Deutsche Telekom AG attaches great importance to protecting your personal data. We always inform you what personal data we collect, how your data is used, and how you can influence the process.

1. What data is recorded, how is it used, and how long is it stored?

a. Technical characteristics:

When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us. The recorded data is used solely for data security purposes, particularly to protect against attempted attacks on our web server (Article 6 (1f) GDPR). We do not use it to create individual user profiles nor do we share this information with third parties. It is erased after seven days at the latest. We reserve the right to statistically analyze anonymized data records.

b. User surveys/ customer feedback with Get Feedback:

These websites uses the service provided by SurveyMonkey Europe UC, 2 Shelbourne Buildings, 2nd Floor, Shelbourne Road, Ballsbridge, Dublin 4, Irland (Notice: SurveyMonkey has taken over the previous Usabilla company and its tool of the same name) for customer surveys. Website ratings and relevant feedback can be surveyed (Art. 6 (1) a GDPR). Our customers’ opinions and improvement suggestions crucially help us improve our websites. Only anonymous information is processed and there is no way of tracing the sender. Personal data or personally identifiable data is not transferred at any time. We store and analyze the data for a period of 24 months. There are two different ways of conducting the surveys: I) The feedback button on the website. You can use this button at any time to provide us with your feedback. No data is transferred unless you use this function. II) An active feedback survey can also be displayed on the website. You can reject this survey or cancel it at any time. Answers are only sent once you have completed the survey.

c. Chatbot:

If you use the chatbot ("digital assistant") on the webpage or contact to customer service, different types of information will be transmitted to the communication platform during the automated chat (Art. 6 (1) a GDPR). This includes, for example, the questions and answers you have entered (chat history), or your customer data if you have logged in with your Deutsche Telekom login credentials. We process the collected data in the cloud-based communication system provided by our contract data processor IBM Deutschland GmbH („IBM“, Wilhelm-Fay-Strasse 30-34, 65936 Frankfurt). Any personal data, such as your name, address, telephone number or email address, will be pseudonymized before being transmitted to the contract data processor. The data will be hosted in the IBM cloud data center located in Frankfurt am Main, Germany. To further improve this service, any potentially personal data will be deleted from the data records by an anonymization service before it is used. The pseudonymized chat history will be deleted when the exchange is ended. If necessary and subject to your consent, the chatbot may wish to transfer you to our customer service text chat. Provided you are logged into your Deutsche Telekom account, this will entail the transmission of the chat history and any available customer data to the text chat.

d. Text or video chat:

If you use the text or video chat on the website to contact the Customer Services department, different types of information will be sent to the customer adviser when you initiate the chat (Art. 6 (1) a GDPR). This includes login data, customer data (telephone number, customer number and latest chat history), as well as the help topic you have selected on the web page, the versions of your browser and operating system, and similar data. The chat platform provided by the contract data processor Genesys will also regularly transmit information about the availability of the chat service. This information is used to activate or deactivate the button to start a text or video chat on the web page. We will store the start and end times of a chat (the session) for a period of 7 days. A session cookie will then be placed on the computer for the duration of the session. The cookie is deleted once the session has ended. We store the chat history for 48 hours and use it for any queries that may arise. We reserve the right to statistically analyze anonymized data records.

e. Text messaging:

If you use text messaging for contacting customer service, different types of information will be collected when you make contact for the first time (Art. 6 Abs. (1) a GDPR). This includes, for example, your mobile phone number, first and last name and the nature of your inquiry. The processing takes place via the internal chat platform of Deutsche Telekom and the contract data processor, which is Genesys. We store the session content for a maximum of 12 months and will use it for any queries that may arise. We reserve the right to statistically analyze anonymized data records.

f. Video chat:

For the identity check required when entering into a contract, the video chat uses the Video Ident service provided by our contract data processor, which is Purpleview GmbH, Kampstraße 6, 44137 Dortmund, Germany (Art. 6 (1) b GDPR). The video chat and the Video Ident service will place a session cookie, which remains on the computer for the duration of the web session and is deleted once the web session has ended. We will only store data about the session, and in particular its start and end times, for a duration of 7 days. No video content is stored.

g. Fraud prevention:

To prevent fraud in our webshop, we have retained the fraud prevention services of Risk.Ident GmbH, Am Sandtorkai 50, 20457 Hamburg (Art. 6 (1) b GDPR). Risk.Ident collects and processes data on our webshop’s websites using cookies and tracking technology to ascertain the user’s device. Wherever Risk.Ident collects IP addresses, these are anonymized immediately. The data processed by Risk.Ident is stored in a fraud prevention database. We access this data as part of the ordering process for risk assessment purposes. We also transfer to Risk.Ident. data on devices which have already been used to commit (attempted) fraud. The data is not assigned to any one individual at any time.

2. Controlling data used by social-media plug-ins and links to social media platforms

Some web pages may contain social media buttons (e.g. Facebook, Google, Instagram, Twitter, Pinterest, Xing or LinkedIn) you can use to recommend the services of TELEKOM DEUTSCHLAND GMBH to your friends and family. To ensure you retain full control of the data, the used buttons provide direct contact between the respective social network and the visitor only once you actively click on the button (one-click solution). To ensure you retain full control of the data, grayed-out images of the respective functions are displayed instead of the actual social plug-ins when you load the website. The data exchange is only activated by loading the respective social plug-ins with the website once you click the tick next to the images. You only trigger an action, e.g., “Like”, by means of a second click. We only use pictograms from the respective social media networks on our web pages. You will only be forwarded to the company website of the respective social media platform when you click on a pictogram. The social media platforms and providers of third party content that can be accessed by clicking on a pictogram provide their services and process their data in their own responsibility. When the social media plug-in or link is activated by clicking on the pictogram, including when sharing content, (Art. 6 (1) a GDPR) the following data may be forwarded to the social media provider: IP address, browser information, operating system, screen resolution, installed browser plug-ins (such as Adobe Flash Player), previous web page if you followed a link (referrer), URL of the current web page etc... The next time you visit the website, the social media plug-ins are again provided in the default disabled mode, thus ensuring that no data is transferred during a repeat visit to the website. Further information on social media plug-ins and the scope and purpose of data processing by their providers, as well as additional data privacy-relevant information can be found in the data privacy information published by the respective controller and in the information on the <<1-click solution>> or <<2-click solution>>

3. Will my usage habits be evaluated, e.g. for advertising purposes or tracking?

Explanations and definitions

We want you to enjoy using our websites and take advantage of our products and services. We have an economic interest in ensuring this is the case. We analyze your usage habits on the basis of anonymized or pseudonymized data so you can find the products that interest you and so we can make our websites user-friendly. Deutsche Telekom or its contract data processors create usage profiles that comply with the legal requirements. This information cannot be traced back to you directly. The following information is intended to provide you with general information on the various purposes of processing data. The cookie message displayed when visiting our webpages gives you the opportunity to permit or reject the use of cookies. Cookies that are strictly necessary to provide the web service cannot be rejected (see explanation at 1. above).

Tag management (strictly necessary)

Tag management allows us to manage the use of tools on the different web pages of our web portal. A tag is set for each page to do this. The tag content determines which tools will be used for this page. Tag management is used to assure that the tools are in each individual case only used where appropriate.

Affiliate Marketing

Affiliate marketing or advertising is based on the principle of referral commission. In this case, you do not pay for the display of the advertisement. Depending on the model, the commission is only paid when the advertisement has been clicked or when an order is completed. The advertisement contains an affiliate link, e.g. in the form of a cookie with a special code that uniquely identifies the offer and the affiliate (partner) with the merchant. This allows the merchant to see who referred the customer in his web shop and which offer he has chosen.

Market research / Reach measurement (opt-in)

Reach measurement provides statistics on a website’s usage intensity and the number of users, along with comparable figures for all the connected services. Market research is designed to learn more about the target groups that use services or applications and view advertisements. Individual users are not identified at any time. Your identity is always protected.

Profiles for a user-geared presentation of the web portal (opt-in)

The compilation of clickstream analyses assists us in continuously improving our web pages. The clickstream corresponds to your movement on the websites. Analyzing the movement provides us with an insight into usage habits on our websites. This allows us to detect any existing structural deficiencies in our web pages and thereby improve them accordingly.

Profiles for personalized recommendations (opt-in)

Deutsche Telekom would like to offer you individually targeted and personalized take-action and click recommendations for special offers, services or products. This involves our service providers compiling a pseudonymous profile about the services and websites accessed by you and assigning categories to the profile. The system displays content or information that matches your profile.

a. Required cookies

These cookies are required to enable you to navigate through the web pages and use key functions. They support basic functions, such as order processing in the online shop and access to secured areas of the web page. They also serve the purpose of performing an anonymous analysis of user patterns, which we use to continuously develop and improve our web pages for you. The legal basis for these cookies is Article 6 (1) b GDPR respectively for third Countries Art. 49 (1) b GDPR.

b. Cookies - if the use of tools is optional

These cookies are activated when you use additional functions, e.g. the chat. The possible functions are explained in section 1 of this data privacy information. The legal basis for these cookies is Article 6 (1) a GDPR respectively for third Countries Art. 49 (1) a GDPR.

c. Analytical cookies

These cookies help us to improve our understanding of user behavior. analysis cookies allow for the compilation of usage and identification data by the original provider or third party providers into pseudonymous usage profiles. We use analysis cookies e.g. to determine the number of individual visitors to a web page or a service, to collect statistical data on the performance of our products and to analyze the visitors’ usage patterns and visitor interactions on the basis of anonymous and pseudonymous information. This information cannot be traced back to a person. The legal basis for these cookies is Article 6 (1) a GDPR respectively for third Countries Art. 49 (1) a GDPR.

d. Analytical cookiesMarketing cookies/retargeting

These cookies and similar technologies are used to enable the display of personalized and therefore relevant marketing content. Marketing cookies are used to serve interesting web content and to measure the effectiveness of our campaigns. This happens not only in Apps or on Telekom webpages, but also on the pages of other advertising partners (third party providers). This is also called retargeting. It is used to create pseudonymous content or ad profiles, to the placement of relevant advertising on other websites and to derive insights into target groups that have viewed the ads and content. This information cannot be traced back to a person. Marketing and retargeting cookies assist us in serving you advertising content that is potentially relevant for you. By suppressing marketing cookies, you will continue to see the same number of ads, but they may be less relevant for your interests. The legal basis for these cookies is Article 6 (1) a GDPR respectively for third Countries Art. 49 (1) a GDPR.

e. Services by other companies (independent third party providers)

Some of our web pages feature services of third party providers, who bear the sole responsibility for their services. When you visit one of our web pages, cookies or similar technologies may collect data and send it to third parties. Some of the data may be transmitted for Deutsche Telekom’s own purposes. The legal basis for these cookies is Article 6 (1) a GDPR respectively for third Countries Art. 49 (1) a GDPR. The scope, purpose and legal basis on which further processing is carried out for the third party’s own purposes can be found in the third party’s data privacy information. Information about these independent third party providers can be found in the following.

Google

We use Google Maps for maps, locations and route planning on individual websites, e.g. in the Store Locator, which you can access via the tab “Service” and menu item “Shops” on the top section of Deutsche Telekom’s product pages. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. By embedding Google Maps your IP address is transferred directly to Google and a cookie stored as soon as you visit this kind of website. You can obtain information and opt out at any time from data processing by Google at http://www.google.de/intl/de/policies/privacy. We use the remarketing and Google AdWords function from Google Inc. („Google“) on our websites. This function is implemented via a cookie and is used to present website users with web advertising tailored to their interests as part of the Google advertising network. Users can then be shown on these pages advertisements which relate to content users have accessed previously on websites that use the Google remarketing function. According to its own statements, Google does not collect any personal data with this process. If you, however, do not want to use Google’s remarketing function, you can disable this permanently by adjusting the relevant settings at http://www.google.com/settings/ads. Alternatively you can disable the use of cookies for targeted advertising via the advertising network initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp. Further information on Google remarketing and Google’s privacy policy is available at: https://policies.google.com/technologies/ads?hl=de/. If you access our websites via a Google ad, Google AdWords stores a cookie on your computer. This cookie becomes invalid after 30 days. No conclusions can be drawn about you as a person. We use the information collected with the aid of this conversion cookie to create statistics about our conversion rate. This means that we find out how many users came to our websites via a Google ad and acquire a product within 30 days. If you do not wish to participate in the tracking process, you can disable cookies for conversion tracking by specifying in your browser settings that cookies from the relevant domain are to be blocked: Google AdWords: googleadservices.com

Facebook

We use the Facebook service Customer Audience and the Facebook pixel on our websites to optimize our advertising offering, provided you have given the relevant consent to Facebook. Further information on these Facebook services and data privacy information from Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) can be accessed under the link https://www.facebook.com/privacy/explanation. If you use a Facebook User Account, the set Facebook cookie makes the Facebook pixel aware of this on our websites. The same cookie is used to transfer the collected usage data to Facebook for analysis and marketing purposes. You can check and/or disable directly via Facebook the way in which Facebook collects, further processes and uses this data. The Facebook pixel is a JavaScript code which transfers the following data to Facebook:

• HTTP header information (including IP address, web browser information, page storage location, document, website URL and web browser user agent, as well as date and time of use)
• Pixel-specific data; this includes the pixel ID and Facebook cookie data, including your Facebook ID (this data is used to link events to a certain Facebook advertising account and to assign them to a Facebook user)

• Additional information on visiting our websites, as well as on standard- and user-defined data events.

  • Orders placed (sales transactions)
  • Registrations and trial subscriptions completed
  • Products searched, product information accessed

The aforementioned data processing only affects users that have a Facebook account or have accessed a Facebook partner page (whereby a cookie was set). The playing out of advertising on Facebook (partner) pages on the basis of the Customer Audience service does not affect any users that are not Facebook members. If the Facebook ID included in the Facebook cookie can be assigned to a Facebook user, Facebook assigns this user to a target group (Custom Audience) on the basis of the rules stipulated by us, provided the rules are relevant. We use the information obtained in this way to present Deutsche Telekom advertising on Facebook (partner) pages. If you would like to opt out from using the Facebook pixel, you can set an opt-out cookie on Facebook or disable JavaScript in your browser. Further information along with setting options for protecting your personal privacy for advertising purposes is available from the Facebook privacy guidelines at https://www.facebook.com/ads/website_custom_audiences/.

LinkedIn

The re-targeting and conversion tracking of LinkedIn (LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland) using the LinkedIn Insight tag allows the collection of statistical, pseudonymous data (referrer URL, IP address (abbreviated), device and browser properties) about the website visit and use of our website and to provide corresponding aggregated statistics on this basis. In addition, this information is used to display interest-specific and relevant offers and recommendations after you have been interested in certain products, information and offers on our website. This information is stored in a cookie for 6 months. You can inform yourself at any time about the data processing by LinkedIn at https://www.linkedin.com/legal/privacy-policy?trk=registration_footer-privacy-policy and object to this.

Ströer Digital Publishing GmbH

For advertising purposes and for user analysis, the following data is transmitted to Ströer Digital Publishing GmbH (http://www.stroeerdigitalpublishing.de/). HTTP calls to servers of Ströer Digital Publishing GmbH and their analysis providers in order to retrieve and display advertising and message content. These HTTP calls enable the following analyses for the provision of advertising and message content: access by the Telekom Mail Portal, device type (smartphone/tablet), operating system, placement, IP address and information that can be derived from the IP address (Internet provider, IP-based region or IP address). IP-based location), mapping to ad campaigns, clicking ads. In order to enable billing and anonymous statistical analyses for the displayed advertising content, counting information is also transmitted to Digital Media Products GmbH and advertisers and their analysis providers with the help of HTTP (S) calls. However, this counting information is not linked to the device-specific ID. If you do not want the click on ads to be measured, please do not click on ads. Detailed information on the above-described use by Ströer Digital Publishing GmbH is available at: https://www.stroeer.de/digitale-werbung/werbemedien/targeting-data/datenschutz.html

emetriq GmbH

emetriq is a provider of targeting services for the online marketing of advertising space. Targeting stands for a precise target group approach in online marketing. For this purpose, emetriq operates a data pool whose aim is to significantly improve the quality of targeting so that advertisers can display relevant advertising according to your interests. In order to enable user-specific advertising to be displayed, emetriq GmbH, Vorsetzen 35, 20459 Hamburg, collects information about the surfing behavior and the usage of the website or the app usage. Cookies, measuring pixels, APIs or SDKs are used, which collect or can process the following information:

• Cookie ID, Identifier for Advertising (IDFA) or Advertising-ID (AdID)
• Information of the app or browser, for example browser identification, time zone, language, operating system
• Information about seen or clicked on advertising banners
• URL of the visited websites of our connected marketers
• surfing behaviour in the online shop, for example which article categories and which article descriptions were viewed
• etc.

The IP address is transmitted to emetriq for technological reasons. However, this is immediately discarded and is not used or further processed anywhere. The collected data is already pseudonymised in the user's app or browser and only then it is transferred to the data pool. All collected information about a user is exclusively based on an automatically and randomly generated cookie ID, or of the IDFA or AdID. A cookie is a text file on a device (e. g. computer) and is always assigned to a browser. If a user uses two or more browsers on his device, a corresponding number of cookies are generated on the terminal device. All collected information about a user is stored exclusively with this pseudonymous ID. emetriq will delete this data after 6 months at the latest.

4. Where can I find the information that is important to me?

This data privacy information provides an overview of the items which apply to Deutsche Telekom processing your data in this web portal. Further information, including information on data protection in general and in specific products, is available at https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/data-protectiontarget and https://www.telekom.com/en/deutsche-telekom/privacy-policy-1744.

5. Who is responsible for data processing? Who should I contact if I have any queries regarding data privacy at Deutsche Telekom?

Deutsche Telekom AG acts as the data controller. If you have any queries, please contact our Customer Services department or the Global Data Privacy Officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany, datenschutz@telekom.de.

6. What rights do I have?

You have the right

1. To request information on the categories of personal data concerned, the purposes of the processing, any recipients of the data, and the envisaged storage period (Art. 15 GDPR);
2. To request that incorrect or incomplete data be rectified or supplemented (Article 16 GDPR);
3. To withdraw consent at any time with effect for the future (Art. 7 (3) GDPR);
4. To object to the processing of data on the grounds of legitimate interests, for reasons relating to your particular situation (Article 21 (1) GDPR);
5. To request the erasure of data in certain cases under Art. 17 GDPR – especially if the data is no longer necessary in relation to the purposes for which it was collected or is unlawfully processed, or you withdraw your consent according to (c) above or object according to (d) above;
6. To demand, under certain circumstances, the restriction of data where erasure is not possible or the erasure obligation is disputed (Art. 18 GDPR);
7. To data portability, i.e., you can receive the data that you provided to us in a commonly used and machine-readable format such as CSV, and can, where necessary, transfer the data to others (Art. 20 GDPR);
8. to file a complaint about the data processing with the responsible supervisory authority (for telecommunications contracts: the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit); for any other matters: State Commissioner for Data Protection and Freedom of Information, North Rhine-Westphalia (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen)).

7. Who does Deutsche Telekom pass my data on to?

Owing to legal obligations: In certain cases, we are legally obliged to transfer certain data to a state authority that requests it.

8. Where is my data processed?

Your data will be processed in Germany and other European countries.

Data privacy information last revised: December 09, 2022