Privacy policy

The protection of your personal data has a high priority for the Deutsche Telekom AG It is important for us to inform you about what personal data is collected, how they are used and what options you have in this regard.

1. What data are collected, how are they used and how long are they stored?
   •  Necessary processing for the provision of the digital service (Art. 6 para. 1b GDPR, §25 para. 2 no. 2 TDDDG)
     • When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us.
   • Processing in the provision of the digital service that is carried out on the basis of legitimate interest (Art. 6 para. 1 f GDPR, §25 para. 2 no. 2 TDDDG)
     • When you use our digital service, our servers temporarily record the domain name or IP address of your device as well as other data, such as the requested content or the response code. 
       The logged data is used exclusively for data security purposes, in particular to defend against attacks on our server. They are neither used for the creation of individual user profiles nor passed on to third parties and will be deleted after 7 days at the latest. We reserve the right to statistically evaluate anonymized data sets.
   • Processing in the provision of the Digital Service by third parties
     • Many operating systems provide the possibility to dictate the text in addition to input via keyboard. When using this function, the language is processed by the third party (e.g. Apple, Google, Microsoft) as the controller and the result is displayed in the input field. For details of the functionality, how you can switch the use on or off and the legal basis of the processing, please contact the respective operating system manufacturer (third party).
2. Authorisations for access to data and functions of the end device by the digital service
   In order to be able to use the digital service on your device, it must be able to access various functions and data on your device. To do this, it is necessary for you to grant certain permissions (Art. 6 para. 1a GDPR, §25 para. 1 TDDDG).
   The permissions are programmed differently by the different manufacturers. For example, individual permissions can be grouped into permission categories, or you can agree to only the permission category as a whole.
   Please note that in the event of a conflict between one or more authorizations, you may not be able to use all the features of our digital service. 
   If you have granted permissions, we will only use them to the extent described below:
   • Internet Communications
     The digital service requires access to the Internet via Wi-Fi or mobile communications so that the browser can contact the web server and render the website. 
3. Data control of the social media plug-ins used or links to social media platforms

   The website of the Deutsche Telekom AG contains links to social media networks (like e.g. Facebook, Google, Instagram, X, Pinterest, Xing, TikTok or LinkedIn). In our digital service, we only use the pictograms of the respective social media network. Only by clicking on the pictogram will you be directed to the company page on the respective social media platform. The social media platforms as well as the third-party content providers, which can be reached via the pictograms, provide these services and the processing of their data under their own responsibility.
   By clicking on a link via the pictogram, also for sharing content (Art. 6 para. 1 a GDPR), the following data can be transmitted to the social media providers: IP address, browser information, operating system, screen resolution, installed browser plug-ins, previous page if you followed a link (referrer), the URL of the current page, etc.

4. Is my usage behavior evaluated, e.g. for advertising or tracking?
   We want you to enjoy using our digital services and using our products and services. In order for you to find the products that interest you and for us to be able to design our digital service in a user-friendly way, we analyse your usage behaviour in pseudonymised form. Within the framework of the legal regulations, user profiles are created. In the following, we provide you with general information about the various purposes of the processing. By clicking on the "Consent to data processing" query, which appears when you access our digital service, you have the option of agreeing to the processing or rejecting it in part or in full. Processing necessary for the provision of the digital service (see explanation above under 1.) cannot be refused.

   • Basic digital service functionality
     This processing are always active and necessary for our digital service to function properly.

     • Functional
       This processing are necessary for you to be able to navigate through the Digital Service and use essential functions. They enable basic functions, such as order processing in the online shop and access to secure areas of the digital service. In addition, they are used for the anonymous evaluation of user behavior, which we use to continuously develop our digital service for you. The legal basis for this processing is §25 (2) No. 2 TDDDG, Art. 6 (1b) GDPR or, in the case of third countries, Art. 44 et seq. GDPR.

       Processing purpose according to consent category	Processing company with company address/data recipient	Products used/short description of the service used	Description of specific processing purpose	Responsibilities	Processed data	Storage period	Legal basis (Processing)	Third country processing	Third country processing
       Tealium	Tealium Inc. 11095 Torreyana Road San Diego, CA 92121, United States of America	Tag Management	Tealium is used to control whether a cookie, pixel or server-to-server communication is loaded based on the consent decision and which data can be processed by cookies, pixels or server-to-server. Data is transferred to third-party providers via the browser and/or directly via server connections. Tealium itself has no access to the content of the cookies and pixels. The software is required to provide the service and implement the privacy settings chosen. It therefore cannot be deactivated.	TDG	Browser version, IP address, device properties, services used, products and articles viewed and clicked on, pages visited, time spent on each page, device operating system, number of visits, usage data, screen resolution, user/click behaviour, advertisements viewed	3 months		Adequacy decision or no comparable level of data protection to that of the EU
       Typo3	TYPO3 Association Gewerbestrasse 10 CH-4450 Sissach Switzerland	Content Management System	Typo3 is the content management system on which the website is based. Typo3 is hosted on premise. No data is transferred to third-party providers. A cookie is set when the user interacts with the consent banner. This cookie stores whether and what data can or cannot be tracked.	TDG	No data is processed. The cookie is saved on the user’s device and only contains an integer value.	Session cookie

     • Analytical
       This processing help us improve our understanding of user behavior.
       We use cookies and analytics technologies to get a better understanding of how our digital service is used. They help us optimize our digital services. For example, we can determine how many people visit our website or a particular service. They are also useful for statistical evaluations that show us how people use our digital services. The analysis is based on pseudonymous information. The legal basis for this processing is §25 (1) TDDDG, Art. 6 (1) (a) GDPR or, in the case of third countries, Art. 49 (1) (a) GDPR:

       Processing purpose according to consent category	Processing company with company address/data recipient	Products used/short description of the service used	Description of specific processing purpose	Responsibilities	Processed data	Storage period	Legal basis (Processing)	Third country processing	Third country processing
       Mapp Intelligence	Mapp Digital Germany GmbH (Mapp Digital c/o Webtrekk GmbH Schönhauser Allee 148, 10435 Berlin)	This is a web analysis and statistics service.		TDG	Internet service provider, anonymised IP address, browser information, date and time of the visit, device information, location information, referrer URL, user ID, order ID	6 months	This service is used in accordance with Section 25 para. 1 sentence 1 of the German Telecommunications Telemedia Data Protection Act (TTDSG). Your personal data is processed in accordance with Article 6 para. 1 a) GDPR (EU).

     • Marketing through partners

       We and our partners use this processing to show you personalized content that is relevant to you.
       We and our partners use cookies and similar marketing technologies to serve personalized advertising. Some of our partners act independently or in joint controllership with Deutsche Telekom AG. They use these technologies to collect data for marketing purposes. The data can be used for the partners’ advertising purposes, processed further and combined with data from other sources.
       When you use our digital service, we create a profile. This helps us show you ads in other digital services that are tailored to your interests. We also measure the effectiveness of this advertising and collect further information about your online behavior.

       Processing purpose according to consent category	Processing company with company address/data recipient	Products used/short description of the service used	Description of specific processing purpose	Responsibilities	Processed data	Storage period	Legal basis (Processing)	Third country processing	Third country processing
       Google	Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.	Google Ads: This web service detects and documents website visits and measures the success of advertisements in order to help companies optimise advertising spend. It uses cookies, pixels and a local storage entry. The web service has read and write access to your end device. Other products: Floodlight, Consent Mode, Campaign Manager 360/ Display & Video 360	Google Ads is used to display interest-based (personalised) adverts to visitors within the Google advertising network. The digital service allows ads to be presented to visitors that relate to content they have previously accessed in other digital services that use Google’s remarketing function. If you reach our digital service via a Google advert, Google AdWords will store a cookie on your end device. This cookie expires after 90 days. We use the information collected with these so-called conversion cookies to compile statistics on our conversion rate. It allows us to identify how many users visited our websites via a Google advert and purchased a product within 90 days.  This web service is used to measure the success of advertising campaigns so they can be improved in the future. It uses cookies to collect information for Google Marketing Platform services (CampaignManager360 (CM360 AdServer), DisplayVideo360 (DV360 programmatic purchasing platform) and SearchAds360 (SA360)). The web service has read and write access to your end device. Google Consent Mode is a tool that works with the Google Analytics, Display & Video 360, Google Ads and GMP Floodlight web services. We use Google Consent Mode to transmit information about your consent to the aforementioned web services to Google Ireland Ltd. We use this information for forecasts that aim to improve the statistical evaluation of the success of our online advertising. This web service is only used if you have also consented to the use of Google Tag Manager. Based on your consent, your above-mentioned data or data categories will also be processed in the USA. The EU Commission has issued an adequacy decision for this transfer (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).	Controller (C2C), Telekom Deutschland GmbH and Google Ireland Ltd are liable exclusively for their own compliance. You can find more information on how Google processes your data in the privacy policy of Google Ireland Ltd (insert link: business.safety.google/privacy/.	Cookie ID, date and time of the visit, device information, IP address, information about the operating system, referrer URL, web request, browser information	Your online usage data is not stored by Telekom. Ad groups are paused after 13 months of no impressions. You can delete anything stored locally by going to your browser settings	This web service is used in accordance with Section 25 para. 1 sentence 1 of the German Telecommunications Telemedia Data Protection Act (TTDSG). Your personal data is processed in accordance with Article 6 para. 1 a) GDPR (EU).	Your online usage data is processed in Argentina; Israel; Japan; Canada; New Zealand; Switzerland; the United States of America and the United Kingdom. The EU Commission has issued an adequacy decision for these countries (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). Based on your consent, your online usage data will also be processed in the following countries that do not offer the same levels of data protection: Australia; Brazil; Chile; Colombia; India; Kenya; Malaysia; Mexico; Peru; Philippines; Singapore; South Africa; Taiwan; Turkey and the United Arab Emirates. There is no adequacy decision by the EU Commission (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) for these countries. Telekom Deutschland GmbH can therefore not ensure that data processed in these countries will be subject to the same level of data protection as in the European Union. It is possible that local authorities may have access to your online usage data and that exercising your rights as a person affected by data processing (data subject) may be restricted or excluded. USA; ...other countries adequacy decision approved               Third countries without adequacy decision: …	EU adequacy decision or – Standard Contractual Clauses (SCC) with TIA or – Consent in accordance with Article 49 GDPR (EU))
       Adform	The Adform web service is provided by Adform A/S silkegade 3B stuen & 1st floor, 1113, Copenhagen, Denmark. Telekom Deutschland GmbH and Adform A/S share joint responsibility for this product.	This web service (Adform) is used to display targeted adverts on relevant platforms (retargeting). This web service uses a pixel and cookies: TPC, GCM, CM, CM14, Otsid, C, Uid, receive-cookie-deprecation. The web service has read and write access to your end device. This web service is only used if you have not opted out of Adform at https://site.adform.com/de/privacy-center/website/datenschutz-opt-out/.	To analyse the performance of our campaigns, targeting data and advertisements	Joint Controller (JC), Telekom Deutschland GmbH and Adform A/S assume joint responsibility. You can find more information on how Adform processes your data in the privacy policy of Adform A/S (insert link).	This web service processes the following data and data categories: IP address, online usage data, information about products ordered here, global opt-out of Adform	Telekom Deutschland GmbH does not store any of the above-mentioned data or data categories. The pixel is no longer used when the browser is closed. The cookies have the following lifetimes: TPC: 7 days. GCM: 1 day. CM: 1 day. CM14: 14 days. Otsid: 10 years. C: 10 years. Uid: 60 days. Receive-cookie-deprecation: 60 days.	This web service is used in accordance with Section 25 para. 1 sentence 1 of the German Telecommunications Digital Services Data Protection Act (TDDDG). Your personal data and data categories are processed in accordance with Article 6 para. 1 a) GDPR (EU).
       Meta	The Facebook Pixel web service is provided by Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland. Telekom Deutschland GmbH and Meta Platforms Ireland Limited share joint responsibility for this product. https://www.facebook.com/privacy/explanation	The Facebook Pixel and cAPI (Server to Server) web services are used to measure and analyse the success of Facebook advertising campaigns and re-targeting on Meta platforms. This web service uses cookies (“fr”, “fbp”, “fbc” and “oo”) and an entry in the local storage and index database on your end device. The web service has read and write access to your end device. Facebook cAPI is a service that allows companies to personalise, analyse and measure the performance of Facebook advertising campaigns.	We use this Facebook service to display relevant adverts. For this reason, we share your interactions on our online service with Facebook. This is necessary to ensure that the content of the adverts is tailored to you. For example, we share information with Facebook about which products you were interested in so that we can suggest products and services on Facebook that you might also be interested in. The data forwarded to Facebook also helps us track and analyse the success of our marketing activities. We use this information to improve our ads and increase efficiency.	Joint Controller (JC), Telekom Deutschland GmbH and Meta Platforms Ireland Limited assume joint responsibility. You can find more information on how Meta processes your data in the privacy policy of Meta (insert link).	Viewed ads, viewed content, device information, geographic location, HTTP header, interactions with ads, services and products, IP address, clicked elements, marketing information, visited pages, pixel ID, referrer URL, usage data, user behaviour, Facebook cookie information, Facebook user ID, usage/click behaviour, browser information, device operating system, device ID, user agent, browser type, email address (hashed), gender (hashed), postcode (hashed), browser ID (fbq), event ID	12 month	This web service is used in accordance with Section 25 para. 1 sentence 1 of the German Telecommunications Digital Services Data Protection Act (TDDDG). Your personal data and data categories are processed in accordance with Article 6 para. 1 a) GDPR (EU).	Your above-mentioned data is processed in the following countries that do not offer the same levels of data protection: United States of America. No adequacy decision has been provided by the EU Commission (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_de​​​​​​​) for this country. Telefónica can therefore not ensure that data processed in these countries will be subject to the same level of data protection as in the European Union. It is possible that local authorities may have access to your above-mentioned data and that exercising your rights as a person affected by data processing (data subject) may be restricted or excluded.
       LinkedIn	LinkedIn Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland https://www.linkedin.com/legal/privacy-policy?trk=registration_footer-privacy-policy	LinkedIn Insight Tag	The LinkedIn Insight Tag allows us to collect statistical, pseudonymised data (referrer URL, IP address (shortened), device and browser properties) about how our online service is used. It also provides aggregated statistics based on this data. We also use this information to display relevant offers and recommendations based on interests you have shown in certain products, information and offers on our online service. This anonymous information is stored in a cookie for 6 months.		Referrer URL, IP address (shortened), device and browser properties		This web service is used in accordance with Section 25 para. 1 sentence 1 of the German Telecommunications Digital Services Data Protection Act (TDDDG). Your personal data and data categories are processed in accordance with Article 6 para. 1 a) GDPR (EU).

       Cookie Settings: You can access your Cookie Settings at any time to manage your preferences.

5. Where can I find the information that is important to me?
   Additional information on data protection when using our products, in particular on the purposes of use, deletion periods, etc., can be found in the data protection information for the respective product under www.telekom.com/datenschutz.
6. What rights do I have?
   You have the right,
   • to request information on categories of data processed, processing purposes, possible recipients of the data, the planned storage period (Art. 15 GDPR);
   • request the correction or completion of incorrect or incomplete data (Art. 16 GDPR); 
   • to revoke a given consent at any time with effect for the future (Art. 7 para. 3 GDPR);
   • to object at any time for the future to data processing that is to be carried out on the basis of a legitimate interest, for reasons arising from your particular situation (Art. 21 para. 1 GDPR), stating these reasons. You can object to data processing for direct marketing purposes at any time without stating these reasons (Art. 21 para. 2, 3 GDPR);
   • in certain cases, request the deletion of data within the framework of Art. 17 GDPR  - in particular if the data is no longer required for the intended purpose or is processed unlawfully, or if you have withdrawn your consent in accordance with (c) above or have declared an objection in accordance with (d) above; 
   • under certain conditions, to demand the restriction of data if deletion is not possible or the obligation to delete is disputed (Art. 18 GDPR);
   • data portability, i.e. You can receive your data that you have provided to us in a commonly used machine-readable format, such as z.B. CSV, and, if necessary, transmit it to others (Art. 20 GDPR;)
   • to complain to the competent supervisory authority about the data processing (for telecommunications contracts: Federal Commissioner for Data Protection and Freedom of Information; otherwise: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia).
7. To whom does Deutsche Telekom share my data?
   To processors, i.e. companies that we commission to process data within the scope provided for by law, Art. 28 GDPR (service providers, vicarious agents). In this case, Deutsche Telekom remains responsible for the protection of your data. In particular, we commission companies in the following areas: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing.
   To cooperation partners who provide services for you on their own responsibility or in connection with your telecom contract. This is the case if you commission services from such partners with us or if you consent to the involvement of the partner or if we involve the partner on the basis of a legal permission.
   Due to legal obligation: In certain cases, we are required by law to transmit certain data to the requesting government entity. 
8. Where will my data be processed?
   Your data will be processed in Germany and other European countries. 
   In some cases, your data is also processed in countries outside the European Union (i.e. in so-called third countries).If data processing takes place in third countries, this will take place insofar as you have expressly consented to this or if it is necessary for our provision of services to you or if it is provided for by law (Art. 49 GDPR).
   Your data will only be processed in third countries if certain measures are taken to ensure that an adequate level of data protection is in place (e.g. adequacy decision of the EU Commission or so-called suitable safeguards, Art. 44 et seq. GDPR, (see here).
9. Who is responsible for data processing? Who is my contact person if I have questions about data protection at Deutsche Telekom?
   The data controller is the Deutsche Telekom AG. If you have any questions, you can contact our customer service or our data protection officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, datenschutz@telekom·de.

Status of the Privacy Policy 15.10.2024