3. SSL/TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as a site operator, this site uses an SSL or TLS encryption. You can check if you have a secure and encrypted connection with SSL by looking for the padlock symbol in the status bar on your browser, the URL address will also change from http:// to http://https://. If SSL or TLS encryption is enabled, the data you submit to us can not be read by a third party.
4. Contact via the website
Personal data that you transmit electronically on this website, such as name, e-mail address, address or other personal information, will only be used by us for specific purposes, kept safe and will not be disclosed to a third party. The provider who is authorized with the hosting of the website collects and stores information on the web server such as browser, operating system, link page, IP address, time of access, etc. These data can not be assigned to any specific person without checking other data sources and we do not evaluate these data any further as long as there is no illegal use of our website. We use a large number of technical and organizational tools in order to assure the protection of your personal data against unauthorized access or communication. Nevertheless, Internet-based data transmissions can generally have security flaws, thus, an absolute protection can not be guaranteed. For this reason, every data subject is free to submit personal data to us in alternative ways, for example by telephone.
5. The comment function
When website visitors leave comments or form entries, the data entered and their IP addresses are saved. This is for security reasons, if someone authorizes illegal content (insults, left or right-wing extremist propaganda, hate posts, etc.). In this case we are interested in the identity of the author.
6. Use of Google Fonts
We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. Should you have a Google account, none of your Google Account information will be transmitted to Google while using Google Fonts. Google only records the use of CSS and the font used, and stores this data securely. More information about these and other questions can be found at https://developers.google.com/fonts/faq. The data Google collects and how Google uses this information can be found at https://www.google.com/intl/en/policies/privacy/.
7. Google Analytics
8. Google Adwords Conversion Tracking
9. Facebook Links
Our website also contains links to the external social network Facebook. This website is operated exclusively by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook). The reference link is clearly indicated by the Facebook logo. If you click on this link, Facebook plugins will be activated and your browser will connect you directly to the Facebook server. If you continue using the Facebook link while visiting our website and have logged in to Facebook via your personal user account, the information that you have visited on our website will be forwarded to Facebook. Facebook will be able to allocate the visiting of the website to your account.
10. Facebook Remarketing/Retargeting/Pixel
You have the opportunity to subscribe to our newsletter on our website. For this, we’ll need your e-mail address and your declaration that you agree with the subscription to the newsletter. As soon as you have subscribed to the newsletter, we will send you a confirmation e-mail with a link to confirm the registration. The personal data collected during the newsletter registration will be used exclusively to send out our newsletter. Newsletter subscribers may also be notified by e-mail if this is necessary for the operation of the newsletter service or registration, as might be the case in the event of changes in the newsletter or any technical changes. The personal data collected as part of the newsletter service will not be passed to a third party. The subscription to our newsletter may be terminated by the data subject any time. The consent to the storage of personal data for sending out the newsletters can be revoked any time. There is a corresponding link in each newsletter for revoking the consent.
For sending and analyzing the email correspondences (for example newsletter or customer information) we use the software "Eyepin". The newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails that are sent in HTML format to allow log-file recording and log-file analysis. This allows a statistical evaluation of the success or failure of our online marketing campaigns. The embedded pixel lets us know if and when an email was opened by a data subject. Furthermore, the newsletter tracking will also detect which links in the e-mail were accessed by the data subject. Such personal data collected by the tracking pixels will be stored and evaluated by us in order to optimize the newsletter distribution and to better adapt the content of our future newsletters to the interests of the data subjects. This personal data will not be disclosed to a third party. Subscribers will be able to unsubscribe from receiving newsletters any time by using the double opt-in procedure. After this, no further data will be collected and the address will be placed on a blacklist that documents the deregistration and prevents further submissions. Find out more about Eyepin at https://support.eyepin.com/hc.
13. The use of YouTube
This website includes YouTube references. YouTube is an internet video portal that allows video publishers to upload videos free of charge and other users to view, rate and comment on these videos. YouTube allows the publication of all types of videos, entire films and television broadcasts, as well as music videos, trailers or user-made videos. YouTube's operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
Each time you visit one of the individual pages of this website on which a YouTube component (YouTube video) has been integrated, your Internet browser will automatically be prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. More information about YouTube can be found at https://www.youtube.com/yt/about/en/.
14. Order Procedure through the online shop
All data that a costumer enters during an order are stored. This includes
- Name, first name
- Telephone number (optional)
- E-mail address
Information which is absolutely necessary for the delivery or your order processing will be passed on to third-party service providers. Your data will be deleted as soon as their storage is no longer required by the publisher or by law.
15. Payment by PayPal in the online shop
Our website includes PayPal references. PayPal is an online payment service provider. Payments are made through so-called PayPal accounts, which are private or business online accounts. In addition, PayPal has the ability to process online payments through credit cards even if a user does not have a PayPal account. A PayPal account is managed via an email address, that’s why there is no classic bank account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also has a special fiduciary function and offers buyer protection services. The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If you select "PayPal" as a payment option during your order in our online shop, your personal data will be automatically transmitted to PayPal. By selecting this payment option, you automatically agree to the transmission of your personal data required for payment processing. The personal information sent to PayPal are usually as follows: first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing. For processing the sales contract, such personal data will also be required that are necessary for the relevant order. The purpose of the transmission of your personal data is only for the payment transaction and fraud prevention. The person in charge of the transaction will transmit personal information to PayPal only if there’s a legitimate interest in the transmission of such data. The personal information exchanged between PayPal and the person responsible for the data processing may be transferred to credit reporting agencies by PayPal. Its purpose is the identity and credit assessment. PayPal may disclose personal information to affiliated companies, service providers or subcontractors if this information is necessary to fulfill its contractual obligations or to process the data. You have the right to object to the transmission of your personal data by PayPal any time. Your revocation has no effect on the personal information that must be processed, used or transmitted for (contractual) payment processing.
16. Legal basis of processing
Art. 6 I lit. GDPR serves as the legal basis for processing operations where we obtain consent for a particular processing purpose. If the processing of your personal data is necessary to fulfill the contract you signed with us, as is the case, for example, in the processing operations necessary for the supply of goods or the provision of any other services or considerations, processing shall be based on Art. 6 I lit. (b) GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services. If our company is subject to a legal obligation which requires the processing of your personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 I lit. (c) GDPR. In rare cases, the processing of the personal data may be required to protect the vital interests of the person involved or any another individual person. This would be the case, for example, if a person visiting our company was injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then the procedure would be based on Art. 6 I lit. (d) GDPR. Finally, processing operations could be based on Art. 6 I lit. (f) GDPR. On this legal basis, processing operations that are not covered by any of the above legal bases are required if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person involved prevail. Such processing operations are particularly allowed to us because they have been specifically mentioned by the European legislator. In this regard, the European legislator takes the view that a legitimate interest could be assumed if the data subject is a customer of the company in charge (recital 47, second sentence, GDPR).
17. Legitimate interests in the processing
Is the processing of personal data based on Article 6 I lit. (f) GDPR, it is our legitimate interest in conducting our business for the benefit of all of our employees and our shareholders.
18. Duration of personal data retention
The duration of personal data retention is the period stipulated by law. The relevant data will be automatically deleted as soon as this period expires, if these data are no longer required to fulfill the contract or to initiate a contract.
19. Legal or contractual regulations for the provision of personal data; the necessity for the conclusion of the contract; obligations of the data subject providing personal data; the possible consequences of not providing personal data
We would like to inform you that the provision of personal information is in part required by law (such as tax regulations) or may result from contractual arrangements (such as information of the contractor). Sometimes it is necessary for a contract conclusion that the data subject provides us personal data that will subsequently be processed by us. For example, the data subject is required to provide us personal information when our company enters into a contract with the data subject. Failure in providing the personal data would mean that the contract with the person could not be concluded. Prior to any data provision, the data subject has to contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or is necessary for the contract conclusion, and will also explain the consequences of not providing the required personal data.
20. Automated decision-making
As a company conscious of its responsibilities, we refrain from automatic decision-making or profiling.
21. Your rights (rights of the data subject)
a.) The right to obtain confirmation
Each data subject has the right, as granted by the European Directive and Regulatory Authority, to require the controller to confirm whether his personal data is being processed. If the data subject wishes to make use of this right of confirmation, they can contact an employee of the data controller any time.
b.) The right of information
Any data subject involved in the processing of personal data shall have the right, granted by the European Directive and Regulatory Authority, to obtain information from the data controller free of charge on the personal data stored about him and a copy of that information any time. In addition, data subjects are also provided with the following information by the European Directive and Regulatory Authority:
- the purpose of the processing
- the categories of the personal data being processed
- the recipients or categories of recipients to whom the personal data have been disclosed or are yet to be disclosed, in particular to recipients in third countries or to international organizations
- if possible, the planned duration of the personal data stored or, if it is not possible, the criteria for determining that duration
- the right to rectification or erasure of the personal data, or the right to restrict processing, or the right to object to processing
- the right to appeal to a supervisory authority
- if the personal data are not collected from the data subject: all information about the origin of personal data
- the existence of automated decision-making including profiling under Article 22 (1) and (4) of the GDPR and - at least in these cases - meaningful information on the logic involved and the scope and intended impact of such processing on the data subject
- Furthermore, the data subject has the right to know whether the personal data have been transmitted to a third country or to an international organization. If this is the case, then the person has the right to obtain information about the appropriate guarantees in connection with the transfer of his personal data.
If the data subject wishes to exercise this right to information, the person may contact an employee of the data controller any time.
c.) The right to rectification
Any data subject involved in the processing of personal data has the right, granted by the European Directive and Regulatory Authority, to demand the immediate correction of inaccurate personal data concerning him. Furthermore, the data subject has the right to request the completion of incomplete personal data (accompanied by an explanatory statement), taking into account the purposes of the processing. If the data subject wishes to exercise this right, the person may contact an employee of the data controller any time.
d.) The right to erasure (the right to be forgotten)
Any data subject involved in the processing of personal data shall have the right, granted by the European Directive and Regulatory Authority, to demand the controller to delete the personal data concerning him immediately, provided that one of the following reasons exist and the processing is not required:
- The personal data collected for certain purposes are no longer necessary.
- The data subject withdraws the consent on which the processing was based as per Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR and there is no other legal basis for the processing.
- The data subject objects to the processing as per Art. 21 (1) GDPR, and there are no legitimate reasons for the processing, or the data subject objects to processing according to Art. 21 (2) GDPR.
- The personal data were processed unlawfully.
- The erasure of personal data is necessary to fulfill a legal obligation as set out in Union law or national law to which the data controller is subject.
- The personal data were collected in relation to the services offered by the information society as per Art. 8 para. 1 GDPR
- If one of the above reasons applies and the data subject asks for the erasure of personal data stored at Novum publishing, the data subject shall contact an employee of the data controller any time. The employee of Novum publishing will fulfill the erasure request immediately.
If the personal data have been made public by Novum publishing and if our company is responsible for deleting personal data as per Art. 17 para. 1 GDPR, Novum publishing takes appropriate measures, taking into account the available technology and the implementation costs also. Novum publishing will also inform other data controllers processing the personal data that the data subject has asked for the erasure of all links to his personal data and this personal information or copies or replications need to be deleted unless required for the processing. The employee of Novum publishing will arrange the necessary steps in individual cases.
e.) The right to restrict processing
Any data subject involved in the processing of personal data has the right, granted by the European Directive and Regulatory Authority, to demand the data controller to restrict the processing of personal data if one of the following conditions applies:
- The accuracy of the personal data is contested by the data subject for a certain period of time that enables the data controller to verify the accuracy of the personal data.
- The processing is unlawful; the data subject refuses to erase the personal data and instead requests the restriction of the use of personal data.
- The data controller no longer needs the personal data for the purposes of processing, but the data subject requires them to assert, exercise or defend legal claims.
- The data subject objects to the processing as per Art. 21 para. 1 GDPR and is not yet clear whether the legitimate reasons of the data controller outweigh those of the data subject.
- If one of the above-mentioned conditions exists and the data subject requests the restriction of personal data stored at Novum publishing, he may contact an employee of the data controller any time. The employee of Novum publishing will arrange the restriction of processing.
f.) The right to data portability
Any data subject involved in the processing of personal data shall have the right, granted by the European Directive and Regulatory Authority, to obtain his personal data in a structured, common and machine-readable format. The data subject also has the right to transfer this data to another data controller without hindrance by the controller to whom the personal data was originally provided, given that the processing is based on the consent as per Article 6 (1) (a) of the GDPR or Article 9 (1) (b) 2 (a) of the GDPR or on a contract as per Article 6 (1) (b) of the GDPR and the processing is an automated process, unless the processing is necessary for the performance of a task of public interest or in the exercise of public authority, which has been assigned to the data controller.
Furthermore, the data subject has the right to data portability as per Article 20 (1) of the GDPR. The data subject also has the right to obtain the personal data that are transmitted directly from one controller to another, as long as this is technically feasible and if this does not affect the rights and freedoms of others. To assert the right of data portability, the data subject may contact an employee of Novum publishing any time.
g.) The right to objection
Any data subject involved in the processing of personal data shall have the right, granted by the European Directive and Regulatory Authority, to object to the processing of personal data as per Article 6 (1) (e) or f GDPR. This also applies to profiling. Novum publishing will no longer process the personal data of a data subject in the event of an objection, unless Novum publishing can prove that there are compelling legitimate reasons for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves the purpose of asserting, exercising or defense of legal claims. If Novum publishing processes personal data in order to operate direct advertising, the data subject has the right to object to the processing of personal data for the purpose of such advertising any time. This also applies to the profiling, as long as it is associated with such direct advertising. If the data subject objects to the processing of his personal data by Novum publishing for direct marketing purposes, Novum publishing will no longer process the personal data for these purposes. In addition, the data subject has the right, for reasons arising from his or her particular situation, to object to the processing of personal data for scientific or historical research purposes or for statistical purposes as per Art. 89 para.1 GDPR, unless such processing is necessary to fulfill a public interest task. In order to exercise the right to object, the data subject can directly contact an employee of Novum publishing. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58 / EC, to exercise his right to object by means of automated procedures using technical specifications.
h.) Automated decisions in individual cases including profiling
Any data subject involved in the processing of personal data shall have the right, as granted by the European Directive and Regulatory Authority, not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect, or in a similar manner, significantly affects him; unless the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the data controller, or (2) is permitted by Union law or national law to which the controller is subject, and that legislation provides for appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject; or (3) with the express consent of the data subject.
If the decision (1) is required for the conclusion or the fulfillment of a contract between the data subject and the data controller or (2) it takes place with the express consent of the data subject, Novum publishing takes appropriate measures to safeguard the rights, freedoms and the legitimate interests of the data subject, including at least the right to obtain the intervention of a person by the controller, to express his / her own position and to object to the decision. If the data subject wishes to claim automated decision-making rights, he can contact an employee of the controller any time.
i.) The right to revoke data protection consent
Any data subject involved in the processing of personal data has the right, granted by the European Directive and Regulatory Authority, to revoke consent to the processing of personal data any time. If the data subject wishes to assert his right to withdraw consent, he may contact an employee of the data controller any time.
You can reach us at:
100 Borough High Street
London SE1 1LB
If you believe that the processing of your data violates data protection law or if your data protection claims have otherwise been violated in any way, you can contact the supervisory authority.
The United Kingdom of Great Britain and Northern Ireland:
https://ico.org.uk/ (Home | ICO) – Homepage of the British Data Protection Authority (Information Commissioner)
In case of a legal dispute, the original German text serves as the legal basis.