Skip to main content

Privacy Statement

We are pleased that you have visited this website. To continue to improve the attractiveness of our website, we continually optimize the site’s functions and services. In doing so, security is a priority for us. You trust us with your personal data when you use our website. We know that this trust is to be valued. That’s why we handle your data with special care.

In the following, we will inform you about how your personal data are collected when you use our website. Personal data means all data that personally relate to you, e.g., name, address, e-mail address(es), user behavior. We have taken extensive technical and operational precautions to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are reviewed regularly and adapted to take technological progress into account.

1 Controller for data processing

The controller pursuant to Article 4 Paragraph 7 of the EU General Data Protection Regulation (GDPR) is

Hogrefe Verlag GmbH & Co. KG
Merkelstraße 3
37085 Göttingen, Germany
Tel. +49 551 999 50 0
[email protected]

2 Option to contact the Data Protection Officer

You can contact our Data Protection Officer at [email protected] or via our postal address, adding an FAO for ‘Der Datenschutzbeauftragte/The Data Protection Officer’.

3 Your rights

You have the following rights with respect to personal data that relate to you:

3.1 General rights

You have a right to information, rectification, erasure, restriction of processing, objection to processing and data transferability. If processing is based on your consent, you have the right to revoke this consent with future effect.

3.2 Data processing rights based on legitimate interests

Pursuant to Article 21 Paragraph 1 of the GDPR, you have the right to object against the processing of personal data that relate to you that takes place on the basis of Article 6 Paragraph 1 e of the GDPR (data processing in the public interest) or based on Article 6 Paragraph 1 f of the GDPR (data processing for the purposes of legitimate interests); this also applies to profiling supported by this provision. If you object, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights, and freedoms, or if processing serves to assert, exercise, or defend legal claims.

3.3 Rights for direct advertising

If we process your personal data to directly advertise to you, you have the right to object to the processing of the personal data that relate to you for the purposes of such advertising at any time, pursuant to Article 21 Paragraph 2 of the GDPR; this also applies to profiling if it relates to such direct advertising.

If you object to processing for the purposes of direct advertising, we will no longer use your personal data for these purposes.

3.4 Right to complain to a supervisory authority

You also have the right to complain to a responsible data protection supervisory authority about us processing your personal data.

4 Collecting personal data when you visit our website

When simply using the website for informational purposes, i.e., if you don’t register or send us information in another way, we only collect personal data that your browser sends to our server. If you want to view our website, we collect the following data that are required for technical reasons in order for us to display our website and guarantee its stability and safety. The legal basis for this is Article 6 Paragraph 1 f of the GDPR:

IP address, date and time of request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, respective volume of data transmitted, website that the request has come from, browser, operating system, and the interface, language, and version of browser software.

These data cannot be used by us to identify the individual user. This information is only evaluated by us in an anonymized way for statistical purposes.

5 Contacting us by e-mail or via the contact form

When you contact us by e-mail or via the contact form, we store data you have shared to respond to your question or issue. If we ask for information via our contact form that is not required in order for you to get in touch, we mark this as optional. This information is used to clearly define your request and to improve how your concern is processed. This information is explicitly provided on a voluntary basis and with your consent; Article 6 Paragraph 1 a of the GDPR. If this information relates to channels of communication (for example, e-mail address, phone number), you are also agreeing that we may contact you via these channels of communication where necessary in order to respond to your concern. You can of course withdraw this consent with future effect at any time.

We delete such data when they no longer need to be saved, or we restrict their processing if legal retention periods apply.


6 Registration and client account

You have the option of registering with us for a client account. We collect and store the following data about you for registration:

  • Prefix/Title
  • First name
  • Last name
  • E-mail (user name)
  • Password
  • Address

We use a ‘double opt-in process’ for registration, i.e., your registration is only confirmed if you have first confirmed your registration by clicking on the link in a confirmation e-mail sent to you. The above-mentioned data is mandatory; however, all other information can be provided on a voluntary basis via our portal.

After successful registration, you are given personal, password-protected login details and you can view and manage the data you have saved. Registration is voluntary, but may be required to use our services.

If you use our portal, we store data about you that are required to fulfil the contract, and information about the payment method, where necessary, until your access expires. We also store data provided by you on a voluntary basis for as long as you use the portal, unless you delete this beforehand. You can manage and change all information in the protected client area. The legal basis for this is Article 6 Paragraph 1 a, b and f of the GDPR.

7 Online orders - Shop

If you place an order with us online through our website, we collect various data required to conclude the contract. The legal basis for this is the conclusion and execution of a contract based on Article 6 Paragraph 1 b of the GDPR. Data are stored for the duration of the contract and in accordance with legal obligations. We use a number of payment service providers to process payments (for this website Braintree, a service of PayPal, Inc.), which are always specified and directly accept your input, and are therefore the recipients of your personal data collected in connection with the payment process. The legal basis for using payment service providers is contract processing pursuant to Article 6 Paragraph 1 b of the GDPR. Data for payment purposes are stored for the duration of payment processing.

8 Using cookies

Cookies are stored on your machine when you use our website. Cookies are small text files that are stored on your hard drive, assigned to the browser you are using, and used to send specific information to the party that has placed the cookie on your machine. Cookies cannot run any programs or place any viruses on your computer. They are used to make the website more user-friendly and effective overall. We also use cookies to be able to identify you when you visit us again if you have an account with us. Otherwise, you are required to log in again each time you visit.

This website uses the following types of cookies, the extent and functionality of which are outlined below:

8.1 Transient cookies

These cookies are automatically deleted when you close your browser. This particularly includes session cookies. These store a ‘session ID’, which is used to assign requests from your browser to the overall session. This means that your machine can be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

8.2 Persistent cookies

These cookies are automatically deleted after a set period of time that the cookie can distinguish between. You can delete cookies at any time through your browser’s security settings.

8.3 Preventing cookies

You can configure your browser settings based on your requirements and can reject third-party cookies, or all cookies, from being accepted. Please note this may mean you are unable to use all of the functions of this website.

8.4 Legal bases and retention period

The legal bases for any potential processing of personal data and the retention period vary and are outlined in the following sections.

9 Website analysis

We use various services to analyze and optimize our website, and we have outlined these below. We use these services to analyze how many users visit our site, what information is most frequently requested, and how users find the website. Data that we collect include information concerning which websites bring a data subject to a page (‘referrer’), what subpages are accessed on the website or how often and for what period of time a subpage is visited. This helps us to make our website more user-friendly and also helps us to improve it. The data collected are not used to personally identify individual users. Anonymous or highly pseudonymized data is collected. The legal basis for this is Article 6 Paragraph 1 f of the GDPR.

9.1 Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Use includes the Universal Analytics operating mode. This allows us to assign data, sessions, and interactions across multiple devices to a pseudonymised user ID, meaning that we are able to analyze user activities across devices.

Google Analytics uses cookies to allow use of the website to be analyzed. The information generated by the cookie about your use of this website is usually sent to a Google server in the USA, where it is stored. If IP anonymisation is activated on this website, your IP address is truncated by Google within the European Union Member States or in other signatory states to the Agreement on the European Economic Area before it is sent. Only in exceptional cases is the full IP address sent to a Google server in the USA and truncated there. The IP address sent from your browser in the context of Google Analytics is not associated with other Google data. Google evaluates your use of the website on behalf of its operator in order to use this information to compile reports about the website activity and to provide other services to the website operator associated with use of the website and the internet. We also have legitimate interests in data processing for these purposes. The legal bases for using Google Analytics is Section 15 Paragraph 3 of the Telemedia Act (Telemediengesetz, TMG), and Article 6 Paragraph 1 f of the GDPR. Data sent by us that are linked to cookies, user identifiers (e.g., user ID), or advertising ID is automatically deleted after 38 months. An automatic deletion process is carried out once a month for data that have exceeded thier retention period. You can find more information about the conditions of use and data protection at https://www.google.com/analytics/terms/ or at https://policies.google.com/?hl.

You can prevent cookies from being saved on your computer or device by changing your browser settings; please note that in this case, you may not be able to use all of this website’s functions to their full extent. In addition, you can prevent Google from recording data generated by the cookie that relates to your use of the website (including your IP address) and processing such data by downloading and installing https://tools.google.com/dlpage/gaoptout?hl=en. Opt-out cookies prevent your data from being recorded when visiting this website in future. To prevent Universal Analytics recording across a number of devices, you must run opt-out on all of the systems you use. Click here to save the opt-out cookie:

Deactivate Google Analytics

10 Data transfer

Your data will not be transferred to third parties unless we are legally obliged to do so, if we are required to transfer data to execute the contractual relationship, or if you have previously given your express consent for your data to be transferred.

External service providers and partner companies, such as online payment providers or shipping companies engaged for deliveries, only receive data if this is required in order to process your order. In these cases, the scope of the data transfer is restricted to the required minimum. If our service providers come into contact with your personal data, we ensure that they comply with the provisions of data protection laws to the same extent that we do, as part of contract processing pursuant to Article 28 of the GDPR. Please also take note of the each provider’s privacy policy. The respective service provider is responsible for the content of third-party services, whereby we review the services for compliance with legal requirements, where this is reasonable.

11 Data security

We have taken extensive technical and operational precautions to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are reviewed regularly and adapted to take technological progress into account.

Hogrefe Verlag GmbH & Co. KG, May 2018