I. Summary of our processing activitiesThe following summary provides you with a quick overview of the processing activities that are undertaken on our website. You will find more detailed information under the indicated sections below.
• When you visit our website for informational reasons without setting up an account, only limited personal data will be processed to provide you with the website itself (see III).
• In case you register for one our services (e.g. discussion form, blog or web shop) or subscribe to our newsletter, further personal data will be processed in the scope of such services (see IV, V and VI).
• Your personal data may be disclosed to third parties (see XI) that might be located outside your country of residence; potentially, different data protection standards may apply (see XII). We have implemented appropriate safeguards to secure your personal data (see XIII) and retain your personal data only as long as necessary (see XIV).
II. Defintions• Personal Data: means any information relating to a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier.
• Processing: means any operation which is performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation or any kind of disclosure or other use.
III. Informational use of the website
When you visit our website for informational reasons, i.e. without registering for any of our provided services listed under IV and without providing us with personal data in any other form, we may automatically collect additional information about you which will contain personal data only in limited cases and which is automatically recognised by our server, such as:
• the website from which you have been directed to our website
• the date and time of your requests
• your device type, screen resolution and browser version
• your internet service provider
• information on your operating system, including language settings
• information on the pages you have visited on our website
We use such information only to assist us in providing an effective service (e.g. to adapt our website to the needs of your device or to allow you to log in to our website), and to collect broad demographic information for anonymised, aggregated use.
The personal data automatically collected is necessary for us to provide the website, Article 6 sec. 1 sent. 1 lit. b GDPR, and for our legitimate interest to guarantee the website’s stability and security, Article 6 sec. 1 sent. 1 lit. f GDPR.
Personal data that is collected automatically is anonymized immediately and any personally identifiable information is properly erased
IV. Registration for our services
Our website offers a web shop, the option to receive newsletters and lecturer an book sampling services. In order to use the aforementioned services you have to set up an account. With regard to the registration of an account and its subsequent use, we process:
• Information (such as your name, country and email address) that is provided by registration
• Information in connection with an account sign-in facility (e.g. log-in and password details)
• Communications sent by you (e.g. via e-mail or website communication forms)
Whenever you complete transactions using our website, e.g. purchasing a publication or requesting a free book sample further data processing processes may take place, of which you will of course be separately informed.We will process the personal data you provide to:
• Identify you at sign-in
• Provide you with the services and information offered through the website or which you request
• Administer your account
• Communicate with you
• (behavioural) Advertising and profiling
For this, the legal basis is Article 6 sec. 1 sent. 1 lit. b GDPR
The use of your personal data for behavioural advertising and profiling is done for the legitimate interest to improve your experience while using the website, Article 6 sec. 1 sent. 1 lit. f GDPR.]
Your personal data is, in the absence of exceptions within the specific services mentioned below, retained for as long as your user account is used. After deletion of your account, your personal data will be erased 1 month later. Statutory storage obligations or the need for legal actions that may arise from misconduct within the services or payment problems can lead to a longer retention of your personal data. In this case, we will inform you accordingly
V. Information about the specific uses that require registrationFor the use of the following services you have to set up an account as described under IV. Your customer account retains your personal data for future purchases and other activity. You can delete the personal data as well as the account in your account’s settings. This processing is based on Article 6 sec. 1 sent. 1 lit. b.]
1. Web shop
For the use of our web shop you have to set up an account as described under IV. Your customer account that retains your personal data for future purchases. You can delete the personal data as well as the account as a whole in your account’s settings. This processing is based on Article 6 sec. 1 sent. 1 lit. b.]
By statutory law we are required to retain the provided financial data in relation to transactions (including address, payment and order information) for 10 years. However, after 2 years we will restrict the processing of your personal data to comply with the statutory requirements and will not process the personal data any further. Regarding this, the retention of your personal data is based on Article 6 sec. 1 sent. 1 lit. c GDPR.
2. Lecturer book sampling service
To request a free sample copy of a book we use the contact, course and university data you provide to process the request. We retain this information on your personal account so we can manage the process of communicating with you and tracking the statistics of whether you have adopted the book for your course
VI. NewsletterWith your email address you can subscribe to our newsletter that provides you with the latest news about our products and services if you consent to receiving such newsletters. The legal basis for this processing is Article 6 sec. 1 sent. 1 lit. a GDPR. Your email address will be retained as long as you subscribe to our newsletter.
You can unsubscribe from this service by opting out via the link provided in each email newsletter.
VII. Automated decision makingWe do not use your personal data for automated decision making which produces legal effects concerning you or similarly significantly affects you.
VIII. AnalysisFor statistical analyses we use web analytics services to collect information about the use of this site
1. General tracking information
The tools collect information such as
• Device and browser information (operating system information, Mobile device identifier, mobile operating system, etc.)
• IP address
• Page accessed, URL click stream (the chronological order of our internet sites you visited)
• Geographic location
• Time of visit
• Referring site, application, or service
We use the information we get from the providers only to determine the most useful information you are looking for, and to improve and optimise this website. We do not combine the information collected through the use of the tools with personal data.
Depending on the provider the information generated about your use of the website may be transferred to and processed in third countries, e.g. the United States. For further information about the potential risks of a cross border data transfer please refer to section XII. The tools collect only the IP address assigned to you on the date you visit this site, rather than your name or any other identifying information. The provider will use this information in order to evaluate your use of the website, to compile reports on website activities and to provide other services relating to website and internet use to us.
The legal basis for this processing is Art. 6 sec. 1 sent. 1 lit. f GDPR and represents our legitimate interest to analyse our website’s traffic to improve the user’s experience and to optimise the website in general.
2. Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). On our behalf Google will use the information generated by a cookie for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet activity in connection with the use of the website.
We have activated the IP-anonymisation within the Google Analytics service, and your IP address will be truncated within the area of member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. The IP-address your browser conveys within the scope of Google Analytics will not be associated with any other data held by Google.
You can opt out of Google Analytics tracking on our site here.
We use Marketo, a marketing automation service provided by Marketo 901 Mariners Island Blvd, Suite 500, San Mateo, CA 94404 ( “Marketo”) On our behalf Marketo will use the information generated by a cookie for the purpose of evaluating your use of the website and pages visited, compiling reports on website activity and providing other services relating to website, email and internet activity in connection with your use of the website. You may prevent the collection of the information generated by the cookie about your use of the website (including you IP address) and the processing of this data by Marketo by opting of tracking here.
1. Third Party Content and social media plug-ins
We use YouTube service in order to play videos directly from our website. This processing is based on Article 6 sec. 1 sent. 1 lit. f GDPR and represents our legitimate interest to improve your website experience and to optimize our services.
Your browser will directly communicate with YouTube, LLC
901 Cherry Ave.
San Bruno, CA 94066
3. Links to third party websites
IX: Information sharing
Your personal data will only be disclosed to a third party to the extent necessary to fulfil our contractual relationship . Legal basis for the transfer of your personal data is Article 6 sec. 1 sent. 1 lit. b and f GDPR and represents our legitimate interest to implement our general terms and conditions of business or any other agreements concluded with you.
For ebook sample requests and ebook orders purchased through the MIHE webshop. the order is delivered to Vitalsource.com platform for you to review and download.
The information we send to Vitalsource.com is just for the fulfilment of the order to your account on Vitalsource.com
• Your full name
• Email address
• Institution name (for ebook samples)
• Country of residence
• Book ordered
In order to access your ebook on Vitalsource.com you will need to create an account on Vitalsource.com.
We may disclose anonymous aggregate statistics about users of the website in order to describe our services to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics will include no personal data.
We may disclose your personal data if legally entitled or required to do so (for example if required by law or by a court order).
X. Cross border data transfers
Within the scope of our information sharing activities set out above, your personal data may be transferred to other countries (including countries outside the EEA) which may have different data protection standards from your country of residence. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures to maintain an adequate level of data protection when sharing your personal data with such countries.
In the case of a transfer outside of the EEA, this transfer is safeguarded by either Privacy Shield or EU Model Clauses. You can find further information about the aforementioned safeguards by contacting the Group Data Protection Officer via Customer Relations.
XI. SecurityWe have reasonable state of the art security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal data. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our website whilst it is in transit over the internet and any such submission is at your own risk.
XII. Data retentionWe strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
XIII. Your rights
Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:
1. require (i) information whether your personal data is retained and (ii) access to and/or duplicates of your personal data retained, including the purposes of the processing, the categories of personal data concerned, and the data recipients as well as potential retention periods;
2. request rectification, removal or restriction of your personal data, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or (iii) the consent on which the processing was based has been withdrawn;
3. refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
4. object, out grounds relating to your particular situation, that your personal data shall be subject to a processing. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal data or present you our compelling legitimate grounds for an ongoing processing; and/or
5. take legal actions in relation to any potential breach of your rights regarding the processing of your Personal data, as well as to lodge complaints before the competent data protection regulators.
6. require (i) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (ii) to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller;
7. not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or affects you with similar significance.
You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding our data processing by contacting us under the contact details set out below.
The information you provide when contacting us will be processed to handle your request and will be erased when your request is completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements.