We welcome you to our web portal. We would like to inform you about the handling of your personal data in accordance with Art. 13 General Data Protection Regulation (GDPR).
The controller responsible for the data collection and processing outlined below is:
Phone: +49 (0)40 85398-0
Storage of IP Addresses
We store the IP address transmitted by your web browser strictly for the purpose of finding bugs on our website, identifying, restricting and eliminating attacks to our website as well as identifying fraud attempts to our website. The legal basis for processing this personal data is provided for in Art. 6 para. 1 s. 1 lit. f GDPR. After having safeguarded the operations the IP address is deleted within a reasonable timeframe.
When you visit our website, the data collected from the use of the website is temporarily stored on our web server for statistical purposes in order to improve the quality of our website. This data set contains:
- the page, from which the data is requested
- the name of the data file,
- the date and time of the query,
- the transmitted data volume,
- the access status (file transmitted, file not found),
- a description of the type of browser used,
- the IP address of the requesting computer.
- Creation of a new customer account
We set-up your master data from the existing customer relationship automatically once you have chosen registration at the web portal. This data set includes delivery and invoice addresses (including e.g. surname, name, street, house number, city, postcode) as well as your e-mail address. We do collect this data according to art. 6 para. 1 lit. b GDPR for performance of the contract.
- Processing of orders within the feature „search and order“
We collect and use the personal data you have submitted during the order process (especially invoice and delivery address, information about the goods ordered e.g. ISBN and title as well as services) in accordance with Art. 6 para. 1 lit. b GDPR only for processing of your orders. For notifications regarding your order status we use your e-mail address.
According to Art. 6 para. 1 lit. a GDPR you hereby give your consent that we store your IP address with time and date of the order with every order and can merge this information with your personal data. Storing this data only serves to give possible clues for determining the author/initiator in case of fraud and to resolve fraud cases.
You can revoke this consent at any time for the future by submitting a statement to the above mentioned mail address or e-mail address in textual form. In this case your customer account will be deleted entirely as we can only offer customer accounts with consent to store the IP addresses.
- Involvement of third party services
We do use and involve third party services and contents (e.g. videos or fonts) within our online offerings on the basis of our legitimate interest to provide an economic operation of our online offerings in accordance with Art. 6 para. 1 lit. f. GDPR.
To avoid unauthorized access to your data, we have implemented technical and organizational measures. We use encryption technologies on our website. Your data will be transferred to our servers and back again via a connection that is protected by a SSL encryption technology. You can recognize that you are browsing on an encryption secured website by the lock-symbol shown in the address bar of your browser and by the web address line starting with https://.
Our tips – this is what you can do to improve date security!
- Do never pass on your password.
- Do change your password on a regular basis and ideally use a combination of letters, special characters and numbers.
- Please ensure that for web-browsing you are using a safe and SSL-compatible browser.
- In case you share your computer with other people (e.g. at work) we recommend that you log-out of our website after finishing your session so that no unauthorised person can use the web portal in your name. You can generally log-out by clicking the „Logout“-Button which can be found top right at the menu bar. This does not apply for terminals with small display sizes (e.g. tablets and smartphones) where the log-out button is displayed after clicking on the menu icon. You log-out by clicking on “Logout”.
Data Transfer to Third Parties
We transfer your data within the scope of contractual data processing agreements with third parties according to Art. 28 GDPR to service providers operating our website (e.g. hosting-service providers, maintenance, coding service providers) and the associated processes. Furthermore, we transfer your data within the scope of contractual data processing agreements with third parties according to Art. 28 GDPR to service providers supporting us in the shipping process e.g. logistics companies and to service providers safeguarding the supply and provision of MP3 audiobooks and eBooks. Our service providers are bound by strict instructions and contractual obligations.
We use session cookies and permanent cookies on our website. The data is processed in accordance with Art. 6 para. 1 s. 1 lit. f GDPR and in the interest of optimizing respectively creating a safer and more effective user guidance, adjusting our website design and maintaining our SSL encrypted connection.
You can contact us via our web contact form. In order to use our contact form we require your name and your email-address as well as your phone number (optional). We use your data only for the purposes you have authorised us within the contact form (inquiries, order processing, complaints, if applicable). You may provide us with further information, but you are not obliged to do so.
The legal basis for processing is Art. 6 para. 1 s. 1 lit. b GDPR. We use your data exclusively for the processing of your request and delete them after the request has been completed entirely insofar as this is no prevented by conflicting legal retention periods (e.g. Value Added Tax Act). The data is not transmitted to third parties.
Your Rights as a User
As a user of our websites, the GDPR grants you certain rights when your personal data is being processed.
- Right of access (Art. 15 GDPR):
You have the right to obtain confirmation to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.
- Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
You also have the right to obtain an erasure of the personal data concerning you without undue delay, if one of the reasons listed in Art. 17 GDPR apply, e.g. if the data is no longer necessary for the intended purpose.
- Right to restrict processing (Art. 18 GDPR):
If one of the conditions set forth in Art. 18 GDPR applies, you have the right to restrict the processing of your data to mere storage, e.g. if you revoke consent, to the processing, for the duration of a possible examination.
- Right to data portability (Art. 20 GDPR):
In certain situations, listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or demand a transmission of the data to another third party.
- Right to object (Art. 21 GDPR):
If the data is processed pursuant to Art. 6 para. 1 lit. f GDPR (data processing for the purposes of legitimate interests), you have the right to object to the processing at any time for reasons arising out of your particular situation. We will then no longer process personal data, unless there are demonstrably compelling legitimate reasons for processing, which override the interests, rights and freedom of the person concerned, or the processing serves the purpose of asserting, exercising or defending legal claims.
- Right to raise a complaint with a surveillance authority:
Pursuant to Art. 77 GDPR, you have the right to raise a complaint with a surveillance authority if you consider the processing of the data concerning you infringes data protection regulations. The right to raise a complaint may be invoked in particular in the EU Member State of your habitual residence, place of work or the place of the alleged infringement.
Contact Details of Libri’s Data Protection Officer
Please contact our data protection officer if you have any further questions, suggestions or wishes regarding data protection:
Dr. Uwe Schlaeger
datenschutz nord GmbH
28217 Bremen, Germany
E-Mail address: firstname.lastname@example.org
Phone: 0049 421 69 66 32 0