Privacy Statement

Data Protection Information

The data protection information fulfils the information obligations in accordance with the requirements of Art. 12 et seq. of the EU Basic Data Protection Regulation (hereinafter referred to as "DSGVO") and gives you an overview of the processing of your personal data (hereinafter referred to as "data") on this website.

Status: May 2019

1. Who is responsible for processing my data?

The

Bertelsmann Global Business Services GmbH
Ringstraße 16-20
33378 Rheda-Wiedenbrück
Germany
E-mail: Info.beas.de@bertelsmann.de
Phone: +49 (0) 5241 / 80 44 000
Fax: +49 (0) 5241 / 80 6 44 000

is responsible for the processing of your data on this website (hereinafter referred to as the "Company"). The company processes personal data in accordance with the provisions of the DSGVO and the Federal Data Protection Act (hereinafter referred to as "BDSG").

You can reach the company's data protection officer at the above postal address, with the addition "To the data protection officer" or at the e-mail address: datenschutz@bertelsmann.de.

2. What data is collected?

When you visit the website, the calling computer automatically collects information (hereinafter referred to as "access data"). This access data contains server log files, which usually consist of information about the browser type and version, the operating system, the Internet service provider, the date and time of use of the website, the previously visited websites and the new websites accessed via the website and the IP address of the computer. With the exception of the IP-address, the server log files are not personally identifiable. An IP-address can be assigned to a person if it is permanently assigned when the Internet connection is used and the Internet provider can assign it to a person.

Some website services require you to provide the company with personal data. In these cases, the data provided by you will be used to provide you with the desired service or to process the respective request. The following personal data will be processed on the website: User data such as e-mail address, address data; contact data.

3. Which cookies are used?

Cookies are used on the website. Cookies are small text files that are stored on your computer when you visit a website. The saved cookies are assigned to the browser you are using. If the corresponding website is called up again, the web browser sends back the content of the cookies and thus enables the user to be recognised again. Certain cookies are deleted when you log out or end your browser session (so-called "transient cookies"). Other cookies are stored for a specified time or permanently (so-called "temporary cookies" or "persistent cookies"). These cookies are deleted automatically after the defined time has elapsed. You can also delete cookies at any time in the security settings of your browser and configure the use of cookies according to your wishes. However, the company will inform you that you may not be able to use all the functions of the website.

In principle, cookies are only an online identifier without personal reference. The cookies are personalized if, in addition to the information generated by the cookies, other data is merged. A distinction can be made between cookies, which are required for the provision of the website, and cookies, which are required for further purposes such as analysis of user behaviour or advertising.

The cookies that are required for the provision of the website include in particular the following:

  • Cookies that are used to identify or authenticate users;
  • Cookies that temporarily store certain user inputs (e.g. content of an online form);
  • Cookies that store certain user preferences (e.g. search or language settings).

Cookies that are required for further purposes include analysis cookies in order to record and statistically evaluate the usage behaviour of our users (e.g. sub-pages visited, search queries made).

4. Which data is collected for which purposes?

The purposes of the data processing can result from technical, contractual or legal requirements as well as from a consent.

We use the data mentioned in paragraph 2 for the following purposes:

  • to provide the website and guarantee technical security, in particular to correct technical errors and to ensure that unauthorised persons do not gain access to the website's Systems;
  • for the communication and verification of incoming invoices.

Information on these data processing purposes can be found in the following sections of this privacy policy.

4.1 Technical provision of the website

4.1.1 Description and scope of data processing

For the functionality of the website, the performance of security analyses and the defence against attacks, the server log files as part of the access data according to section 2 are automatically collected by the computer system of the calling computer when entering and during the use of the website and stored at short notice. The server log files are not stored together with other data. The company uses the server log files for statistical evaluations in order to analyse and rectify technical faults, to fend off attacks and fraud attempts and to optimise the functionality of the website.

4.1.2 Purposes and legal basis of data processing

The legal basis for the recording of the server log files is Art. 6 para. 1 lit. f DSGVO. The company's legitimate interests lie in the functionality of the website, the implementation of security measures and the defence against dangers.

4.1.3 Duration of Storage or Criteria for Determining this Duration

After calling up the web pages, the server log files are stored on the web server and the IP address contained therein is deleted after 7 days at the latest. An evaluation during this storage period only takes place in the event of an attack.

4.1.4 Objection and removal possibility

You have the right to object to the processing of your data within the framework of server log files, insofar as there are reasons for doing so which result from your particular situation. If you wish to make use of your right of objection, please contact the address given under point 1.

4.2 Contact form, e-mail and telephone contact

4.2.1 Description and scope of data processing

The website offers the possibility to contact the company via a contact form, an e-mail address or a telephone number. If you have used this possibility, the data entered in the contact form, your e-mail address and/or your telephone number as well as your request will be transmitted to the company. Depending on the request (e.g. questions about the company's products and services, assertion of your rights as a data subject such as information), your contact data will be processed further (with the help of service providers). If necessary for the processing of your request, your contact data may be forwarded to third parties (e.g. partner companies).

4.2.2 Purposes and legal basis of data processing

The legal basis for the processing of your contact data is based on Art. 6 para. 1 lit. f DSGVO. Your legitimate interests lie in the processing of your request and further communication. If the purpose of your contact is to conclude a contract with the company, the legal basis for processing your contact data is Art. 6 Para. 1 lit. b DSGVO.

4.2.3 Duration of storage or criteria for determining this duration

After the processing of your request and the termination of further communication, the contact data will be deleted. This does not apply if the purpose of your contact is to conclude a contract with the company or if you assert your rights to information. The data will be stored until the contractual and/or legal obligations have been fulfilled and legal retention periods do not prevent deletion.

4.2.4 Opposition and removal options

You have the right to object to the processing of your contact data if there are grounds for doing so which arise from your particular situation. If you wish to exercise your right of objection, please contact the address given in point 1. If you object, the communication cannot be continued. This does not apply if the storage of your contact data is necessary for the initiation of a contract or the fulfilment of a contract or the assertion of your rights.

5. Who receives my data?

Within the company, those departments that need your data to fulfil the purposes set out in section 4 will have access to it. Service providers used by the company may also have access to your data (so-called "order processors", e.g. computer centres). Contracts for order processing ensure that these service providers are bound by instructions, ensure data security and handle your data confidentially.

Data will not be passed on to other recipients such as advertising partners, providers of social media services or credit institutions (so-called "third parties").

6. Are my data processed outside the EU or EEA (third country transfer)?

Insofar as the service providers and/or third parties outside the EU or the EEA referred to under point 5 process your data for the purposes set out under point 4, this may result in your data being transferred to a country where no data protection level appropriate to the EU or the EEA can be guaranteed. Such a level of data protection can, however, be ensured with an appropriate guarantee. Suitable safeguards may include standard contractual clauses provided by the EU Commission. A copy of these guarantees can be obtained on request from the contact details mentioned in point 1. Any guarantees may exceptionally be waived if you agree or if the third country transfer is necessary for the performance of your contract with the firm. The EU Commission has also recognised certain third countries as safe third countries, so that appropriate guarantees on the part of the company can also be waived here.

7. What data protection rights do I have?

You have the right at any time to get information about the personal data we have stored about you. If your personal data is incorrect or no longer up to date, you have the right to demand that it be corrected. You also have the right to demand the deletion or restriction of the processing of your data in accordance with Art. 17 or Art. 18 DSGVO. You may also have the right to have the data provided by you published in a common and machine-readable format (right to data transferability).

If you have given your consent to the processing of personal data for specific purposes, you can revoke this consent at any time with effect for the future. The revocation is to be addressed to the company at the contact address specified in paragraph 1. You can also revoke any consent that you have given on the website by sending an email to Info.beas.de@bertelsmann.de .

Pursuant to Art. 21 DSGVO, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your data, which takes place in accordance with the legal basis of Art. 6 para. 1 lit. f DSGVO.

In addition, you have the option of contacting a data protection authority and lodging a complaint there. The authority responsible for the company is the

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Cavalry Str. 2-4
40213 Düsseldorf
Germany
Telephone: +49 (0) 211/38 424-0
Fax: +49 (0) 211/38 424-10
E-mail: poststelle@ldi.nrw.de

However, you can also contact the data protection authority responsible for your place of residence.

8. What source did the data come from?

The data collected via the website comes directly from you. A collection or combination with data from third parties does not take place.

9. To what extent is there automated decision-making?

We do not use fully automated decision making for the purposes mentioned under point 4. There is no profiling on the basis of this data.

Status of the data protection information: May 2019