Privacy policy

The protection of your personal data has a high priority for Deutsche Telekom AG. It is important to us to inform you about what personal data are collected, how they are used and what options you have in this regard.

  1. What data are collected, how are they used and how long are they stored?
    • When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us. (Art. 6 para. 1b DSGVO, §25 para. 2 No. 2 TTDSG) The recorded data is used solely for data security purposes, particularly to protect against attempted attacks on our web server (Article 6 (1f) GDPR). We do not use it to create individual user profiles nor do we share this information with third parties. It is erased after seven days at the latest. We reserve the right to statistically analyze anonymized data records.
      When you use our online service, our servers temporarily record the domain name or IP address of your terminal device as well as other data, such as the content requested or the response code.
      The logged data are used exclusively for data security purposes, in particular to defend against attempted attacks on our web server (Art. 6 para. 1f DSGVO). They are neither used for the creation of individual application profiles nor passed on to third parties and are deleted after 7 days at the latest. We reserve the right to statistically evaluate anonymized data records.
       
  2. Data control for the social media plug-ins or links to social media platforms used.
    Some pages contain buttons from social media networks (such as Facebook, Google, Instagram, Twitter, Pinterest, Xing or LinkedIn), which you can use to recommend the offers of Deutsche Telekom AG to your friends and acquaintances.

    On our pages, we only use the pictograms of the respective social media network. Only when you click on the pictogram are you directed to the company page on the respective social media platform. The social media platforms as well as the third-party content providers that can be reached via the pictograms provide these services and the processing of their data under their own responsibility. 

    By activating the social media plug-in or link via the pictogram, also for sharing content, (Art. 6 para. 1a GDPR), the following data may be transmitted to the social media providers: IP address, browser information, operating system, screen resolution, installed browser plug-ins such as Adobe Flash Player, the previous page when you followed a link (referrer), the URL of the current page, etc.

    The next time the page is accessed, the social media plug-ins are provided again in the default inactive mode, so that it is ensured that no data are transmitted when the page is visited again.

    For more information on social media plug-ins regarding the scope and purposes of the respective data processing as well as further information relevant to data privacy, please refer to the privacy policies of the respective responsible party.
     
  3. Is my usage behavior evaluated, e.g. for advertising or tracking?

    Explanations and definitions
    We want you to enjoy using our online services and to make use of our products and services. This is in our economic interest. In order for you to find the products that interest you and for us to be able to design our online service in a user-friendly way, we analyze your usage behavior anonymously or pseudonymously. Within the framework of the legal regulations, we, or companies commissioned by us, create usage profiles. It is not possible to track this information directly back to you. In the following, we inform you in general about the different purposes. Via the query "Consent to data processing", which appears when you call up our online service, you have the option of consenting to the processing or rejecting it in part or in full. Processing that is necessary to provide the online service (see explanation above under 1.) cannot be refused.
     
    • Required tools

      Tag management
      Tag management is used to manage the use of the tools on the various pages of our online service. For this purpose, a tag is defined for each page. The tag can then be used to determine which tools are to be used for this page. Tag management can thus be used to specifically ensure that tools are only used where they make sense and are legally legitimized.

       

Services from other companies (independent third-party providers)

Third-party services are integrated into Telekom’s online service. These entities provide their services under their own responsibility or under joint responsibility with Telekom. In this context, data and information are transmitted to third-party providers, processed for their own advertising purposes, and merged with third-party data.
When using the online service, data are collected by means of cookies or similar technologies and transmitted to third parties, partly for Telekom’s own purposes. To what extent, for what purposes and on what legal basis further processing for the third-party provider's own purposes takes place is described below in section d. of this privacy policy.

a. Required tools
These tools are necessary for you to navigate through the online service and use essential functions. They enable basic functions, such as order processing in the online store and access to secure areas of the online service. Furthermore, they serve the anonymous evaluation of usage behavior in order to continuously develop our online service for you. The legal basis for these tools is §25 para. 2 no. 2 TTDSG (Telecommunications Telemedia Data Protection Act), Art. 6 para. 1b GDPR or, in the case of third countries, Art. 44 ff. GDPR.

Company

Purpose

Storage duration

Country

Tealium

Tag management

3 months

Netherlands

Mapp

(formerly Webtrekk)

Improvement of online service, fault analysis

6 months

Germany

Typo3

Submit form

Session Cookie

Germany


b. Analytics tools

These tools help us to better understand usage behavior.

Analytic tools enable the collection of usage and recognition data by us or third parties, in so-called pseudonymous usage profiles. For example, we use analytic tools to determine the number of individual users of an online service or to collect other statistics relating to the operation of our products, as well as to analyze usage behavior based on anonymous and pseudonymous information about how users interact with online services. It is not possible to draw any direct conclusions about a specific person. The legal basis for these tools is §25 para. 1 TTDSG (Telecommunications Telemedia Data Protection Act), Art. 6 para. 1a GDPR or, in the case of third countries, Art. 49 para. 1a GDPR.

Company

Purpose

Storage duration

Country of processing

Mapp

(formerly Webtrekk)

Needs-oriented design, marketing, personalization, newsletter

30 days

Germany

Cookie Settings: You can access your Cookie Settings at any time to manage your preferences.
 

c. Marketing/Retargeting

These tools are used to show you personalized and therefore relevant promotional content.

Marketing tools are used to display interesting advertising content and to measure the effectiveness of our campaigns. This is done not only in Telekom online services, but also in other online services (third-party providers). This is also referred to as retargeting. It is used to create pseudonymous content or ad profiles, to serve relevant ads in other online services and to derive insights about target groups that have viewed the ads and content. It is not possible to draw any direct conclusions about a person in this context. Marketing and retargeting tools help us to display potentially relevant advertising content to you. By suppressing marketing cookies, you will continue to see the same number of advertisements, but they may be less relevant to you. The legal basis for these cookies is §25 para. 1 TTDSG (Telecommunications Telemedia Data Protection Act), Art. 6 para. 1a GDPR or, in the case of third countries, Art. 49 para. 1a GDPR.

Company

Purpose

Storage duration

Country (processing / access)

AdformAdvertising

60 days

Europe

Cookie Settings: You can access your Cookie Settings at any time to manage your preferences.

 

d. Services from other companies (independent third-party providers)

We have integrated services from third-party providers who provide their services under their own responsibility. In the process, data are collected by means of cookies or similar technologies when using our online service and transmitted to the respective third party. Partly for Telekom’s own purposes. The legal basis for this tool is Art. 6 (1a) or Art. 49 (1a) GDPR. For information as to what extent, for what purposes and on what legal basis further processing for the third party provider’s own purposes takes place, please refer to the data protection policy of the third party provider. You can find the information on the independent third-party providers below.  

 

I. Google

Google Maps

On individual pages of the online service, e.g. in the Shopfinder, we use Google Maps to display maps, locations and for route planning. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By embedding Google Maps, your IP address is transmitted directly to Google and a cookie is stored as soon as you visit such a page. You can get informed about data processing by Google at https://policies.google.com/privacy?hl=en&gl=en at any time and have the possibility to object to it.

 

Google – AdWords

We use the Remarketing and Google AdWords function of Google Inc. (“Google”) in our online service. This function is used to present visitors with interest-based advertisements within the Google advertising network. In the online service, visitors can then be presented with advertisements that relate to content that they have previously accessed in other online services that use Google’s Remarketing function. According to Google, it does not collect any personal data during this process. However, if you do not wish to use Google’s Remarketing function, you can deactivate it in general by adjusting the settings accordingly at https://adssettings.google.com/anonymous?hl=en. Alternatively, you can deactivate the use for interest-based advertising via the advertising network initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp. Further information on Google Remarketing and Google’s privacy policy can be found at: https://policies.google.com/technologies?hl=en.

If you have entered our online service via a Google ad, Google AdWords will store a cookie on your terminal device. This cookie loses its validity after 30 days. Is it not possible to draw any direction conclusions about your person. The information obtained with the help of this so-called conversion cookie is used to create statistics about our conversion rate. This means that we learn how many users have come to our online service through a Google ad and purchase a product within 30 days. If you do not wish to participate in the tracking process, you can disable cookies for conversion tracking by setting your browser preferences to block cookies from the appropriate domain:

Google AdWords: googleadservices.com

 

II. Facebook

We use the Facebook service Customer Audience and Facebook Pixel in our online service to optimize our advertising offer, insofar as you have provided Facebook with the corresponding consent. Further information about these Facebook services and the privacy policy of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) can be found here: https://www.facebook.com/privacy/explanation.                                                                                                                                                                                                      

If you use a Facebook user account, Facebook Pixel can recognize this in our online service through the set Facebook cookie, via which the collected usage data are transmitted to Facebook for analysis and marketing purposes. You can check and/or deactivate this data collection and the further processing and use of the data by Facebook directly on Facebook.

Facebook Pixel is a JavaScript code that transmits the following data to Facebook:

  • HTTP header information (including IP address, web browser information, location, document, URL of online service and user agent, and day and time of use).
  • Pixel-specific data; this includes the pixel ID and Facebook cookie data, including your Facebook ID (these data are used to link events with a certain Facebook advertising account and allocate them to a Facebook user).
  • Additional information about the visit to our online service as well as about standard and user-defined data events.
    • Activated orders (concluded purchases)
    • Conclusion of registrations and trial subscriptions
    • Product searches, call-up of product information

The aforementioned data processing only concerns users who have an account with Facebook or who have accessed a Facebook partner page (through which a cookie has been set). The display of advertisements on Facebook (partner) pages using the “Customer Audience” service does not affect users who are not members of Facebook.

If the Facebook ID contained in the Facebook cookie can be assigned to a Facebook user, Facebook assigns this user to a target group (“Custom Audience”) on the basis of the rules defined by us, provided that the rules are relevant. We use the information obtained in this way to present Telekom advertising on Facebook (partner) pages.

If you wish to object to the use of Facebook Pixel, you can set an opt-out cookie on Facebook or deactivate JavaScript. For more information and the settings options for protecting your privacy for advertising purposes, please refer to Facebook’s privacy policy, which can be found at https://www.facebook.com/ads/website_custom_audiences/, among other places.

 

III. LinkedIn

The re-targeting and conversion tracking of LinkedIn (LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland) by means of the LinkedIn Insight Tag enables the collection of statistical, pseudonymous data (referrer URL, IP address (shortened), device and browser properties) about the use of our online service and to provide corresponding aggregated statistics on this basis. Furthermore, this information is used to be able to display interest-specific and relevant offers and recommendations after you have shown interest in certain products, information and offers in our online service. This information is stored in a cookie for six months. You can get informed about the data processing by LinkedIn at any time at https://www.linkedin.com/legal/privacy-policy?trk=registration_footer-privacy-policy and have the possibility to object to it.

 

IV. emetriq GmbH

emetriq is a provider of targeting services in the area of online marketing of advertising space. Targeting stands for the precise addressing of target groups in online marketing and content personalization. For this purpose, emetriq operates a data pool, the goal of which is to significantly increase the quality of targeting so that advertisers can display relevant advertising according to user interests. To enable user-specific advertising and content to be displayed, emetriq GmbH, Vorsetzen 35, 20459 Hamburg, Germany, collects information about surfing behavior or app usage. Cookies, measuring pixels, APIs or SDKs are used, which can collect or process the following information:

  • Pseudonymous IDs: cookie ID, Identifier for Advertising (IDFA) or Advertising ID (AdID), IP address
  • App or browser information, for example, browser identifier, time zone, language, operating system
  • Information about viewed or clicked advertising banners
  • URL of the pages of our connected marketers visited
  • Sociodemographic data, such as decades of age, title, and shortened zip code
  • Hashed login data (e-mail)

The collected data are pseudonymized at the earliest possible time either already in the app, in the user’s browser or in the first processing system and only then is it processed further. All information collected about a user is stored exclusively using pseudonymous IDs. emetriq deletes this data after 6 months at the latest.

In order to also enable cross-device personalization of advertising, emetriq assigns an identifier (ID) for each of your end devices used via your hashed e-mail address. In cases where you have logged into online services using different end devices, this makes it possible to match the different IDs assigned to each other.

The integration of a neutral entity, the so-called trusted third party, ensures that emetriq does not gain access to the e-mail address.  In individual cases, this makes it possible to assign an end device to a user across providers, even if the user has not logged into the Telekom online service with their end device. This makes it possible to tailor the service to the user’s interests even without logging in.

Telekom Deutschland GmbH and emetriq GmbH are jointly responsible for this processing in accordance with Art. 26 GDPR. If you have any questions, please contact privacy@telekom·de.

Limited to the above-mentioned purposes, this data are also processed autonomously by emetriq and its technology partners. For more information, please contact emetriq: https://www.emetriq.com/datenschutz.

Furthermore, emetriq works together with the provider The Trade Desk Ltd. UK (“TTD” for short, at 1 Bartholomew Cl, EC1A 7BL, London, United Kingdom). The Trade Desk processes the IP address and usage data (such as pages and products viewed). For this purpose, users are assigned a randomly generated ID by means of a cookie, through which the user can be recognized in our online service as well as the online services of third parties in the advertising network of TTD and advertising campaigns can be optimized. You can find information on data privacy at The Trade Desk at https://www.thetradedesk.com/us/privacy.
 

V. Newsletter

For the processing of your personal data the General Terms and Conditions apply. 

As far as you receive a newsletter from us and/or have subscribed the following notes in addition apply. The data privacy notice newsletter dispatch informs you about which personal data are collected when sending out newsletters, the purposes for which they are processed, when these data are deleted and on which legal basis this is done. 

  1. Which data are collected and for what purpose are they being processed? 
    • If you register for a newsletter, we will use your e-mail to contact you. Mail address for the dispatch of the respective newsletter in which we will inform you regularly about interesting news of Deutsche Telekom AG. The legal basis is your consent pursuant to Art. 6 para. 1 lit. a GDPR. In order to ensure proper registration for the newsletter and to prevent of unauthorized applications on behalf of third parties we will send you after your initial newsletter registration in the Double-Opt-In Procedure a confirmation e-mail, in which we ask for confirmation of the registration. You will be added to the mailing list only in case you have given your consent. In connection with your newsletter subscription, we store also, your registration data (e.g. e-mail address, date as well as time of the registration/confirmation of the opt-in) so that we can follow up the registration at a later point in time and to prove it. The legal basis for this storage is a legitimate interest, Art. 6 para. 1 lit. f, Art. 7 para. 1 GDPR. The legitimate interest is in the burden of proof of consent justified. 
  2. How long do we store your data? 
    • We store your email address in order to send you the newsletter until you unsubscribe or we quit sending the email newsletter to you. After unsubscribing from the newsletter your registration data will be deleted immediately. 
  3. How can I withdraw the newsletter? 
    • You can withdraw your consent to the newsletter dispatch of the Deutsche Telekom AG at any time for the future  by clicking at the end of a newsletter you have received on the unsubscribe link.

Cookie Settings: You can access your Cookie Settings at any time to manage your preferences.

4. Where can I find the information important to me?

This privacy policy provides an overview of the points that apply to Telekom’s processing of your data in this online service.

Further information, including on data privacy in general and in specific products, is available at https://www.telekom.com/en/company/data-privacy-and-security/governance-data-privacy and at https://b2b-europe.telekom.com/data-privacy.

 

5. Who is responsible for data processing? Who do I contact if I have questions about the data privacy policy at Telekom?

Deutsche Telekom AG, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany is responsible for data. If you have any questions, please contact our Customer Service or our data privacy officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany, privacy@telekom·de.

 

6. What rights do I have?

You have the right,

  • To request information on the categories of data processed, the purposes of processing, any recipients of the data, or the planned storage period (Art. 15 GDPR);
  • to demand the correction or completion of incorrect or incomplete data (Art. 16 GDPR);
  • to revoke given consent at any time with effect for the future (Art. 7 para. 3 GDPR);
  • to object to data processing that is to be carried out on the basis of a legitimate interest for reasons arising from your particular situation (Art. 21 (1) GDPR);
  • in certain cases, within the framework of Art. 17 GDPR, to demand the deletion of data - in particular, insofar as the data are no longer required for the intended purpose or is processed unlawfully, or you have revoked your consent in accordance with (c) above or declared an objection in accordance with (d) above;
  • under certain conditions, to demand the restriction of data, insofar as deletion is not possible or the obligation to delete is disputed (Art. 18 GDPR);
  • to data portability, i.e. you can receive your data that you have provided to us in a conventional machine-readable format, such as CSV, and transmit it to others if necessary (Art. 20 GDPR);
  • to issue a complaint to the competent supervisory authority about the data processing (for telecommunication contracts: Federal Commissioner for Data Protection and Freedom of Information; otherwise: State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia).

7. To whom does Telekom pass my data?

To order processors, i.e. companies that we commission with the processing of data within the scope provided by law, Art. 28 GDPR (service providers, vicarious agents). Telekom remains responsible for the protection of your data even in this case. We commission companies in the following areas in particular: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing.

To cooperation partners who independently provide services for you or in connection with your Telekom contract. This is the case if you order services from such partners from us, if you consent to the involvement of the partner or if we involve the partner on the basis of legal permission.

Due to legal obligation: In certain cases, we are legally obligated to transmit certain data to the requesting government agency.

 

8. Where are my data processed?

Your data are processed in Germany and other European countries. If, in exceptional cases, processing of your data also takes place in countries outside the European Union (in so-called third countries), this will happen,  

    • if you have expressly consented to this (Art. 49 para. 1a GDPR).  (In most countries outside the EU, the level of data protection does not meet EU standards. This applies in particular to comprehensive monitoring and control rights of state authorities, e.g. in the USA, which disproportionately interfere with the data protection of European citizens,
    • or insofar as it is necessary for our provision of services to you (Art. 49 para. 1b DSGVO),
    • or insofar as it is provided for by law (Art. 6 para. 1c GDPR).

Furthermore, your data will only be processed in third countries if certain measures ensure that an adequate level of data protection exists (e.g. adequacy decision of the EU Commission or so-called suitable guarantees, Art. 44ff GDPR).

 

Status of privacy policy 27.09.2023