Data protection policy HUSS VERLAG GmbH

Data protection policy (german) / Datenschutzbestimmungen (deutsch) »

 

Part 1: Information on data protection regarding our data processing pursuant to Articles (Art.) 13, 14, and 21 of the General Data Protection Regulation (GDPR)

We greatly appreciate your interest in our website and the services we offer. We view the protection of your personal data as a highly important matter.

We have implemented both technical and organizational measures to ensure that any of your personal data processed via our website are protected as effectively as possible. Nevertheless, Internet-based data transmissions can be subject to security gaps, which means complete protection cannot be guaranteed.

With this data protection policy we wish to inform you how and for which purposes we collect and process your data and which claims and rights you are entitled to according to data protection regulations.

1. Name and contact details of the data controller

This data protection policy applies to data processed by
(data controller):

HUSS-VERLAG GmbH
Joseph-Dollinger-Bogen 5
D-80807 Munich
E-Mail: info@huss-verlag.de
Telefon: +49 (0) 89-32391-0
Website: www.huss-verlag.de

The publisher's data protection officer can be contacted at the following address:

Jörg Hermann
jmh datenschutzberatung
Freibadstr. 30
D-81543 Munich
Telephone: +49 (0)89 200 033 580
E-Mail: info@jmh-datenschutz.de
Website: https://jmh-datenschutz.de

2. Extent of personal data processing

As a matter of principle, we collect and process the personal data of our users only to the extent necessary to provide visitors with a functional website that displays our content and services.

Personal data are those data with which you can be personally identified. Processing is defined as any procedure relating to personal data, including collection, recording, filing, storing, adaptation, alteration, disclosure, and any other type of use.

We collect and process our users' personal data in accordance with the following policy. Further details or additions to the purposes of data processing are available in the relevant contractual documents, forms, declaration of consent, and/or other information provided to you.

3. Legal basis for processing personal data

3.1. Assuming we obtain the prior consent of the data subject to process their personal data, Art. 6 (1a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. You may revoke your consent at any time. You will be informed separately about the consequences of revoking or not granting consent in the relevant text pertaining to consent.

As a general rule, however, consent can only be effectively revoked for any future processing. Any processing performed prior to revocation is not affected and remains lawful.

Consent: Any voluntarily given specific and informed indication of the wishes of the data subject, in the form of a statement or other unambiguous affirmative act, by which the data subject signifies agreement to their personal data being processed.

3.1.1 In particular, when you register for our newsletter, we use your name and e-mail address to send you our personalized newsletters on a regular basis. In order to receive a newsletter, you only need to provide us with an e-mail address. When we receive a registration for the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration assigned by the Internet Service Provider (ISP) as well as the date and time of registration. It is necessary to store these data in order to trace any (possible) misuse of a data subject's e-mail address at a later point in time, thus providing the data controller with legal protection.

No other data are collected, unless you provide them voluntarily.

Registration is carried out with the help of the so-called "double opt-in" procedure, i.e. you receive an e-mail with a link, via which you can confirm that you are the owner of the e-mail address and wish to be notified via our e-mail service. If your subscription is not confirmed after requesting the confirmation e-mail, the personal data you have provided will not be processed, but automatically disabled and deleted at the next data check (usually within one week).

The legal basis for sending the newsletter as a result of the sale of goods or services is provided under Section 7 (3) of the Act against Unfair Competition (UWG).

Once you have registered, you can unsubscribe from the newsletter by clicking on the link contained in each newsletter. The e-mail address together with the identifying information will be stored until you unsubscribe.

Based on our legitimate interests, we may store unsubscribed e-mail addresses for up to three years before deleting them, in order to prove that consent was previously given. The processing of these data is limited to the purpose of a possible defense against any claims. An individual request for deletion may be made at any time, provided that the previous existence of a consent is simultaneously confirmed. In the event of obligations to permanently comply with objections, we reserve the right to store the e-mail address in a blacklist created solely for this purpose.

3.1.2 If you have questions of any kind, we offer you the option to contact us via a contact form provided on our websites. You need to provide your name and a valid e-mail address so that we know who sent the question and to enable us to answer it. When the form is sent, it is necessary to temporarily store the IP address in order to guarantee the secure operation of the website and its underlying IT systems.

Further information can be given on a voluntary basis.

Voluntary fields in the form are those not clearly marked as mandatory with a red asterisk. We also use your address, telephone number, or other personal data to contact you in case of any queries, to enter into a contract with you, to send you any goods you have ordered, or to otherwise adequately respond to your question.

Any data processed in the course of contacting us is based on your voluntarily given consent, which can be revoked at any time. Any data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or if the purpose of storing the data is no longer applicable (e.g. after we have completed processing your request). Mandatory legal provisions, particularly retention periods, remain unaffected.

3.1.3 Registration/user account

You can set up a password-protected user account with us, especially for the HUSS Shop and for some magazine subscriptions, in which we store your personal data. The user account serves to provide you with a high level of convenience when it comes to handling your orders through easier, faster, and more personalized purchase processing as well as making it easier to manage your user profile. However, it is not necessary to create a user account to use our website or place orders with us, as we also offer you the option to place an order as a guest. However, as a guest you will have to completely re-enter your data each time you place an order.

To set up a user account, we require the following information from you:

  • Salutation
  • First name, surname
  • Address
  • Payment details if you do not pay by invoice
  • A valid e-mail address

You also need to enter a password of your choice to set up a user account. Together with your e-mail address, the password enables you to access your user account, where you can view and change your personal data at any time.

To clarify any queries you may have more quickly, you can also voluntarily provide your telephone or fax number. You can also voluntarily state your occupation, company, department, and country.

After your user account is deleted, your data will be automatically deleted for further use, unless we are required to store them for a longer period of time pursuant to Article 6 (1c) GDPR due to tax and commercial law retention and documentation obligations (contained in HGB, StGB, or AO regulations) or if you have consented to further storage pursuant to Article 6 (1a) GDPR.

Any data absolutely required for delivery or order processing are passed on to third-party service providers. As soon as your data no longer need to be stored or are no longer required by law, they will be deleted.

3.1.4 Competitions

We require personal data from persons who participate in any of our competitions (first name, surname, address, e-mail address, telephone number). We store these personal data in order to conduct and process the competition by name, identify you as a possible winner, or inform you of a possible win, and to respond to any questions to and from participants and winners. If you have won, we require your address in order to send you your prize.

Apart from the data collected via the participation forms, we store the time of participation as well as information on the browser used, the IP address assigned at the time of participation, and the last website visited by the participant. This information can help us in any troubleshooting that may be necessary and to answer questions from participants in the competition. In addition, this method enables us to identify participants who do not participate personally, but via competition services.

We process your personal data for the purpose of conducting the competition on the basis of Art. 6 (1b) GDPR.

By entering the competition, you consent to receiving e-mails (e.g. entry confirmation, prize notification, etc.) and to the publication of your first name and surname on our website as well as in our publications in connection with any prize you may win.

If we conduct competitions together with cooperation partners, your data will be forwarded to the cooperation partner responsible for awarding the prizes. Our cooperation partner(s) are named in each respective competition. We will only pass on the winners' personal data to the extent required by us or our cooperation partners to award or claim the prize.

Subject to legal retention periods, your personal data will be deleted no later than one month after the end of the competition. Your personal data will also be deleted if you have revoked your consent to processing, unless mandatory legal retention periods prevent it.

For more information on your rights, see Section 12.

Consent to use your photo

By participating in the competition, you consent to your photo being published on our website in the event that you win. You may revoke your consent at any time.

If consent has not been given, publication is based on our legitimate interest as organizer to publish the name of the winner of the competition, Art. 6 (f) GDPR.

3.2 When processing personal data that are necessary to fulfill a contract to which the data subject is a party, Art. 6 (1b) GDPR serves as the legal basis. The same applies to processing needed to perform pre-contractual measures, e.g. with interested parties.

In particular, the processing thus helps to provide media services, face-to-face or online events, purchases of products or services, consulting services and activities in the context of direct advertising and market research in accordance with your orders and wishes, and include the services, measures, and activities required to do so.

The following personal data are collected and processed when orders are placed:

  • Salutation
  • Company
  • First name, surname
  • Address
  • Payment details if you do not pay by invoice
  • A valid e-mail address

You can also provide further information on a voluntary basis. These data are processed on the basis of our legitimate commercial interest pursuant to Art. 6 (1f) GDPR to ensure the smooth, easy processing of your order and the efficient handling of any queries.

  • Title
  • Telephone number
  • Fax number
  • An alternative delivery address

3.2.1 Information regarding the use of apps

If we become your contractual partner in accordance with the applicable terms of use of a third-party provider from whom you download an app (such as iTunes, Google, etc.), we will process the data provided to us by the third-party provider, e.g. your device ID, to the extent necessary for the fulfillment of the contract so that you can download the app to your mobile device.

As a precaution, we wish to point out that when you use our products, online offers, and services via mobile devices (smartphones, mobile phones, tablets, etc.), precise location data may be collected, used, and passed on, including the geographical location of your mobile device. Moreover, further data may be collected, processed, and used within the framework of the terms of use of your respective telecommunications provider.

3.2.2 Face-to-face events

Processing personal data

At our face-to-face events (trade shows, congresses, seminars, workshops, etc.), in the course of registration we collect data from participants such as their first name, surname, title, address, and e-mail address as well as their company, professional position, and industry as mandatory information. Firstly, the information enables us to determine whether the participants have a professional connection to the particular event and secondly, we can use their personal data sets to implement "lead management" offers.

For lead management purposes, participants can have the barcode or QR code printed on their ticket scanned, e.g. by exhibitors, to enable them to subsequently access your data for promotional purposes or to provide discounts and vouchers from exhibitors or sponsors. In the context of lead management, the legal basis set out in Art. 6 (1a) GDPR applies. Participants give their consent to data processing by having their QR code scanned by the exhibitor, sponsor, or organizer.

Furthermore, we process the data collected pursuant to Art. 6 (b) GDPR in order to fulfill the existing contract with a participant, usually for the purpose of attending the event. This also includes the associated customer support, in particular the provision of participants with necessary and useful information during the planning, registration, participation, and follow-up of a face-to-face event.

On our websites, interested parties, exhibitors, and participants have the opportunity to order programs and catalogs for our events. In order to do so, we require the first name, surname, e-mail address, and the desired postal address. Any further information can be provided on a voluntary basis.

Any companies wishing to participate in our events as exhibitors are required to send us registration documents or complete an online form. In the course of registration, we collect all the data required to process the statement of participation and to prepare, organize, and process the participation.

In the case of accredited press representatives, an agreement is concluded through the application and acceptance of the accreditation, which also forms the legal basis for processing the data of accredited press representatives pursuant to Art. 6 (1b) GDPR.

If the data are not processed for the purpose of fulfilling a contract, they are processed on the basis of our legitimate interest pursuant to Art. 6 (1f) GDPR.

This applies in particular to the processing and use of exhibitors' and participants' data for the purpose of advertising by post or e-mail. The data are processed in order to inform exhibitors and participants about our events and related topics and products as well as to promote the commercial activities of our company, in particular to improve the range of events we offer.

In specific terms, our legitimate interest lies in the fact that the collection and processing of this data supports and promotes the implementation and organization of the face-to-face event and partially enables its continued existence.

In this context, we also assume that the participants in the face-to-face event are well aware from our transparent information policy that the face-to-face event could not continue to exist without the willingness to enable data processing and data transfer to the exhibitors or that unreasonably high participation fees would have to be charged, which in turn would prevent the majority of interested parties from continuing to attend the event. The data are therefore not only processed in the interest of the data controller, but at least to an equal degree in the interest of each individual participant and therefore also in the interest of all participants in the face-to-face event.

In the case of e-mails, we analyze usage behavior on the basis of Section 7 (3) of the Act against Unfair Competition (UWG) in order to advertise our events and services in a more target group-oriented manner. The legal basis for the analysis is our legitimate interest in direct advertising tailored to the requirements of the addressees, which is in line with the interest of e-mail recipients in only receiving information that is of interest to them. Your rights and freedoms have been weighed against this interest and are deemed to be of secondary importance.

You may object to the future sending of e-mails for the purpose of direct advertising at any time by writing to HUSS-VERLAG GmbH, Joseph-Dollinger-Bogen 5, D-80807 Munich (e-mail: datenschutzrichtlinie@hussverlag.de).

After the contract has been fully processed, as soon as our interest in further processing has ceased or if you have revoked any consent you may have given, your data will be deleted, taking into account the retention periods under tax and commercial law, unless you have expressly consented to the further use of your data.

Photos/films

We wish to point out that photos may be taken and video recordings made during face-to-face events. These photos and/or videos may be subsequently published in various media (print as well as online media and social media channels).

The legal basis for the recording of photo and video material is Art. 6 (1f) GDPR. The photographs and video recordings are created for the purposes of reporting, marketing, public relations, and the informative presentation of our commercial services. Our legitimate interest in data processing also relates to these purposes. The photos and videos will be deleted as soon as they are no longer necessary to achieve the purpose for which they were processed.

If you do not wish to be photographed, please make this fact clear to the photographer.

Disclosure of data to third parties

Your personal data will only be passed on to third parties to the extent legally permissible and necessary for processing contractual relationships with you pursuant to Art. 6 (b) GDPR. This includes, in particular, disclosure to event partners for the purpose of planning and organizing the event as well as disclosure to service providers, such as, in the case of payment data, to the payment service provider or credit institutions, in order to process the payment of participation fees.

If participants have redeemed an entry code for a ticket from an exhibitor, we will pass on their personal data to the exhibitor who invited them. Details of the exhibitor are available in the list of exhibitors of a trade show, alongside their respective contact details. This is necessary so that we can offer the face-to-face event at the given conditions. Otherwise we would have to offer the face-to-face event at a higher price.

The legal basis for transmitting the data to the exhibitor is Art. 6 (1f) GDPR.

3.2.3 Online events

On the software platform of Converve GmbH we offer digital event formats for our customers and interested parties, including live seminars, product presentations, panel discussions, and interviews. Event attendees and partners can interact with one another by networking within the event platform via tools such as messaging, appointment scheduling, and video chats.

By entering your personal data and confirming your registration and login with a mouse click, you agree to the use of your data for the following purposes:

Processing personal data

The participant must be registered and admitted in order to make full use of the online events. During these processes, we collect company data as well as the personal data of the contact person in order to ensure the best possible implementation of the online event.

During the use of the platform for the online event, we collect the following data:

  • IP address – anonymized
  • User's operating system
  • Time the user is online
  • Password
  • Other information (chat option via third-party providers)

In the course of the registration/admission process, we currently collect the following personal data, among others, as mandatory information from the contact person:

  • Salutation
  • Company
  • Position or function
  • First name
  • Surname
  • Address
  • Contact details (e-mail address)

The user can obtain details of all mandatory and other voluntary information from the current registration form as part of the registration/admission process.

We use the stored data to ensure that the services offered by the online event are implemented and processed (e.g. to manage and answer inquiries, send registration confirmation to your specified e-mail address, identify participants, sell tickets, process warranty claims or other complaints, send scripts, conduct presentations after an online event has ended, repeat the online event, etc.) and to improve our website (legal basis Art. 6 (1b) GDPR). In the case of online events, this data is also used for identification purposes when interacting with the speaker via the chat function, assuming this option is offered in an online event.

If these data are not provided, we are unfortunately unable to register the participant for one of our online events. We do not use automated decision-making processes.

Unless a case of contract fulfillment pursuant to Art. 6 (1b) GDPR already exists, the legal basis pursuant to Art. 6 (1f) GDPR is our legitimate interest in our own addressee-oriented direct advertising by means of e-mail or postal mailing for sector-related or comparable offers from our line of business (online events and product information) in order to achieve long-term customer loyalty. This approach is in line with the interest of participants in only receiving information from us that is also of interest to them, such as pre- and post-event reports, or information on further dates and subsequent events following an online event.

If participants have objected to the use of their postal and e-mail addresses for this purpose (datenschutzrichtlinie@hussverlag.de), we will no longer send them information by post or e-mail in the future.

We delete the data as soon as they are no longer required to achieve the purpose of their processing, but at the latest after consent has been revoked, unless there is a legitimate interest in their continued storage.

Disclosure of data to third parties

Cooperation partners

The participation contract also includes data processing for the purpose of passing on the data to cooperation partners (such as co-organizers, sponsors, or advertising partners) in return for the free or low-cost opportunity to participate in the online event.

We pass on the personalized data of participants (if requested: company, title, first name, surname, position/function, address, e-mail address) to our respective cooperation partners for the purpose of conducting the online event pursuant to Art. 6 (b) GDPR as well as for sending direct advertising with regard to sector-related or comparable online events as well as product information by e-mail. These cooperation partners can be viewed by name in the program documents during the online event.

If we do not have the separate consent of the respective participant, the participants' data will be passed on to the cooperation partners for the purpose of direct advertising in accordance with a balancing of interests pursuant to Art. 6 (f) GDPR.

The participants are aware that the personal data provided by them represent the contractual consideration that is provided in return for the free or low-cost provision of the online event.

In this context, we assume that due to our transparent information policy the participants in the online event are well aware that the event could not continue to exist without their willingness to enable data processing for the data transfer to cooperation partners or that unreasonably high participation fees would have to be charged, which in turn would discourage the majority of interested parties from participating. Without the cooperation partners and the sponsoring, we would be unable to offer any of the online events at the stated conditions.

The data are therefore not only processed in the interest of the data controller, but at least to an equal degree in the interest of each individual participant and therefore also in the interest of all participants in the online event.

Furthermore, the disclosure of data (company, title, first name, surname, position/function, address, e-mail address) can be justified via Art. 6 (f) GDPR with the legitimate interest of the cooperation partners. Since this event is jointly organized together with the cooperation partners, these partners have a fundamental interest in knowing who attends the event. In particular, the cooperation partners have a sales-related interest in knowing who participates in the event. This represents a legitimate interest and a characteristic, particularly in terms of the sponsoring or participation of our partners and customers in the event. The aim of any such participation is always to promote the sale of products and services and is thus in the primary interest of our cooperation partners to organize or sponsor events together with us.

We only process and use your data in accordance with the provisions of German and European data protection law. Furthermore, the cooperation partners are required to process the data we have entered and transmitted exclusively for the intended purpose and in accordance with the law. The cooperation partners are independently responsible for the further processing of the data transmitted via this method and their use.

Assuming the requirements of Art. 26 GDPR are met, together with the cooperation partner we are jointly responsible for data processing until the data are transferred to the cooperation partner. In this case, we have concluded a contract with the cooperation partner regarding the joint responsibility for data processing, which essentially states that as of the transmission of the data to the cooperation partner, the latter is solely responsible for the further processing of the data. Requests for information and other data subject rights can be asserted both with us and with the cooperation partner.

You may object to the future processing and disclosure of your transmitted data by the organizer at any time by writing to HUSS-VERLAG GmbH, Joseph-Dollinger-Bogen 5, D-80807 Munich or by e-mail to datenschutzrichtlinie@hussverlag.de.

If a cooperation partner processes and uses the participant's data that were provided by us, it is advisable to contact the respective cooperation partner directly at the revocation e-mail address provided in the cooperation partner's data protection statement for the purpose of objecting and asserting further data subject rights. Details of the various cooperation partners are available in the online event program alongside their respective contact details.

Otherwise, the following applies to all your rights and enquiries: If you contact us, we will answer your enquiry ourselves to the extent that we are able to do so on the basis of our own data processing and will otherwise pass on your enquiry directly to the cooperation partner with the request that it be dealt with, as we have no insight into how the cooperation partner processes its data.

Provider customers

Within the framework of our online events, participants can register for networking and/or online events organized by our provider customers (generally the providers of their own events such as webinars, workshops, live chats, and product information within the framework of our online events).

During the event, our respective provider customer is able to see which users have visited the online events it has held, as well as the data stored about the users. This includes all the data that each user provided during registration (salutation, first name, surname, position, company, e-mail address). In addition, depending on the business model (networking only), the provider customer can gain insight into the data of all registered users. Users who have registered and logged in agree to the forwarding of this data to the provider customers.

The provider customers process and use the data solely in accordance with the provisions of German and European data protection law. The regulations set out in this policy apply accordingly.

On the basis of Art. 6 (1f) GDPR, we transmit the registration data of the users to the provider customers to implement so-called "lead management" offers. The individual events organized by the provider customers within the scope of our online events are offered to the users either free of charge or at low cost. The provider customers receive the users' transmitted data from us in return. This is necessary to enable all participants to interact (dialog, networking, cultivating business relationships) and subsequently establish contact for the purpose of targeted direct advertising by mail and e-mail to promote comparable services and products offered by the provider customers from their line of business.

Moreover, that is the only way we can offer the online event at the given conditions. Otherwise, we would have to charge a higher price. With respect to the necessary balancing of interests, we have weighed up your interest in the confidentiality of your personal data and our interest in providing our online events. Your interest in confidentiality is of secondary importance, as otherwise we would not be able to provide you with our range of free events.

Any further processing of this data is the sole responsibility of the respective provider customer.

However, we and the provider customer are jointly responsible for data processing until the data are transferred to the provider customer (Art. 26 GDPR).

Once the data have been transmitted, the provider customer is solely responsible for the further processing of the data. Requests for information and other data subject rights can be asserted both with us and with the provider customer. If you contact us, we will answer your enquiry ourselves to the extent that we are able to do so on the basis of our own data processing and will otherwise pass on your enquiry directly to the provider customer with the request that it be dealt with, as we have no insight into how the provider customer processes its data.

We only pass on the above-mentioned data collected and entered by the system to third parties outside the scope described here in accordance with statutory provisions or with the express consent of the data subject.

Service providers used

To the extent that we use external service providers for the provision of our services (e.g. for hosting the event platform, technically implementing online events, offering the respective event functions, or payment processing), any disclosure of personal data is justified by the fact that we have either carefully selected our third-party companies and external service providers as order processors as defined under Art. 28 (1) GDPR, regularly reviewed them and contractually obligated them to process all personal data exclusively in accordance with our instructions or have jointly determined the purposes and means of processing as jointly responsible parties as defined under Art. 26 (1) GDPR.

Third-party software and platforms

In order to technically implement these online events, we use software applications from third-party providers, such as Converve GmbH (https://converve.de/datenschutzerklaerung/). As our online events take place via websites operated by third-party providers, personal data may be processed on those websites through the use of cookies (e.g. the IP address). We have no influence on the processing of such personal data by third-party providers. For this reason, please see the data protection policies of these third-party providers in the respective registration process.

The use of third-party providers may be part of our (pre-)contractual services, provided their use has been agreed upon within this framework (Art. 6 (b) GDPR). Otherwise, the participants' data are processed on the basis of our legitimate interest in efficient, secure communication with our communication partners (Art. 6 (f) GDPR).

Payment service providers

Within the framework of contractual and other legal relationships, due to legal obligations or otherwise on the basis of our legitimate interests, we offer participants efficient, secure payment options for products and services that are subject to a charge (e.g. purchasing a ticket for a Networking Pass) and, in addition to banks and credit institutions, we use other payment service providers for this purpose, such as Unzer GmbH (https://www.unzer.com/de/datenschutz/) and Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full/).

The data processed by the payment service providers can include personal data such as first name, surname, and address, bank data such as account numbers, credit card numbers, passwords, TANs, and checksums as well as contract-, amount-, and recipient-related data. The information is required in order to conduct the transactions. However, the data entered are processed and stored solely by the payment service providers. In other words, we do not receive any account- or credit card-related information, but only confirmation of payment or non-payment. Under certain circumstances, the payment service providers may transmit the data to credit agencies in order to check identity and creditworthiness. For more information, please see the general terms and conditions and the data protection policies of the payment service providers.

The terms and conditions and the data protection policies of the respective payment service providers, which are available within the respective websites or transaction applications, are applicable for the payment transactions. Please see these documents for further information, also with regard to the assertion of revocation, informational, and other data subject rights.

The legal bases are Art. 6 (b) GDPR and Art. 6 (f) GDPR.

3.3 Should the processing of personal data be necessary to fulfill a legal obligation of our company, Art. 6 (1c) GDPR serves as the legal basis.

These are primarily legal requirements (e.g. commercial and tax laws) but also regulatory or other official requirements under certain circumstances. The purposes of the processing may include identity and age verification, fraud and money laundering prevention, the prevention, combatting, and investigation of criminal offences endangering assets, the fulfillment of controlling and reporting obligations under tax law, and the archiving of data for data protection and data security purposes as well as auditing by tax and other authorities. Furthermore, it may become necessary to disclose personal data in the context of official or court measures for the purpose of collecting evidence, criminal prosecution, or the enforcement of civil claims.

3.4 If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not override the initially mentioned interest, Art. 6 (f) GDPR serves as the legal basis. According to Recital 47 of the GDPR, this is the case, for example, if there is a relevant and appropriate relationship between the data subject and the data controller, such as if the data subject is a customer of the data controller. But also for the following purposes:

  • To ensure the smooth connectivity of the websites
  • To ensure that our websites are easy to use
  • To analyze system security and stability
  • For other administrative purposes
  • For advertising or market and opinion research, assuming you have not objected to the use of your data
  • To obtain information and exchange data with credit agencies, provided this exceeds our economic risk
  • To test and optimize requirements analysis procedures
  • To further develop services and products as well as existing systems and processes
  • Statistical or market analyses
  • To assert legal claims and for reasons of defense in legal disputes that are not directly attributable to the contractual relationship
  • To develop scoring systems or automated decision-making processes

For building and plant security (e.g. via access controls and video surveillance), to the extent that this goes beyond the general duty of care

4. Providing the websites and creating log files

Each time you visit our website, our system automatically collects data and information from the system of the computer used to do so. The following data are collected:

  • (1)    Information on the type of browser and the version used
  • (2)    The user's operating system
  • (3)    The user's Internet Service Provider
  • (4)    The user's IP address
  • (5)    The date and time of access
  • (6)    Websites from which the user's system accesses our website
  • (7)    Websites that are visited by the user's system via our websites

The data are also stored in our system's log files. These data are not stored together with the user's other personal data.

The data are stored in log files in order to ensure the functionality of the websites. We also use the data to optimize our websites and ensure the security of our IT systems. The data are not analyzed for marketing purposes in this context.

The legal basis for the temporary storage of the data and the log files is Art. 6 (f) GDPR.

The data are deleted as soon as they are no longer required to achieve the purpose for which they were processed and after no later than 14 days.

In order to provide and operate the websites, it is absolutely necessary to collect the data and store it in log files. Consequently, the user does not have the option to object to their use.

5. The categories of data we process, if we do not receive data directly from you, and their origin

To the extent necessary to provide our services, we process personal data legally received from other companies or other third parties (such as credit agencies or address publishers). We also process personal data that we have lawfully obtained, received, or acquired from publicly accessible sources (such as telephone directories, commercial and association registers, civil registers, debtor directories, the press, the Internet, and other media) and are permitted to process.

Relevant categories of personal data can include in particular:

  • Personal data (name, profession, industry, and similar data)
  • Contact details (address, e-mail address, telephone number, and similar data)
  • Address data (registration data and similar data)
  • Confirmation of payment/coverage for bank and credit cards
  • Information on your financial situation (creditworthiness data including scoring, i.e. data for assessing economic risk)
  • Customer history
  • Data regarding your use of the telemedia we offer (such as the time at which you visited our websites, apps, or newsletters, pages, and links you clicked on or entries and similar data)

6. Recipients or categories of recipients of your data

Within our company, only authorized employees receive your data who require it in order to fulfill our contractual and legal obligations or in the course of processing and implementing our legitimate interests. Your data are only passed on externally

  • In order to process a contract
  • In order to fulfill legal requirements according to which we are required to provide information, report or pass on data, or if the passing on of data is in the public interest
  • If external service providers process data on our behalf as order processors or function transferees (e.g. customer service centers, delivery companies, letter shop services, accounting services, hosting service providers, advertising agencies, external data centers, IT applications support/maintenance, archiving, document processing, call center services, compliance services, controlling, data validation and plausibility checks, data destruction, purchasing/procurement, customer administration, marketing, media technology, research, risk controlling, billing, telephoning, website management, auditing services, credit institutions, printers, data disposal specialists, courier services, logistics services)
  • On the basis of our legitimate interest or the legitimate interest of the third party for the purposes stated (e.g. to authorities, credit agencies, debt collection agencies, lawyers, courts, appraisers, HUSS Group companies – addresses of which are available on our website – committees, and supervisory bodies, etc.)
  • If you have given us consent to transfer your data to third parties

Order processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the data controller.

7. Disclosure of data

The data collected will only be sold or passed on to third parties for other reasons if you have given us your express consent or if there is a legal reason for allowing address trading and advertising in accordance with a balancing of interests (Art. 6 (f) GDPR in conjunction with Recital 47 GDPR). This applies in particular to our address trading with B2B addresses. You may object to the use of your personal data for the purpose of direct advertising at any time.

If we commission external service providers to perform order processing, your data are subject to the same security standards externally as they are within our company. In all other cases, the recipients may use the data only for the purposes for which they were transmitted to them.

8. Use of links to and from external providers

Please note that our websites contain links to external third parties (e.g. advertising banners) and that links may be mentioned in articles. If you click on any of these links, you will find yourself on the website of a third party over whose data protection and security measures we have no control.

We do not monitor these websites and are not responsible for the content and data processing policies of third-party websites.

9. Processing of your data in a third country or by an international organization

Visiting our website or using our services may involve the transfer of certain personal data to third countries, i.e. countries where the GDPR is not applicable by law. A transfer of this nature is permissible if the European Commission has determined that an adequate level of data protection is provided in that third country. In the absence of an adequacy decision by the European Commission, personal data may only be transferred to a third country if appropriate safeguards are in place pursuant to Art. 46 GDPR or if one of the conditions of Art. 49 GDPR is met.

Unless otherwise stated below, we use the standard contractual clauses governing the transfer of personal data to processors in third countries as appropriate guarantees https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX%3A32010D0087.

10. Collecting and processing personal data from job applications and during the application procedure

We collect and process the personal data of job applicants in order to implement the application procedure. Processing may also be performed electronically, which is the case in particular when an applicant sends the relevant application documents to the data controller electronically, for example by e-mail or by completing a form available on the website. If the data controller enters into an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with statutory provisions. However, if the data controller decides not to enter into an employment contract with the applicant, once the applicant has been notified accordingly, the application documents will be deleted within a maximum period of 6 months after the application process has been completed, assuming no other legitimate interest of the data controller prevents their deletion. In this case, other legitimate interests could be, for example, a duty to provide evidence in possible proceedings in accordance with the General Equal Treatment Act (AGG). The legal basis for the processing is Art. 6 (1b) GDPR.

11. Data deletion and storage period

The personal data of the data subject are deleted or blocked as soon as the purpose of the storage ceases to apply. Furthermore, data may be stored as long as storage is provided for by the European or national legislator in EU regulations, laws, or other provisions to which the data controller is subject (such as storage and documentation requirements as defined in the German Commercial Code (HGB) or the German Fiscal Code (AO) as well as within the scope of statutory limitation provisions as defined in the German Civil Code (BGB). Data will also be blocked or deleted if a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

12. Your data protection rights

If your personal data are processed, you are a data subject as defined in the General Data Protection Regulation (GDPR) and therefore entitled to the following rights:

  • You have the right to receive information from us about any of your personal data we may have stored, their origin and recipients, and the purpose of the data processing in accordance with the rules set out in Art. 15 GDPR, possibly with restrictions pursuant to Section 34 of the Federal Data Protection Act (BDSG).
  • At your request, we will correct the data stored about you pursuant to Art. 16 GDPR if they are inaccurate or incorrect.
  • If you wish, we will delete your data in accordance with the principles of Art. 17 GDPR, provided no other legal stipulations (such as statutory retention obligations or restrictions pursuant to Section 35 BDSG) or an overriding interest on our part (e.g. to defend our rights and claims) prevent us from doing so.
  • Taking the requirements of Art. 18 GDPR into account, you have the right to request us to restrict the processing of your data.
  • Furthermore, you can object to the processing of your data pursuant to Art. 21 GDPR, on the basis of which we are required to cease processing your data. However, this right of objection only applies under very special personal circumstances, whereby the rights of our company may possibly conflict with your right of objection. See below for further details.
  • In line with the requirements of Art. 20 GDPR, you also have the right to receive your data in a structured, commonly used, machine-readable format or transmit them to a third party.
  • Furthermore, you have the right to revoke your consent to the processing of your personal data at any time with immediate effect.
  • You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for data protection issues is the Bavarian State Office for Data Protection Supervision (https://www.lda.bayern.de/de/impressum.html). However, we recommend firstly directing any complaints you may have to our data protection officer.

If possible, any requests about exercising your rights should be sent to our address above. An informal e-mail message is sufficient for this purpose. Information about your right of objection is contained in Art. 21 GDPR.

You have the right to object at any time to the processing of your data that is carried out on the basis of Art. 6 (f) GDPR (data processing based on a balancing of interests) if there are any grounds for doing so that relate to your particular circumstances. This also applies to profiling based on this provision as defined in Art. 4 (4) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims. We may also process your personal data for direct advertising purposes. If you do not wish to receive advertising, you have the right to object to this at any time; this also applies to profiling if performed in conjunction with any such direct advertising. We will comply with your objection with immediate effect.

13. Security

Our websites use SSL or TLS encryption for security reasons and to safeguard the transmission of confidential content, such as any orders or enquiries that you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the "lock" symbol in your browser line. If SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Moreover, we take precautions to protect your personal data from loss, destruction, falsification, tampering, and unauthorized access. We comply, of course, with the statutory data protection regulations of the Federal Republic of Germany.

Please note, however, that data transmission via the Internet is never completely secure. We cannot guarantee the security of any data entered on our website during their transmission via the Internet, which you do at your own risk.

14. Amendments to this data protection policy

Changes to the law or to our internal processes may make it necessary to amend this data protection policy. For this reason, we reserve the right to make amendments to this data protection policy in line with the updating of our website. This data protection policy was last updated in March 2021.
 

Part 2: Information about data protection on our websites

1. Cookies

Cookies are small files that allow specific device-related information to be stored on users' terminal devices (PC, laptop, smartphone, etc.). Cookies do not cause any damage to your terminal device and do not contain any viruses, Trojans, or other malware. Information is stored in the cookie that relates to the specific terminal device used. However, this does not mean that we gain direct knowledge of your identity.

Primarily, cookies increase the user-friendliness of websites and thus help the users (e.g. by storing login data). For example, we use so-called session cookies in order to recognize that you have already visited certain pages of our website or to display your shopping basket. Session cookies are automatically deleted when you leave our website. We also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain fixed period of time. If you visit our website again to use our services, it automatically recognizes that you have already been there and which entries and settings you have made so that you do not need to enter them again.

Secondly, cookies serve to collect statistical data on website use and enable the data to be analyzed for the purpose of optimizing our products and services. These cookies enable us to automatically recognize that you have already been to our website when you visit it again. They are automatically deleted after a defined period of time.

Pursuant to Art. 6 (1f) GDPR, we have a legitimate interest in storing cookies in order to provide our services in a technically error-free and optimized manner. If other cookies (e.g. to analyze your surfing behavior) are stored, these are dealt with separately in Part 2 Section 2 of this data protection policy.

When visiting our website, an information banner informs users about the use of cookies for analysis purposes and directs them to this data protection policy. It also indicates how the storage of cookies can be prevented in the browser settings.

Users can influence the use of cookies. Most browsers provide an option to either restrict or completely prevent cookies from being stored. However, we wish to point out that the use and particularly the user-friendliness of the website will be restricted without cookies.

You can manage many online ad cookies placed by companies via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/uk/your-ad-choices/.

2. Analysis tools, tracking tools, and advertising

We work together with third-party providers that use cookies and similar technologies, if your device settings allow them. These make it possible to analyze your use of our websites and applications. The information generated by these technologies regarding your usage is regularly transmitted to a server of the web analysis service, where they are stored and processed.

2.1 Matomo

We use the Matomo web analysis service. Matomo is a software application created by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. Further information is available on the website www.matomo.org.

Via this software, data are collected and stored to statistically analyze the use of the website. Cookies are used for this purpose (for more information on cookies, see Section 1). The data are collected and stored in order to statistically analyze user behavior, which helps evaluate the use of the website and enables it to be designed in line with requirements. For these purposes, pseudonymized user profiles can be created from the data. The IP addresses collected are automatically anonymized by making parts of the IP address unrecognizable (so-called IP masking). The IP address and other information contained in the pseudonymized user profile are not used to identify the user and not merged with the user's other personal data.

The software is operated on the server of the data controller (HUSS-VERLAG GmbH). The log files, which are classified as sensitive under data protection law, are collected, stored, and processed exclusively on this server and not transmitted to third parties.

Data subjects can prevent our website from placing cookies at any time by means of a respective setting in their Internet browser and thus permanently object to the placing of cookies. Setting the Internet browser accordingly also prevents Matomo from placing a cookie on the data subject's IT system. Moreover, a cookie previously placed by Matomo can be deleted via an Internet browser or other software programs at any time.

The legal basis for the data processing is Art. 6 (1f) GDPR. The legitimate interest is the website use analysis, which forms an essential basis for designing the pricing policy of specialized online media services.

2.2 Google web fonts:

This website uses so-called web fonts to display its texts. These are provided by Google (http://www.google.com/webfonts/). For this purpose, your browser loads the required web font into your browser cache when you visit our website. This enables your browser to display a visually improved representation of our texts. If your browser does not support this function, your computer will use a default font. Further information on Google web fonts is available at https://developers.google.com/fonts/faq

We use web fonts with the aim of presenting our online offerings in a uniform, appealing way, which constitutes a legitimate interest as defined under Art. 6 (1f) GDPR.

Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001. General information on data protection at Google is available at http://www.google.com/intl/de-DE/policies/privacy/

Opt-out: https://adssettings.google.com/authenticated.

2.3 Google Maps

On our website we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Maps is a web service for displaying interactive maps to visually present geographical information. This service shows you our location and the easiest way to get there if you need to do so.

When you visit the sub-pages in which Google Maps are integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there, which may also result in the information being transmitted to the servers of Google LLC in the USA. This is done regardless of whether Google provides a user account via which you are logged in or whether a user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want the data to be assigned to your profile at Google, you need to log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyzes them. The collection, storage, and analysis are carried out pursuant to Art. 6 (1f) GDPR, based on Google's legitimate interest in displaying personalized advertising, market research, and/or the requirements-based design of Google websites. You have the right to object to the creation of these usage profiles. However, you need to contact Google in order to exercise this right.

If you do not agree with the future transmission of your data to Google in connection with the use of Google Maps, you also have the option to completely disable the Google Maps web service by switching off the application JavaScript in your browser. If you do so, Google Maps and thus the map display on this website cannot be used.

You can view Google's terms of use at https://www.google.de/intl/de/policies/terms/regional.html; the additional terms of use for Google Maps are available at https://www.google.com/intl/de_US/help/terms_maps.html

Detailed information on data protection in connection with the use of Google Maps is available on the Google website ("Google Privacy Policy"): https://www.google.com/intl/de/policies/privacy/

2.4 IVW / INFOnline GmbH

Our website uses the measurement procedure ("SZMnG") provided by INFOnline GmbH (https://www.INFOnline.de) to determine statistical parameters regarding the use of our offerings. The aim of usage measurement is to statistically determine the number of visits to our website, the number of website visitors, and their surfing behavior – based on a uniform standard procedure – and thus obtain comparable values on a market-wide basis.

The usage statistics for all digital offerings that are members of the German Audit Bureau of Circulation (IVW – http://www.ivw.eu) or take part in the studies of the online research study group "Arbeitsgemeinschaft Online-Forschung e.V." (AGOF – http://www.agof.de) are regularly collected by AGOF and the media analysis working group "Arbeitsgemeinschaft Media-Analyse e.V." (agma – http://www.agma-mmc.de) and published with the performance indicator "Unique Users" as well as by the IVW with the performance indicators "Page Impressions" and "Visits". These reaches and statistics can be viewed on the respective websites.

Legal basis for processing
Measurement using the SZMnG method is performed by INFOnline GmbH with a legitimate interest pursuant to Art. 6 (1f) GDPR.

The purpose of processing the personal data is to compile statistics and establish user categories. The statistics are used to track and document the use of our website. The user categories form the basis for orienting advertising media and advertising activities based on the interests of users. When marketing this website, it is essential to measure usage to enable comparability with other market players. Our legitimate interest lies in the commercial usability of the findings gained from the statistics and user categories and the market value of our website – also in direct comparison with third-party websites – which can be determined on the basis of the statistics.

Furthermore, we have a legitimate interest in making the pseudonymized data available to INFOnline, AGOF, and IVW for market research (AGOF, agma) and statistical purposes (INFOnline, IVW). We also have a legitimate interest in making the pseudonymized data available to INFOnline for the further development and provision of interest-based advertising material.

Type of data
INFOnline GmbH collects the following data that have a personal reference:

  • IP address: On the Internet, every device requires a unique address, i.e. the IP address, in order to transmit data. Due to the way the Internet works, it is technically necessary to store the IP address, at least for a short period of time. The IP addresses are shortened by 1 byte prior to processing and any further processing is performed anonymously.
    Unabbreviated IP addresses are neither stored nor additionally processed.
  • A randomly generated client identifier: Reach processing alternatively uses a cookie with the identifier "ioam.de", a "local storage object", or a signature created from various automatically transmitted items of information from your browser to recognize computer systems. The identifier is unique for a browser as long as the cookie or the local storage object are not deleted. The data can therefore be measured and subsequently assigned to the respective client identifier if you visit other websites that also use the measurement procedure ("SZMnG") provided by INFOnline GmbH.
    The validity of the cookie is restricted to a maximum of 1 year.

Data usage
The measurement procedure provided by INFOnline GmbH, which is used on this website, identifies usage data. This is done in order to collect the performance indicators of page impressions, visits, and clients and to establish further key figures from them (e.g. qualified clients). The measured data are also used as follows:

  • A so-called geolocation, i.e. the assignment of a website visit to the location of the visit, is carried out exclusively based on the anonymized IP address and only up to the geographical level of the federal states or regions. The geographical information obtained via this method cannot in any case be used to draw conclusions about the specific location of a user.
  • The usage data of a technical client (such as a browser on a device) are merged across all visited websites and stored in a database. The data are used to technically estimate the social information of age and gender and transferred to AGOF's service providers for further reach processing. As part of the AGOF study, social characteristics are technically estimated on the basis of a random sample, which can be assigned to the following categories: age, gender, nationality, occupation, marital status, general household information, household income, place of residence, Internet use, online interests, place of use, and user type.

Data storage period
INFOnline GmbH does not store the complete IP address. The abbreviated IP address is stored for a maximum period of 60 days. The usage data relating to the unique identifier are stored for a maximum of 6 months.

Disclosure of the data
Neither the IP address nor the abbreviated IP address are passed on. In order to create the AGOF study, data with client identifiers are passed on to the following AGOF service providers:
• Kantar Deutschland GmbH (https://www.tns-infratest.com/)
• Ankordata GmbH & Co. KG (http://www.ankordata.de/homepage/)
• Interrogare GmbH (https://www.interrogare.de/)

Right of objection

If you do not wish to participate in the measurement, you can object at the following link: https://optout.ioam.de.

In order to guarantee exclusion from the measurement, it is technically necessary to place a cookie. If you delete the cookies in your browser, you will need to repeat the opt-out process using the above link. The data subject has the right to lodge a complaint with a data protection authority.

Further information on data protection in the measurement process is available on the INFOnline GmbH website (https://www.infonline.de), which operates the measurement procedure, the data protection website of AGOF (http://www.agof.de/datenschutz) and the data protection website of IVW (http://www.ivw.eu).

2.5 Plista GmbH

Our website is supported by a fully automated recommendation technology provided by the company plista GmbH, Torstraße 33, D-10119 Berlin. With the help of this technology, we want to improve the user-friendliness of our website by recommending articles and advertisements to you, our visitors, that are tailored to your individual interests (so-called usage-based advertising). In order to display usage-based advertising, plista collects information on the usage behavior of website visitors (so-called usage data) by means of cookies placed on all websites of the plista partner network and combines these with a random identifier assigned by plista (so-called cookie ID) to form pseudonymized usage profiles. You can find more information on this subject and on plista's data protection policy at https://www.plista.com/de/about/privacy/. You are, of course, free to disable usage-based advertising from plista at any time by going to https://www.plista.com/de/about/opt-out/ to declare your opt-out.

2.6 Aumago GmbH

We collaborate with Aumago GmbH ("Aumago"), Berlin, a target group marketer. Aumago uses cookies, i.e. text files that are stored in the computer's browser. Pseudonymized usage data are collected in the form of cookie IDs and advertising IDs without IP addresses in the cookie. Without the IP address, the cookie ID and the advertising ID are not sufficient to identify a natural person behind a browser or user.

Based on the user's surfing behavior (websites visited, categories, product pages), Aumago assumes an interest in a specific B2B sector and uses this information on our behalf to present more specific usage-based online advertising. In this respect, the cookies can be synchronized with other platforms via so-called cookie matching. Matching can be done, for example, with: Google, Doubleclick, Adition, Appnexus, Mediamath, The Trade Desk, Adform, Active Agent, and yieldlab.

The cookies originate from either Aumago or service providers used by Aumago, such as The ADEX GmbH, Berlin. The user can declare an opt-out and thus an objection to cookie tracking in this regard at any time via the following links. This places a so-called opt-out cookie. The opt-out cookie requires that a browser setting does not prevent the storage of cookies or delete the cookie. If the opt-out cookie is deleted, the user must repeat the objection. Alternatively, the user can delete the cookies directly in the browser, adjust the browser settings to "do not track" from the beginning, or manage the cookie preferences. If you wish to know more about the information stored in your cookie, please send us your cookie ID.

2.7 Vibrant GmbH

Our website is supported by a fully automated recommendation technology provided by the company Vibrant Media GmbH, Neuer Wall 59, D-20354 Hamburg. With the help of this technology, we want to improve the user-friendliness of our website by recommending articles and advertisements to you, our visitors, that are tailored to your individual interests (so-called usage-based advertising). In order to display usage-based advertising, Vibrant collects information on the usage behavior of website visitors (so-called usage data) by means of cookies on all websites of the Vibrant partner network and combines these with a random identifier assigned by Vibrant (so-called cookie ID) to form pseudonymized usage profiles. You can find more information on this subject and on Vibrant's data protection policy at https://www.vibrantmedia.com/de/cookie-statement/.

You are, of course, free to disable usage-based advertising from Vibrant at any time by going to https://www.vibrantmedia.com/ to declare your opt-out.

2.8 Episerver (formerly Optivo)

The newsletter is sent using Episerver Campaign (formerly optivo® broadmail), an e-mail marketing software application provided by Episerver GmbH, Wallstraße 16, D-10179 Berlin. The e-mail addresses of our newsletter recipients, as well as their other data described in this policy, are stored on Episerver's servers in data centers within Germany and are subject to the EU General Data Protection Regulation as well as supplementary German data protection law. Episerver uses this information to send and analyze the newsletter on our behalf. Furthermore, Episerver may use the data to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter. However, Episerver does not use our newsletter recipients' data to write to them itself or pass the data on to third parties. Data security has always been a top priority at Episerver. The comprehensive and valid security concept for the company's omnichannel and e-mail marketing cloud Episerver Campaign is certified in accordance with the internationally recognized ISO 27001 standard. Further information is available at https://www.episerver.de/produkte/plattform/episerver-campaign/sicherheit/ and https://www.episerver.de/legal/privacy-statement

Statistical analysis of newsletters
The newsletters contain a pixel-sized image (tracking pixel), which is retrieved by the Episerver server when the newsletter is opened. In the course of retrieval technical data are collected, including information on your browser or system, your IP address, and the time of retrieval. The information is used to technically improve the services. Statistical surveys include determining whether newsletters are opened, when they are opened, and which links are clicked on. The information serves to identify the reading habits of our users, adapt our content to them, or send different content according to the interests of our users. Your consent to receive a newsletter includes performance measurement. To object to the analysis of the newsletter, send an e-mail to multimedia@huss-verlag.de

2.9 Webhoster Minuskel Berlin

The hosting services we use provide the following: Infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services, which we use to operate this website. Via these services, we, or our hosting provider, process the inventory data, contact data, content data, contract data, usage data, metadata, and communication data of customers, interested parties, and visitors to this website based on our legitimate interest in the efficient and secure provision of this online offering pursuant to Art. 6 (f) GDPR in conjunction with Art. 28 GDPR (conclusion of order processing contract).

2.10 Logistics jobs, logistics dictionary, logistics lexicon

In these three areas on the "Logistik-Heute.de" website we work together with the company logistik jobs GmbH, Hegelstraße 39, D-39104 Magdeburg. We integrate these offers in the website using so-called iFrame. The provider does not place any cookies. You can view the data protection policy of logistik jobs GmbH as follows: Dictionary: logistik-woerterbuch.de/index_datenschutz.php | Lexicon: lexikon-logistik.de/index_datenschutz.php | Job market: logistik-jobs.de/content_datenschutz.php

2.11 GBI-Genios article archive

We work together with GBI-Genios Deutsche Wirtschaftsdatenbank GmbH (Genios GmbH), Freischützstraße 96, D-81927 Munich, which operates the article archive of the magazine LOGISTIK HEUTE as a service provider on our behalf. Genios GmbH only sets functional cookies within the archive and also has its own data protection policy, which you can view here https://www.genios.de/popup/datenschutz

2.12 iq digital

The secondary marketing of the advertising space on our website is carried out by iq digital media marketing gmbh, Toulouser Allee 27, D-40211 Düsseldorf, on our behalf and according to our instructions. Please read the data protection policy (https://www.iqdigital.de/service/datenschutz-nach-tcf/) published by iq digital in order to find out more about the partners and tool providers used by iq digital and the respective data processing policies. In iq digital's data protection policy you will find information about the data recipients, deletion periods, permissions, and detailed information on the more specific purposes of data processing by each individual partner and tool provider.

Our service provider iq media marketing gmbh, Toulouser Allee 27, D-40211 Düsseldorf, places cookies in the browsers of users when they visit websites in its marketing portfolio (http://iqdigital.de). In order to avoid scattering losses when displaying advertising material, iq digital also compares its own cookies with cookies that it receives from third parties, for example, to avoid duplicate targeting of the same user or to increase the targeting accuracy of advertising material. In some cases, iq digital also enables third parties to place their own cookies in the iq digital portfolio on the basis of corresponding contracts or makes data segments collected by means of cookies available to third parties.

Users can influence the use of cookies. Most browsers provide an option to either restrict or completely prevent cookies from being stored. Users do not receive less advertising as a result, it is just less relevant to them. The company iq digital also provides an option to block or delete cookies on an individual basis. Below, iq digital presents the cookies it uses.

In order to facilitate the overview of the cookies used by iq digital, the following links are available via www.iqdigital.de/transparenz with general information on the purposes of their use. For each cookie used, iq digital also provides detailed information via a software tool about the general purpose of the cookie (which can go beyond its use at iq digital), the provider, and the opt-out options. More information is available here https://l3.evidon.com/site/3903/5665/1.

The following types of cookies are used by iq digital:

  • Cookies for campaign validation: these cookies are used to check whether an advertising campaign has been carried out by iq digital for an advertising customer in accordance with the order. They include cookies from both iq digital and its partners that determine whether an advertising banner has been placed on a website at the agreed frequency.
  • Cookies from the service provider that technically displays the advertising material for iq digital: These are used to comply with and check additional campaign specifications agreed with a customer (e.g. agreed time at which advertising material is displayed, geographical campaign territory, multiple sending of the same advertising material to a user, or whether it has called up an underlying format). Further details on the individual cookies for campaign validation are available here.
  • Cookies to achieve greater targeting accuracy: Cookies only transmit pseudonymized data. It is not possible to identify users according to gender or areas of interest by using a cookie. The cookie does not know which user is currently accessing the browser. For this reason, cookies from iq digital are matched with those from other service providers in order to increase the probability of a hit in a certain segment (e.g. gender). iq digital uses the following cookies for these comparisons ◾Cookies placed in the course of user surveys
  • Cookies placed by service providers on behalf of iq digital to track online surfing behavior (pages visited by a user)
  • Cookies that iq digital receives from third parties in order to match them with its own segmentations
  • Cookies that iq digital's partners place in order to achieve greater targeting accuracy and match them with their own pseudonymized data.
    More details on the various cookies used to achieve greater targeting accuracy are available here.

The personal (pseudonymized) data are processed by iq digital on the basis of Art. 6 (1f) GDPR. This authorization permits the processing of personal data if there is a "legitimate interest" on the part of the data controller that does not conflict with the overriding interests of a user. We have a legitimate interest in providing the functionality of our websites and apps. Both of these contain extensively researched information, which we provide free of charge to a considerable extent. The marketing of advertising space on our websites enables us to continue making these offerings largely available to everyone in this form and thus make a significant contribution to knowledge transfer, public information, and the exchange of opinions. When displaying advertising media on a user-related basis, we are guided by the selections that are also customary in the print sector. Here, too, advertising media are ordered on an environment- and reader-related basis and examined for perception by the relevant target groups using reader reach analyses. Unlike the print sector, where reader structures are also known to a large extent via the number of subscriptions, only pseudonymized data are available, so cookies are used to validate the segments displayed.

You can object to the processing of your data at any time if there are reasons relating to your particular situation that speak against it.

2.13 BusinessAd/Ströer SE

On our website, anonymous user numbers are used on behalf of Business Advertising GmbH ("businessAD"), Tersteegenstraße 30, D-40474 Düsseldorf, http://businessad.de/nutzungsbasierte-werbung-oba that record your interests (e.g. advertising banners clicked, sub-pages visited, etc.) via a cookie. Under no circumstances will personal data such as your name, address, or IP address be stored in these cookies. The advertising marketer Business Advertising GmbH also delivers usage-based online advertising information. Business Advertising GmbH and its affiliated Ströer Digital Group GmbH also use the following companies to collect data for the purpose of delivering usage-based online advertising: ADTECH, AppendAd, AppNexus, The ADEX, Emetriq GmbH, nugg.ad GmbH, Ströer SSP, and Vidoomy. Due to the pseudonymized or anonymous nature of the data, Business Advertising GmbH and the above-mentioned third-party companies do not require separate consent to deliver usage-based online advertising (Section 15 (3) of the German Telemedia Act). If you no longer wish to receive usage-based advertising, you may opt out and disable data collection via the following links:

ADTECH: http://www.youronlinechoices.com/opt-out-interface
AppendAd – https://publishers.firstimpression.io/#FI/privacy-policy
AppNexus: https://www.appnexus.com/en/company/platform-privacy-policyde#choices
TheADEX: http://de.theadex.com/company/consumer-opt-out/
Emetriq GmbH: https://www.emetriq.com/en/opt-out-eng/
nugg.ad GmbH: https://www.nugg.ad/de/datenschutz/allgemeine-informationen.html
Ströer SSP: http://ih.adscale.de/adscale-ih/oo
Vidoomy – https://www.vidoomy.com/privacypolicy-en.html

You can object to the use of cookies by the third-party companies acting on behalf of BusinessAd via the links below:

Google Doubleclick http://www.google.com/policies/technologies/ads/

Exclude wiredminds GmbH from tracking  https://www.wiredminds.de/datenschutzhinweis/

You can read more about cookies used for reach measurement and advertising purposes and their individual providers on the following websites:

www.meine-cookies.org
http://www.youronlinechoices.com
http://www.youronlinechoices.com/de/praferenzmanagement/
http://www.aboutads.info/choices
http://optout.networkadvertising.org/

On those websites you also have the option to object to usage-based online advertising by individual companies or by all companies (Art. 21 GDPR) http://www.businessad.de/datenschutz

User data will only be processed if there is legal permission to do so, i.e. in particular if the data processing is necessary to provide contractual services (e.g. order processing) and online services, is required by law, if the users have given their consent, or on the basis of legitimate interests (i.e. interest in the analysis, optimization, commercial operation, and security of the website as defined in Art. 6 (1f) GDPR), in particular for reach measurement, creating profiles for advertising and marketing purposes, collecting access data, and the use of third-party services.

2.14 Revive ad server

Our websites and apps use the "ad server" software Revive for the integration and anonymous statistical analysis of advertisements (banners). Personal data are not collected, processed, or stored via Revive. The legal basis for the use of the Revive ad server is Art. 6 (1f) GDPR.

In order to control and measure the display of advertisements, Revive places a cookie on your computer if you have cookies enabled in your browser. You can disable the placing of cookies in your browser settings or by using an advertising blocker, which may, however, lead to permanently restricted use of this and other websites.

Revive (OpenX): https://www.revive-adserver.com/

https://www.revive-adserver.com/privacy/

3. Social media plug-ins

To make our company better known, we use the social network plug-ins of Facebook, Twitter, LinkedIn, and XING on our websites. We integrate these plug-ins by means of hyperlinks, which are displayed as buttons, in order to protect visitors to our website to the best possible extent.

When using this solution, no direct contact is established from the user's browser to the provider's servers via the plug-ins. The user is redirected to the provider's website by clicking on the respective plug-in.

Please note that we have no influence on the scope of the personal data collected by the respective plug-in provider, nor do we know for which purpose they are processed or how long they are stored.

For further information on the processing of your personal data by these providers, please see their respective data protection policies. They also provide additional information on your rights and data protection settings.

3.1 Shariff

We have integrated the Shariff component on our website. The Shariff component provides social media buttons that are data protection-compliant. Usually, the button solutions provided by the various social networks transmit personal data to the respective social network as soon as a user visits a website in which a social media button has been integrated. However, through the use of the Shariff component, personal data is only transmitted to social networks when the website visitor proactively clicks on one of the social media buttons. Further information on Shariff is available at https://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html. The purpose of the Shariff component is to protect the personal data of visitors to our website and at the same time enable us to integrate a button solution for social networks on the website.

3.2 YouTube

We have integrated components from YouTube on our websites. YouTube is an online video portal that allows video publishers to post video clips free of charge and other users to view, rate, and comment on them, also free of charge. YouTube allows the publication of all kinds of videos, which is why complete film and television programs, but also music videos, trailers, or videos made by users themselves can be accessed via the portal. YouTube is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Each time one of the individual pages of this website is visited, which is operated by the data controller and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the data subject's IT system is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from the YouTube website. Further information about YouTube is available at https://www.youtube.com/yt/about/de/. By means of this technical procedure, YouTube and Google receive information about which specific sub-page of our website the data subject has visited. If the data subject is logged in to YouTube at the same time, YouTube recognizes which specific sub-page of our website the data subject is visiting when a sub-page containing a YouTube video is visited. YouTube and Google collect this information and assign it to the data subject's YouTube account. Via the YouTube component, YouTube and Google are always informed that the data subject has visited our website if the data subject is logged into YouTube at the same time as visiting our website. The information is transmitted, regardless of whether the data subject clicks on a YouTube video. If the data subject does not want this information to be transmitted to YouTube and Google, he or she can prevent it by logging out of his or her YouTube account before visiting our website. The data protection policy published by YouTube, which is available at https://www.google.de/intl/de/policies/privacy/ provides information about the collection, processing, and use of personal data by YouTube and Google.

Right of objection
If you do not wish to be tracked by these Google services, you have the option to opt out here: https://adssettings.google.com/authenticated.

3.3 Facebook

Social media plug-ins from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, Europe ("Facebook") are used on our websites to make their use more personal. We use a "share" button for this purpose. When you visit a page of our website, a connection is not established to the Facebook servers. If you click on the corresponding button, you will be redirected to a Facebook website where you can share our content by clicking on it again. We have no influence on the processing of personal data on third-party websites. When you visit the Facebook website, Facebook receives the information that your browser has visited the corresponding page, even if you do not have a Facebook account or are not currently logged in to Facebook. Your browser transmits this information (including your IP address) directly to a Facebook server in the USA, where it is stored. Facebook complies with the data protection provisions of the "US Privacy Shield" and is registered with the "US Privacy Shield" program of the US Department of Commerce. If you are logged in to Facebook and interact with the plug-ins on the Facebook website, for example by pressing the "LIKE" or the "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and shown to your Facebook friends. Facebook may use this information for the purposes of advertising, market research, and the customized design of Facebook pages. For this reason, Facebook creates usage, interest, and relationship profiles, e.g. to analyze your use of our websites with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our websites, and to provide other services associated with the use of Facebook. For information on the purpose and scope of the data collection and further processing and use of the data by Facebook as well as your rights and settings options related to protecting your privacy, please see Facebook's data privacy information:
https://de-de.facebook.com/policy.php
https://www.facebook.com/privacy/explanation

3.4 Twitter

We have integrated components of Twitter on this website in order to include posts published on Twitter ("tweets") in our reporting. Twitter is a multilingual, publicly accessible microblogging service where users can publish and distribute tweets, i.e. short messages limited to 280 characters. These short messages are available to everyone, including people who are not registered with Twitter. However, the tweets are also displayed to the so-called "followers" of the respective user. Followers are other Twitter users who follow a certain user's tweets. Furthermore, Twitter makes it possible to reach a wide audience via hashtags, links, or retweets. Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Each time any individual page of this website is visited, which is operated by the data controller and on which a Twitter component has been integrated, the Internet browser on the data subject's IT system is automatically prompted by the respective Twitter component to download a representation of the corresponding Twitter component from the Twitter website. Via this technical procedure, Twitter receives information about which specific sub-page of our website the data subject has visited. The purpose of integrating the Twitter component is to enable our users to share the content of this website, to make this website known in the digital world, and to increase our visitor numbers. If the data subject is logged in to Twitter at the same time, Twitter recognizes which specific sub-page of our website the data subject goes to at each visit as well as the entire duration of the respective stay on our website. Twitter collects this information via the Twitter component and assigns it to the data subject's Twitter account. If the data subject activates one of the Twitter buttons integrated on our website, the data and information thus transmitted will be assigned to the data subject's personal Twitter account, where it is stored and processed by Twitter. Via the Twitter component, Twitter always receives information that the data subject has visited our website if the data subject is logged into Twitter at the same time as visiting our website, regardless of whether the data subject clicks on the Twitter component or not. If the data subject does not want this information to be transmitted to Twitter, he or she can prevent it by logging out of his or her Twitter account before visiting our website. Twitter's data protection policy is available at https://twitter.com/de/privacy.

3.5 Xing

XING network plug-ins of the company XING SE, Dammtorstraße 30, D-20354 Hamburg ("XING") are integrated on our websites. You can recognize the XING plug-in by the green "K" on a gray background. When you visit a page of our website, a connection is not established to the XING servers. If you click on the corresponding button, you will be redirected to a XING website, where you can share our content by clicking on it again. We have no influence on the processing of personal data on third-party websites. When you visit the XING website, XING receives the information that you have visited its website with your IP address as well as additional log data, including the type of browser, the operating system, information on the website you previously visited and the pages you viewed, your location, your mobile network provider, device information (including device ID and application ID), search terms, and cookie information. XING anonymizes all its log files before storing them. XING also uses tracking and targeting tools to optimize the website and adapt it to the needs of users.

If you click on the XING button while you are logged into your XING account, you can link the content of our pages to your XING profile, enabling XING to assign the content of our pages to your user account. For more information on this topic, please see XING's data protection policy. https://nats.xing.com/optout.html?popup=1&locale=de_DE

3.6 LinkedIn

Our website uses the "share" button of the social network LinkedIn, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn"). When you visit our website, the "share" button establishes a direct connection between your browser and the LinkedIn server. LinkedIn therefore receives the information that you have visited our website with your IP address. If you click on the "share" button while you are logged into your LinkedIn account, you can link the content of our pages to your LinkedIn profile, which enables LinkedIn to assign the visit to our website to your user account.

We have no influence on the scope of the data that LinkedIn collects via the "share" button. Details on data collection (purpose, scope) as well as the further processing and use of the data are available in LinkedIn's data protection policy. The information is available at: https://www.linkedin.com/legal/privacy-policy

4. Data protection settings

You can obtain an overview of all the tools and cookies we use, as well as an option to revoke consent, by clicking on the "Cookie settings" link (in the website footer) on the relevant domain page.

Data protection settings can be made via a link in the website footer ("Cookie settings") or in the respective cookie consent query window ("About settings").

Version dated: March 2021