G. Henle Verlag takes the protection of your personal data extremely seriously. We therefore adhere very strictly to the rules laid down in data protection legislation.
We only process the personal data (“data”) of data subjects in a manner which conforms with the General Data Protection Regulation (“GDPR”). Data processing is necessary, in particular, to enable us to provide our services and to provide a fully-functional website, including digital content and services. User data is normally only processed once consent from the user has been obtained. Exceptions apply to cases where it is not possible to obtain prior consent for legitimate reasons or where processing of the data is permitted by law. Processing shall only take place within the data systems of G. Henle Verlag.
Once the reasons for storage no longer apply, any data pertaining to data subjects shall be erased or the processing thereof restricted. Data may also be stored if this is provided for by European or German legislators in EU ordinances, laws or other regulations to which the controller is subject. Restricted processing or the erasure of data shall then also occur upon expiry of a storage period stipulated in the designated standards, unless it is necessary to continue storing the data in order to conclude or execute a contract.
Definition of terms
We refer here in particular to Art. 4 GDPR.
Controller for the purposes of Art. 13(1)(b) GDPR
The controller for the purposes of the GDPR and other national data protection laws of the EU member states, as well as any other data protection provisions, is:
G. Henle Verlag
Forstenrieder Allee 122
Contact details of the data protection officer for the purposes of Art. 13(1)(b) GDPR:
The data protection officer of the controller is:
Provider identification pursuant to Section 5 German Telemedia Act (TMG) can be found in the Legal Notice of the henle website.
We collect different categories of data from those who use our services. These are subdivided as follows:
- Personal identification data, e.g.: names, addresses...
- Electronic identification data, e.g.: IP addresses, screen resolution...
- Contact details, e.g.: telephone numbers, email addresses....
- Contract data, e.g.: date of contract conclusion, separate contract provisions....
- Input data, e.g.: images that have been uploaded/submitted, text entries...
Purposes and legal basis of processing as defined by Art. 13(1)(c) GDPR
The GDPR constitutes the sole legal basis for the processing of data. It is necessary for us to perform processing in order to provide the best possible service. More detailed descriptions of the different purposes can be found in the corresponding subsection.
Processing is based exclusively on the following legal foundation:
In accordance with Art. 6(1)(a) and Art. 7 GDPR, processing is lawful if the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
In accordance with Art. 6(1)(b) GDPR, processing is lawful if such processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.
In accordance with Art. 6(1)(c) GDPR, processing is lawful if such processing is necessary for compliance with a legal obligation to which the controller is subject. In accordance with Art. 6(1)(d) GDPR, processing is lawful if such processing is necessary in order to protect the vital interests of the data subject or of another natural person.
In accordance with Art. 6(1)(f) GDPR, processing is lawful if such processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Transfer to third parties for the purposes of Art. 13(1)(e) GDPR
In principle, data shall not be passed on to third parties. There may be circumstances, however, in which it is appropriate to outsource data processing to an external service provider to allow us to perform our work (for example, address data are transmitted to transport companies to enable them to deliver products that have been purchased).
We shall only transfer data to recipients with whom we have concluded a contract on commissioned data processing as defined by Art. 28 GDPR. This article stipulates how data pertaining to data subjects should be handled, and ensures they are protected.
Rights of data subjects
Data subjects have the following rights:
- Full right of access regarding the processed data pursuant to Art. 15 GDPR
- Right to rectification of the data pursuant to Art. 16 GDPR
- Right to GDPR-compliant portability of data pursuant to Art. 20 GDPR
- Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR
- Right to withdraw data processing consent pursuant to Art. 7(3) GDPR
- Right to object on personal grounds pursuant to Art. 21 GDPR or, specifically, a right to processing in accordance with Art. 6(1)(f) GDPR
- Right to erasure of the data pursuant to Art. 17 GDPR. Should erasure be prevented on grounds arising from Art. 6(1) GDPR, the scope of processing shall be restricted.
- Right to restriction of data processing pursuant to Art. 18 GDPR
Further information can be found here:
The legal information and data protection regulations as cited on the G. Henle Verlag website are binding.
On some pages we use the “Google Maps” service to display directions. This feature is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
As already stated above, data processing is only performed here if the provisions stipulated in the GDPR are met. This is the case with Google LLC thanks to its participation in the Privacy Shield.
When a “Google Maps” service is displayed, Google LLC stores data and cookies are placed on the data subject’s device. This can be prevented by adjusting the browser settings as described above.
Use of the “Google Maps” service assists with the provision of our website, whereby processing is necessary to protect the legitimate interests of the controller. The legal basis is therefore Art. 6(1)(f) GDPR.
These can be found under the following links:
In accordance with Art. 32 GDPR, we take suitable technical and organisational security measures to protect data against manipulation, unauthorised processing and accidental losses of any kind.
Furthermore, we adhere to the principle of Privacy by Design laid down in Art. 25 GDPR by using privacy-aware standard settings and software that is generally privacy-friendly.
We employ the most modern equipment and improve our services at regular intervals in order to continue to maintain the security of data in our services.