Data privacy

General information

T-Systems International GmbH attaches great importance to the privacy of your personal data. It is important for us to inform you which personal data is collected, how it is used and what design options you have in this respect.

1. Where can I find the information that is important for me?

This data privacy notice provides an overview of the points that apply to the processing of your data in this web portal by T-Systems. Further information, also on data privacy in special products, can be found at www.telekom.com/en/corporate-responsibility/data-protection-data-security/data-protection.

2. Who is responsible for data processing? Who should I contact if I have any questions about data privacy at T-Systems?

The data controller is T-Systems International GmbH, Hahnstraße 43d, D – 60528 Frankfurt am Main, Germany. If you have any questions, please contact our customer service or our data privacy officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany, datenschutz@telekom.de.

3. What rights do I have?

You have the right

a.    of access by the data subject, the purposes of processing, any recipients of the data, the planned storage period (Art. 15 GDPR);
b.    to request the rectification or addition of incorrect or incomplete data (Art. 16 GDPR);
c.    to withdraw a given consent at any time with effect for the future (Art. 7 para. 3 GDPR);
d.    to object to data processing which is to be carried out on the basis of a legitimate interest for reasons arising from your particular situation (Art. 21 para. 1 GDPR);
e.    to erasure data in certain cases within the framework of Art. 17 GDPR - in particular if the data are no longer required for the intended purpose or are processed unlawfully, or if you have withdrawn your consent in accordance with above (c) or have declared an objection in accordance with above (d);
f.    under certain conditions, to demand the restriction of data processing insofar as deletion is not possible or the obligation to delete is in dispute (Art. 18 GDPR);
g.    data portability, i.e. you can receive the data that you have provided to us in a common machine-readable format such as CSV and, if necessary, transfer it to others (Art. 20 GDPR);
h.    complain to the competent supervisory authority about data processing (for telecommunications contracts): Federal Commissioner for Data Privacy and Freedom of Information; otherwise: State Commissioner for Data Privacy and Freedom of Information North Rhine-Westphalia).

4. Who does T-Systems pass on my data to?

To contract processors, i.e. companies that we entrust with the processing of data within the legally prescribed framework, Art. 28 GDPR (service providers, vicarious agents). T-Systems remains responsible for the privacy of your data even in this case. We commission companies in the following areas in particular: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing.

To cooperation partners who provide services on their own responsibility for you or in connection with your T-Systems contract. This is the case if you commission services from such partners from us or if you consent to the involvement of the partner or if we involve the partner on the basis of a legal permit.

Due to legal obligation: In certain cases we are legally obliged to transmit certain data to the requesting state authority.

5. Where will my data be processed?

Your data will be processed in Germany and other European countries. If, in exceptional cases, your data is also processed in countries outside the European Union (i.e. in so-called third countries), this will happen if you have expressly consented to this or if it is necessary for our provision of services to you or if it is provided for by law (Art. 49 GDPR). In addition, your data will only be processed in third countries if certain measures have been taken to ensure that an appropriate level of data privacy exists (e.g. the EU Commission's adequacy decision or so-called suitable guarantees, Art. 44 et seq. GDPR).

6. What data is collected, how is it used and for how long is it stored?

a.    Technical features: When you visit our web pages, the web server temporarily records the domain name or IP address of your computer, the client's file request (file name and URL), the http response code and the web page from which you are visiting us. The logged data is used exclusively for the purposes of data security, in particular to prevent attempts to attack our web server (Art. 6 Para. 1 f GDPR). They will neither be used for the creation of individual user profiles nor passed on to third parties and will be deleted after 7 days at the latest. We reserve the right to statistically evaluate anonymous data records.

b.    User surveys/ customer feedback with Usabilla: These websites use the service of the order processor Usabilla B. V., Amsterdam, Netherlands for customer surveys. Website evaluations and your feedback can be requested after prior consent has been obtained (Art. 6 para. 1 a GDPR). The opinions and improvement suggestions of our customers are important components for the improvements of our web pages. Only anonymous information is processed and there is no possibility to draw conclusions about the sender. At no time will personal or personal data be transmitted. The data is stored and evaluated by us for 24 months. The surveys can be carried out in two different ways: 
I.    The feedback button on the website. You can give us your feedback at any time via this button. If you do not use this function, no data will be transmitted. 
II.   An active feedback request can also be displayed on the website. You can deny this query or cancel it at any time. The answers will not be sent until you complete the survey.

c.    User surveys/ customer feedback with eparo: These websites use the services of eparo GmbH, Hamburg, for customer surveys. Website evaluations and feedback can be requested after prior consent has been obtained (Art. 6 para. 1 a GDPR). The opinions and improvement suggestions of our customers are important components for the improvements of our web pages. Only anonymous information is processed and there is no possibility to draw conclusions about the sender. At no time will personal or personal data be transmitted. The data is stored and evaluated by us for three months.  
The questioning is carried out in this way:
I.    An active feedback request can be displayed on the website. You can deny this query or cancel it at any time. The answers will not be sent until you complete the survey.

d.    Text Chat: If you use the text Chat on the website to contact customer service, various information will be transmitted to the customer advisor when the chat is initialised (Art. 6 para. 1 a GDPR). This includes, for example, the help topic, browser version, operating system version, etc. you selected on the website. In addition, information about the availability of the chat service is transmitted by the chat platform at regular intervals. This information is used to activate or deactivate the Text Chat start button on the web page. We store only the information about the beginning and the end of the communication for 7 days. Chat content is not stored.

e.    Miscellaneous: Additional personal data, such as your name, address, telephone number or e-mail address, is not collected unless you provide this information voluntarily. Here you will find further information on the topic newsletter.

7. Data control with the used social media plug-ins

Some of the offer pages contain buttons from social media networks (Facebook-like button, Google +1, Twitter button) with which you can recommend T-Systems offers to your friends and acquaintances.

So that you have full data control, the buttons used establish direct contact between the respective social network and the visitor only when you actively click on the button (one-click solution).

By activating the social media plug-in (Art. 6 para. 1 a GDPR), the following data can be transmitted to the social media providers: IP address, browser information, operating system, screen resolution, installed browser plug-ins such as Adobe Flash Player, previous website if you followed a link (referrer), URL of current website, etc. The next time the website is accessed, the social media plug-ins are again made available in the default inactive mode so that no data is transmitted when the website is visited again. Further information on social media plug-ins can be found here: www.telekom.com/en/corporate-responsibility/data-protection-data-security/digitally-secure as well as information on the 1-click solution.

8. Is my usage behaviour evaluated, e.g. for advertising, tracking?

Explanations and definitions: We would like you to enjoy using our web pages and take advantage of our products and services. We have an economic interest in this. In order for you to find the products that interest you and to enable us to design our web pages in a user-friendly manner, we analyze your usage behavior in an anonymized or pseudonymized form. Within the framework of the legal regulations, we, or companies commissioned by us within the framework of commissioned data processing, create usage profiles. It is not possible to derive a direct connection to you from these profiles. In the following, we provide general information about the various purposes and technologies. Afterwards you have the opportunity to object. Please note, however, that in this case you may not be able to use all functions of our web pages. 

a.    Uses (Art. 6 para. 1 a GDPR / §15 para. 3 German Teleservices Act)

Tag management is used to manage tracking tools in websites. For this purpose, a tag is defined for each page. The marker can then be used to determine which tracking tools are to be used for this page. The tag management allows tracking to be controlled in a targeted manner so that the tools are only used where they make sense.

Market research / reach measurement the aim of reach measurement is to statistically determine the usage intensity and the number of users of a website as well as to obtain comparable values for all connected offers. At no time are individual users identified. Your identity is always protected.

Profiles for the need-based design of the web portal in order to be able to constantly improve the web pages, we create so-called clickstream analyses. The clickstream corresponds to your movement path on the web pages. The analysis of the movement paths gives us information about the usage behaviour on our websites. This allows us to identify possible structural errors in the web pages and thus improve the web pages so that the web pages can be optimized to your needs. At no time are individual users identified.

Profiles for personalized recommendations T-Systems plays out customized, personalized, action- and click recommendations for offers, services or products. For this purpose, the service provider creates a pseudonymous profile of the services and websites you call up on the Internet and assigns this to categories. You will be shown content or notes matching your profile. At no time are individual users identified or personal data used for the profile.

b.    Techniques

Cookies
We use cookies for certain offers. These are small text files that are stored on your computer. This allows you to detect when you repeatedly visit web pages from the same computer. 

Session cookies are cookies that are only stored on your computer for the duration of an Internet session and are required for transactions (e.g. for logging in or processing a purchase). They contain only one transaction ID.

For certain offers, we use persistent cookies that are stored on your computer for future sessions. In this case we will inform you about the storage time of the cookie. 

Stay signed in – If you sign in with your email address or mobile phone number and password, your browser will remember this information. Once you check the box, you don't have to log in every time you want to use your Telekom account. However, you will be asked to re-enter your password if special personalised services request it.

Remember username – If you log in with your email address or mobile phone number and password, the browser may remember this information in a cookie. As soon as you activate the check box "Remember user name", you only have to enter the password for the login.

You have the option of setting your browser so that these cookies are not stored in the first place, or that the cookies are deleted at the end of your Internet session. Please note, however, that in this case you may not be able to use all the functions of our website. Information on browser settings can be found at: www.telekom.com/en/corporate-responsibility/data-protection-data-security/digitally-secure

Measuring pixels are usually only 1×1 pixel sized images and are transparent or created in the color of the background so that they are not visible. If a web page containing a measuring pixel is opened, this small image is downloaded from the provider's server on the Internet, where the download is registered. Thus the provider of the process can see when and how many users requested this measuring pixel or visited a website. Furthermore, the provider can determine whether JavaScript is activated in the browser or not. If JavaScript is activated, further information such as browser information, operating system, screen resolution can be recorded. Usually this function is realized by a JavaScript call, but the term measuring pixel is still used. 

JavaScript are used to call up the application and transfer the collected parameters to the respective service provider/measuring pixel provider.

Cookie settings: You can recall your cookie settings at any time to manage your preferences.

On these web pages used techniques and their purposes:

a.    Required cookies: These cookies are necessary for enabling you to navigate through the pages and use essential functions. They enable basic functions, such as access to secure areas of the website. They also help us in our anonymous evaluation of user behavior, providing us with information that we then use to continuously develop our website for you. The legal basis for these cookies is Art. 6 (1)(b) GDPR.

CompanyPurposeTechnology and, if relevant, storage durationEmbedded as

T-Systems

website operation

Session cookie

Data controller

T-Systems 

website operation

Persistent (24 hours)

Data controller

T-Systems

website operation

Persistent (6 month)

Data controller

Webtrekk GmbH

Needs-based design, website operation

Session cookie

Data controller, service provision

Webtrekk GmbH

Needs-based design, website operation

Persistent (12 months)

Data controller, service provision

Cookie settings: You can return to your cookie settings at any time to manage your preferences.

b.    Analytical cookies: These cookies help us to better understand user behavior. Analysis cookies enable the collection of usage and recognition data by first- or third-party providers in what are known as pseudonymous usage profiles. For example, we use analytical cookies to determine the number of individual visitors to a particular website or service, collect other statistics regarding the operation of our products, and analyze user behavior based on anonymous and pseudonymous information about how visitors interact with the website. This in no way enables the direct identification of any particular person. The legal basis for these cookies is Art. 6 (1)(a) GDPR.

CompanyPurposeTechnology and, if relevant, storage durationEmbedded as
Tealium Inc.

Analysis (tag management)

Persistent (1 year)

Data processor

Webtrekk GmbH

Analysis

Session cookie

Data processor

Webtrekk GmbH

Analysis

Persistent (12 months)

Data processor

Cookie settings: You can return to your cookie settings at any time to manage your preferences.

c.    Marketing cookies/ retargeting: These cookies and similar technologies are used to display personalized and therefore relevant advertising content. Marketing cookies are used to ensure we display interesting advertising content, and to measure the effectiveness of our campaigns. This takes place not only on T-Systems International GmbH web pages, but also on the websites of our advertising partners (third-party providers). This is also referred to as retargeting, and it serves to create a pseudonymous interest profile and ensure relevant advertising is displayed on other websites. It is not possible to directly identify any particular person from these profiles. Marketing and retargeting cookies help us to display advertising content that is possibly relevant to you. By suppressing marketing cookies, you will continue to see the same number of ads, but these may be of less relevance to you. The legal basis for these cookies is Art. 6 (1)(a) GDPR.

CompanyPurposeTechnology and, if relevant, storage durationEmbedded as

Adform GmbH

Marketing

Persistent (24 hours)

Data processor

Adform GmbH

Marketing

Persistent (1 month)

Data processor

Adform GmbH

Marketing, analysis

Persistent (2 months)

Data processor

Cookie settings: You can return to your cookie settings at any time to manage your preferences.

d.    Services from other companies (independent third parties): On our web pages we have integrated third-party service providers, which provide their services independently. When you visit our website, data is collected using cookies or similar technologies and transmitted to the respective third party. Partly for T-Systems' own purposes. The legal basis for these cookies is Art. 6 (1)(a) GDPR. To find out to what extent, for what purposes, and on which legal basis data is further processed for the third-party provider's own purposes, please refer to the data privacy information of the respective provider. The information on independent third-party providers is given below.

CompanyPurposeTechnology and, if relevant, storage durationEmbedded as

Google Inc.

Analysis

Session cookie

Data processor

Google Inc.

Analysis

Persistent (24 hours)

Data processor

Google Inc.

Analysis

Persistent (1 year)

Data processor

Cookie settings: You can return to your cookie settings at any time to manage your preferences.

On the websites www.meine-cookies.org or www.youronlinechoices.com you can read more information about cookies and the individual providers. There you also have the possibility to object to usage-based online advertising from individual or all companies at www.youronlinechoices.com/de/praferenzmanagement/. We have voluntarily submitted to self-regulation from the German Data Protection Council for Online Advertising (DDOW).

9. Services provided by other companies which provide their services as responsible persons

Google
In some websites, we use Google Maps to display maps, locations and for route planning. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By embedding Google Maps, your IP address is transmitted directly to Google and a cookie is stored as soon as you visit such a website. You can inform yourself about and object to the data processing by Google at www.google.com/policies/privacy at any time.

We use the Remarketing and Google AdWords function of Google Inc. on our websites. (“Google”). This function is realised via a cookie and serves to present interest-related advertisements to visitors to the website within the Google advertising network. These pages may then display advertisements to the visitor that relate to content previously viewed by the visitor on websites that use Google's remarketing feature. According to its own information, Google does not collect any personal data during this process. However, if you do not want Google's remarketing feature to work, you can opt-out of it by setting your preferences at www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-based advertising through the Advertising Network Initiative by following the instructions at www.networkadvertising.org/managing/opt_out.asp. For more information about Google Remarketing and Google's privacy policy, please visit www.google.com/privacy/ads/.

If you have reached our website via a Google ad, Google AdWords will save a cookie on your computer. This cookie loses its validity after 30 days. A conclusion about your person is not possible. The information collected with the help of this so-called conversion cookie is used to generate statistics about our conversion rate. This means that we know how many users came to our websites through a Google ad and purchase a product within 30 days. If you do not wish to participate in the tracking process, you can disable conversion tracking cookies by setting your browser to block cookies from that domain: Google AdWords: googleadservices.com

LinkedIn

The LinkedIn Insight Tag enables the collection of data regarding members’ visits to your website, including the URL, referrer, IP address, device and browser characteristics (User Agent), and timestamp. The IP addresses are truncated or (when used for reaching members across devices) hashed, and members’ direct identifiers are removed within seven days in order to make the data pseudonymous. This remaining pseudonymized data is then deleted within 180 days.

LinkedIn does not share the personal data with the website owner, it only provides reports (which do not identify you) about the website audience and ad performance. LinkedIn also provides retargeting for website visitors (up to 90 days after the visit), enabling the website owner to show personalized ads off its website by using this data, but without identifying the member. We also use data that does not identify you to improve ad relevance and reach members across devices. LinkedIn members can control the use of their personal data for advertising purposes through their account settings. The LinkedIn privacy policy can be found her https://www.linkedin.com/legal/privacy-policy?_l=en_DE

© T-Systems International GmbH – November 2019