Breitkopf & Härtel KG
Buch- und Musikverlag
Walkmühlstraße 52, 65195 Wiesbaden, Germany
Telephone (+49) 611 45008 0, Fax (+49) 611 45008 59
Data Protection Officer of the Company
Data Processing Principles
We, Breitkopf & Härtel KG, take the protection of your personal data very seriously and would like to inform you in the following about the type of personal data we collect and how we process this in accordance with the statutory provisions. Please also see our General Terms and Conditions.
We process and store personal data as described below only for purposes in accordance with Article 6, section 1 of the GDPR. We treat the stored data confidentially and only pass it on to third parties in the cases outlined below. The data will be stored only for the period that is necessary for the respective purpose, but at least as long as is prescribed in accordance with the statutory retention periods that are applicable in each case.
We take technical and organizational measures in order to protect your data as comprehensively as possible from unauthorized access. On our websites, we use an encryption method. That means the data will be transmitted from your computer to our server and vice versa via the internet using an SSL encryption method. The closed padlock symbol in the status bar of your browser and the address line starting with https:// show this encryption.
Referral to Social Media Websites / Electronic Services of Third Party Providers on our Website
Distribution of Content through Sharing
Some content of our website includes the possibility of sharing this content with other users (via Facebook, Twitter, Google+, email). The buttons used for this purpose are integrated using Shariff (read more at heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html) with the result that no data is transferred when a page is accessed. The Shariff button establishes the direct contact between the social network and the visitor only if the visitor actively clicks the Share button. If you click on this button, you as the user will leave our website and access the website of the social network provider.
Our website uses plugins from the social network SoundCloud. The operator of this service is SoundCloud Limited, Berlin.
Alternatively, the respective SoundCloud website can be accessed by clicking on the title within the plugin. If you click on this, you as the user will leave our website and access the SoundCloud website.
You have the opportunity to communicate with us in person, by telephone, by fax, via e-mail or by using the contact form on our website. In these cases, we will record your personal data that is required for responding to/processing your request. For example, in order to be able to process a request/message submitted via our contact form, we require your name and your e-mail address. You may submit further information, but you do not have to do so. We store and use this data exclusively for the purpose of responding to your request or for contacting you as well as for the technical administration related to this. The legal basis for the processing of your data is our legitimate interest in accordance with Article 6, section 1, lit. f of the GDPR in responding to your request. If you contact us for the purpose of concluding a contract, an additional legal basis for the processing of your data can be found in Article 6, section 1, lit. b of the GDPR.
Recipients of Your Data / Transfer of Data to Third Parties
We process your data only for our own business purposes. If necessary, your data will be transferred to service providers (third parties) that have been bound by contracts accordingly. This means that the data transfer and processing will be performed exclusively in the scope required for the respective purpose, including for the operation of our websites (e.g. hosting, maintenance), for the shipment of the ordered goods (e.g. postal services operators, shipping providers, parcel service providers), for payment transactions* (e.g. credit card companies, payment service providers; in the case of delayed payments also to debt collection companies** and credit reporting agencies), for the newsletter distribution (see below under Newsletter) and for the operation of our software solutions used internally (software maintenance).
* see below under Webshop
** If we instruct Creditreform to collect debts in the event of default, Creditreform Wiesbaden Hoffmann & Nikbakht KG is responsible within the meaning of Art. 4 No. 7 EU-GDPR. For more information, please visit https://www.creditreform.de/wiesbaden/datenschutz.
Data Transfer to Third Countries
If you request ordered goods to be shipped to a third country outside of the EU, we will transfer the personal data required for that purpose to service providers outside of the EU.
When accessing our digital services on YouTube and Issuu, data will be transferred to a third country outside of the EU (see above).
On our websites, we only use session cookies. Data processing will be performed on the basis of Article 6, section 1, lit. f of the GDPR in order to optimize the user guidance and/or to make it more secure and effective, to adjust the presentation of our website and to maintain the SSL-secured connection. If you order items on our website, data processing is furthermore performed on the basis of Article 6, section 1, lit. b of the GDPR.
We provide newsletters on various topics of our publishing programme. If you are at least 16 years old, you can subscribe to this newsletter on the basis of consent (Article 6, section 1a of the GDPR) whereby an e-mail address must be provided.
If you voluntarily indicate your fields of interest, you will receive a newsletter that contains customized information.
For the purpose of ensuring that the newsletters are sent in accordance with the customers’ consent, we use the double opt-in procedure. The double opt-in means that the potential recipient is added to a mailing list on his/her request. Subsequently, the user receives a confirmation e-mail and thereby the opportunity to confirm the registration in accordance with the law. Only if the user confirms the registration, the address will be actively included in the mailing list. We will use this data exclusively for sending the requested information and offers.
We use the Newsletter2Go newsletter software. Your data will be submitted to the company Newsletter2Go GmbH. Newsletter2Go GmbH is prohibited from selling your data and using it for purposes other than sending the newsletter. Newsletter2Go GmbH is a German certified provider that has been selected in accordance with the requirements of the General Data Protection Regulation and the German Federal Data Protection Law. You can find further information at newsletter2go.com/information-for-newsletter-recipients/.
You can revoke the consent granted regarding the storage of the data and the e-mail address as well as regarding their use for sending the newsletter at any time, e.g. by using the “unsubscribe” link in the newsletter.
If you subscribe to our newsletter, your e-mail address, IP address as well as the activation time will be recorded (stored) at the time of the activation together with the activation code. You can unsubscribe from the newsletter at any time.
If you are at least 16 years old, you are able to purchase our publishing products in our online shop. If you are younger, please contact the local retailers.
If you order our products through our webshop, you can pay by credit card or PayPal. For this you will be redirected directly to the websites of the payment service providers and your payment data will be stored and processed directly by the payment service provider and not by us.
For the payment process by credit card, you will be redirected directly to the website of our PCI-certified payment service provider (Wirecard AG, 85609 Aschheim). Wirecard Bank AG processes personal data of cardholders for the purpose of payment processing as the responsible person within the meaning of Art. 4 (7) GDPR. Further information is available at https://www.wirecardbank.de/DSGVO.
For the payment process via PayPal you will be forwarded directly to the PayPal site (PayPal Europe S.à.r.l. et Cie, S.C.A., L-2449 Luxembourg). Payment requires a PayPal account. PayPal processes personal data as the person responsible within the meaning of Art. 4 (7) GDPR. More information is available at https://www.paypal.com/ie/webapps/mpp/ua/legalhub-full?locale.x=en_US.
Information Regarding Your Rights as User
You have the right to request a confirmation on whether personal data concerning you is processed; if this is the case, you have a right of access to this personal data and to the information detailed in Article 15 of the GDPR.
In accordance with Article 16 of the GDPR, you have the right to request the completion of the data concerning you or the rectification of the incorrect data concerning you.
In accordance with Article 17 of the GDPR, you have the right to request that data concerning you will be deleted immediately or, alternatively, to request a restriction of the processing of the data in accordance with Article 18 of the GDPR.
In certain cases that are detailed in Article 20 of the GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer of this data to a third party.
Withdrawal of the Consent (Article 7, section 3 of the GDPR)
In accordance with Article 7, section 3 of the GDPR, you have the right to withdraw any consent granted at any time with effect for the future.
Right to Object (Article 21 of the GDPR)
If data is collected on the basis of Article 6, section 1, lit. f (data processing necessary for the purposes of legitimate interests), you have the right to object at any time to the processing for reasons that result from your particular situation. We will then no longer process the personal data, unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or unless the processing serves for the establishment, exercise or defence of legal claims.
Right to Lodge a Complaint with a Supervisory Authority
In accordance with Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of the personal data concerning you infringes data protection provisions. The right to lodge a complaint may be asserted in particular vis-á-vis a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.
Privacy Hints, version of 26 November 2019