The data protection instructions fulfill the information requirements according to the requirements of Item 12 ff. of the EU General Data Protection Regulation ("GDPR") and provide an overview of the processing of your personal data (on this website).
- 1. Who is responsible for the processing of my data?
- 2. Which data is collected?
- 3. Which cookies are used?
- 4. What data is collected for what purposes?
- 5. Who receives my data?
- 6. Will my data be processed outside the EU or EEA (third-country transfer)?
- 7. What privacy rights do I have?
- 8. To what extent is there an automated decision-making process?
- 9. Is profiling taking place?
- 10. California Residents
- 11. Final / Version information
1. Who is responsible for the processing of my data?
Arvato Supply Chain Solutions SE
An der Autobahn 22
Telephone: +49 (0) 5241-80-0
E-mail to: firstname.lastname@example.org
is responsible for the processing of this data (hereinafter referred to as "Company"). The Company has collected personal data in connection with the DSGVO and the Federal Data Protection Act (hereinafter referred to as "FDPA").
You can reach the data protection officer of the Company under the address above with the addition "To the data protection officer" or via email: email@example.com.Back to Top
2. Which data is collected?
When you visit the website, the computer used automatically collects information (hereinafter referred to as "access data"). This access data includes server log files, which usually consist of information about the browser type and version, the operating system, the Internet service provider, the date and time of use of the web page, previously visited web pages and other websites accessed for the first time via the website, as well as the IP address of the computer exist. With the exception of the IP address, the server log files are not personally identifiable. An IP address is personally identifiable when the IP address has been permanently assigned when using the internet connection and when the Internet provider can assign the IP address to an individual.
If you continue to use the services of the website, pseudonymous usage profiles and/or the data entered by you on the website (e.g. search words, login data, ratings, form or contract entries, click data) will be processed.
Some services of the website require that you provide personal information to the Company. In these cases, the data provided by you will be used to provide you with the service you require or to be able to process the respective request. The following personal data is processed on the website:
- User data such as e-mail address, telephone number, name and password
- Email content sent by Courseware Marketplace, such as the Password Reset link.
- Payment details such as a credit card number, credit limit and invoice number.
- Process author information such as name, phone number, and certification status.
- End user data such as student e-mail and name processed.
- Processing order data such as license status, PO number and order address.
- Organizational information such as organization number, main contact and preferred Lab Hoster.
3. Which cookies are used?
Basically, cookies are only an online identifier without personal reference. Cookies are personally identifiable, if the information generated by the cookies is combined with other information or data. A distinction can be made between the cookies that are required for the provision of the website and the cookies required for other purposes, such as user behavior analysis or advertising.
The cookies required for the provision of the website include, but are not limited to:
- Cookies used to identify or authenticate users;
- Cookies that temporarily store certain user entries (e.g. contents of a shopping cart or an online form);
- Cookies that store certain user preferences (e.g. search or language settings);
- Cookies that store data to ensure trouble-free playback of video or audio content.
- Analysis cookies, which are used to record the usage behavior (e.g. clicked advertising banners, visited subpages, search queries) of our users and to evaluate them in statistical form;
4. What data is collected for what purposes?
The purposes of the data processing may be the result of technical, contractual or legal requirements as well as consent.
We use the data mentioned in section 2 for the following purposes:
- Provision of the website and ensuring technical safety, in particular to remedy technical errors and to ensure that unauthorized persons do not gain access to the systems of the Website;
- Web analytics to make the website more efficient, interesting, and to conduct market research;
- To register and create a user account, e.g. for the purchase of goods or services;
- To operate Arvato Marketing activities, in particular banner advertising and targeted information such as personalized offers to our customers.
- To give Arvato a collection of information about customers' browsing and buying behavior, including insight into the success of special campaigns, tenders, etc.
- To carry out credit checks.
- To enable Arvato to fulfill its contractual obligations and, for to remit payment to a third party if a product has been purchased by a customer who has been redirected from the third party's website to the Arvato website.
For more information about these data processing purposes, see the following sections of this Privacy Notice.Back to Top
5. Who receives my data?
Within the Company, those entities gain access to your data that are required to fulfill the purposes described in section 4 above. Also, service providers employed by the Company may gain access to your data (so-called "processors", such as data centers, newsletters, sweepstakes, and customer service or debtor management). Order processing contracts ensure the adherence to instructions, data security and the confidential handling of your data by these service providers.
A data transfer to other recipients such as advertising partners, providers of social media services or credit institutions (so-called "third parties") will take place if required by law or if you have consented
Personal data will not be rented or sold to third parties.
The following third parties are included in the data transfer:
- Public sector bodies and institutions, such as law enforcement agencies, who gain access to your data for compliance with legal or regulatory obligations.
- Arvato reserves the right to transfer your personal information to the relevant publisher, such as Microsoft Inc. or Microsoft affiliates, e.g. to forward the respective training organization.
- Providers of Lab Hosting Websites
- Credit bureaus
Forwarding is also possible to the following persons:
Companies working on behalf of Arvato: we hire companies to provide certain services to us, such as but not limited to customer hotlines or the processing of payments. In this context, it may be necessary for these companies to process your personal information. We are acting on these companies to use the data only for the provision of these services. Businesses are not allowed to pass this information on to third parties, unless this is necessary to provide the services.
Company sales: Arvato reserves the right to disclose your personal data or parts thereof to third parties in the event of a sale of the Company or Company objects, provided that the services provided via the website are transferred to a third party. In case of a sale, Arvato will give you the opportunity to object to a redirect. This may result in the acquiring company no longer being able to provide the services provided by Arvato.
Your consent: In all other cases, Arvato will obtain your consent before disclosing your data. Arvato can e.g. organize a special offer or contest with third parties in connection with which you are asked to consent to the disclosure of data to that third party.
Further information on the transfer of data to the respective third party can be found in the individual purposes according to Section 4.Back to Top
6. Will my data be processed outside the EU or EEA (third-country transfer)?
If the service providers listed in section 5 and/or third parties outside the EU or the EEA process your data for the purposes specified in paragraph 4, this may result in your data being transmitted to a country where none of the EU or the EEA reasonable level of data protection can be guaranteed. However, such a level of data protection can be guaranteed with a suitable guarantee. A suitable guarantee may be standard contractual clauses provided by the EU Commission. You may request a copy of these warranties from the contact details in section 1. Exceptionally, any guarantees may be waived if you consent or the third country transfer is required for the performance of your contract with the Company. The EU Commission has also recognized certain third countries as safe third countries, so that it is not possible at this point to provide any suitable guarantees from the Company.
The following service providers process their data outside the EU or EEA:
- For the use of web-tracking services, service providers are set up whose rights centers are located in a third country or which have access to data centers within the European Union or the EEA from a branch in a third country. The services, which are certified according to the EU-US Privacy Shield, ensure that the third-country transfer guarantees the European level of data protection.
7. What privacy rights do I have?
At any time you have the right to request information about the personal data stored with us. If any personal information about you is false or out of date, you have the right to ask for its correction. You also have the right to request the deletion or restriction of the processing of your data in accordance with Item 17 or Item 18 GDPR. You may continue to have the right to disclose the data you provide in a common and machine-readable format (data transferability right).
If you have given consent to the processing of personal data for specific purposes, you may revoke your consent at any time with future effect. The revocation must be sent to the Company at the contact address specified in section 1.
In accordance with Art. 21 GDPR, the right to object, at any time for reasons arising from your particular situation, to the processing of your data according to the legal basis of Art. 6 para. 1 lit. f DSGVO. You also have the right to object to the processing of your personal data for the purpose of direct mail at any time. The same applies to the automated procedures for the use of individual cookies, if these are not mandatory for the provision of the website.
In addition, you have the opportunity to contact a data protection authority and file a complaint there. The authority responsible for the Company is the
Country Representative for Data Protection and Freedom of Information North Rhine-Westphalia (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen)
Telephone: 0211 / 38424-0
Fax: 0211 / 38424-10
You can also contact the data protection authority responsible for your place of residence.
Back to Top
8. To what extent is there an automated decision-making process?
For the purposes mentioned in section 4, we do not use fully automated decision-making.
Back to Top
9. Is profiling taking place?
For the purposes mentioned under Item 4, no profiling takes place.
Back to Top
10. California Residents
If you are a California resident, the information below also applies to you.
California Consumer Privacy Act
California residents may request copies of the data collected about them in the past 12 months or request that we delete personal information about them. You may exercise your rights by contacting us via email at firstname.lastname@example.org or writing to us at:
c/o Courseware Marketplace,
29011 Commerce Center Dr.
Valencia, CA 91355.
California Privacy Rights
Shine the Light
California Civil Code Section 1798.83 gives California residents the right to request, from a business with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party, and the identities of the third parties with whom the business has shared such information during the immediately preceding year. To request further information pursuant to California Civil Code Section 1798.83, please contact us via email at email@example.com.
California Minor Content Removal
If you are a resident of California, under 18 and a registered user of our services, you may ask us to remove content or information that you have posted to these services by contacting us via email at firstname.lastname@example.org. Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.
We do not knowingly collect personal information directly from children under the age of 13 without parental consent. Our websites are general audience sites and are not specifically targeted to or intended for use by children.
California Do Not Track Disclosure
Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. At this time, we do not respond to Do Not Track browser settings or signals. For information about Do Not Track, please visit: www.allaboutdnt.org .
Back to Top
11. Final / Version information
As the site evolves and new technologies are introduced to improve our service to you, changes to these privacy notices may be required. Therefore, we recommend that you review these privacy statements from time to time.