Welcome to DE GRUYTER Publishing Group!
Please find our privacy statement for authors here.
Please find our privacy statement for customers here.
Please find our privacy statement for deutscherkunstverlag.de here.
Please find our privacy statement for jovis.de here.
Please find our privacy statement of staudinger-bgb.de here.
We are pleased that you are visiting our websites and thank you for your interest in our company, our products and our websites. The protection of your privacy when using our websites is important to us. Therefore, please take note of the following information. This information fulfils our duty to provide information in accordance with Art. 13 DS-GMO for all processing carried out on the websites
(hereinafter: "the website" or "the websites").
I. General Information
This data protection declaration can be called up, printed out or downloaded permanently and at any time at the web address www.degruyter.com/page/privacy-policy.
2. Controller and Data Protection Officer:
Walter de Gruyter GmbH
Genthiner Straße 13
D-10785 Berlin / Germany
Tel: +49 30 260 05-0
Fax: +49 30 260 05-251
Data Protection Officer:
II. Functions of our Websites
We offer the following functions on our websites:
1. General Information
Personal data is only collected on this website to the technically necessary extent. During a mere visit to our website, no personal data is collected. To establish and maintain the connection, de Gruyter automatically collects and stores only the following server log files that your browser transmits to us:
- the filename and URL you accessed
- the HTTP response code
- the browser type, the browser version
- the operating system used
- the referrer URL (the previously visited page)
- the host name of the accessing computer (IP address/domain name)
- date and time of the server request
- and the bytes transferred during the connection.
These data cannot be connected to specific persons by de Gruyter. These data are not combined with other data sources.
2. Contact Form
All data to be provided when using the contact form "Your opinion" is mandatory. These data will only be processed to handle your request. This processing is based on Article 6(1)(f) GDPR. Our legitimate interest is to provide you with a fast and effective way to contact us. After your request has been processed your data will be deleted immediately.
3. Use of the Shop
Registration is required to use our online shop. Within the scope of this registration, you are asked to provide us with the following data: Name, first name, address, e-mail address and a password to be specified. We need and use this data exclusively to provide your user account and to process your order.
We use different payment service providers. If payment is made via ingenico, the payment data will be collected by de Gruyter and forwarded directly to the payment service provider involved, Ingenico Group S.A., 28/32 Boulevard de Grenelle, 75015 Paris, France. For more information on the data protection regulations applicable there, please visit https://www.ingenico.com/privacy-policy. When paying by credit card, you can use the Payone system from PAYONE GmbH, which is certified according to the Payment Card Industry Data Security Standard (PCI DSS). Your credit card data is collected and processed directly by PAYONE and not stored by us.
The legal basis for such processing is Article 6(1)(b) GDPR. We store your registration data for as long as you keep a user account with us. We will then keep this data for a further 4 years and 6 months, in the event that further legal claims arise from this relationship.
If you have placed an order via the online shop, we will also store this data until you cancel the user account. After that, we keep the data contained in the invoices for a further 11 years and 6 months, as we are obliged to fulfil our statutory storage obligation pursuant to Art. 6 para. 1 lit. c) GDPR in conjunction with § 147 AO and § 257 HGB.
As a member, you can also leave comments on the individual products in the shop area. These are only visible to the other registered users. You can decide for each comment whether you want to publish it under its clear name or an alias. No user data other than the chosen name will be made public.
The legal basis for such processing is Article 6(1)(f) GDPR. Our legitimate interest is to offer you a convenient evaluation function. Your data will be stored and made publicly accessible as long as the product is sold in the shop and subsequently deleted.
4. Access to Online Contents (Pschyrembel and Staudinger)
We offer you the possibility to subscribe to online content, such as the Pschyrembel and the Staudinger for certain periods of time. This can be done either via our online shop or in certain cases, such as a test account or if you acquire a student account, via a separate website. Regardless of how you order, we need your name, address and e-mail address. Additional data such as training status, educational institution or matriculation information may also be required, depending on the reference option.
The data required for the acquisition or use of the online content will only be used for the provision of the online content. The legal basis for this is Art. 6 para. 1 lit. b) GDPR.
We store this information for the duration of your subscription. Thereafter, we will hold them for another 4 years and 6 months, in the event that further legal claims arise from this relationship. The data contained in invoices is retained for a further 11 years and 6 months, as we are obliged to fulfil our statutory storage obligation pursuant to Art. 6 para. 1 lit. c) GDPR in conjunction with § 147 AO and § 257 HGB.
We use external service providers for technical implementation. Your data will be transmitted to these service providers.
5. Newsletter and Alerts
If you would like to receive the newsletter or e-mail alerts offered on the website, you must already be registered on our website. We will then use the e-mail address you have already provided to verify your newsletter subscription and then to send the notification you have ordered. Further data will not be collected. You can revoke your consent to the use of the e-mail address for sending the newsletter and the e-mail alerts at any time by clicking on the corresponding link at the end of the respective newsletter.
The processing is based on Art. 6 para. 1 lit. a) GDPR in conjunction with Art. 95 GDPR and § 7 para. 2 no. 3 UWG. We process your data for this function until you revoke your consent.
We use external service providers to whom this data is transferred to provide our e-mail newsletter.
III. Internet-specific technologies, in particular cookies
For technical reasons, so-called session cookies are used. The session cookie is technically necessary to establish and maintain a connection to our website. The cookie we set does not contain any personal data, but only a random identification number. When you close your browser, this cookie is automatically deleted and is no longer stored on your hard drive. You can prevent cookies from being stored in your browser settings. However, this can lead to the fact that individual functions of the website are not available.
For technical reasons we also set cookies from our service New Relic. New Relic is a performance analysis service of New Relic Inc. 188 Spear St., Suite 1200 San Francisco, CA USA 94105 ("New Relic"). New Relic measures the technical performance of our website. The tool determines whether our website can be called up and how quickly the respective page is displayed when it is called up. To this end, New Relic collects data such as system data on add-ons used, times-of-use, browsers used, hardware and software used (so-called "application data"). New Relic sets one or more cookies in your browser for this purpose. The application data is stored on New Relic's servers and, in addition to analyzing the performance of our website, is also used to compare the performance of different websites across different offers. For more information about New Relic, please visit www.newrelic.com. The data protection declaration is available at http://newrelic.com/privacy. Data is transferred to the USA.. You can object to the processing at any time by deleting and blocking New Relic cookies. The data processing is justified in accordance with Art. 6 Para. 1 letter f) GDPR, as we have a legitimate interest in enabling the optimal use of our website
IV. Recipients of data
Internally, the departments responsible for processing the respective task have access to personal data. External data transfers take place in addition to those mentioned under II. and III. above all to external service providers, which we use, as far as we cannot provide services or cannot provide them sensibly ourselves. These are primarily IT and communication service providers.
V. Data Subject Rights
The basic data protection regulation guarantees you certain rights which you can assert against us - insofar as the legal requirements are met.
- Art. 15 GDPR - Right of the data subject to obtain information: You have the right to request confirmation from us as to whether personal data relating to you are processed and, if so, what these are and the detailed circumstances of data processing.
- Art. 16 GDPR - Right to rectification: You have the right to request us to rectify any inaccurate personal data concerning you without delay. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
- Art. 17 GDPR - Right of deletion: You have the right to request us to delete personal data concerning you without delay.
- Art. 18 GDPR - Right to limitation of processing: You have the right to request us to restrict processing.
- Art. 20 GDPR - Right to data transferability: You have the right, in the event of processing on the basis of consent or in order to fulfil a contract, to receive the personal data concerning you that you have provided us in a structured, current and machine-readable format, and to transmit this data to another person responsible without our interference or to have the data transmitted directly to the other responsible person if this is technically feasible.
- Art. 21 GDPR - Right of objection: You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is necessary for our legitimate interest or for the protection of a task in the public interest, or which is carried out in the exercise of official authority. To do so, please contact one of the addresses given in the data protection declaration.
If you object, we will no longer process your personal data, unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process your personal data for direct marketing purposes, you have the right to object to the processing at any time. If you object to the processing for direct advertising purposes, we will no longer process your personal data for these purposes.
- Art. 77 DSGVO in conjunction with § 19 BDSG - Right of appeal to a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your workplace or the place of suspected infringement, at any time if you believe that the processing of personal data concerning you is contrary to applicable law.
If you have given us your consent, you have the right to revoke your consent at any time. All data processing that we have carried out up to your revocation remains legal in this case. For this purpose you can send us a message to email@example.com.
VI. Obligation to Provide Data
You have no contractual or legal obligation to provide us with personal data. However, we will not be able to offer you our services without the information you provide.
VII. Existence of Automated Decision Making (Including Profiling)
We do not use automated decision making that has legal effects on you or affects you.
VIII. Data Security
The transmission of payment data to the payment service provider is encrypted using a 256-bit RSA TLS protocol. By entering the domain as https, the user can effect the encrypted transmission of other personal data to de Gruyter.
Status: December 2020