Privacy Policy
I GENERAL SECTION OF THE PRIVACY POLICY
- Area of application of the Privacy Policy
This Privacy Policy serves to inform the user about the nature, scope and purposes of the collection and use of personal data for the online services of the C.H.BECK publishing house. The information provided in this General Section applies to the same extent to all websites and online services; the information provided in the Special Section applies to the respective online service accessed by the user.
- Principles and definitions
The processing of personal data within the framework of the online services and their websites is carried out in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). This Privacy Policy informs users about the collection and processing of personal data. As a rule, the data is collected directly from you or originates from enterprises with which you have been in contact, or from publicly accessible sources. The provider of the respective online service is Verlag C.H.BECK GmbH & Co. KG. A customer is the legal or natural person who concludes a contract with the provider regarding the provision of services. A user is any natural person who uses the online service. The online services comprise beck-online, beck-shop, beck-stellenmarkt, beck-seminare, beck-fernkurse, presse.beck.de, anzeigenbuchung.beck.de, beck-community, rsw.beck.de and chbeck.de. A website is the respective website available under the corresponding URL of the service. Otherwise, the definitions set forth as per Article 4 GDPR apply to this Privacy Policy.
- Name and contact details of the controller
Verlag C.H.BECK GmbH & Co. KG, Wilhelmstr. 9, 80801 Munich, Germany Postal address: Postfach 40 03 40, 80703 Munich 00 49 (0) 89 3 81 89 0 Email: kundenservice@beck.de
- Contact details of the data protection officer
Email: datenschutzbeauftragter@beck.de
- Rights of data subjects
The data subject has the following rights:
Right of access to personal data concerning the data subject (Article 15 GDPR)
Right to rectification (Article 16 GDPR)
Right to erasure (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to object to processing if this processing is based on Article 6 Section 1 Point (e) or Point (f) GDPR (Article 21 GDPR); see also the note under Section III on the right to object according to Article 21 GDPR.
Right to data portability (Article 20 GDPR)
Right to revoke consent which has been granted at any time, without such revocation affecting the lawfulness of processing carried out on the basis of consent before its revocation, if processing is based on consent granted according to Article 6 Section 1 Point (a) or Article 9 Section 2 Point (a) GDPR.
Right to lodge a complaint with a supervisory authority (Article 77 GDPR). The supervisory authority with jurisdiction for the provider is the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 27, 91522 Ansbach, Germany, Phone: +49 (0) 981 53 1300, Fax: +49 (0) 981 53 98 1300, Email: poststelle@lda.bayern.de.
Any enquiries in connection with subject should be sent by email to the provider: datenschutzauskunft@beck.de.
- Protection of personal data
The provider implements technical and organisational measures in accordance with the requirements of Article 32 GDPR for the protection of the user’s personal data. All of the provider’s employees who are involved in the processing of personal data are bound by confidentiality obligations. The user’s personal data is generally encrypted using HTTPS when it is transmitted to the websites.
- Amendments to the Privacy Policy
Depending on the case, it may be necessary to adapt and amend the content of this Privacy Policy. The provider consequently reserves the right to amend this Privacy Policy and shall make the amended version available on the website. In addition, data subjects shall be informed in advance if the provider intends to further process personal data for a different purpose.
II SPECIAL SECTION OF THE PRIVACY POLICY FOR WWW.LEGALXCHANGE.DE
- Information transmitted via the browser
(1) When the website of an online service is visited purely for informational purposes (i.e. use is without registration, login or communication with the provider via the website), the user’s browser automatically transmits information to the provider’s server, where it is temporarily stored in so-called a logfile. Within this scope, the provider collects and processes the following information and personal data, in particular:
Date and time of access
Time zone difference to Greenwich Mean Time (GMT)
Browser type and browser settings
Language and browser software version
Operating system used
Content of the request (specific page)
Page last visited by the user
Volume of data transmitted
Access status/HTTP status code
IP address
(2) This information and personal data is required in order to correctly deliver and optimise the content of the website, in order to optimise advertising for the website and in order to ensure network security and information security as well as in order to protect the website against attacks, disruptions and damage.
(3) The personal data and information collected is evaluated statistically and for the purpose of improving data protection and data security in order to ensure an appropriate level of protection for the personal data processed by the provider. The personal data collected when the website is accessed, in particular the user’s IP address, is deleted no later than thirty days after collection, unless an attack or threat in connection with the user has been detected.
(4) Inasmuch as the provider collects and processes personal data, e.g. in particular the user’s IP address, when the website is accessed and visited, the legal basis for this collection and processing is Article 6 Section 1 Point (f) GDPR since this processing is necessary in order for the provider to pursue its legitimate interests. The provider thus pursues the legitimate interests of improving data protection and data security, ensuring a level of protection of the personal data which the provider processes in keeping with the risk, ensuring network security and information security and optimising the website as well as protecting it against attacks, disruptions and damage.
- Use of cookies
(1) Cookies are used when the website is accessed. Cookies serve the purpose of personalising the website for the user and making the website easier to use. Cookies are small text files which the website transmits to the cookie file of the internet browser on the user’s device and which it stores there for later retrieval, making it possible for the user to be recognised on subsequent visits. A cookie typically contains the name of the domain from which the cookie originates, the “lifetime” of the cookie and a unique identifier.
(2) The following types of cookies are used on the website:
Session cookies: These are temporary cookies which remain in the browser’s cookie file until the user leaves the website. Session cookies are primarily required to enable the user to use the website and, where applicable, to carry out processing for registrations, logins or purchase orders. Session cookies are deleted at the end of the browser session.
Persistent cookies: These remain in the browser’s cookie file for a longer period of time. The duration of this period depends on the specific cookie’s lifetime. It may be unlimited or extend up to the point of erasure. The provider’s persistent cookies enable the website to remember selections made by the user (e.g. the user’s registration data, the language selected by the user or the region in which the user is located).
Web beacons: These are electronic markers (also known as “clear GIFs” or “web bugs”) which allow the provider to count the number of users who have visited the website.
(3) Within the scope of consent management (“cookie banner”), the website gives you the option of deciding, according to your preferences, whether cookies are set for this section of the web page. You may change the decision you take there at any time and can subsequently grant or revoke consent. For this purpose, you can display the setting options and adapt your cookie settings.
(4) If the user does not wish to accept cookies or web beacons, it is possible to refuse them and object to any accessing of previously stored information by defining the internet browser settings accordingly. The settings within the browser which permit the user to do this vary from browser to browser. They can usually be found under “Privacy” or “Cookies” in the “Internet Options” or on “Settings” menu of the browser. If the user requires assistance deactivating or deleting cookies, such assistance is available via the browser’s “Help” menu. Information on managing and deleting cookies as well as the corresponding instructions are also available for commonly used browsers, e.g. on the website www.meine-cookies.org. Please note, however, that blocking or deleting cookies and/or web beacons may result in your not being able to use all of the interactive properties and functions of the website.
(5) Inasmuch as the provider uses cookies and consequently collects and processes the user’s personal data when the website is accessed and visited, the legal basis for this collection and processing is Article 6 Section 1 Point (f) GDPR since such processing is necessary so that the provider can pursue its legitimate interests. The provider thus pursues the legitimate interests of personalising the website for the user and making the website easier to use.
- Web analytics services
Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of visitors to the website. For this purpose, the website operator receives a variety of usage data, e.g. page views, the amount of time the user spends on a page, the operating systems used and the user’s origin. This data is assigned to the corresponding end device of the user; it is not allocated to a user ID.
In addition, Google Analytics may record mouse movements, scrolling behaviour and clicks, among other things. Moreover, Google Analytics uses various modelling approaches in order to supplement the collected datasets, and makes use of machine-learning technologies in order to analyse the data.
Google Analytics uses technologies which enable recognition of the user for the purpose of analysing the user’s behaviour (e.g. cookies or device fingerprinting). The information collected by Google in connection with the use of the website is generally transmitted to and stored on a server in the USA.
The use of this service is based on your consent pursuant to Article 6 Section 1 lit. (a) GDPR and Article 25 Section 1 of the German Telecommunications Digital Services Data Protection Act (“Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz” – TDDDG). This consent may be revoked at any time.
Data transmission to the USA is based on the EU Commission’s Standard Contractual Clauses. You can find details on this here: https://business.safety.google/adscontrollerterms/sccs/.
The enterprise is certified according to the EU-US Data Privacy Framework (DPF). DPF is an agreement between the European Union and the USA which is intended to ensure compliance with European data protection standards for the processing of data in the USA. Each company certified in accordance with DPF undertakes to comply with these data protection standards. You will find further information from the provider on this topic via the following link: https://www.dataprivacyframework.gov/participant/5780.
IP anonymisation
Google Analytics IP anonymisation is activated. As a result, your IP address is truncated by Google within Member States of the European Union or in other states participating in the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information in order to evaluate your use of the website, in order to compile reports on website activities and in order to provide other services relating to website use and internet use to the website operator. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data.
Browser plug-in
You may prevent data collection by Google by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
You will find more information on the handling of user data at Google Analytics in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Data processing
We have concluded an agreement regarding data processing with Google, and implement the strict provisions of the German data protection authorities in their entirety with regard to the use of Google Analytics.
- Profiling
(1) The provider processes user data automatically, in part for the purpose of evaluating certain personal aspects (profiling). This profiling is carried out in order to enable requirements-based communication and advertising, including market research and opinion research, and in order to tailor the website to the user’s needs, unless the user has objected to such.
(2) The legal basis for this profiling is Article 6 Section 1 Point (f) GDPR. This profiling is necessary as a result of the legitimate interests of the provider. The legitimate interests of the provider include enabling advertising, market research and opinion research, as well as the user-orientated design of the website.
(3) Information on the user’s right to object is provided in Section III.
- CCM19
Our website uses CCM19 in order to obtain and document your consent to the storing of specific cookies on your end device or to the use of specific technologies in a manner which is data protection compliant. The provider of this technology is Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn (hereinafter “CCM19”).
When you visit our website, a link to the servers of CCM19 is established in order to obtain your consent and other declarations regarding the use of cookies. CCM19 subsequently saves a cookie in your browser in order to be able to allocate any consent granted or revocation of such. The data thus obtained is stored until you request that we delete it, until you delete the CCM19 cookie yourself or until the purpose for storing this data has ceased to exist. Mandatory applicable retention obligations remain unaffected by this.
CCM19 is used in order to obtain the legally required consent to the use of cookies. The legal basis for this is Article 6 Section 1 Sentence 1 lit. (c) GDPR.
Data processing
We have concluded a data processing agreement (DPA) concerning the use of the aforementioned service. This is an agreement required by data protection law which ensures that the personal data of visitors to our website is processed only in accordance with our instructions and in compliance with GDPR.
- Recipients of personal data
1) Personal data (which may also include a curriculum vitae, covering letter and/or photograph), with the exception of the categories listed in (3), is processed on the provider’s systems in order to rule out unauthorised external interference from outside the systems or resulting from adjacent third-party hosting applications. Only the provider shall use this data, whereby it shall be accessible only to an authorised group of employees. In addition, access shall be restricted to that data which is necessary for the completion of the respective task.
(2) Disclosure of the user’s personal data (which may also include a curriculum vitae, covering letter and/or photograph) to third parties occurs only (a) within the scope of contract performance, or (b) for the purpose of fulfilling legal obligations according to which the provider is required to submit information or share or forward data, or (c) as a result of the legitimate interest of the provider or the legitimate interest of a third party, or (d) if the user has granted consent to allow transmission to a third party.
(3) Personal data (which may also include a curriculum vitae, covering letter and/or photograph) may likewise be disclosed to the following recipients or categories of recipients:
To a newsletter administrator for the purpose of determining the intensity of use of the editorial newsletters sent by this online service.
To BTJ exhibitors and/or persons in the company who require this data for reviewing application documents.
- Duration of storage and deletion of personal data
(1) The provider processes and saves the user’s personal data for the duration of the business relationship between the user and the provider. This also includes the contract initiation (a pre-contractual legal relationship) and contract performance.
(2) In addition, the provider processes and saves this personal data inasmuch as such processing is necessary as a result of applicable retention and documentation obligations. Such obligations arise, inter alia, from the German Commercial Code (Handelsgesetzbuch – HGB) and the Fiscal Code of Germany (Abgabenordnung – AO).
(3) If the data is no longer required for the fulfilment of contractual or legal obligations and rights, it shall be regularly deleted, unless its further processing is necessary for the fulfilment of purposes which are justified by an overriding legitimate interest on the part of the provider within the context of Article 6 Section 1 Sentence 1 Point (f) GDPR.
- No automated decision-making
The provider shall not undertake any automated decision-making within the context of Article 22 Section 1 GDPR which would produce legal effects concerning the user or similarly significantly affect the user.
- Accessibility of the Privacy Policy
This Privacy Policy can be accessed and printed via the footer of the online service.
III. RIGHT TO OBJECT ACCORDING TO ARTICLE 21 GDPR
- a) Right to object based on a particular situation
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is based on Article 6 Section 1 Sentence 1 Point (e) (public interest) or Point (f) (processing of data on the basis of a consideration of interests) GDPR; this shall also apply in the case of profiling based on one of these provisions. If an objection is submitted, the provider shall cease processing the personal data unless the provider can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves in the assertion, exercise or defence of legal claims.
- b) Right to object to direct marketing
If the provider processes personal data received from you in order to pursue direct marketing, you have the right to object at any time to the processing of the personal data for purposes of such marketing; this shall also apply to profiling inasmuch as this is related to such direct marketing. If you object to processing for the purposes of direct marketing, then the personal data shall no longer be processed for these purposes.
- c) Recipient of the objection
Please send your objection to the following email address:
It will then be forwarded to the data protection officer.
Last amended: 7 January 2025 Verlag C.H.BECK GmbH & Co. KG
Wilhelmstraße 9, 80801 Munich, Germany
Munich District Court HRA 48045
Sharing on social networks
The content on our pages may be shared on various social networks such as Facebook or Twitter. However, we do not use any plug-ins provided by these social networks on our pages. Such tools automatically and unsolicitedly transmit a large volume of user data to the operators of these social networks.
eRecht24 Safe Sharing Tool
The content contained in this website may be shared on social networks such as Facebook, X, etc. in a data-protection-compliant manner. This page uses the eRecht24 Safe Sharing Tool for this purpose. This tool does not establish direct contact between the networks and users until the user actively clicks on one of these buttons. Clicking on the button constitutes consent within the context of Article 6 Section 1 Point (a) GDPR and Article 25 Section 1 TDDDG. This consent may be revoked at any time with effect for the future.
This tool does not automatically transmit user data to the operators of these platforms. If the user is logged in on one of the social networks, an information window will be displayed when the user accesses the social media elements of Facebook, X, etc., in which the user can confirm the text before sending it.
Our users can share the content of this page on social networks in a data-protection-compliant manner without such resulting in the creation of complete browsing profiles by the operators of the networks.
The service is used in order to obtain the legally required consent to the use of cookies. The legal basis for this is Article 6 Section 1 lit. (c) GDPR.
