Privacy Policy
I. GENERAL PART OF THE PRIVACY POLICY
1. Scope of the Privacy Policy
This Privacy Policy informs users about the type, scope, and purposes of the collection and use of personal data for the online services of Verlag C.H.Beck. The information provided in the General Part applies equally to all websites and online services, while the information in the Special Part applies to the respective online service accessed by the user.
2. Principles and Definitions
The processing of personal data within the scope of online services and their websites is carried out in accordance with the General Data Protection Regulation (GDPR / DS-GVO) and the Federal Data Protection Act (BDSG). This Privacy Policy informs users about the collection and processing of personal data. As a rule, data are collected directly from you, from companies with which you have been in contact, or from publicly accessible sources. The provider of each online service is Verlag C.H.Beck GmbH & Co. KG. Customer: the legal or natural person who concludes a contract with the provider for the supply of goods or services. User: any natural person using the online service. Online services: beck-online, beck-shop, beck-stellenmarkt, beck-seminare, beck-fernkurse, presse.beck.de, anzeigenbuchung.beck.de, beck-community, rsw.beck.de and chbeck.de. Website: the website available under the respective URL of the service. Unless otherwise defined here, the terms used correspond to the definitions set out in Art. 4 GDPR.
3. Name and Contact Details of the Controller
Verlag C.H.Beck GmbH & Co. KG, Wilhelmstr. 9, 80801 München
Mailing address: Postfach 40 03 40, 80703 München
Phone: +49 (89) 381 89–0
Email: kundenservice@beck.de
4. Contact Details of the Data Protection Officer
E-Mail: datenschutzbeauftragter@beck.de
5. Rights of Data Subjects
The data subject has the following rights:
Right of access to the personal data concerned (Art. 15 GDPR).
Right to rectification (Art. 16 GDPR).
Right to erasure (Art. 17 GDPR).
Right to restriction of processing (Art. 18 GDPR).
Right to object to processing if the data processing is based on Art. 6(1)(e) or (f) GDPR (Art. 21 GDPR); see also the reference in Section III regarding the right to object under Art. 21 GDPR.
Right to data portability (Art. 20 GDPR).
Right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal, if the data processing is based on Art. 6(1)(a) or Art. 9(2)(a) GDPR.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
The supervisory authority responsible for the provider is:
Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach, Deutschland
Phone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
Email: poststelle@lda.bayern.de
Questions for the provider may be directed by email to: datenschutzauskunft@beck.de
6. Protection of Personal Data
The provider implements technical and organizational measures pursuant to Art. 32 GDPR to protect the user’s personal data. All employees of the provider who are involved in the processing of personal data are obliged to maintain data secrecy. Personal data of the user are generally encrypted using HTTPS when transmitted to the websites.
7. Amendments to the Privacy Policy
From time to time it may be necessary to adapt or amend the content of this Privacy Policy. The provider therefore reserves the right to amend this Privacy Policy and will make the amended Privacy Policy available on the website and inform the data subjects in advance if the provider intends to further process personal data for a purpose other than that for which they were collected.
II. SPECIAL PART OF THE PRIVACY POLICY FOR WWW.LEGALXCHANGE.DE
8. Information transmitted by the browser
(1) When visiting the website of an online service for information purposes only (i.e. use without registration, login, or communication with the provider via the website), the user’s browser automatically sends information to the provider’s server, where it is temporarily stored in a so-called logfile. In this context, the provider collects and processes, in particular, the following information and personal data:
Date and time of access to the website
Time zone difference to Greenwich Mean Time (GMT)
Browser type and browser settings
Language and version of browser software
Operating system used
Content of the request (specific page)
The page previously visited by the user
Amount of data transferred
Access status / HTTP status code
IP address.
(2) This information and personal data are necessary for the correct delivery and optimization of the website’s content, optimization of advertising for the website, ensuring network and information security, and protecting the website from attacks, disruptions, and damage.
(3) The personal data and information collected in this way are statistically evaluated by the provider for the purpose of improving data protection and data security, in order to ensure an adequate level of protection for the personal data processed by the provider. The personal data collected when the website is accessed, in particular the user’s IP address, are deleted no later than thirty days after collection, unless an attack or threat by the user has been detected.
(4) Insofar as the provider collects and processes personal data of the user, such as the IP address, when accessing and visiting the website, the legal basis is Art. 6(1)(f) GDPR, as this processing is necessary to safeguard the legitimate interests of the provider. The provider pursues the legitimate interests of improving data protection and data security, ensuring an appropriate level of protection for the personal data processed, safeguarding network and information security, as well as optimizing the website and protecting it from attacks, disruptions, and damage.
9. Use of Cookies
((1) When using the website, cookies are used. The purpose of cookies is to personalize the website for the user and to facilitate its use. Cookies are small text files which the website transfers to the cookie file of the user’s internet browser on their device, where they are stored for later retrieval so that the user can be recognized upon revisiting the website. A cookie typically contains the domain name from which the cookie originates, the “lifetime” of the cookie, and a unique identifier.
(2) The following types of cookies are used on the website:
Session Cookies: These are temporary cookies that remain in the browser’s cookie file until the user leaves the website. Session Cookies are necessary to enable the user to use the website and, if applicable, to register, log in, or place orders. Session Cookies are deleted at the end of the browser session.
Persistent Cookies: These remain in the browser’s cookie file for a longer period. The duration depends on the lifetime of the specific cookie, which may be unlimited or until deletion. Persistent cookies from the provider enable the website to remember user choices (e.g. registration data, selected language, or user’s region).
Web Beacons: These are electronic markers (also called “clear GIFs” or “web bugs”) that allow the provider to count the number of users who have visited the website.
(3) The website provides you with a consent management system (“cookie banner”) allowing you to decide whether cookies are placed in accordance with your preferences. You may change this decision at any time and subsequently grant or withdraw your consent. You can access the settings here and adjust your cookie preferences.
(4) If the user does not wish to accept cookies or web beacons, they may reject them and prevent access to previously stored information by configuring their internet browser accordingly. Browser settings differ depending on the browser but can generally be found under “Privacy” or “Cookies” in the “Internet Options” or “Settings” menu. If the user needs assistance in disabling or deleting cookies, they may consult the browser’s “Help” menu. Information and instructions on managing and deleting cookies for common browsers can also be found at www.meine-cookies.org. However, please note that blocking or deleting cookies and/or web beacons may mean that not all interactive features and functions of the website can be used.
(5) Insofar as the provider uses cookies when the website is accessed and thereby collects and processes personal data of the user, the legal basis is Art. 6(1)(f) GDPR, as such processing is necessary to safeguard the provider’s legitimate interests. The provider pursues the legitimate interests of personalizing the website for the user and facilitating its use.
10. Web Analytics Services
10.1 Matomo
(1) The online service uses the web analytics service Matomo. Matomo is software provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. Further information is available at www.matomo.org.
(2) This software is used to collect and store data for the statistical analysis of website usage. Cookies are used for this purpose (see Section 9). Data collection and storage serve the purpose of analyzing user behavior. This allows evaluation of website use and the design of the website in line with user needs. Pseudonymized usage profiles may be created from these data. The IP addresses collected are automatically anonymized by masking parts of the IP address (so-called IP masking). The IP address and other information from the pseudonymized user profile are not used to identify the user and are not combined with other personal data of the user.
(3) Users decide, via consent management (“cookie banner”), whether they agree to the use of Matomo. The user may check their consent status at any time through the cookie settings (see Section 9.3).
(4) The legal basis for the use of Matomo is, in the case of consent, Art. 6(1) GDPR; otherwise Art. 6(1)(f) GDPR, since the use of Matomo is necessary to safeguard the legitimate interests of the provider. These interests consist of analyzing website usage to improve the provider’s online presence and offerings and to make them more attractive to users.
11. Profiling
(1) The provider processes the user’s data partly in an automated manner with the aim of evaluating certain personal aspects (profiling). Profiling is used for the purposes of demand-oriented communication and advertising, including market and opinion research, as well as the demand-oriented design of the website, unless the user has objected.
(2) The legal basis for profiling is Art. 6(1)(f) GDPR. Profiling is necessary to safeguard the legitimate interests of the provider. These interests consist of enabling advertising and market and opinion research as well as tailoring the website to user needs.
(3) With regard to the user’s right to object, please refer to Section III.
12. Usercentrics Consent Management Platform
The Usercentrics Consent Management Platform (Usercentrics CMP) collects consent data using JavaScript. This software makes it possible to collect and store users’ detailed consent or rejection regarding data protection via a pop-up, before user data are collected via website scripts (tracking).
Recipient of user consent data within the meaning of Art. 13(1)(e) GDPR is Usercentrics GmbH. In the course of commissioned data processing, the provider transmits personal data (consent data) to Usercentrics GmbH, Sendlingerstr. 7, 80331 München, as processor.
Consent data include: date and time of the visit or consent/withdrawal, device information.
The data are processed to comply with legal obligations (proof requirement under Art. 7(1) GDPR) and to document consents. The legal basis is Art. 6(1)(c) GDPR. Local Storage is also used for data storage. Consent data are stored for 3 years. Data are stored in the European Union.
Further information on the collected data and contact options is available at: https://usercentrics.com/privacy-policy/
13. Recipients of Personal Data
(1) Personal data (possibly including CV, cover letter, photo) are processed on the provider’s systems, with the exception of the categories mentioned in (3), in order to prevent external manipulation or interference from neighboring third-party hosting applications. These data are used only by the provider, with access restricted to an authorized group of employees and limited to the data necessary for the respective task.
(2) Disclosure of personal data (possibly including CV, cover letter, photo) to third parties takes place exclusively (a) in the course of contract execution, or (b) to fulfill legal obligations requiring the provider to disclose or transmit data, or (c) on the basis of the provider’s or third party’s legitimate interests, or (d) if the user has given consent.
(3) Personal data (possibly including CV, cover letter, photo) may be disclosed to the following recipients or categories of recipients:
– To newsletter administrators for determining the usage intensity of editorial newsletters sent by this online service.
– To BTJ exhibitors or persons within the company who need these data for reviewing application documents.
14. Duration of Storage and Deletion of Personal Data
(1) The provider processes and stores the user’s personal data for the duration of the business relationship between the user and the provider. This also includes the initiation of a contract (pre-contractual relationship) and the execution of a contract.
(2) In addition, the provider processes and stores personal data insofar as this is required by statutory retention and documentation obligations. Such obligations arise in particular from the Handelsgesetzbuch (HGB) and the Abgabenordnung (AO).
(3) If the data are no longer required for the fulfillment of contractual or legal obligations and rights, they are regularly deleted unless their further processing is required to fulfill purposes justified by overriding legitimate interests of the provider within the meaning of Art. 6(1)(f) GDPR.
15. No Automated Decision-Making
The provider does not carry out automated decision-making within the meaning of Art. 22(1) GDPR that produces legal effects concerning the user or similarly significantly affects them.
16. Availability of the Privacy Policy
This Privacy Policy can be accessed and printed in the footer of the online service under “Datenschutz”.
III. RIGHT TO OBJECT UNDER ART. 21 GDPR
a) Right to object on grounds relating to the particular situation
You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is based on Art. 6(1)(e) (public security) or (f) (processing based on a balancing of interests) GDPR; this also applies to profiling based on these provisions.
The provider will no longer process the personal data unless compelling legitimate grounds for the processing can be demonstrated which override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
b) Right to object to direct marketing
If the provider processes your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling insofar as it is related to such direct marketing.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
c) Recipient of the objection
Please send your objection to the following email address:
info@legalxchange.de
It will then be forwarded to the Data Protection Officer.
Status: 07.01.2025
Verlag C.H.Beck GmbH & Co. KG
Wilhelmstraße 9, 80801 München
Registered with the Local Court of Munich under HRA 48045