You are here: Home > Privacy policy

Privacy policy


Disclaimer: This is an uncertified translation of the German original version of our Data Protection Policy intended to facilitate understanding; only the German version is legally binding.
The following data protection declaration applies for the use of our online products [] respectively [] (referred to hereafter as “website”).
We take data protection very seriously. The gathering and processing of your personal data occurs in compliance with the applicable data protection legislation, in particular with the EU General Data Protection Regulation (EUDataP)


1 Responsibility

The controller responsible for the gathering, processing and use of your personal data as defined by EUDataP, art. 4, nr 7 are:
Monumenta Germaniae Historica
Ludwigstr. 16
80539 München,
represented by their president, Prof. Dr Martina Hartmann.
In accordance with the said data protection regulations, you have the right to object to our gathering, processing, or use of your personal data, either particular or in general. If you wish to do so, please lodge your complaint under the address listed in the site page.This data protection policy may be filed and printed at any time.


2 General processing guidelines

We gather and use the following personal data in order to ensure the functioning of the website:
• inventory data (e.g. names, addresses),
• contact data (e.g. e-mail addresses, telephone numbers),
• content data (e.g. text input),
• usage data (e.g. websites visited, content, times of access),
• metadata/technical information (e.g. type of device, IP address),
• payment data (e.g. bank account, payment history).
We process and use the data gathered for the following purposes:
• to control and improve the function and content of our online services ,
• to enable the processing of document orders, contact inquiries and communication with users
• for security measures.

3. Specific guidelines

3.1 Legal basis

In compliance with EUDataP, art. 13, we provide users with the legal basis for our data processing. Wherever this data protection policy does not expressly refer to its legal basis, the following guideline applies: The legal basis for obtaining consent is provided by EUDataP art. 6 par. 1 lit. a and art. 7; the legal basis for the processing of data in order to provide our services, perform contracts and respond to requests is EUDataP art. 6 par. 1 lit. b; the legal basis for data processing in accordance with our legal obligations is EUDataP art. 6 par. 1 lit. c; and the legal basis for data processing in order to protect our legitimate interests is EUDataP art. 6 par. 1 lit f. In the event that data processing is necessary to protect the vital interests of the data subject or of another natural person, the legal basis for this is EUDataP art. 6 par. 1 lit d.

3.2 Server-Log Files

The hosting provider automatically gathers and stores information transmitted from your browser in so-called Server-Log-Files. This information includes:
• the name of the viewed website
• type and version of the browser used
• system software used
• referrer URL
• host name of the inquiring computer
• time of the inquiry
• record of successful file retrieval.
These data are not personalised and will not be cross-referenced with data from other sources. The MGH reserves the right to analyse them in the case of well-founded suspicions of illegal activity.
Log-file data may be stored for security purposes (for example to investigate cases of misuse or fraud) for up to seven days, after which they must be erased. Data serving as evidence in legal investigations is exempted from this storage restriction.

3.3 Cookies

We use „Session Cookies“ to optimise our website. These are small text files which your computer receives from the server when you visit a website and temporarily saves on the hard disc. Each file contains a so-called “Session-Id.” allowing us to correlate various inquiries made from your browser during the same session. Other cookies remain stored on your computer until you delete them. These cookies make it possible for us to identify your browser the next time you visit our website. You can configure your browser to inform you when cookies are being set, to regulate their use allowing them in singular instances, only in given cases, or disallowing them altogether, and to delete them automatically after the browser has been closed. Deactivating cookies may limit the functionality of this website.

3.4 Data processing in compliance with our contractual obligations

We process certain personal data in order such as name, address, e-mail address, product information, and account and payment information, in order to satisfy customer orders. In order to conclude a contract, it is necessary to provide this information. This data will be erased after the expiry of the time limits set by warranty agreements and legal data storage regulations. Data connected to a user account will be retained in all cases, so long as the user account exists. The legal basis for doing this is EUDataP art. 6 par. lit. b. allowing us to store and process data in order to fulfil our contractual obligations. In cases where information is required for pre-contractual measures responding to a customer request or in order to carry out the contract of a registered customer, the legal basis for processing this data is EUDataP art. 6 par. 1 lit. b. Beyond this, we process other personal data only if you have expressly agreed to it, in compliance with the terms of EUDataP art. 6 par. 1 lit. a, or if we have a legitimate interest in doing so, as defined by EUDataP art. 6 par. 1 lit. f., such as in order to respond to your e-mail. If not otherwise specified, we store personal data only as long as is required to fulfil the given purpose. In some cases, government legislation demands the storage of some personal information, for example for tax or customs purposes. In these instances, the data will be retained only in accordance with the legal requirements without any further processing and will be erased on expiry of the legally required storage period.

4. Regular erasures and blocking of personal data

We store and process the personal information of data subjects only for the period of time required to fulfil the above mentioned purposes and legal requirements and as determined by the European (and German) general data protection legislation and the national and institutional regulations applicable to the MGH. Thereafter, personal data will be routinely erased or blocked for further processing in accordance with the legal requirements.

5. Rights of data subjects

You have the legal right to be informed at any time about which data this library is storing over you, where it came from, who is receiving it, and to what purpose it is being processed. Furthermore, you have the right to demand that your personal data be corrected or erased, or that their processing be restricted. Insofar as the processing of your data occurs on the basis of your consent, you have the right to revoke this consent or to object to the practice. You have the right to data portability.

If you have questions regarding the content of our privacy policy or the topic of personal data, please do not hesitate to contact us.

Last update: 24.05.2018