeitung ist Ihre Einwilligung gemäß Art. 6 Abs.1 S. 1 lit. a) DSGVO.

Ihre Daten werden an unsere Hosting- und IT-Dienstleister weitergegeben.

Wenn Sie den Dienst nicht mehr nutzen wollen, wenden Sie sich bitte an datenschutz@ecomed-storck.de. Wir löschen dann Ihren Account im Forum.

Registration

You can create a personal account (“My Account”) on our website. This is required to use some of our free and paid services.

For example, if you want to manage online products or newsletters through your personal account or access a download using a download code, we need the following information to register you:

  • Email address: As part of your future login
  • Password: For authentication when you log in

Unless you wish to place an order as a guest, you can also use your personal account to shop in our online store. In this case, we require additional information that is mandatory for online shopping but optional when simply creating an account: street, house number, ZIP code, city, and country for delivery and billing.

You may provide additional information, in particular:

  • Title
  • First and last name for direct communication in your personal account
  • Company
  • Title, position, or department
  • Phone number
  • VAT ID

The legal basis for processing this data is the initiation or performance of a contract pursuant to Article 6(1)(b) of the GDPR. We process voluntary information with your consent; mandatory information (such as, in particular, the title) is processed based on our legitimate interest in addressing you personally.

The data will be deleted when the account is no longer needed or after two years of inactivity.

Ihr Konto bleibt bis zu Ihrem schriftlichen Widerruf/Widerspruch bestehen. Wenn Sie Ihr persönliches Konto löschen möchten, können Sie dies per E-Mail an datenschutz@ecomed-storck.de beauftragen. Sie können dann keine anmeldepflichtigen Online-Angebote mehr nutzen.

Sofern Sie noch über Abonnements oder laufende Tests für Online-Produkte verfügen, kann dieses Konto aus rechtlichen Gründen nicht vor Ende der vereinbarten (Abo-)Laufzeit gelöscht werden.

Wenn Sie Ihr persönliches Konto löschen lassen möchten, ersetzt das nicht die schriftliche Kündigung für ein bestehendes Abonnement eines Online-Produktes. Wenn Sie sich später wieder für ein persönliches Konto registrieren wollen, ist dies jederzeit möglich.

Testing

You can request a one-time four-week trial of any online product through our store. To do so, you must create a personal account, which requires you to provide your company name (required field: “Institution”) and your phone number. During the trial period, we will use your email address and phone number to communicate with you regarding your product trial (pre-contractual processing pursuant to Art. 6(1)(b) of the GDPR or consent pursuant to Art. 6(1)(a) of the GDPR). After the trial period ends, you may object to the use of your required information; your personal account will then be deleted.

How we optimize our products

Further development of user-friendliness

We use cookies and tracking tools to optimize our digital offerings based on your usage. To do this, we measure the development of reach and the use of content and functions, and use A/B testing to determine which variants users prefer.

Usage analysis

We want to continuously develop and improve our products. To do this, we need to analyze usage. This serves to evaluate visitor traffic to our digital offerings and may include behavior, interests, or demographic information about visitors, such as age or gender, as pseudonymous values. With its help, we can see, for example, when our digital offerings are used most frequently or which functions are popular. This enables us to identify areas that need optimization.

In addition to usage analysis, we also use testing procedures to test different versions of our digital offerings or their components, for example, and to increase certain user actions or reactions if necessary.
For these purposes, profiles, i.e., data summarized for a usage process, are created and information is stored in a browser or on a terminal device and read from it. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used, and information on usage times.

The IP addresses of users are also stored. We use an IP masking procedure (i.e., pseudonymization by shortening the IP address) for your protection. In general, no clear data of users (such as email addresses or names) is stored in the context of web analysis, A/B testing, and optimization, but rather pseudonyms, so that neither we nor the providers of the software used, who act as processors for us, know the actual identity of the users.

Google Analytics

Google Analytics

We use Google Analytics (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to measure and analyze the use of our online offering on the basis of a pseudonymous user identification number. This identification number does not contain any unique data such as names or email addresses. It serves to assign analytics information to a device in order to determine which content users have accessed within one or more usage processes, which search terms they have used, whether they have accessed this content again, or how they have interacted with our online offering. The time and duration of use are also stored, as well as the sources of users who refer to our online offering and technical aspects of their end devices and browsers. In the process, pseudonymous profiles of users are created with information from the use of different devices, and cookies may be used.

Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides approximate geographic location data by deriving the following metadata from IP addresses: city (and the derived latitude and longitude of the city), continent, country, region, subcontinent (and ID-based counterparts). For EU traffic, IP address data is used exclusively for this derivation of geolocation data before it is immediately deleted. It is not logged, is not accessible, and is not used for any further purposes. When Google Analytics collects measurement data, all IP queries are carried out on EU-based servers before the traffic is forwarded to Analytics servers for processing. The retention period for the data is 14 months (this concerns data at user and event level). Aggregated data is anonymized and is not deleted.
Google is our processor, with whom we have concluded the agreements required for this purpose. We have also taken measures to ensure appropriate and adequate safeguards for the protection of personal data in the context of transfers to third countries by concluding EU standard contractual clauses and, where necessary, implementing additional measures to protect the rights of data subjects.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

When you request quotes

Ordering products

We offer you a wide range of services. You can

  • order printed and digital products
  • register for seminars and events (for a fee)

To do so, you must provide us with your address, contact, and communication information when entering into a contract, as well as your bank and credit card information, if applicable, depending on the payment method you choose.

The legal basis for this processing is the initiation or performance of a contract (Art. 6(1)(b) GDPR).

After the contract ends, we will retain your data for as long as we are legally required to do so. Data is typically deleted after ten years at the latest. No automated decision-making, including profiling, takes place.

You have the option to manage your contract data yourself in your personal area (“My Account”). For more information on this, see the section above titled Creating a User Account.

If you exercise your right of withdrawal (https://www.ecomed-storck.de/vertrag-widerrufen/), we will process your data to receive and process your withdrawal and to identify the relevant contract. Providing the order number is mandatory for this purpose, as we cannot otherwise uniquely identify the contract. In addition, data processing is carried out to fulfill our legal obligations (Section 356a of the German Civil Code (BGB)). The legal basis for the processing is Article 6(1), sentence 1, lit. b) and c) of the General Data Protection Regulation (GDPR). Your data will be stored for as long as necessary to process the cancellation and to fulfill our retention obligations.

Payment

In order to offer you various payment functions, we use software from service providers who support us in processing the payment transaction. The software also manages transactions and controls access control, billing, the checkout process, invoice dispatch, and payment transactions. It also supports our user, product, and price management. In doing so, we process your personal master data (e.g., name, address data), your communication data (e.g., email), order data, contract billing and payment data, and our planning and control data.

The legal basis for this is the fulfillment of the contract (Art. 6 (1) (b) GDPR) and our legitimate interest in proper and functioning payment processing (Art. 6 (1) (f) GDPR).

Payment processing Unzer

Your bank details or credit card details will be processed for payment processing by Unzer GmbH, Vangerowstraße 18, 69115 Heidelberg, whose privacy policy can be found here. We would like to point out that Unzer GmbH will transmit your personal data to other parties necessary for processing the transaction, in particular to the credit institutions, banks, credit card institutions involved, HPC GmbH, Vangerowstraße 18, 69115 Heidelberg, PAY.ON AG, Lucile-Grahn-Straße 37, 81675 Munich and HUELLEMANN & STRAUSS ONLINESERVICES S.à r.l. 1, Place du Marché, L-6755 Grevenmacher, R.C.S. Luxembourg B 144133, where your personal data will also be processed.

Billing data may be transmitted to debt collection service providers if this is necessary for the purpose of debt collection. In this context, we reserve the right in particular to assign our claim to a debt collection company or to instruct such a company to collect our claim. We also reserve the right to transmit information about outstanding payments to credit agencies. Of course, this will always be done in strict compliance with the statutory provisions.

Credit assessment

For first-time orders in our online store with a total order value of 150 euros or more and payment by invoice, we obtain a credit report based on mathematical and statistical methods to protect our legitimate interests (Art. 6(1), sentence 1, lit. f GDPR). The credit check is obtained from the following credit reporting agency:

EURO-PRO Ges. für Data Processing mbH
Lindenhof 1–3
D-61279 Grävenwiesbach
Phone 06086 3988-0
info@europro.de
www.europro.de

To this end, we transmit the personal data required for a credit check (first and last name, address information) to the aforementioned credit bureau and use the information received regarding the statistical probability of default to make a balanced decision regarding the establishment, execution, or termination of the contractual relationship. The credit report may contain probability values (scores) that are calculated using scientifically recognized mathematical and statistical methods and that incorporate, among other factors, address data. This constitutes a decision based on automated processing within the meaning of Article 22 of the GDPR, although it is not made exclusively by automated means. Since the decision is necessary for the conclusion or performance of a contract between the data subject and the controller, the exception provided for in Article 22(2)(a) of the GDPR applies, thereby permitting this type of credit check.

Online-Produkte

Test

You can request a one-time four-week trial of any online product through our store. To do so, you must create a personal account, which requires you to provide your company name (required field: “Institution”) and your phone number. During the trial period, we will use your email address and phone number to communicate with you regarding your product trial (pre-contractual processing pursuant to Art. 6(1)(b) of the GDPR or consent pursuant to Art. 6(1)(a) of the GDPR). Once the trial period has expired, you may object to the use of your required information, and your personal account will then be deleted.

Unlock Online Components for Existing Products

If you have a paid subscription to products that include additional online components, you can unlock or register for them.
The legal basis for processing the data required for this is your consent (Art. 6(1)(a) GDPR) and the performance of the contract pursuant to Art. 6(1)(b) GDPR.

Your login (personal account) will remain active until you revoke it or object in writing. If you wish to delete your personal account, you can request this by emailing datenschutz@ecomed-storck.de.

E-Book-Download

You can purchase an e-book from our online store or use a download link printed in the book. To do so, we process the data as described above under “Online Products.”

The e-book is embedded with an encrypted digital watermark containing the download data (email address, date, time, store ID, product ID). The legal basis for this is our legitimate interest in protecting against copyright infringement (unauthorized copying) pursuant to Article 6(1)(f) of the GDPR.

Your data will remain stored for service purposes (e.g., re-downloads). Withdrawal of consent or objection to the stored data will result in the termination of all services effective as of the date of withdrawal or objection.

Online or hybrid events

We use the tools listed below to offer our events, webinars, etc. online. Details on the data processed in this context can be found in the respective section.

MS Teams

We use the “Microsoft Teams” tool to conduct conference calls, online meetings, video conferences, and/or web conferences (hereinafter: “online meetings”).

“Microsoft Teams” is a service provided by Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). If we intend to record online events, we will inform you of this transparently in advance and—where necessary—request your consent. You will also be notified of the recording in the Microsoft Teams app.

Note: When you access the “Microsoft Teams” website, the provider of “Microsoft Teams” is responsible for data processing. However, accessing the website is only necessary for using “Microsoft Teams” in order to download the software required to use “Microsoft Teams.” If you do not want to or cannot use the “Microsoft Teams” app, you can also use “Microsoft Teams” via your browser. In this case, the service is also provided via the “Microsoft Teams” website.

Data

The scope of the data depends on what information you provide before or during your participation in an “online meeting.” The following personal data is subject to processing:

  • User information: e.g., display name, email address (if applicable), profile picture (optional), preferred language
  • Meeting metadata: e.g., date, time, meeting ID, phone numbers, location
  • Text, audio, and video data: You may have the option to use the chat feature during an “online meeting.” In this regard, the text you enter is processed in order to display it during the “online meeting.” To enable video display and audio playback, data from your device’s microphone and, if applicable, its video camera will be processed for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the “Microsoft Teams” application.

Chat content is logged when using Microsoft Teams. Files that users share in chats are stored in the OneDrive for Business account of the user who shared the file. Files that team members share in a channel are stored on the team’s SharePoint site.

Legal Basis for Data Processing

To the extent that personal data of employees is processed, Section 26 of the German Federal Data Protection Act (BDSG) serves as the legal basis for data processing.

If, in connection with the use of “Microsoft Teams,” personal data is not necessary for the establishment, performance, or termination of the employment relationship but is nonetheless an essential component of using “Microsoft Teams,” then Article 6(1)(f) of the GDPR serves as the legal basis for data processing. In these cases, our interest lies in the effective conduct of “online meetings.”

Furthermore, the legal basis for data processing in connection with the conduct of “online meetings” is Article 6(1)(b) of the GDPR.

Online meetings are recorded only if we have informed you of this in advance and you have consented to the recording. In this case, the legal basis is Article 6(1)(a) of the GDPR.

Retention Period

We generally delete personal data when there is no longer a need for further storage. A need may exist, in particular, if the data is still required to fulfill contractual obligations or to assess, grant, or defend against warranty and, where applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after the respective retention period has expired.

Data Disclosure

Personal data processed in connection with participation in “online meetings” is generally not disclosed to third parties, unless it is specifically intended for disclosure. Please note that, as with in-person meetings, content from “online meetings” often serves precisely to communicate information to customers, prospective customers, or third parties and is therefore intended for disclosure.

Other Recipients

The provider of “Microsoft Teams” necessarily gains access to the aforementioned data to the extent provided for in our data processing agreement with “Microsoft Teams.” As a general rule, data is not processed outside the European Union (EU), as we have limited our data storage to data centers located within the European Union. However, we cannot rule out the possibility that data may be routed through Internet servers located outside the EU. This may be the case, in particular, if participants in an “online meeting” are located in a third country.

Data Transfer Outside the EU/EEA

Since Microsoft is headquartered in the United States, we have entered into a data processing agreement with Microsoft that complies with the requirements of Article 28 of the GDPR. An adequate level of data protection is guaranteed, on the one hand, by the adoption of the so-called EU Standard Contractual Clauses. As supplementary safeguards, we have also configured our system so that only data centers located in the EU, the EEA, or safe third countries—such as Canada or Japan—are used for conducting “online meetings.”

For more information, please see Microsoft’s privacy notice: https://privacy.microsoft.com/de-de/privacystatement https://www.microsoft.com/de-de/trust-center

The data is encrypted during transmission over the Internet and is therefore protected against unauthorized access by third parties.

When you contact us

Contacting us

When you contact us, we only collect personal data (e.g. name, e-mail address, telephone number) if you provide it to us voluntarily. This information is expressly provided on a voluntary basis. The purpose of processing your data is to process and respond to your enquiry. This is also our legitimate interest in data processing in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.

In the case of a telephone enquiry, your data will also be processed by telephone applications and in some cases also via a voice dialogue system in order to support us in the distribution and processing of enquiries.

We will delete your data that we have received in the course of contacting you as soon as your request has been fully processed and no further communication with you is required or requested by you.

When we advertise our products

Direct marketing

We also use your contact data beyond contract-related use for advertising purposes. This is only done if you have expressly consented (Art. 6 para. 1 lit. a) GDPR) or on the basis of our legitimate interest in a personalised customer approach or direct advertising (Art. 6 para. 1 lit. f) GDPR), for example for information about the same and similar products of our company (Section 7 para. 3 UWG).

If you no longer wish to receive advertising, you can withdraw your consent or object to advertising at any time.

The data processed by us will be deleted as soon as they are no longer required for their intended purpose, you have objected to the advertising and the deletion does not conflict with any statutory retention requirements.

  • durch einen Klick auf den Abmelde-Link am Ende der Mail
  • per Mail an datenschutz@ecomed-storck.de
  • schriftlich an ecomed‐Storck GmbH c/o Verlagsgruppe Hüthig Jehle Rehm GmbH, Hultschiner Str. 8, 81677 München.

Direct Mail Advertising

Für Direktwerbung nutzen wir auch Daten, die von Websites möglicher Kunden und damit aus öffentlich zugänglichen Quellen stammen. Ebenso nutzen wir für unsere Post-Mailings teilweise auch Adressen, die uns im Adresshandel von Adressbrokern für die einmalige oder mehrfache Nutzung angeboten werden. Wir erhalten zumeist folgende Datenkategorien:

  • Name, Vorname und Adresse,
  • Branche oder Geschäftsbezeichnung,
  • akademische Grade und Titel,
  • Funktion im Unternehmen/der Institution

Der jeweilige Adressbroker ist für die ursprüngliche Erhebung der Daten die für die Einhaltung des Datenschutzrechts verantwortliche Stelle und verarbeitet und übermittelt Ihre Daten an uns auf Grundlage der Interessenabwägung gemäß Art. 6 Abs. 1 S. 1 lit. f) DSGVO zur Wahrung berechtigter Interessen des Adressbrokers sowie uns als werbendes Unternehmen. Diese Verarbeitung und Übermittlung durch den Adressbroker geschieht ausdrücklich nur dann, wenn Sie der vorstehenden Verarbeitung durch den Adressbroker nicht widersprochen haben.

Wir verarbeiten Ihre Daten ebenfalls auf Grundlage der Interessenabwägung gemäß Art. 6 Abs. 1 S. 1 lit. f) DSGVO zur Wahrung unserer berechtigten Interessen für werbliche Zwecke und informieren Sie über eigene und ähnliche Angebote oder Dienstleistungen auf postalischem Wege. Für diese Verarbeitungstätigkeiten sind wir verantwortliche Stelle im Sinne des Datenschutzrechts. Sie können der werblichen Nutzung Ihrer Daten sowohl gegenüber uns als auch gegenüber dem jeweiligen Adressbroker jederzeit mit Wirkung für die Zukunft widersprechen:

  • per E-Mail an datenschutz@ecomed-storck.de
  • schriftlich an ecomed-Storck GmbH c/o Verlagsgruppe Hüthig Jehle Rehm GmbH, Hultschiner Str. 8, 81677 München

Auf unseren Mailings finden Sie darüber hinaus immer einen Datenschutzhinweis zu dem jeweiligen Adressbroker, aus dem sich die jeweilige Adresse für den Widerspruch gegenüber dem Adressbroker ergibt.

Sofern Sie von Ihrem Werbewiderspruchsrecht (Art. 21, S. 3 DSGVO, siehe Widerspruchsrecht in dieser Datenschutzerklärung) Gebrauch machen, werden zur Umsetzung des Werbewiderspruchs die insoweit erforderlichen, vorgenannten Daten hierfür in einer Sperrliste verarbeitet.

Ihre personenbezogenen Daten können zu den genannten Werbezwecken an Lettershop-, Druck- und Versanddienstleister weitergegeben werden.

Marketing for own products

In order to show you advertisements for our own products, we use services provided by advertising partners or collaborate with advertising partners and ad networks (remarketing). These partners use cookies, pixels, or similar technical means to display and analyze advertisements.

Ads may be tailored to the individual user by, for example, using browser information regarding usage (such as pages visited, times of visit, and duration of visit). User-specific ads are also possible. In addition, analyses regarding reach or for billing purposes may be conducted in pseudonymized form. We have outlined the details regarding the services used, our partners, and the various options for opting out below.

This advertising is carried out with your consent (Art. 6(1)(a) GDPR).

To draw attention to our offers, we run ads on the Google Search Network and display banners on the Google Display Network (banners on third-party websites), and we use Google Ads and Analytics remarketing. We can combine ads with search terms or use custom ads to promote products and services that you have viewed on our site. With Ads remarketing lists, we can optimize search and display campaigns if you have previously visited our site.

For this interest-based advertising, Google analyzes your user behavior using cookies that are set when you click on ads or visit our websites. We and Google then receive information indicating that you clicked on an ad and were redirected to our site. Based on these analyses, we can identify which of the advertising measures we use are particularly effective and can optimize them accordingly.

The statistics provided to us by Google include the number of users who clicked on one of our ads and show which of our web pages you were redirected to. In addition, we can target you more effectively if you have already visited our website. We can also track which search terms resulted in particularly frequent ad clicks and which ads lead to actions such as purchasing a subscription.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s server. We have no control over the scope and further use of the data collected by Google through the use of this tool and therefore provide you with the following information to the best of our knowledge: Through the integration of Google Ads, Google receives information that you have accessed the relevant section of our website or clicked on one of our ads. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or are not logged in, it is possible that the provider may obtain and store your IP address.

You can find more information on this in the notes on website statistics and in [Google’s](https://policies.google.com/technologies/ads?hl=de “Google Ads Privacy Policy”) privacy policy.

You can prevent this practice by disabling cookies in your browser settings, opting out of specific types of ads in Google’s ad settings, disabling interest-based ads on Google, or disabling cookies from ad providers using the relevant opt-out tool provided by the Network Advertising Initiative. We and Google will then only receive statistical information about how many users visited a page and when. This can only be prevented by using appropriate browser extensions.

The legal basis for the aforementioned data processing is Article 6(1)(a) of the GDPR.

Newsletter

You will receive from us newsletters containing specialist content (“topic newsletters”) if you explicitly subscribe to them (consent pursuant to Art. 6(1)(a) GDPR). For this purpose, we use the double opt-in (DOI) procedure, which means that after registering on one of our registration pages (offered via various websites), you will receive an email with a confirmation link that you can use to confirm your consent. The following data is collected when you register for the newsletter:

  • Time of registration and time of DOI verification: serves as proof of the DOI
  • Email address: for sending the newsletter and the DOI email
  • Form of address, first name, last name, title: voluntary information if you would like to be addressed personally

We process the voluntary information on the basis of our legitimate interest in addressing customers in a personalized way (Art. 6(1)(f) GDPR).

We analyze newsletter opens with the help of so‑called tracking pixels, i.e. invisible image files that are linked to the newsletter system. Clicks on links in the newsletter are also evaluated. Both are not evaluated on an individual recipient (personalized) basis, but only for all recipients as a whole. The collection of this anonymized usage profile serves to tailor the newsletter offering to your interests and is carried out on the basis of your consent (Art. 6(1)(a) GDPR). If you do not agree to this, you can unsubscribe from the newsletter at any time (procedure, see the following paragraph).

You can unsubscribe from any topic newsletter at any time and withdraw your consent to its dispatch by simply clicking the corresponding unsubscribe link at the end of the respective newsletter or by emailing your withdrawal/objection to kundenservice@hjr-verlag.de. As soon as a withdrawal/objection has been received for each topic newsletter, or no topic is subscribed to, the recipient and the associated data (see above) are automatically deleted after 14 days. Your data will also be deleted after 14 days if the double opt‑in link is not confirmed.

Sie können sich von jedem Themen-Newsletter jederzeit abmelden, indem Sie am Ende des jeweiligen Newsletters den entsprechenden Abmelde-Link anklicken oder Ihre Einwilligung unter datenschutz@ecomed-storck.de widerrufen. Sobald für jeden Themen-Newsletter ein Widerruf vorliegt und somit kein Thema abonniert ist, werden Ihre Dten automatisch nach 14 Tagen gelöscht.
Wenn Sie den Double-Opt-In-Link nicht bestätigen, werden Ihre Daten nach 14 Tagen gelöscht.
Die Nutzungsdaten werden ohne Widerruf nach zwei Jahren gelöscht.

Participation in prize draws

In the context of prize draws, we collect and process the following data from you:

  • Email address, in order to inform you about a win
  • First name, last name, address, in order to be able to send prizes by post

When (non-cash) prizes are offered, further personal data are required in particular from the winners after the end of the prize draw, such as their address, so that they can be notified in the event of a win and the prize can be delivered.

The collection and processing of personal data serve the purpose of carrying out the respective prize draw and quizzes and, where applicable, sending out prizes. The data are processed on the basis of your consent (Article 6(1)(1)(a) GDPR) and, in the case of prize draws, pursuant to Article 6(1)(1)(b) GDPR. All data are stored for the purpose and duration of the prize draw and deleted after the end of the promotion, unless statutory retention obligations apply.

Your data may be passed on to our prize draw service providers and sponsors within the framework of the terms and conditions of participation to which you have agreed, and will be deleted insofar as they are no longer required.

For further details in connection with the respective prize draw, please refer to the terms and conditions of participation.

Company presence in the social media

We maintain a presence on social media. Insofar as we have control over the processing of your data, we ensure that the applicable data protection regulations are complied with. Below you will find the most important information on data protection law in relation to our company websites.

In addition to us, we are responsible for the company websites within the meaning of the EU General Data Protection Regulation (GDPR) and other data protection regulations:

  • Meta Platforms (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland); weitere Informationen zum Datenschutz finden Sie hier.
  • Xing (New Work SE, Am Strandkai 1, 20457 Hamburg); further information on data protection can be found here.
  • YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Further information on data protection can be found here.
  • LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland); further information on data protection can be found here.

We process the data for statistical purposes in order to further develop and optimise the content and to make our offer more attractive. This data includes the total number of page views, page activities and data and interactions provided by visitors. This data is processed and made available by the social networks. We have no influence on the generation and presentation of this data.

Your personal data is also processed for market research and advertising purposes. For example, it is possible that user profiles are created based on your usage behaviour and the resulting interests. This allows, among other things, adverts to be placed within and outside the platforms that presumably correspond to your interests. Cookies are usually stored on your computer for this purpose. Irrespective of this, data that is not collected directly from your end devices may also be stored in your user profiles. Data is also stored and analysed across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.
We do not collect or process any other personal data.

The processing of your personal data by us is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

As we do not have full access to your personal data, you should contact the social media providers directly when asserting your rights as a data subject, as they have access to the personal data of their users and can take appropriate measures and provide information.

Should you nevertheless require assistance, we will of course endeavour to support you. You can find our contact details here.

For a detailed description of the respective processing and the cancellation options, please refer to the information linked below.

Wenn Dritte bei uns für ihre Produkte werben

Um unsere digitalen Angebote zu refinanzieren, vermarkten wir in manchen unserer Online-Angebote und Websites unsere Werbeflächen, indem wir Werbebanner
einblenden.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

Steuerung von Werbebannern

Die Ausspielung von Werbung steuern wir über den Revive Adserver.

Die Häufigkeit der Ausspielung von Werbeeinblendungen wird über Cookies gesteuert, die nach 30 Tagen gelöscht werden: OAID, OASCAP, OASCAR, OACBLOCK und OABLOCK.

Ob und wie oft ein Banner aufgerufen und angeklickt wird, wird über ein Tracking ermittelt. Dazu wird bei jedem Abruf sowie bei Klick auf ein Banner die IP-Adresse des Nutzers an unsere Hosting- und IT-Dienstleister weitergegeben. Grundlage für die Datenverarbeitung ist Ihre Einwilligung im Sinne des Art. 6 Abs. 1 S. 1 lit. a) DSGVO. Die IP-Adresse wird im Anschluss nicht gespeichert, sondern lediglich die aggregierten anonymisierten Statistiken.

Ihre Einwilligung können Sie in den „Datenschutz-Einstellungen“ widerrufen, erreichbar im Footer auf unserer Website.

What else you should know

Controller

ecomed-Storck GmbH

Justus-von-Liebig-Str. 1
D-86899 Landsberg am Lech

Data Protection Officer

atarax group of companies

Luitpold-Maier-Str. 7
D-91074 Herzogenaurach
Phone: 09132 79800
Email: swmh-datenschutz@atarax.de.

Joint controllers

We are joint controllers in the following cases.

Joint controlling with Meta Platforms

When you visit our Meta Platforms fan page, we are jointly responsible with Meta Platforms for the processing of your personal data. Below we inform you about the associated data processing on our fan page, which does not affect Meta Platforms' terms of use:

Contact details of the controllers and joint controllership pursuant to Art. 26 GDPR

Joint controllers:
the entity responsible for this website (see the information about us mentioned at the beginning)
and
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland
According to the European Court of Justice (ECJ), we are jointly responsible with Meta Platforms for the processing of your personal data.

Appearance on the Meta Platforms fan page

Scope of data collection and storage

Data Purpose Legal basis
User interactions (posts, likes, etc.) User communication via social media Art. 6 para. 1 a GDPR
Meta Platforms cookies Target group advertising Art. 6 para. 1 a GDPR
Demographic data (based on age, place of residence, language or gender information) Target group advertising Art. 6 para. 1 a GDPR
Statistical data on user interactions in aggregated form, i.e. without personal reference (e.g. page activities, page views, page previews, likes, recommendations, posts, videos, page subscriptions incl. origin, time of day) Target group advertising Art. 6 para. 1 a GDPR

The promotional use of your personal data is particularly important for Meta Platforms. We use the statistics function to find out more about the visitors to our fan page. Using this function enables us to customise our content to the respective target group. In this way, we also utilise demographic information on the age and origin of users, for example, although we are unable to make any personal reference here. In order to provide the social media service in the form of our Meta Platforms fan page and to use the Insight function, Meta Platforms generally stores cookies on the user's end device. These include session cookies, which are deleted when the browser is closed, and persistent cookies, which remain on the end device until they expire or are deleted by the user. As a user, you can use your browser settings to decide for yourself whether and which cookies you wish to allow, block or delete. You can find instructions for your browser here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile (links). Alternatively, you can also install so-called ad blockers, such as Ghostery.

According to Meta Platforms, the cookies used by Meta Platforms are used for authentication, security, website and product integrity, advertising and measurement, website functions and services, performance, analysis and research. Details of the cookies used by Meta Platforms (e.g. names of cookies, duration of function, content collected and purpose) can be viewed here by following the links provided there. There you will also find the option of deactivating the cookies used by Meta Platforms. You can also change the settings for your advertising preferences there.

You can also object to the collection and storage of data through the use of the above-mentioned cookies by Meta Platforms at any time with effect for the future via this opt-out link.
You can use the aforementioned link to manage your preferences regarding usage-based online advertising. If you object to usage-based online advertising with a specific provider using the preference manager, this only applies to the specific business data collection via the web browser you are currently using. Preference management is cookie-based. If you delete all browser cookies, the preferences you have set with the preference manager will also be removed.

Note on Meta Platforms Insights

We use the Meta Platforms Insights function for statistical analysis purposes. In this context, we receive anonymised data on the users of our Meta Platforms fan page. However, we use the filters provided by FacebMeta Platformsook to specify the categories of data according to which Meta Platforms provides anonymised statistics. Meta Platforms provides us with the following criteria or categories for analysing the activities of the website in anonymised form, provided that the corresponding information has been provided by the user or is collected by Meta Platforms:

  • Age range
  • Gender
  • Place of residence (city and country)
  • language
  • Mobile or stationary page views (YouTube additionally individual device types)
  • Interactions in the context of posts (e.g. reactions, comments, shares, clicks, views, video usage time)
  • Time of use
    This anonymised data is used to analyse user behaviour for statistical purposes so that we can better tailor our offers to the needs and interests of our audience.

We see our legitimate interest (Art. 6 para. 1 f GDPR) for data processing in the presentation of our company and our products and services for your information.

Disclosure and use of personal data

If you interact with Meta Platforms, Meta Platforms will of course also have access to your data.

Joint controlling with linkedIn

When you visit our LinkedIn page, we are jointly responsible with LinkedIn for the processing of your personal data. Below, we inform you about the data processing associated with our fan page; this does not affect LinkedIn’s terms of use.

Contact details of the controllers and joint controllership pursuant to Article 26 GDPR

Joint controllers:
the entity responsible for this website (see the information about us mentioned above)
and
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

We process your data in accordance with the information set out above when you make it available to us by visiting our company page on LinkedIn.

You can find information on how LinkedIn processes your data here.

Your rights

  • In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. In this context, you also have the right to receive a copy of your personal data processed by us in accordance with Art. 15 para. 3-4 GDPR.
  • In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or the completion of your personal data stored by us.
  • In accordance with Art. 17 GDPR, you can request the erasure of your personal data stored by us.
  • In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data.
  • In accordance with Art. 20 GDPR, you can request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format and you can request the transfer to another controller.
  • In accordance with Art. 7 para. 3 GDPR, you can revoke your consent once given to us at any time. This means that the processing carried out on the basis of the consent prior to the revocation was lawful and has the consequence that we may no longer continue the data processing based on this consent in the future.

Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR or Art. 6 para. 1 sentence 1 lit. e) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR. In the event of such an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
In the case of direct marketing, you have the right to object at any time to the processing of personal data concerning you. If you object to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority against the processing of your personal data if you feel that your rights under the GDPR have been violated. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.

Data protection information in the GTC

With this privacy policy, we fulfil the information obligations under the GDPR. Our General Terms and Conditions also contain data protection information. These explain in detail how your personal data, which we require to fulfil contracts and for the purpose of identity and credit checks, is processed.

Changes to the privacy policy

We reserve the right to change or adapt this privacy policy at any time in compliance with the applicable data protection regulations.