At Hogrefe we are very conscious of the fact that when you use the Hogrefe website you are entrusting us with your personal data. We greatly value your trust and handle your data with the greatest possible care and confidentiality. This document describes how.
We are pleased that you have visited this website. To continue to improve the attractiveness of our website, we continually optimise the site’s functions and services. In doing so, security is a priority for us. You trust us with your personal data when you use our website. We know that this trust is to be valued. That’s why we handle your data with special care.
In the following, we will inform you about how your personal data is collected when you use our website. Personal data is all data that personally relates to you, e.g. name, address, e-mail address(es), user behaviour. We have taken extensive technical and operational precautions to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are reviewed regularly and adapted to take technological progress into account.
The controller pursuant to Article 4 Paragraph 7 of the EU General Data Protection Regulation (GDPR) is
Hogrefe Verlag GmbH & Co. KG
37085 Göttingen, Germany
+49 551 999 50 0
You can contact our Data Protection Officer at firstname.lastname@example.org or via our postal address, adding an FAO for ‘Der Datenschutzbeauftragte/The Data Protection Officer’.
You have the following rights with respect to personal data that relates to you:
You have a right to information, rectification, erasure, restriction of processing, objection to processing and data transferability. If processing is based on your consent, you have the right to revoke this consent with future effect.
Pursuant to Article 21 Paragraph 1 of the GDPR, you have the right to object against the processing of personal data that relates to you that takes place on the basis of Article 6 Paragraph 1 e of the GDPR (data processing in the public interest) or based on Article 6 Paragraph 1 f of the GDPR (data processing for the purposes of legitimate interests); this also applies to profiling supported by this provision. If you object, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or if processing serves to assert, exercise or defend legal claims.
If we process your personal data to directly advertise to you, you have the right to object to the processing of the personal data that relates to you for the purposes of such advertising at any time, pursuant to Article 21 Paragraph 2 of the GDPR; this also applies to profiling if it relates to such direct advertising.
If you object to processing for the purposes of direct advertising, we will no longer use your personal data for these purposes.
You also have the right to complain to a responsible data protection supervisory authority about us processing your personal data.
When simply using the website for informational purposes, i.e. if you don’t register or send us information in another way, we only collect personal data that your browser sends to our server. If you want to view our website, we collect the following data that is required for technical reasons in order for us to display our website and guarantee its stability and safety. The legal basis for this is Article 6 Paragraph 1 f of the GDPR:
IP address, date and time of request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, respective volume of data transmitted, website that the request has come from, browser, operating system, and the interface, language and version of browser software.
This data cannot be used by us to identify the individual user. This information is only evaluated by us in an anonymised way for statistical purposes.
When you contact us by e-mail or via the contact form, we store data you have shared to respond to your question or issue. If we ask for information via our contact form that is not required in order for you to get in touch, we mark this as optional. This information is used to clearly define your request and to improve how your concern is processed. This information is explicitly provided on a voluntary basis and with your consent; Article 6 Paragraph 1 a of the GDPR. If this information relates to channels of communication (for example, e-mail address, phone number), you are also agreeing that we may contact you via these channels of communication where necessary in order to respond to your concern. You can of course withdraw this consent with future effect at any time.
We delete such data when it no longer needs to saved, or we restrict its processing if legal retention periods apply.
You can subscribe to our newsletter, through which we send you information about our current offers, by providing your consent in accordance with Article 6 Paragraph 1 a of the GDPR.
We use the ‘double opt-in process’ when registering for our newsletter. This means that once you have registered your e-mail address, we send you a confirmation e-mail to that e-mail address in which we ask you to confirm that you want us to send newsletters. If you do not confirm registration within [24 hours], your information will be locked and automatically deleted after a month .
We also save the IP addresses you use and the time of registration and confirmation. The purpose of this process is to provide evidence of your registration and to be able to clarify any potential misuse of your personal data, where necessary.
We only require an e-mail address to send newsletters. Once you have confirmed your registration, we save your e-mail address for the purpose of sending newsletters. The legal basis for this is Article 6 Paragraph 1 a of the GDPR.
You do of course have the option of unsubscribing from the newsletter at any time, and withdrawing the consent given with future effect. In order to do so, please click on the unsubscribe button in the newsletter received or contact our Data Protection Officer using the contact details below.
We wish to point out that we evaluate your user behaviour when sending out newsletters. For the purpose of this evaluation, the e-mails sent include ‘web beacons’, also known as ‘tracking pixels’, which are saved on our website. For evaluations, we link the specified data and the web beacons to your e-mail address and an individual ID.
We create a user profile using the data recorded so that we can tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters and which links in them you click on, and from this we draw conclusions about your personal interests. We link this data with actions you carry out on our website.
You can object to this tracking at any time by clicking on the separate link provided in every e-mail. Information is only saved if you have subscribed to newsletters. Once you unsubscribe, we only save data in a purely statistical and anonymous way.
This kind of tracking is also impossible if you have deactivated images in your e-mail program as the default setting. In this case, however, the newsletter will not be fully displayed and you may not be able to use all of the functions. If you activate the images manually, the tracking described above will take place.
You have the option of registering with us for a client account. We collect and store the following data about you for registration:
- First name
- E-mail (user name)
- Date of birth
- ‘Private’ or ‘Company’ account type
- Street address, Address Addendum
- Zip/postal code, City
We use a ‘double opt-in process’ for registration, i.e. your registration is only confirmed if you have first confirmed your registration by clicking on the link in a confirmation e-mail sent to you. If you do not confirm registration within [24 hours], your registration is automatically deleted from our database. The above-mentioned data is mandatory, however all other information can be provided on a voluntary basis via our portal.
After successful registration, you are given personal, password-protected login details and you can view and manage the data you have saved. Registration is voluntary, but may be required to use our services.
If you use our portal, we store data about you that is required to fulfil the contract, and information about the payment method, where necessary, until your access expires. We also store data provided by you on a voluntary basis for as long as you use the portal, unless you delete this beforehand. You can manage and change all information in the protected client area. The legal basis for this is Article 6 Paragraph 1 a, b and f of the GDPR.
If you place an order with us online through our website, we collect various data required to conclude the contract. The legal basis for conclusion is the execution of a contract based on Article 6 Paragraph 1 b of the GDPR. Data is stored for the duration of the contract and in accordance with legal obligations. We use a number of payment service providers to process payments, which are always specified and directly accept your input, and are therefore the recipients of your personal data collected in connection with the payment process. The legal basis for using payment service providers is contract processing pursuant to Article 6 Paragraph 1 b of the GDPR. Data for payment purposes is stored for the duration of payment processing.
You can find more information about data protection within the scope of the Hogrefe Testsystem (HTS) at Data protection in the Hogrefe Testsystem online portal.
You can send an application to our company electronically, with particular reference to e-mail. We only use your information to process your application and do not share it with third parties. Please note that unencrypted e-mails are not sent in a way that protects them against access.
If you have applied for a specific role that has already been filled, if we are considering you for another role, or if we consider you to be better suited to another role, we would like to pass on your application within the company. Please let us know if you do not consent to your application being passed on.
Your personal data is deleted as soon as the application process comes to an end, or after a maximum of 6 months if you have given your explicit consent for us to store your data for longer, or if it results in a contract being concluded. The legal basis for this is Article 6 Paragraph 1 a, b and f of the GDPR, as well as Section 26 of the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG).
This website uses social plug-ins from the providers
- Facebook (operator: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA)
- Twitter (operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)
- Google+ (operator: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
- LinkedIn operator (LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA)
- Xing (operator: Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany)
These plug-ins normally collect data from you and send this to the respective provider’s servers by default. To ensure your privacy is protected, we have taken technical measures to ensure that your data cannot be collected by plug-in providers without your consent. If you access a page that contains plug-ins, these should first be deactivated. Plug-ins are only activated by clicking on the respective symbol, which means you consent to your data being sent to the respective provider. The legal basis for using plug-ins is Article 6 Paragraph 1 a and f of the GDPR.
Once activated, plug-ins also collect personal data, such as your IP address, and send this to the respective provider’s servers, where this is stored. Activated social plug-ins also store a cookie with a unique ID when the respective website is accessed. Providers can also create a profile that relates to your user behaviour. This is created even if you are not a member of the respective provider’s social network. If you are a member of the provider’s social network and are logged into the social network when you visit this website, your data and information about your visit to this website can be associated with your profile on the social network. We have no influence over the exact scope of the data collected by the respective provider. You can find more information about the scope, type and purpose of data processing and about your rights and settings options to protect your privacy in the privacy policies for each social network provider. These are available on the following sites:
Facebook : https://www.facebook.com/policy.php
This website uses the following types of cookies, the extent and functionality of which is outlined below:
These cookies are automatically deleted when you close your browser. This particularly includes session cookies. These store a ‘session ID’, which is used to assign requests from your browser to the overall session. This means that your machine can be recognised when you return to our website. Session cookies are deleted when you log out or close your browser.
These cookies are automatically deleted after a set period of time that the cookie can distinguish between. You can delete cookies at any time through your browser’s security settings.
Flash cookies used are not generated by your browser, but by your flash plug-in. We also use HTML5 storage objects that are stored on your end device. These objects save the required data, regardless of your browser, and have no automatic expiration date. If you don’t want flash cookies to be processed, you must install a corresponding add-on, e.g. ‘Better Privacy’ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or Adobe Flash Killer Cookie for Google Chrome. You can prevent HTML5 storage objects from being used by setting your browser to a private mode. We also recommend that you regularly manually delete cookies and your browser history.
You can configure your browser settings based on your requirements and can reject third-party cookies, or all cookies, from being accepted. Please note this may mean you are unable to use all of the functions of this website.
The legal bases for any potential processing of personal data and its retention period vary and are outlined in the following sections.
We use various services to analyse and optimise our website, and we have outlined these below. We use these services to analyse how many users visit our site, what information is most frequently requested and how users find the website. Data that we collect includes information concerning which websites bring a data subject to a page (‘referrer’), what sub-pages are accessed on the website or how often and for what period of time a sub-page is visited. This helps us to make our website more user-friendly and also helps us to improve it. The data collected is not used to personally identify individual users. Anonymous or highly pseudonymised data is collected. The legal basis for this is Article 6 Paragraph 1 f of the GDPR.
This website uses Google Analytics, a web analysis service from Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Use includes the Universal Analytics operating mode. This allows us to assign data, sessions and interactions across multiple devices to a pseudonymised user ID, meaning that we are able to analyse user activities across devices.
Data linked to marketing and optimisation purposes is recorded and stored on this website with using etracker GmbH (http://www.etracker.com) technologies. A pseudonymised user profile can be created using this data. Cookies may be used in order to do so. Data that is collected through eTracker technologies for which separate consent has not been given by a data subject will not be used to personally identify users of this website and shall not be merged with personal data concerning the owner of this pseudonym. You can object against data collection and storage at any time with future effect. Please exclude me from eTracker recording.
We use eTracker to analyse the use of our website and to be able to regularly improve it. We are able to improve our website using the statistics compiled and can design it in a more interesting way for you as the user. The data collected is permanently stored and analysed in a pseudonymised way. The legal basis for using eTracker is Article 6 Paragraph 1 f of the GDPR. Third-party provider information: etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg; https://www.etracker.com/de/datenschutz.html.
Your data will not be transferred to third parties unless we are legally obliged to do so, if we are required to transfer data to execute the contractual relationship or if you have previously given your express consent for your data to be transferred.
We have taken extensive technical and operational precautions to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are reviewed regularly and adapted to take technological progress into account.
As at: May 2018