We will only use the personal data gathered over this website as set out in this policy. Below you will find information on how we use your personal data, for which purposes your personal data is used, with whom it is shared and what control and information rights you may have.
I. Summary of our processing activities
The following summary provides you with a quick overview of the processing activities that are undertaken on our website. You will find more detailed information under the indicated sections below.
When you visit our website for informational reasons without setting up an account, only limited personal data will be processed to provide you with the website itself (see section III).
- In case you register for one of our services (e.g. discussion forum, blog or web shop) or subscribe to our newsletter, further personal data will be processed in the scope of such services (see sections IV, V and VI).
- Your personal data may be disclosed to third parties (see section IX.2), that might be located outside your country of residence; potentially, different data protection standards may apply (see section IX.3).
- We have implemented appropriate safeguards to secure your personal data (see section X) and retain your personal data only as long as necessary (see section XI).
- Under the legislation applicable to you, you may be entitled to exercise certain rights with regard to the processing of your personal data (see section XII).
- Personal data: means any information relating to a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier.
- Processing: means any operation which is performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation or any kind of disclosure or other use.
III. Informational use of the website
When you visit our website for informational reasons, i.e. without registering for any of our provided services listed under section IV and without providing us with personal data in any other form, we may automatically collect additional information about you which will contain personal data only in limited cases and which is automatically recognised by our server, such as:
- your device type, name and screen resolution;
- information on your browser version;
- information on your operating system, including language settings;
- the date and time of your requests;
- the content of your requests;
We use such information only to assist us in providing an effective service (e.g. to adapt our website to the needs of your device or to allow you to log in to our website).
The personal data automatically collected is necessary for us to provide the website, Article 6 sec. 1 sent. 1 lit. b GDPR, and for our legitimate interest to guarantee the website’s stability and security, Article 6 sec. 1 sent. 1 lit. f GDPR.
Personal data that is collected automatically is retained for 1 month and properly erased afterwards.
In the event of an error or technical problem occurring on the website, certain data is stored in so-called log files. A log file consists of the date and time of the occurrence of the error. In this context, we would like to point out as a precaution that our log files do not contain IP addresses. Our log files are therefore completely anonymous.
IV. Registration for our services
With springermedicine.com we provide a specialist portal aimed at European health care professionals, e.g. physicians, dentists, veterinarians, pharmacists and other persons who legally trade in prescription-only medicines. In order to use the aforementioned services you have to set up an account (“registration“).
When logging in on springermedicine.com through the authentication service with your login data after registration we send the data you enter into the login form (usually your email address and a password) to the server of the authentication service together with a service URL. Based on these data the service validates your access requests. If access is granted the authentication service transfers the unique user ID generated for your user account. With these data we can provide you with the personalised settings you may already have selected on springermedicine.com. In addition we can request relevant data required for providing services from the authentication service via a web service e.g. to enable access to your subscriptions or other services you have booked.
For registration we process at least:
- Information (such as your name and email address) that is provided by registration;
- Information in connection with an account sign-in facility (e.g. log-in and password details);
- Your area of expertise and speciality.
Whenever you complete transactions using our website, further mandatory information may be required, e.g. a birth date, area of interest or address to participate in online training (eLearning), of which you will of course be separately informed.
Data required for providing a service are marked as mandatory, provision of additional information is optional.
We will process the personal data you provide to:
- Identify you at sign-in
- Provide you with the services and information offered through the website or which you request
- Administer your account
- Communicate with you
For this, the legal basis is Article 6 sec. 1 sent. 1 lit. b GDPR.
We may use the personal data and contact data you provide by registration for direct marketing of our own goods or services which are similar to the goods and services purchased from us, provided that you have not objected to the use of the e-mail address for this purpose. The use of your personal data for directly advertising related products and services is a legitimate interest for us as a provider of this website, Article 6 sec. 1 sent. 1 lit. f GDPR.
You can object to the use of your personal data for direct marketing at any time. We will then refrain from any processing to the extent it is related to such purposes. You can inform us about your objection by contacting us at: email@example.com.
Your personal data is, in the absence of exceptions within the specific services mentioned below (e.g. when obtaining certificates in medical training), retained for as long as your user account is used. After deletion of your account, your personal data will be erased with the next regular data cleansing usually within 1 month. Statutory storage obligations or the need for legal actions that may arise from misconduct within the services or payment problems can lead to a longer retention of your personal data. In this case, we will inform you accordingly.
V. Information about the specific uses that require registration/identification
For the use of the following services you have to set up an account as described in section IV. Your customer account retains your personal data for future purchases and other activity.
1. Remember Me
If you activated the “remember me” functionality when logging in through the authentication service, we place a cookie on your device that provides us with your login data (see section IV) and enables us to automatically log you in on your next visit.
In addition, we place temporary cookies to identify the sites (URL) you have visited on springermedicine.com. We do not collect any personal data or IP addresses of our users in these cookies. They are used exclusively to ensure the correct display of the site based on your preferences and are deleted as soon as you log out or close the browser window.
2. Subscription or test subscription
As a registered user, you are able to enter into a subscription for access to certain areas (e.g. training, databases) and/or periodicals and/or purchase individual issues of periodicals or individual articles. In addition, in some circumstances you may be granted access to content free of charge for a limited period. Orders are placed directly online. Our order form requests the following data in order to allow us to process the form and carry out order (including in the case of the free trial access):
Your forename(s) and surname, gender, title,
- Your postal address as well as a separate delivery address if your selected subscription includes printed materials,
- Your area of specialisation and focus of your role.
- If ordering as for a business, the company name, type, sector and EU VAT number.
If you are a customer with a print subscription and access online content provided through your print subscription, we also collect and process the following data:
- Postal address
- Licence code of your business subscription or
- Customer number of your print subscription.
3. Registration from IP-Range
If you register as part of an enterprise cooperation agreement, during the registration process we use all but the final part of the IP address of the device used to register to verify whether your device’s IP address is in the range specified by your company/organisation and we place a cookie on your device for the duration of the agreement. To do this we collect the IP address of the device from which you access springermedicine.com when you log in, and check whether this is within an IP range that is permitted to access the content. We do not store the full IP address; we remove the final part. This is a necessary step to provide you with access to the specific offering and information under your cooperation agreement.
For the use of our web shop you have to set up an account as described in section IV. Your customer account retains your personal data for future purchases. You can delete the personal data as well as the account in your account’s settings. This processing is based on Article 6 sec. 1 sent. 1 lit. b. In order to carry out purchases from our shop, your personal data is transferred to our web shop operator (Springer Nature Customer Service Center GmbH); see section IX on the Transfer of personal data to third parties. The lawful basis for this processing is our legitimate interest in operating a central purchasing process for the Springer Nature Publishing Group pursuant to Article 6 sec. 1 sent.1 lit. f GDPR.
By statutory law we are required to retain the provided financial data in relation to transactions (including address, payment and order information) for ten years. However, after 2 years we will restrict the processing of your personal data to comply with the statutory requirements and will not process the personal data any further. Regarding this, the retention of your personal data is based on Article 6 sec. 1 sent. 1 lit. c GDPR.
5. Live webinars
The offer includes live web seminars for which users have to actively register. Most of the webinars offered are for physicians.
5.1 Registration for live webinars
You must register separately in advance for a live webinar. This is possible after you have registered at Springermedicine.com or logged in with your Springermedicine.com login. When you open your account, we check whether you have the access authorisation to register for a webinar. To this end, information is compared with your personal user account.
When registering directly for a webinar, you will be redirected to a page of the provider LogMeIn Inc. There you will have to enter your email address to register.
5.2 Live participation
As soon as you call up a live webinar, we automatically record your navigation in the course with the help of the service Google Analytics (see section VIII.7) and GoToWebinar of LogMeIn Inc. for the purpose of technical (user-friendliness) and content-related (course structure, TOC) improvement. A personalised analysis of user behaviour is expressly not carried out. Information such as the time of exit when closing the course, re-entry page when re-opening the course, participation in interactive surveys and chat questions, the length of stay, are recorded.
A live webinar is recorded and then made available to users on demand behind the Springermedicine.com login.
5.3 Live webinars with continuing medical education (CME) certification
CME-certified live webinars cover all your password-protected activities on springermedicine.com in connection with certified continuing education courses and the administration of your completed continuing education courses or participation results. Most of the courses offered are certified for physician, so-called CME continuing education courses, which are (can be) completed with an evaluation questionnaire and an evaluation questionnaire.
a) Opening the continuing education courses
Upon opening, we check whether you have the access authorisation to open the selected CME continuing education course; for this purpose, information is compared with your personal user account.
b) Participation and completion of CME continuing education courses
After sufficient participation in a CME Live Webinar and the completion of evaluation questions, the participant receives a certificate of participation via email about the successfully completed CME Live Webinar and the number of points reached. This certificate can be submitted to the competent medical association or authority for recognition of the CME points. The certificate shows the day of participation, the full name of the participant, the postal address, the title of the completed training and the result of the participation (CME points).
c) Evaluation of your participation
Within the framework of a standardised evaluation questionnaire, the participant is asked - following the final test - questions on the nature and use of the CME course. The user can also freely comment on his or her experience with the course. This evaluation is obligatory for obtaining a CME certificate.
- The data thus obtained are stored in the system of the live webinar (GoToWebinar). The data will be forwarded anonymously to the European Accreditation Council for Continuing Medical Education (EACCME).
- This evaluation is carried out anonymously as part of a scientific review of this type of continuing medical education in accordance with the specifications of the certifying institution.
- There is no linking of personal information with user characteristics, but demographic information (such as date of birth, type of employer ("clinic/established"), speciality, gender) is processed.
d) Storage of the collected data for certified webinars
If you acquire certificates of participation within the scope of the certified webinar offer that are approved as proof of continuing medical education (e.g. online continuing education with CME points), the data required for the proof will be stored for at least the respective registration period (5 years for physician) plus a security period of 6 months. Log files documenting your activities (e.g. time of course start and course completion) are stored for a period of 12 months to clarify any queries.
5.4 Storage of the collected data
The collected data will be stored until the webinar series has ended and the data has been evaluated.
After Login you can sign-up to different editorial newsletters our newsletter that provides you with the latest news about our products and services. If you consent to receiving such newsletters they will be sent to the email address that you provided on registration. The legal basis for this processing is Article 6 sec. 1 sent. 1 lit. a GDPR. Your email address will be retained as long as you keep your account active.
The newsletters contain two categories of cookies that cannot be managed by the cookie settings of the website independently from the newsletter. We use one cookie to ensure proper display of the newsletter and to collect statistical usage information (e.g. whether the newsletter was opened and which content was clicked). Our marketing partners may use similar cookies to identify if and out of which newsletter an advertisement was accessed. These cookies do not collect any personally identifiable information.
You can unsubscribe from this service by opting out via the link provided in each newsletter, by editing your newsletter settings in the My Newsletters section of “My Profile“ or by sending an email with your unsubscribe request to firstname.lastname@example.org.
VII. Automated decision making
We use your personal data to perform automated decision making. These decisions are used to identify your access rights to content areas limited to specific user groups and are based on matching the data provided in your user profile with the access criteria for specific medical training or society content of a cooperating society.
If your access is not activated automatically in spite of existing access rights, please send an email to email@example.com.
VIII. Cookies and comparable technologies
a) Strictly necessary cookies
b) Other cookies / third party cookies
We may also use other categories of cookies that are not strictly necessary. These categories may include, for example, analytics cookies or marketing cookies. We will only use these cookies if you have provided your explicit consent via our cookies banner/preference center. The legal basis for the use of the cookies and the respective data processing is Article 6 sec. 1 sent. 1 lit. a GDPR. You may find more information on the cookies, e.g. information on the provider, purpose of the cookie, lifespan of the cookies and the data categories processed as well as the retention period, in our cookie banner/preference center.
1. OneTrust consent management
Our website uses the cookie consent technology provided by OneTrust, having two representations in the US and in England: Atlanta, GA, USA (Co-Headquarters), 1200 Abernathy Rd NE, Building 600, Atlanta, GA 30328 United States, +1 (844) 847-7154 and London, England (Co-Headquarters), Dixon House, 1 Lloyd’s Avenue, London, EC3N 3DQ, +44 (800) 011-9778 ("Onetrust") to collect and document your consent to store cookies within your browser.
As soon as you access our website Onetrust stores a cookie in your browser to manage your consent or withdrawal choices:
The legal basis for the use of OneTrust cookie consent technology to collect the consent to cookie usage required by law is Article 6 sec. 1 sent. 1 lit. c GDPR.
We have concluded a data transfer agreement with Onetrust to ensure that data of our website visitors is only processed on our behalf and according to our instructions for compliance with the GDPR.
On our website we offer a service for ad- and tracking-free access.
This service is called contentpass and is offered by Content Pass GmbH, Wolfswerder 58, 14532 Kleinmachnow, Germany. When you sign up for the Service, contentpass becomes your contractual partner. For more information about this service and the contentpass Terms & Conditions, please visit https://my.contentpass.net/terms.
The basis for the data processing of the IP address, within the scope of our commissioned processing with contentpass, is our legitimate interest in offering you the possibility to access our website free of advertising and tracking and your legitimate interest in using our website practically without advertising and tracking Art. 6 sec. 1 sent. 1 lit. f GDPR.
You can log in to your contentpass account here (https://my.contentpass.net/), and register for contentpass here (https://my.contentpass.net/).
a) Access to your consent settings
You can withdraw your consent to advertising tracking for free access to our online offers at any time, for example by pressing the "Reject all" button, which can be accessed via the "Manage cookies" link (in the footer). An unrestricted and further use of our online offer, without the use of advertising tracking, is only possible within the framework of the paid "contentpass subscription".
If you withdraw your consent, you will be shown the selection page again the next time you visit our website or app. You can only continue to use our offers without advertising tracking if you choose the contentpass offer, which is subject to a fee. A withdrawal of your consent has no influence on the admissibility of the data processing that took place up to the time of withdrawal.
3. Facebook Custom Audience
For this Website and our apps, we use the service "Website Custom Audiences" of the social network Facebook provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, hereinafter referred to as “Facebook”. You can find more information about Website Custom Audiences using this link: https://www.facebook.com/business/help/449542958510885/. The options regarding your marketing preferences with Facebook are provided here: https://www.facebook.com/help/568137493302217.
If you do not wish your data to be collected via Website Custom Audiences, you can deactivate Custom Audience using this link: https://www.facebook.com/ads/website_custom_audiences/.
4. Bing Ads
We use Bing Ads to advertise on our site and third party websites to previous visitors of our site. Bing Ads (bingads.microsoft.com) is provided by Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Phone: (+1) 425-882-8080 (“Microsoft”).
The advertisements are displayed on the basis of information that is stored in cookies which Microsoft places on your computer, if you have been directed to our website from a Microsoft Bing Ad. This way we and Microsoft can identify that a user has clicked on the Ad and has been directed to a pre-defined target site ("Conversion page"). We only receive the information how many users have been directed to the Conversion page.
The text files include information, on your visit of our website, in particular product views that is read-out in the course of subsequent visits of this or third party websites for specific product recommendations. The cookie includes a random alias. In case you visit our website within a certain period of time and view our products, Microsoft is able to recognize you by means of the alias. However, the information cannot be attributed to you personally. We or Microsoft will not merge this information with your personal data and will not disclose any of your personal data to any third party.
You can prevent being tracked by choosing the appropriate preference in the privacy options of your browser or disable cookies. To withdraw your consent to the processing of your data by Microsoft you may also use the link https://account.microsoft.com/privacy/ad-settings/signedout?lang=en-GB. For more information about Bing Ads security see https://secure.bingads.microsoft.com/. For more information about Microsoft privacy policies see https://privacy.microsoft.com/en-us/privacystatement or contact the data controller office Microsoft Ireland Operations, Ltd., Attn: Data Protection, Carmenhall Road, Sandyford, Dublin 18, Ireland.
5. General tracking information
For statistical analyses we use web analytics services to collect information about the use of this site. The tools collect information such as
- Device and browser information (operating system information, Mobile device identifier, mobile operating system, etc.)
- IP address
- Page accessed, URL click stream (the chronological order of our internet sites you visited)
- Geographic location
- Time of visit
- Referring site, application, or service
We use the information we get from the providers to determine the most useful information you are looking for, and to improve and optimise this website.
We will track your behaviour online for the purposes described above; this data will not be shared outside of Springer Nature. You can stop this tracking by clicking on the Manage Cookies/Do Not Sell My Data” link in the footer of the page. The legal basis for this processing is consent, Art. 6 sec. 1 sent. 1 lit.a GDPR, to analyse our website’s traffic, improve the user’s experience and optimise the website in general.
We do not share information on your web behaviour with any 3rd party providers without your explicit consent. Consent is provided by clicking the appropriate button on the web banner that appears on your first visit to the website, see section Consent Management VIII.1. To manage your consent settings, you can click on the “Manage cookies/Do not sell my data” link in the footer of the page. The legal basis for this processing is Art. 6 sec. 1 sent. 1 lit. a GDPR and represents you consent to accepting 3rd party targeting cookies.
Depending on the provider the information generated about your use of the website may be transferred to and processed in third countries, e.g. the United States. For further information about the potential risks of a cross border data transfer please refer to section VIII.3. The tools collect only the IP address assigned to you on the date you visit this site, rather than your name or any other identifying information. The provider will use this information in order to evaluate your use of the website, to compile reports on website activities and to provide other services relating to website and internet use to us.
6. Google Ads
On our website and in our apps we use Google Conversion Tracking, an analytics service provided by Google Ireland Ltd. (Gordon House, Barrow Street, Dublin 4, Ireland; “Google“).
The advertisements are displayed on the basis of information that is stored in cookies ("conversion cookie") which Google places on your computer if you accessed our website from a Google Ad. The cookie includes a random alias and is valid for 30 days. In case you visit our website within that period of time and view our products, Google is able to recognize you by means of the alias. The text files include information, on your visit of our website, in particular product views that is read-out in the course of subsequent visits of this or third party websites for specific product recommendations. However, the information cannot be attributed to you personally. We or Google will not merge this information with your personal data and will not disclose any of your personal data to any third party. We receive conversion statistics with accumulated figures about clickrates on our advertisements.
You can prevent the storing and using of information in a cookie placed by Google by
- managing your consent settings via the Manage cookies/Do not sell my data” link in the footer of the page
- clicking on the following link http://www.google.com/ads/preferences and configuring your preferences there
- choosing the appropriate preference in the privacy options of your browser or disable cookies or delete the cookie
- deactivating cookies from third parties by opening the website of the network advertising initiative http://www.networkadvertising.org/choices/.
For more information about Google privacy policies see https://safety.google/ and https://policies.google.com/privacy
7. Google Analytics / Google Tag Manager / Big Query
We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The cookie set by Google Analytics on your device causes your web browser to transmit corresponding information to Google each time our website is called up. For example, Google Analytics collects data about the website from which a data subject has accessed a website (so-called referrer URL), which subpages of the website have been accessed or how often and for how long a subpage has been viewed. On our behalf Google will use the information generated by the cookie for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet activity in connection with the use of the website and according to your consent preferences.
The processing affects the following data categories:
- IP addresses
- Online identifiers (including cookie identifiers)
- Device identifiers
- Technical characteristics of users (e.g., browser type and version, device type, operating system)
- Measurement of user behaviour (e.g., views of individual pages / content, views of content from different areas, session duration / dwell time, bounce rate
- Use of individual website functionalities (e.g. timetable information, search queries, downloads)
- Referrer URL
We use the addition "_gat._anonymizeIp" for web analysis via Google Analytics. By means of this add-on, your IP address is shortened and anonymized by Google before transmission to the USA if our website is accessed from a member state of the European Union or the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The legal basis for the data transfer is Art. 28 GDPR in conjunction with the data processing agreement. The transfer of your personal data is subject to your consent according to Article 6 sec. 1 sent. 1 lit. a GDPR. You can consent to the processing of your data by Google Analytics using our Consent Manager, prevent the collection of your data or revoke consent once given. For revocation, call up the cookie settings again at the bottom of our website.
The information processed by Google about your use of this website may be transmitted to a Google server outside the EEA and processed there. The cross-border transfer is safeguarded by the Standard Contractual Clauses 2021.
Your personal data will be anonymized by Google 14 months after your last activity, unless there is a legal obligation to retain it.
In particular, the following information will be stored:
- the total number and percentage of users who opened a website variation
- the number of clicks on links
- your browser type and version
- campaign IDs through which the website was reached.
You can disable Optimizely tracking (and thus prevent the data generated by cookies and pixel, and relating to your use of the website, from being collected to and processed by Optimizely) at any time by either changing your cookie consent settings or following the instructions at http://www.optimizely.com/opt_out.
For more information about privacy policies and Optimizely, please refer to the Optimizely website: https://www.optimizely.com/privacy/
Our website and apps use Hotjar, a web analytics service provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3 Elia Zammit Street, St Julians STJ 1000, Malta. The information generated by Hotjar's cookies about your use of the website and apps is usually transmitted to and stored on a Hotjar server. Hotjar will use this information to evaluate your use of the website and apps and to compile reports on website/app activities.
- In particular, the following are stored:
- IP address in anonymised form;
- Web pages viewed and movement patterns on these pages;
- Number and position of clicks on links;
- Browser type and version;
- Screen size of the end device used.
Personal data or movements on profile pages that contain personal data are not stored. In particular, according to Hotjar, IP addresses are only stored in anonymised form. You can find more information about data protection and Hotjar in Hotjar's data protection declaration: https://www.hotjar.com/privacy.
If you do not want information about your behaviour to be used by Hotjar as explained above, you can adjust your cookie preferences or generally deactivate the automatic setting of cookies required for this in your browser settings.
In addition, Hotjar offers the possibility to object to the data processing by the cookie for the future by observing the "Do Not Track" function of browsers. You can find out how to activate this here: https://www.hotjar.com/opt-out.
IX. Third party content
1. Third parties
(a) VideoManager Pro
We use the “VideoManager Pro” service operated by MovingIMAGE24 GmbH, Stralauer Allee 7, 10245 Berlin (“Movingimage”) in order to ensure that video content can be viewed correctly on our website and played back by you. The lawful basis of this processing is Article 6 sec. 1 sent. 1 lit. f) GDPR. This provides us with the legitimate interest to improve your user experience and to optimise our services.
From time to time we issue user surveys on our website and in our apps regarding different topics. The participation in such surveys is completely voluntary. To provide the survey and analyse your feedback we usually use a feedback function operated by SurveyMonkey der SurveyMonkey Europe UC 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland. The information collected via this service is processed according to our instructions on SurveyMonkey servers located in the USA. You can find more information regarding the usage and security of your data here: https://www.surveymonkey.com/mp/legal/privacy/
In single cases we may also use GoogleForms provided by Google LLC, Limited Gordon House, Barrow Street Dublin 4, Ireland (“Google”). With the survey, data required for the service is sent to Google. The deviating data protection regulations of Google Inc. apply here. You can find further information under https://policies.google.com/privacy
We use the podcast hosting service Podigee from the provider Podigee GmbH, Ritterstr. 2A, 10969 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee. This processing is based on Art. 6 sec. 1 sent. 1 lit. f GDPR. We use it to pursue our legitimate interest in enhancing your user experience and optimising our services. Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to determine statistical data such as call-up figures. This data is anonymised or pseudonymised before being stored in Podigee's database unless it is necessary for the provision of the podcasts.
(e) Links to third party websites
2. Data sharing
Your personal data will be disclosed to the following third parties:
- Springer Nature Customer Service Center GmbH (SNCSC), Tiergartenstr. 15-17, 69121 Heidelberg, Germany. This is our reader and customer service.
Legal basis for the transfer of your personal data is Article 6 sec. 1 sent. 1 lit. b and f GDPR; it represents our legitimate interest of enhancing your user experience and optimising our services.
Some of the recipients mentioned above reside outside the EEA. For further information about cross border transfer in general and transfers outside of the EEA see section IX.4.
We may disclose anonymous aggregate statistics about users of the website in order to describe our services to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics will include no personal data.
We may disclose your personal data to service providers who assist us in providing the services we offer to you. Such a transfer will be based on data processing agreements in accordance with Article 28 GDPR. Therefore, our contractors will only use your personal data to the extent necessary to perform their functions and will be contractually bound to process your personal data only on our behalf and in compliance with our requests.
This particularly includes the following contractors:
- 2bMore B.V., Floridalaan 6, NL-3404 WV IJsselstein
- Optimizely Inc., 631 Howard Street, Suite 100 San Francisco, CA 94105
- Springer Nature Customer Service Center GmbH, Tiergartenstr. 15-17, 69121 Heidelberg, Germany (for Europe, Middle East, Africa, Asiea, Oceania) or Springer Nature Customer Service Center LLC, 233 Spring St, New York, NY, 10013 United States (for North America, Central America, South America) Provider of the online shop to manage purchasing processes.
In the event that we undergo re-organisation or are sold to a third party, any personal data we hold about you may be transferred to that re-organised entity or third party in compliance with applicable law. The legal basis is Article 6 sec. 1 sent. 1 lit. f GDPR. We have legitimate interests in performing respective business reorganisations.
We may disclose your personal data if legally entitled or required to do so (for example if required by law or by a court order). The legal basis is Article 6 sec. 1 sent. 1 lit. c GDPR as well as Article 6 sec. 1 sent. 1 lit. f GDPR. We have legitimate interests in complying with official requests.
3. Cross-border data transfers
Within the scope of our information sharing activities set out above (see section IX.1), your personal data may be transferred to other countries (including countries outside the European Economic Area (EEA)) which may have different data protection standards than your country of residence. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take the required measures to keep up an adequate level of data protection when sharing your personal data with recipients established in such countries.
In the case of a transfer to a country outside of the EEA, this transfer is safeguarded by international agreements, e.g. a Commission’s adequacy decision, EU Standard Contractual Clauses. You can obtain further information about the aforementioned safeguards by contacting our Group Data Protection Officer via firstname.lastname@example.org.
We have reasonable state of the art security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal data. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our website whilst it is in transit over the internet and any such submission is at your own risk.
XI. Data retention
We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
XII. Your rights
Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:
- require (i) information as to whether your personal data is retained and (ii) access to and/or duplicates of your personal data retained, including the purposes of the processing, the categories of personal data concerned, and the data recipients as well as potential retention periods;
- request rectification, removal or restriction of your personal data, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or (iii) the consent on which the processing was based has been withdrawn;
- refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
- object, on grounds relating to your particular situation, that your personal data shall be subject to a processing. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal data or present you our compelling legitimate grounds for an ongoing processing;
- take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators;
- require (i) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (ii) to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller; and/or
- not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or affect you with similar significance.
You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding our data processing by contacting us using the contact details set out below.
XIII. Contacting us
The information you provide when contacting us regarding data protection or customer service questions (email@example.com or written to Springer Medizin Verlag GmbH, z.Hd. Kundenservice Springer Medizin, Heidelberger Platz 3, 14197 Berlin), will be processed to handle your request and will be erased when your request is completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements.
XIV. Amendments to this policy
This policy was last updated on 30 September 2022.