European Journal of Tactical Response & Medicine ISSN 3045-7712
Menu
Home Archive Submit About Log in Author portal Subscribe
Privacy policy

Privacy policy.

From Stumpf + Kossendey Verlagsgesellschaft mbH — editor-reviewed research in pre-hospital and tactical care.

Privacy

Last updated: drafted for launch — pending legal review.

1. Controller

The controller responsible for data processing on this site is:

Stumpf + Kossendey Verlagsgesellschaft mbH
Rathausstraße 1
26188 Edewecht, Germany
E-mail: service@skverlag.de · Phone: +49 4405 9181-0

Full company details are in our imprint.

2. Overview

We process personal data only as far as necessary to provide EJTRM and our services, and in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). This policy explains what we collect, why, on what legal basis, who processes it on our behalf, and what rights you have.

3. What we collect, and why

  • Launch / newsletter signup: if you sign up for launch updates, we process the e-mail address (and any name you provide) to send you those updates. Legal basis: your consent (Art. 6(1)(a) GDPR). You can withdraw it at any time via the unsubscribe link or by contacting us.
  • Account data: name, e-mail, password (stored only as a hash) and contact details, to operate your account. Legal basis: performance of a contract (Art. 6(1)(b) GDPR).
  • Subscription & payment data: plan, billing and — for print — shipping address, VAT ID, and payment status. Card/bank details are entered directly with our payment provider Stripe and are not stored on our servers. Legal basis: contract performance and legal obligations (Art. 6(1)(b) and (c) GDPR).
  • Invoices: billing records are retained to meet statutory commercial and tax obligations. Legal basis: legal obligation (Art. 6(1)(c) GDPR).
  • Server logs: when you visit the site, technical data (IP address, request time, user agent) is processed to deliver and secure the service. Legal basis: legitimate interest in a secure, functioning service (Art. 6(1)(f) GDPR).
  • Cookies: we use strictly necessary cookies (e.g. session, security / CSRF). These do not require consent. We do not use advertising cookies.

4. Processors and third parties

We use carefully selected service providers who process data on our behalf under data processing agreements (Art. 28 GDPR). Where a provider processes data outside the EU/EEA, the transfer is safeguarded by EU Standard Contractual Clauses or an adequacy decision.

  • Mailchimp (The Rocket Science Group LLC / Intuit Inc., USA) — newsletter and launch-update e-mails; stores the e-mail address (and any name) you submit via our signup form.
  • Stripe (Stripe Payments Europe, Ltd., Ireland) — payment processing and subscription billing.
  • SendLayer — transactional and notification e-mail delivery.
  • Cloudflare (Cloudflare, Inc., USA) — content delivery / DNS and, via Cloudflare R2, storage of uploaded files.
  • Railway — application hosting and database.

5. Retention

We keep personal data only as long as needed for the purpose collected. Invoice and accounting records are retained for the statutory periods (generally up to 10 years). Account data is kept until you close your account; server logs are kept only briefly for security and troubleshooting. Newsletter/lead data is kept until you withdraw consent.

6. Your rights

Under the GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and to object (Art. 21) to processing based on legitimate interests. Where processing is based on consent, you may withdraw it at any time with effect for the future. To exercise any of these, contact us at service@skverlag.de.

You also have the right to lodge a complaint with a supervisory authority. The authority responsible for us is the State Commissioner for Data Protection of Lower Saxony (Die Landesbeauftragte für den Datenschutz Niedersachsen).

7. Data security

The site is served exclusively over encrypted HTTPS connections. We apply appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse.

8. Changes

We may update this policy as our services or the legal requirements change. The current version is always available on this page.