Information on the protection of your data

For contract customers / subscribers / buyer
Download (PDF)


Privacy Policy – DVV Media-Shop



  1. DVV Media Group GmbH and DVV Media GmbH (hereinafter referred to as DVV Media), Heidenkampsweg 73-79, 20097 Hamburg, e-mail address: take the protection of your personal data as a user of the services of DVV Media (this includes,; hereinafter referred to as services) seriously as a service provider and responsible body. In the following, you will be informed about the collection, processing and use of your data as well as the rights to which you are entitled.

  2. The Data Protection Officer can be contacted as follows:

    DVV Media Group GmbH
    Heidenkampsweg 73-79
    20097 Hamburg


    Phone: +49 (0)40/23714-100


A. General part

§ 1 General information

Personal data is individual information about your personal or factual circumstances, i.e. data that identifies you or that can be used to establish your identity. This includes, for example, your correct name, address, telephone number or date of birth. Personal data also includes data that can be related to a person, i.e. data without a direct reference from which a person can be derived, such as the IP address.

Personal data includes data that is generated in connection with the retrieval of and stored in so-called log files on the servers of DVV Media and the technical service providers.

Server log files are stored for security reasons (e.g. for the clarification of abuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until final clarification of the respective incident.server log files are stored for a maximum of seven days for security reasons (e.g. to clarify acts of abuse or fraud) and then deleted. Data whose further storage is necessary for evidentiary purposes are excluded from deletion until the final clarification of the respective incident.

During your visits to the pages of DVV Media, personal data is also processed automatically in anonymous form. This includes usage data such as the beginning and end of your visit, the pages you call up or the time you spend on the portal. A person-related utilization of these data does not take place.


§ 2 Security measures

We take organizational and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.


§ 3 Single application/SSO procedure/consent / revocation

  1. DVV Media uses the Single Sign-On (SSO for short) procedure. SSO procedure means that each user can use various offers and services (across portals) after a one-time registration with his access data without having to register and log in again. This saves the user from having to repeatedly enter data manually.

    During registration, we collect and store the following data: User name, password, e-mail address. This inventory data is used for the purpose of fulfilling our contractual obligations and services in accordance with § 25 TDDDG para.2 no.2 in conjunction with. Art. 6 para.1 lit. b GDPR processed.

    As part of your registration for the SSO, you consent to the use of your personal data for advertising purposes on our own behalf by DVV Media. These advertising emails inform you at irregular intervals about interesting offers for the book and subscription, content/company licenses, advertisements, events, customer surveys and competitions. The newsletter is sent via Inxmail GmbH, Wentzingerstr. 17 79106 Freiburg. This consent is voluntary and is not related to your ability to use the services.

  2. After registration for the newsletter/advertising emails, you will receive a confirmation email from us.
    The registration will only become effective after you have clicked on the link in the confirmation email. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the advertising emails are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address.
    You can unsubscribe from the promotional emails at any time via a unique link contained in all promotional emails. Your e-mail address will then be deleted from the distribution system immediately. Any processing of the data that has taken place up to that point remains lawful.
    The advertising emails contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from the Inxmail server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval are initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times.
    Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor that of Inxmail to observe individual users. The analyses serve us much more to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

If DVV Media intends to collect or use personal data for further purposes, you will be informed of this at the appropriate point on and asked for your express consent. Consent given in this context can also be revoked at any time by sending an e-mail to


§ 4 Contacting us

When contacting us (via contact form or e-mail), the user's details are processed for the purpose of handling the contact request and its processing in accordance with § 25 para.2 no.2 TDDDG.


§ 5 Google Fonts

For the operation of the website DVV Media processes absolutely necessary information in the sense of § 25 para.2 no.2 TDDDG to display content correctly and graphically appealing across browsers with the help of Google Web Fonts. ( Google Webfonts are transferred to the cache of your browser to avoid multiple loading. If the browser does not support Google Web Fonts or prevents access, content is displayed in a standard font.
For more information, see Google's privacy policy:


§ 6 Use of cookies

Cookies are small amounts of data that are transmitted from the Internet to your computer together with the data actually requested. This data is stored there and kept ready for later retrieval. DVV Media uses the following types of cookies for

  1. Session-Cookies:
    These are cookies that are only stored on your computer for the duration of an Internet session. These cookies are deleted after the session ends, i.e. after you leave the website or when you close the browser window.

  2. Login cookies:
    In addition, a cookie is also used for user authentication. Different cookies can be used for this purpose: By default, cookies are used that are generated only for the respective session. They store information about the user name, user rights and the validity of the session.

  3. Google-Re/Marketing Services:

    We use the marketing and remarketing services (hereinafter "Google Marketing Services") of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google"). The legal basis for the processing is § 25 para.1 TDDDG.

    The Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner in order to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products he or she was interested in on other websites, this is referred to as "remarketing". For these purposes, when our website and other websites on which Google Marketing Services are active are called up, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also referred to as "web beacons") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including,,, or This file records which websites the user has visited, which content he is interested in and which offers he has clicked on, as well as technical information on the browser and operating system, referring websites, time of visit and other information on the use of the online offer. The IP address of the user is also recorded, whereby we inform Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is transferred in full to a Google server in the USA and shortened there. The IP address is not merged with user data within other Google offerings. The aforementioned information may also be linked on the part of Google with such information from other sources. If the user subsequently visits other websites, he can be shown ads tailored to his interests.

    The user's data is processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store and process the name or e-mail address of the user, for example, but processes the relevant data on a cookie basis within pseudonymous user profiles. This means that from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder regardless of who this cookie holder is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymization. The data collected by Google Marketing Services about users is transmitted to Google and stored on Google servers in the USA.

    We may integrate third-party advertisements based on the Google Marketing Services Google Ad Manager. Google Ad Manager uses cookies that enable Google and its partner websites to serve ads based on users' visits to our website or other websites on the Internet.

    We may include third-party advertisements based on Google's "AdSense" marketing services. AdSense uses cookies to enable Google and its partner websites to serve ads based on users' visits to our website or other websites on the Internet.

    We may also use Google Tag Manager to integrate and manage Google's analytics and marketing services on our websites.

    For more information about Google's use of data for marketing purposes, please visit, and Google's privacy policy can be found at If you wish to object to interest-based advertising by Google Marketing Services, you can use the settings and opt-out options provided by Google (

  4. Google Analytics Cookies (data collection for optimization purposes):

    We use Google Analytics, a function of Google Analytics, including Google signals and the User ID function, after you have given your consent. You can revoke this consent at any time in the cookie settings. Google Analytics is a web analytics service provided by Google, Inc. ("Google") and uses cookies, which are text files placed on your computer, to help the website analyze how users use the site. The legal basis for the processing is § 25 para.1 TDDDG.

    The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, since we have activated IP anonymization on this website, your IP address will be truncated by Google beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and only shortened there.

    Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. This website uses the Google Analytics reports on demographic characteristics, in which data from interest-based advertising from Google and visitor data from third-party providers (e.g. age, gender and interests) are used. This data can be deactivated at any time via the ad settings. Users' personal data is deleted or anonymized after 14 months.

    You can find out more information about Google's use of data on the Google websites:,

In general, you also have the option of deleting cookies via the corresponding browser function and setting there how your browser should proceed with cookies. However, it should be noted that the use of the services may be impaired if cookies are generally rejected.


§ 7 Google Re-Captcha

In order to ensure sufficient data security when submitting forms, we use in certain cases the service reCAPTCHA of the company Google Inc. This serves primarily to distinguish whether the input is made by a natural person or abusively by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google. This is absolutely necessary information for the operation of our website in the sense of § 25 para.2 no. 2 TDDDG. The deviating data protection regulations of Google Inc. apply here. Further information on the data protection guidelines of Google Inc. can be found at


§ 8 Usage-based online advertising

The advertising spaces on this website are marketed by ourselves. Some of the advertising on this portal is optimized for you by anonymously collecting and processing your usage behavior based on predicted interests. Cookies are stored on your computer for this purpose. So-called "ad servers" are used to deliver those advertising materials that are booked by advertisers on the publisher media.

For this purpose, the ad servers use cookies, through which certain parameters for measuring success, such as display of the ads or clicks by users, can be measured. In order to optimize advertising for you based on your usage interests, we have permitted the following companies (among others) to collect usage data:

  • Google Ireland Limited (, Gordon House, Barrow St Dublin 4, Ireland, ("Google") provides an ad server. If you do not want Google to display personalized advertising to you, please click on the following link This opt-out cookie will delete the previously stored information and prevent further collection of information.

A list of our partners is stored in the cookie settings. You can access these here.

The legal basis for the processing is § 25 para.1 TDDDG. You have the option at any time to change the decision made and to subsequently grant or revoke your consent. For this purpose, you can access the settings options.


§ 9 Facebook-Pixel

Remarketing tags of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. The legal basis for the processing is § 25 TDDDG para.1. After granting your consent, a direct connection is established between your browser and the Facebook server via the remarketing tags. Facebook thereby receives the information that you have visited our site with your IP address. This allows Facebook to associate the visit to our pages with your user account. We can use the information obtained in this way to display Facebook Ads. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. You can revoke your consent at any time in the cookie settings. For more information, please refer to Facebook's privacy policy ( If you do not want any data to be collected via Custom Audiences, you can deactivate Custom Audiences here (


§ 10 Webinare

For the implementation of webinars, DVV Media uses the software GoToWebinar of the provider LogMeIn Ireland Limited (order processor). Within the scope of the registration on the infrastructure of the company LogMeIn (Bloodstone Building Block C70 Sir John Rogerson's Quay Dublin 2, Ireland), personal data is collected/stored. In particular, this involves the name, first name, company, function, industry, address and e-mail address. Legal basis for the data processing is § 25 para.2 no.2 TDDDG i.V.m. Art. 6 para.1 lit. b GDPR.

The processing of the data by the company LogMeIn (as processor) is based on Article 28 of the General Data Protection Regulation. The data is processed to the extent permitted by law in Germany, the European Union and the USA. For data processing in the USA, an appropriate level of protection has been established by agreeing to the EU standard contractual clauses. In this context, please also note the data protection regulations of LogMeIn:

The deletion of the data is carried out in accordance with the statutory retention periods.

A use of the data for a purpose other than the aforementioned contract performance purpose or a transfer to other third parties will only take place on the part of DVV Media if this is legally permissible or the user has expressly consented.


§ 11 Trusted Shops

For the display of our Trusted Shops seal of approval and the possibly collected ratings as well as for the offer of Trusted Shops products for buyers after an order, the Trusted Shops trust badge is integrated on this website.

This serves the preservation of an optimal marketing by making possible a safe purchase in accordance with § 25 para.1 TDDDG. The Trustbadge and the services advertised with it are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany. Further information on the data protection of Trusted Shops GmbH can be found at

When the Trustbadge is called up, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of the call-up, the amount of data transferred and the requesting provider (access data) and documents the call-up.

Further personal data is transferred to Trusted Shops GmbH if you decide to use Trusted Shops products after completing an order or if you have already registered to use them. The contractual agreement between you and Trusted Shops applies. For this purpose, personal data is automatically collected from the order data.

This is necessary for the fulfillment of our and Trusted Shops' provision of the buyer protection linked to the specific order and the transactional evaluation services in accordance with § 25 para.1 TDDDG. Further details, including the objection, can be found in the Trusted Shops privacy policy linked above and in the Trustbadge.


§ 12 Paypal

If you pay via PayPal, we will pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing.

The data transmitted to PayPal may be transferred by PayPal to credit reporting agencies. The purpose of this transmission is to check your identity and creditworthiness. PayPal may also pass on your data to third parties, insofar as this is necessary for the fulfillment of contractual obligations or the data is to be processed on behalf. You can read PayPal's privacy policy at

The legal basis for the data processing is § 25 para. 2 no.2 TDDDG in conjunction with. Art. 6 para. 1 lit. b GDPR, as the processing of the data is necessary for the payment with PayPal and thus for the execution of the contract.


§ 13 Stripe

If you choose a payment method offered via the payment service provider "Stripe" (SEPA, credit card, PayPal), payment processing is carried out via Stripe, Inc, 510 Townsend Street, San Francisco, CA 94103, USA, to whom we pass on your information provided during the ordering process together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 para. 1 lit. b) GDPR. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose. The basis for the third country transfer is the EU-US Data Privacy Framework (DPF). You can find more information on data protection from "Stripe" at the following Internet address:


§ 14 User rights

You have the right, upon request and free of charge, to receive information about the personal data that we have stored about you.

In addition, you have the right to correct incorrect data, restrict processing and object to the processing and deletion of their personal data, and to assert your rights to data portability in accordance with Article 20 GDPR and, in the event of the assumption of unlawful data processing, to file a complaint with the competent supervisory authority.

Likewise, you can revoke consents, in principle with effect for the future.


B. Special Section

We process inventory data as well as contractual data for the purpose of fulfilling our contractual obligations and services, Art. 6 para.1 lit. b GDPR.


§ 1 Information on subscriptions

For subscription customers, the following data is processed as inventory data: Identifier, password, name (business, if applicable), address (business, if applicable), e-mail address (business, if applicable), subscription start date and end date, if applicable, payment frequency, payment method and account details. This data is necessary for the processing of the subscription contract.


§ 2 Information on apps

For subscription customers, the following data is also processed as inventory data (personal data): Identifier, password, name (business, if applicable), e-mail address (business, if applicable), start date and end date of the subscription, if applicable. These data are necessary for the processing of the subscription contract.
The following non-personal data is processed via Google Analytics: Usage behavior of the app as well as calling up individual issues and articles.


§ 3 Registration for the use of paid content

During registration, we collect and store the following data: Identifier, password, name (business, if applicable), email address (business, if applicable), start date and end date of the subscription, if applicable. This inventory data is processed for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 para.1 lit. b GDPR.


§ 4 Information on participation in a webinar

For registration and participation in a webinar, the following data is collected, stored and processed: Name, first name, company, function, industry, address and e-mail address. These data are necessary for the implementation of the webinar.


C. Final regulations

We reserve the right to change this privacy policy at any time in compliance with the applicable data protection regulations.