Privacy policy

General

The

Data Service department of Bundesanzeiger Verlag GmbH,
Amsterdamer Str. 192,
50735 Cologne

Tel.: 0800 1234-334
Fax: (02 21) 9 76 68-255
E-mail: validatis(at)bundesanzeiger.de

runs this website as a service and information offering.

We only process your personal data in accordance with applicable data protection law. You can find the individual data protection terms in a small glossary under ‘Definitions’ at the end of this privacy policy. The following provisions will inform you of the type, scope and purpose of the collection, processing and use of personal data. This privacy policy only relates to our websites. If you are redirected to other pages via links on our pages, please find out how those pages handle your data.

To the greatest extent possible, your personal data is encrypted through digital security systems and is protected against damage, destruction and unauthorised access through technical and organisational measures.

Browser data

For technical reasons and to maintain and improve functionality, information that your web browser transmits to us is automatically collected, stored and, if necessary, shared with third parties. Our legitimate interest in processing is the operational safety of the website pursuant to Article 6 (1) (f) of the GDPR.

This data includes: 

  • the browser type and browser version;
  • the operating system used;
  • the website from which you visit us (referrer URL);
  • the website you are visiting;
  • the date and time of your access;
  • the time zone difference with respect to Greenwich Mean Time (GMT);
  • your Internet log data (IP address);
  • the volume of data transmitted;
  • the access status (files transmitted, file not found, etc.); and
  • the content of the request (specific page).

This anonymous data (with the exception of IP address) is stored separately from any personal data you may have provided, therefore preventing any conclusions to be drawn about a specific person. It can be evaluated for statistical purposes in order to optimise our website and offering. After evaluation, this data is deleted by us and our service providers.

 

Anonymised user profile

Unless otherwise stated, you do not need to provide any personal data to use our website. Every time a user accesses the above-mentioned websites and every time a file is accessed, data about this process is saved in a log file. We use this data to technically facilitate your visit to our site. We also use this data for statistical purposes in order to improve the design and layout of our website. This data is not used for personal reasons. Our legitimate interest in processing is the operational safety and functionality of the website pursuant to Article 6 (1) (f) of the GDPR.

Specifically, the following datasets are stored for each access:

  • name of the file accessed;
  • date and time of access;
  • volume of data transmitted;
  • report as to whether access was successful;
  • description of the type of web browser used;
  • requesting domain; and
  • country of origin for the domain.

We also use anonymised user profiles to measure the scope of use of free content. We explain this below:

 

Analysis of user behaviour for subscribed, free e-mail services

We endeavour to design e-mail communications we send out in the most valuable way for the user. To be able to offer you tailor-made content and offers that you really find useful, we regularly evaluate user behaviour with respect to e-mail recipients. As an example, this means whether an e-mail was read at all (opening behaviour) and which messages and offers have been read and which haven’t (click behaviour). This data is explicitly not shared with third parties and is instead used solely to improve the quality of our e-mails to you. If you do not agree with such data collection and evaluation, you can object to it at any time by sending an e-mail to dsb@bundesanzeiger.de.

 

Use of personal data

If you contact us by e-mail, fax or phone, we can request some personal information from you. We request data that we need to be able to process your contact request in a meaningful way, but this includes as a minimum your surname and first name, e-mail address and telephone number; the legal basis is the legitimate interest in processing in accordance with Article 6 (1) (f) of the GDPR.

You can also voluntarily provide us with further data as part of the contact request. The data is stored by us and used for the purpose of responding to your contact request. Some services on our portal are offered in collaboration with partner companies. To be able to offer this partner service, it may be necessary for us to share your personal data with these partner companies. In this case, the data is used exclusively by our partner for the purpose of responding to your contact request. The voluntary provision of such data constitutes consent to data use in the above-mentioned sense. We record your consent to collect and use data. The legal basis for data processing is the data subject’s consent pursuant to Article 6 (1) (a) of the EU GDPR.
 

Inventory data

If required for justification, content design or an amendment to the contractual relationship, your personal data (inventory data) is exclusively used to process the contract. The legal basis for data processing is Article 6 (1) (a) of the EU GDPR.

For example, your name and address will be shared with the billing service provider for billing with respect to chargeable services. Your personal data will not be shared with third parties outside the contract without your explicit consent or without a legal basis.

By order of the competent authorities, we may share information relating to inventory data on a case-by-case basis, insofar as this is required for the purposes of law enforcement, for emergency response by police authorities in federal states, for the fulfilment of the legal tasks of the constitutional protection authorities of federal and state governments, the federal intelligence service or military security or for the enforcement of intellectual property rights.

If necessary, we carefully review such requests within the means available to us and only share your data if there is a major legal obligation for us to do so. In these cases, the legal basis for data processing is the fulfilment of the controller’s legal obligations, and applicable special law, pursuant to Article 6 (1) (c) of the EU GDPR.

 

User-dependent services

The use of personal data is required for some of our services. This includes:

  • Registration with a user profile
  • Participation in competitions

The legal basis for data processing is a contract or contract initiation with the data subject pursuant to Article 6 (1) (b) of the EU GDPR. Consent is in place following registration. The legal basis for data processing is then the data subject’s consent pursuant to Article 6 (1) (a) of the EU GDPR.

Creation of a user profile (registration)

You have the option to register on our website, therefore creating a user profile. When you register on our website, in addition to the data that your web browser automatically sends to us, we collect and use the following data which are marked as mandatory or voluntary depending on the processing purpose:

  • date and time of registration;
  • your first name and surname;
  • your address;
  • information concerning your company name or your company;
  • your e-mail address; and
  • your telephone number/fax number.

With your user profile, you have the option of using other parts of our website and logging into the offerings you have acquired.

Registering for competitions

If you register for competitions, your e-mail address will be initially collected and stored. After receiving a confirmation e-mail, you then have to verify this by clicking on the confirmation link contained in the e-mail.

We use your registration data to ensure proper registration and to prevent unauthorised access by or on behalf of third parties. We also store the time of the last visit to our website.

The following data will then be requested with respect to your participation, which is marked as mandatory or voluntary depending on the processing purpose:

  • Title (Mr/Ms);
  • First name, surname;
  • Address/address line 2;
  • E-mail address;
  • Telephone number/fax number; and
  • Date of birth.

You can then choose whether you would like to conclude a competition agreement with the company offering it and at what intervals you would like to be notified about new competitions. These settings are stored in your user profile.
We treat personal user data as strictly confidential and do not share it with potential sponsors without your consent. The legal basis for data processing is the data subject’s consent pursuant to Article 6 (1) (a) of the EU GDPR.

 

Cookies

We use ‘cookies’ on our website. These are small text files that are sent from our web server to your computer to save certain information (e.g. characteristics for identification).
If you use our website anonymously, statistical evaluations are carried out for use through cookies, which includes recording new and returning visitors. We also use cookies to measure the scope of use of free content. To determine this scope of use, our website sends a ‘unit ID’ to your browser. This is an anonymous number that is exclusively used to record content already used for free. If you use our website with your user profile, cookies are used to identify your browser for the duration of the visit, including accessing various pages.
Our website can also be displayed without cookies being saved. You can disable cookies being saved in your browser settings or you can change your settings so that you are informed about intended saving by a website. In this case, you decide whether or not to accept cookies. However, for all of our website’s functions to work properly, temporary cookies must be permitted in full for technical reasons. Even if cookies are disabled, our website sends the described unit ID to your browser to measure the scope of use of free content.

The legal basis for processing is Article 6 (1) (f) of the GDPR.

You can find a list of cookies used here: 

NameDomainCommentBlocking
PHPSESSIDedge-cdn.netMovingImage24 video embeddingGlobally in the browser
_ga, _gat, _gid.validatis.deGoogle AnalyticsThrough an opt-out cookie or globally in the browser
ga-disable-UA-*www.validatis.deSaved through opting out of Google AnalyticsGlobally in the browser
fe_typo_userwww.validatis.deLogin tracking for the publisher’s pagesGlobally in the browser
__gads, IDE, DSID.doubleclick.netGoogle ad network www.doubleclickbygoogle.comThrough an opt-out cookie or globally in the browser

See the help pages of your web browser for more information about blocking cookies. For example, this is windows.microsoft.com for Windows Internet Explorer and support.mozilla.com for Firefox.

You can enable or disable personalised advertising from Google here:
https://www.google.de/settings/ads/anonymous

 

Use of Google Analytics

Verlag uses Google Analytics, a web analysis service from Google Inc. (hereinafter referred to as ‘Google Analytics’). Google Analytics uses ‘cookies’ (small text files) that are saved on your computer by a server online and that allow website use to be analysed. Information generated by the cookie about your use of this website is generally sent to a Google server in the USA and saved there. The IP address sent will not be merged with other Google data. We have bound Google to handle your data in a data protection-compliant way through a processing agreement. However, if IP anonymisation is activated on this website, which we have implemented as standard, your IP address is truncated by Google within the European Union Member States or in other signatory states to the Agreement on the European Economic Area before it is sent.

Please note that the ‘anonymizeIp’ code extension has been added to Google Analytics on this website to ensure the anonymous collection of IP addresses (‘IP masking’).

By order of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports for the website operator about website activities and possibly also to provide other services to the website operator that relate to website and internet use, which includes explicit features for display advertising, re-marketing reports for impressions in the Google Analytics display network, the integration of DoubleClick Campaign Manager or Google Analytics reports on performance based on demographic features and interests. Google may also send this information to third parties if this is legally permissible or if third parties process this data by order of Google. However, use is anonymised or pseudonymised. You can prevent cookies from being saved by changing your browser settings; please note that in this case, you may not be able to use all of this website’s functions properly. By using our website, you consent to the processing of data concerning you by Google in the manner and for the purposes set out above.

Objection: You can prevent the data generated by the cookie relating to your use of the website (including your IP address) from being collected and processed by Google at any time with future effect by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB
You can prevent data from being collected by Google Analytics by clicking on the following link. This will save an opt-out cookie on your machine that will prevent your data from being collected when you visit this website in future: 
Disable Google Analytics

We also use Google Analytics to evaluate data from AdWords for statistical purposes.
If you disagree with this, you can disable it via the ads preferences manager (http://www.google.com/settings/ads/onweb/?hl=de).
You can find more information at http://www.google.com/analytics/terms/de.html (general information about Google Analytics and data protection) and at https://www.google.de/intl/de/policies/. 
You can disable Google Analytics for display ads and you can adjust ads in the Google Display network by accessing ad settings: www.google.de/settings/ads. You can find more information about Google Inc. and Google Analytics at: http://www.google.com.
You can find Google’s privacy policy at:
https://policies.google.com/privacy?hl=en-GB

The legal basis for data processing is a legitimate interest in processing pursuant to Article 6 (1) (f) of the GDPR. This interest is in the maintenance of the application’s functionality and in the processing of personal data for the purpose of direct marketing (Recital 47 of the GDPR)

Hotjar

We use Hotjar to track our visitors’ movements on websites on which Hotjar is used (‘heatmaps’). This helps us to optimise the offering on our website.  Hotjar technology allows us to get a better understanding of our users’ experiences (e.g. how much time users spend on which pages, which links they click on, etc.).
Hotjar works with cookies and other technology to collect information about the behaviour of our visitors and their end devices (with particular reference to the IP address of the device [which is only recorded and stored in anonymised form], screen size, device type [unique device identifiers], information relating to the browser used, location [country only], and preferred language for displaying our website).
Hotjar stores this information in a pseudonymised user profile.  The information is neither used by Hotjar nor by us to identify individual users, nor is it combined with other data concerning individual users. You can find more information at www.hotjar.com/legal/policies/privacy.

You can disable the collection of your data by Hotjar at any time via this opt-out link.

 

External links or hyperlinks for websites of other providers

Our website contains external links or hyperlinks for websites of other providers. They are to be distinguished from the internal content of Bundesanzeiger Verlag GmbH. This external content is not created by us, nor do we have any influence over the content of third-party websites.
If you select an external link or a hyperlink, you will be redirected from our website to the website of the external provider. In this case, we cannot guarantee that your data will be handled confidentially nor can we guarantee compliance with data protection regulations by these third-party providers. The responsibility for this lies solely with the respective website provider.

If we become aware of illegal content of the external links or hyperlinks available on our website, we will remove the affected links immediately. Please contact the data protection officer for corresponding notices dsb(at)bundesanzeiger.de

 

Objection

You can object to the use of your data without prior consent at any time with future effect.

 

Withdrawal

Please note that you can withdraw your consent at any time, including in part, with future effect. To do so, it is best to send an e-mail to:

Bundesanzeiger Verlag GmbH
Datenschutzbeauftragter/Data Protection Officer,
Amsterdamer Straße 192,
50735 Cologne

validatis(at)bundesanzeiger.de

 

You have the following rights:

Articles 13, 14 EU GDPR – Right of information

Article 15 of the EU GDPR – Right of access: we would be happy to provide you with information about the data stored about you on request. The information is provided in text form. Please see below for contact details.

Article 16 of the EU GDPR – Right to rectification

Article 17 of the EU GDPR – Right to erasure

Article 18 of the EU GDPR – Right to restriction of processing

Article 19 of the EU GDPR – Notification

Article 20 of the EU GDPR – Right to data portability

Article 21 of the EU GDPR – Objection

Article 22 of the EU GDPR – Automated individual decision-making, including profiling

Article 23 of the EU GDPR – Restrictions

Article 77 of the EU GDPR – Right to lodge a complaint

Legislation sets out a number of retention obligations and periods. Once these deadlines expire, the data is routinely erased. 

  

Notice:
We strive to store your personal data by taking all technical and organisational options to ensure that it is not accessible to third parties. When communicating by e-mail, we cannot guarantee complete data security, so we therefore recommend that you send confidential information by post.

  

Changes and updates to this privacy policy

Any changes to the privacy policy will be announced here on this website and will apply from the date of publication. If Bundesanzeiger Verlag GmbH wants to use your data for further purposes, we will ask for your permission. The purpose of use for this data will only change with your consent.

This privacy policy is currently valid and is dated 25 May 2018.

 

Information about and contact details for the data protection officer

You can request information about the personal data we have stored about you at any time. You have the right to have incorrect personal data concerning you rectified. You can of course also withdraw your consent to the collection and storage of your personal data by Bundesanzeiger Verlag GmbH at any time. In these cases, please send an e-mail to

Bundesanzeiger Verlag GmbH
Datenschutzbeauftragter/Data Protection Officer
Amsterdamer Straße 192
50735 Cologne
validatis(at)bundesanzeiger.de

 

Definitions/glossary

‘Anonymisation’ is changing personal data in such a way that individual details concerning personal or factual circumstances can no longer be assigned to an identified or identifiable natural person or can only be assigned with a disproportionate amount of time, cost and effort.

‘Special types of personal data’ is information revealing racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sex life.

‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

‘Consent of the data subject’ means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

‘Recipient’ is any person or body that receives data. A third party is any person or body other than the controller. Third parties do not include the data subject or persons and bodies that collect, process or use personal data by order in Germany, in another Member State of the European Union or in another signatory state to the Agreement on the European Economic Area.

‘Collecting’ is procuring data concerning the data subject.

‘Erasing’ is destroying stored personal data.

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number and other specific factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

‘Pseudonymising’ is replacing the name and other identifying features with an identifier for the purpose of excluding or significantly complicating the determination of the data subject.

‘Company’ is any natural or legal person who carries out an economic activity, regardless of its legal form, including partnerships or associations which regularly pursue an economic activity.

A ‘group of companies’ is a group consisting of a dominant company and the companies dependent on it.

‘Processing’ is saving, changing, transmitting, blocking and erasing personal data. In detail, regardless of the procedures used:

  1. storing is the collection, recording or storage of personal data on a data carrier for the purpose of further processing or use;
  2. changing is redesigning the content of stored personal data;
  3. transmitting is disclosing stored personal data or personal data obtained through data processing to a third party in such a way that
    a) data is shared with a third party; or
    b) the third party views or retrieves data provided; and
  4. blocking is the marking of stored personal data to restrict processing or use.

‘Controller’ is the person or body that collects, processes or uses personal data for itself or has this carried out by others on its behalf.