T-Systems International GmbH attaches great importance to protecting your personal data. We always inform you what personal data we collect, how your data is used, and how you can influence the process.
1. Where can I find the information that is important to me?
This data privacy information provides an overview of the items which apply to Deutsche Telekom processing your data in this web portal.
2. Who is responsible for data processing? Who should I contact if I have any queries regarding data privacy at T-Systems?
T-Systems International GmbH acts as the data controller. If you have any queries, please contact our Customer Services department or the Group Data Privacy Officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany firstname.lastname@example.org
3. What rights do I have?
a) To request information on the categories of personal data concerned, the purpose of the processing, any recipients of the data, the envisaged storage period (Art. 15 GDPR);
b) To request incorrect or incomplete data is rectified or supplemented (Art. 16 GDPR);
c) To withdraw consent at any time with effect for the future (Art. 7 (3) GDPR);
d) To object to the processing of data on the grounds of legitimate interests, for reasons relating to your particular situation (Art 21 (1) GDPR);
e) To request the erasure of data in certain cases under Art. 17 GDPR – especially if the data is no longer necessary in relation to the purposes for which it was collected or is unlawfully processed, or you withdraw your consent according to (c) above or objected according to (d) above;
f) To demand under certain circumstances the restriction of data where erasure is not possible or the erasure obligation is disputed (Art. 18 GDPR);
g) To data portability, i.e. you can receive your data which you provided to us, in a commonly used and machine-readable format, such as CSV and can, where necessary, transmit the data to others (Art. 20 GDPR);
h) To file a complaint with the competent supervisory authority regarding data processing (for telecommunications contracts: the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit); for any other matters: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen).
4. Who does Deutsche Telekom pass my data on to?
To processors, i.e. companies we engage to process data within the legally defined scope, Art. 28 GDPR (service providers, agents). In this case, Deutsche Telekom also remains responsible for protecting your data. We engage companies particularly in the following areas: IT, sales, marketing, finance, consulting, customer services, HR, logistics, printing.
To cooperation partners who, on their own responsibility, provide services for you or in conjunction with your Deutsche Telekom contract. This is the case if you contract with us services from these partners or if you consent to the incorporation of the partner or if we incorporate the partner on the basis of legal permission.
Owing to legal obligations: In certain cases, we are legally obliged to transfer certain data to the requesting state authority.
5. Where is my data processed?
In general, your data is processed in Germany and in other European countries.
If your data is also processed in countries outside the European Union (i.e. in third countries) by way of exception, this is done only if you have explicitly given your consent or it is required so we can provide you with services or it is prescribed by law (Art. 49 GDPR). Furthermore, your data is only processed in third countries if certain measures ensure a suitable level of data protection (e.g. EU Commission’s adequacy decision or suitable guarantees, Art. 44 ff. GDPR).
6. What data is recorded, how is it used and how long is it stored?
a) Technical characteristics: When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us.
The recorded data is used solely for data security purposes, particularly to protect against attempted attacks on our web server (Art. 6 (1) f GDPR). We do not use it to create individual user profiles nor do we share this information with third parties. It is erased after 7 days at the latest. We reserve the right to statistically analyze anonymized data records.
b) User surveys/ customer feedback with eparo: These websites use the service from eparo GmbH, Hamburg, Germany, to provide customer surveys. Website ratings and your feedback can be surveyed (Art. 6 (1) a GDPR). Our customers’ opinions and improvement suggestions crucially help us improve our websites. Only anonymous information is processed and there is no way of tracing the sender. Personal data or personally identifiable data is not transferred at any time. We store and analyze the data for three months.
This is the way of conducting the survey:
- I) An active feedback survey can be displayed on the website. You can reject this survey or cancel it at any time. Answers are only sent once you have completed the survey.
c) Textchat: If you use the textchat on the website to contact the Customer Services department, various types of information are sent to the customer adviser when you initialize the chat (Art. 6 (1) a GDPR). This includes, for instance, the help topic you selected on the website, browser version, operating system version, and the like. The chat platform also regularly transfers information regarding the accessibility of the chat service. Using this information, the button on the website to start the textchat is enabled or disabled. We store only the information on the start and finish of the communication for 7 days. Chat content is not stored.
7. Data control for the social media plug-ins used
Some of the services websites include buttons for social media networks (Facebook Like button, Google +1, Twitter button) that you can use to recommend the services of T-Systems International GmbH to your friends and family.
To ensure you retain full control of the data, the used buttons provide direct contact between the respective social network and the visitor only once you actively click on the button (one-click solution).
When the social media plug-in is activated (Art. 6 (1) a GDPR), the following data can be forwarded to the social media provider: IP address, browser information, operating system, screen resolution, installed browser plug-ins (such as Adobe Flash Player), previous website if you followed a link (referrer), URL of the current website, etc...
8. Will my usage habits be evaluated, e.g. for advertising purposes, tracking?
Explanations and definitions
We want you to enjoy using our websites and take advantage of our products and services. We have an economic interest in ensuring this is the case. We analyze your usage habits on the basis of anonymized or pseudonymized data so you can find the products that interest you and so we can make our websites user-friendly. We or companies commissioned by us to process data create usage profiles to the extent permitted by law. This information cannot be traced back to you directly. Subsequently we inform you generally about the various purposes and techniques. Afterwards you have the right to revoke your consent. However, please remember that in this case you may not have access to the full range of functions offered by our websites.
a) Purposes (Art. 6 (1) f GDPR / §15 (3) German Telemedia Act (Telemediengesetz – TMG)
Tag management is used to manage tracking tools in websites. A tag is set for each page to do this. Based on the tag, the system can determine which tracking tools should be used for this page. Tag management can be used to specifically control tracking so that the tools are only used where appropriate.
Market research / Reach measurement
Reach measurement provides statistics on a website’s usage intensity and the number of users, along with comparable figures for all the connected services. Individual users are not identified at any time. Your identity is always protected.
Profiles for designing the web portal based on needs
We use clickstream analysis to improve our websites constantly. The clickstream corresponds to your movement path on the websites. Analyzing the movement paths provides us with an insight into usage habits on our websites. This lets us identify possible structural errors in the websites and thus improve the websites so they are optimally tailored to your needs. Individual users are not identified at any time.
Profiles for personalized recommendations
T-Systems provides you with personalized action and click recommendations for offerings, services or products. To do so, the service provider creates a pseudonymized profile about the services and websites you access on the Internet and assigns categories to this profile. The system displays content or information that matches your profile. At no time are individual users identified or personal data used for the profile.
Session cookies are cookies which are only stored on your computer for the duration of your Internet session and are required for transactions (e.g. to log in or to complete a purchase). They simply contain a transaction ID.
For certain services, we use persistent cookies, which are stored on your computer for future sessions. In this case, we notify you about the cookie’s storage period.
You can set your browser to prevent these cookies being stored or to delete the cookies at the end of your Internet session. However, please remember that in this case you may not have access to the full range of functions offered by our websites. For information about browser settings go to: www.sicherdigital.de/sicher-surfen#sicher-surfen-browsereinstellungen
Techniques used on these websites and purposes:
|Company||Purpose||Technique and, where applicable, storage period||Involved as||Opt-Out|
|Tealium Inc.||Tag management||Cookie (24 months)||Processor||Browser setting: Block cookies from the domain “tealium.hs.llnwd.net”|
|Webtrekk GmbH||Customized design||Measurement pixel||Processor||Opt-Out|
|JobPal||Online chat service||Cookie (30 days)||Processor||Opt-Out|
9. Services from other companies that assume responsibility for providing their services
We use Google Maps for maps, locations and route planning on individual websites.Google Maps is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By embedding Google Maps your IP address is transferred directly to Google and a cookie stored as soon as you visit this kind of website. You can obtain information and opt out at any time from data processing by Google at policies.google.com/privacy?hl=en&gl=en
We use the remarketing and Google AdWords
function from Google Inc. (“Google”) on our websites. This function is implemented via a cookie and is used to present website users with web advertising tailored to their interests as part of the Google advertising network. Users can then be shown on these pages advertisements which relate to content users have accessed previously on websites that use the Google remarketing function. According to its own statements, Google does not collect any personal data with this process. If you, however, do not want to use Google’s remarketing function, you can disable this permanently by adjusting the relevant settings at www.google.com/settings/ads
If you access our websites via a Google ad, Google AdWords stores a cookie on your computer. This cookie becomes invalid after 30 days. No conclusions can be drawn about you as a person. We use the information collected with the aid of this conversion cookie to create statistics about our conversion rate. This means that we find out how many users came to our websites via a Google ad and acquire a product within 30 days. If you do not wish to participate in the tracking process, you can disable cookies for conversion tracking by specifying in your browser settings that cookies from the relevant domain are to be blocked:
Google AdWords: googleadservices.com
Data privacy information last revised: May, 24th 2018