1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible pursuant to Art. 4 No 7 GDPR for processing data on this website is:
Phone: +49 89 831083
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
According to Art. 20 GDPR, you have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Right to object
In as much as we use the legitimate interests of ourselves or of third parties as legal basis for the processing of personal data (Art. 6(1)(f) GDPR), you have the right to object according to Art. 21 GDPR. In some of the respective sections, we further inform you on the right to object, when such right exists. There, you may also find further information on exciting your right to object.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Encrypted payments on this website
If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.
Payment transactions using common means of payment (PayPal, credit card, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon in your browser line is visible.
In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed (Art. 15 GDPR). You also have the right to have this data corrected (Art. 16 GDPR), blocked or deleted (Art. 17 GDPR). You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data collection on our website
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) GDPR. The website operator has a legitimate interest to ensure an optimized service provided free of technical errors. Therefore server log files have to be stored.
Contact form / Blog comments
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
The above applies in the same way to blog comments.
Registration on this website
You can register on our website in order to access additional products such as EPC.App / PCT.App / IP.Translator. The input data will only be used for the purpose of using the respective site or service for which you have registered. E.g., we need your e-mail address for contacting you, and your name or e-mail address for personalizing the EPC.App / PCT.App books and in a given case for checks of entitlement. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
After expiry of your license for one of our offered services, your registration will not end automatically, but rather be maintained, for allowing you, in case of later new acquiry of a license, to reactivate the service without loss of data (e.g. of your user comments in the EPC.App / PCT.App). If you disagree with this, you can actively terminate your registration at any time via a definite declaration (e.g. by post or e-mail).
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Data transmitted when entering into a contract with online shops, retailers, and mail order
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Data transferred when signing up for services and digital content
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract with us, for example, to banks entrusted to process your payments.
Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
4. Analytics and advertising
On this website, data is collected and stored using the web analytics service software Matomo (www.matomo.org) based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes pursuant to Art. 6 (1) lit. f DSGVO. Pseudonymized user profiles can be created and evaluated from this data for the same purpose. The data collected using Matomo technology (including your pseudonymized IP address) is processed on our servers. No cookies are set.
Matomo does not use a fingerprint to track visitors. Instead of a fingerprint, Matomo uses the most privacy-friendly, industry-leading measures to protect user privacy: the config_id is used by Matomo to aggregate different actions into "visits" in a short time window of up to 24 hours.
The visitor's config_id is a randomly set, privacy-friendly, time-limited hash of a limited set of the visitor's settings and attributes. The config_id or config hash is a string calculated for a visitor based on their operating system, browser, browser plugins, IP address, and browser language. Unlike other tools that use fingerprinting, Matomo does not fingerprint, and the config_id is only valid for less than 24 hours and only for a specific website domain.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
6. Plugins und Tools
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help making our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
7. Cloud service providers
If you register on this website in order to access additional products, your entered registration data / login credentials will be transferred to an authentication service of one of the following cloud service provider using SSL-encryption for authentication checking.
If you use EPC.App or PCT.App, your personalized content of the books will be stored in a data storage and computational processing such as PDF generation will be executed in a compute center of one of the following cloud service providers.
If you use IP.Translator, your text to be translated will be transferred to one of the following cloud service providers to be processed by a compute service according to a translation algorithm provided by IP.appify GmbH. No texts in source or target language of the processed documents will be stored permanently, included into training data beyond the translated document, or inspected by any natural person acting on behalf of IP.appify GmbH. Once you have received the translation, all submitted texts and their translations will be deleted on the server. In as much as temporal storage is needed in a cache or queue for translation processing, the storage is limited to a maximum of 15 minutes. You shall still not use IP.Translator for translating texts containing personal data.
This website uses a cloud service of Microsoft Azure via a data center located within the EU as data storage, compute center, and authentication service. Operator of this service is the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
The transfer of your data to Microsoft is based on Art. 6(1)(a) (Consent) and Art. 6(1)(b) GDPR (Processing for contract purposes). If you disagree with the transfer, the respective service will not be realized due to lack of technically feasible alternatives.
This website uses a cloud service of Google via a data center located within the EU as data storage and compute center. Operator of this service is the Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The transfer of your data to Google is based on Art. 6(1)(a) (Consent) and Art. 6(1)(b) GDPR (Processing for contract purposes). If you disagree with the transfer, the respective service will not be realized due to lack of technically feasible alternatives.
8. Payment service providers
Our website accepts payments via PayPal. The provider of this service is PayPal (Europe) S.à.r.l & Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg.
If you select payment via PayPal, the payment data you provide will be supplied to PayPal based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) GDPR (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
Our website accepts payments via Amazon Payments / Amazon Pay. The provider of this service is Amazon Payments Europe s.c.a., 38 avenue J.F. Kennedy, L-1855 Luxemburg.
If you select payment via Amazon Payments / Amazon Pay, the payment data you provide will be supplied to Amazon Payments based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) GDPR (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
9. Print service providers
On our website, we use Lulu Press for offering a print-on-demand service. Operator of this service is the Lulu Press, Inc. 627 Davis Drive, Suite 300, Morrisville, NC 27560, USA.
If you order a personal print via our print-on-demand service, your print data and shipping address confirmed in the order will be transferred to Lulu Press using SSL-encryption for print processing and shipment.
The transfer of your data to Lulu Press is based on Art. 6(1)(a) (Consent) and Art. 6(1)(b) GDPR (Processing for contract purposes). If you disagree with the transfer, the print-on-demand service will not be realized due to lack of technically feasible alternatives.