Information pursuant to the EU-General Data Protection Regulation (GDPR)

for the Telekom Tech Grounds

Deutsche Telekom AG attaches great importance to protecting your personal data. We always inform you what personal data we collect, how your data is used, and how you can influence the process.


1. What data is recorded, how is it used, and how long is it stored?
a) Technical characteristics: When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us.
The recorded data is used solely for data security purposes, particularly to protect against attempted attacks on our web server (Article 6 (1f) GDPR). We do not use it to create individual user profiles nor do we share this information with third parties. It is erased after seven days at the latest. We reserve the right to statistically analyze anonymized data records.

b) Chatbot: If you use the chatbot (“digital assistant”) on the webpage or contact to customer service, different types of information will be transmitted to the communication platform during the automated chat (Art. 6 (1) a GDPR). This includes, for example, the questions and answers you have entered (chat history), or your customer data if you have logged in with your Deutsche Telekom login credentials. We process the collected data in the cloud-based communication system provided by our contract data processor IBM Deutschland GmbH („IBM“, Wilhelm-Fay-Strasse 30-34, 65936 Frankfurt). Any personal data, such as your name, address, telephone number or email address, will be pseudonymized before being transmitted to the contract data processor. The data will be hosted in the IBM cloud data center located in Frankfurt am Main, Germany. To further improve this service, any potentially personal data will be deleted from the data records by an anonymization service before it is used. The pseudonymized chat history will be deleted when the exchange is ended. If necessary and subject to your consent, the chatbot may wish to transfer you to our customer service text chat. Provided you are logged into your Deutsche Telekom account, this will entail the transmission of the chat history and any available customer data to the text chat.

c) Text or video chat: If you use the text or video chat on the website to contact the Customer Services department, different types of information will be sent to the customer adviser when you initiate the chat (Art. 6 (1) a GDPR). This includes login data, customer data (telephone number, customer number and latest chat history), as well as the help topic you have selected on the web page, the versions of your browser and operating system, and similar data. The chat platform provided by the contract data processor Genesys will also regularly transmit information about the availability of the chat service. This information is used to activate or deactivate the button to start a text or video chat on the web page. We will store the start and end times of a chat (the session) for a period of 7 days. A session cookie will then be placed on the computer for the duration of the session. The cookie is deleted once the session has ended. We store the chat history for 48 hours and use it for any queries that may arise. We reserve the right to statistically analyze anonymized data records. More information on our newsletter>> can be found here.

2. Controlling data used by social-media plug-ins and links to social media platforms

Some web pages may contain social media buttons (e.g. Facebook, Google, Instagram, Twitter, Pinterest, Xing or LinkedIn) you can use to recommend the services of << Deutsche Telekom Group legal entity name >> to your friends and family.

To ensure you retain full control of the data, the used buttons provide direct contact between the respective social network and the visitor only once you actively click on the button (one-click solution).

We only use pictograms from the respective social media networks on our web pages. You will only be forwarded to the company website of the respective social media platform when you click on a pictogram. The social media platforms and providers of third party content that can be accessed by clicking on a pictogram provide their services and process their data in their own responsibility.

When the social media plug-in or link is activated by clicking on the pictogram, including when sharing content, (Art. 6 (1) a GDPR) the following data may be forwarded to the social media provider: IP address, browser information, operating system, screen resolution, installed browser plug-ins (such as Adobe Flash Player), previous web page if you followed a link (referrer), URL of the current web page etc...
The next time you visit the website, the social media plug-ins are again provided in the default disabled mode, thus ensuring that no data is transferred during a repeat visit to the website. Further information on social media plug-ins and the scope and purpose of data processing by their providers, as well as additional data privacy-relevant information can be found in the data privacy information published by the respective controller and in the information on the <<1-click solution>>

3. Will my usage habits be evaluated, e.g. for advertising purposes or tracking?

Explanations and definitions
We want you to enjoy using our websites and take advantage of our products and services. We have an economic interest in ensuring this is the case. We analyze your usage habits on the basis of anonymized or pseudonymized data so you can find the products that interest you and so we can make our websites user-friendly. Deutsche Telekom or its contract data processors create usage profiles that comply with the legal requirements. This information cannot be traced back to you directly. The following information is intended to provide you with general information on the various purposes of processing data. The cookie message displayed when visiting our webpages gives you the opportunity to permit or reject the use of cookies. Cookies that are strictly necessary to provide the web service cannot be rejected (see explanation at 1. above).

Tag management (strictly necessary)
Tag management allows us to manage the use of tools on the different web pages of our web portal. A tag is set for each page to do this. The tag content determines which tools will be used for this page. Tag management is used to assure that the tools are in each individual case only used where appropriate.

Profiles for a user-geared presentation of the web portal (opt-in)
The compilation of clickstream analyses assists us in continuously improving our web pages. The clickstream corresponds to your movement on the websites. Analyzing the movement provides us with an insight into usage habits on our websites. This allows us to detect any existing structural deficiencies in our web pages and thereby improve them accordingly.

a) Required cookies
These cookies are required to enable you to navigate through the web pages and use key functions. They support basic functions, such as order processing in the online shop and access to secured areas of the web page. They also serve the purpose of performing an anonymous analysis of user patterns, which we use to continuously develop and improve our web pages for you. The legal basis for these cookies is Article 6 (1) b GDPR respectively for third Countries Art. 49 (1) b GDPR.

Company Purpose Storage period Country of processing
rooom Security, verification of transmission Session cookie for 2 hours (staying logged in) Germany
rooom Security, Settings Session cookie for 2 hours (language, profile and role settings) Germany


b) Analytical cookies

These cookies help us to improve our understanding of user behavior. analysis cookies allow for the compilation of usage and identification data by the original provider or third party providers into pseudonymous usage profiles. We use analysis cookies e.g. to determine the number of individual visitors to a web page or a service, to collect statistical data on the performance of our products and to analyze the visitors’ usage patterns and visitor interactions on the basis of anonymous and pseudonymous information. This information cannot be traced back to a person. The legal basis for these cookies is Article 6 (1) a GDPR respectively for third Countries Art. 49 (1) a GDPR.

Company Purpose Storage period Country of processing
rooom/Matomo_Piwik Individualized visual presentation and market research Cookie (12 months) Germany
rooom/Matomo_Piwik Individualized visual presentation and market research Cookie (1 hour) Germany


You can change the settings for cookies at any time here: link(Cookie consent)

c) Services by other companies (independent third party providers)

Some of our web pages feature services of third party providers, who bear the sole responsibility for their services. When you visit one of our web pages, cookies or similar technologies may collect data and send it to third parties. Some of the data may be transmitted for Deutsche Telekom’s own purposes. The legal basis for these cookies is Article 6 (1) a GDPR respectively for third Countries Art. 49 (1) a GDPR. The scope, purpose and legal basis on which further processing is carried out for the third party’s own purposes can be found in the third party’s data privacy information. Information about these independent third party providers can be found in the following.

LinkedIn
The re-targeting and conversion tracking of LinkedIn (LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland) using the LinkedIn Insight tag allows the collection of statistical, pseudonymous data (referrer URL, IP address (abbreviated), device and browser properties) about the website visit and use of our website and to provide corresponding aggregated statistics on this basis. In addition, this information is used to display interest-specific and relevant offers and recommendations after you have been interested in certain products, information and offers on our website. This information is stored in a cookie for 6 months. You can inform yourself at any time about the data processing by LinkedIn at https://www.linkedin.com/legal/privacy-policy?trk=registration_footer-privacy-policy and object to this.

4. Where can I find the information that is important to me?

This data privacy information provides an overview of the items which apply to Deutsche Telekom processing your data in this web portal. Further information, including information on data protection in general and in specific products, is available at https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/data-protection and https://www.telekom.com/en/deutsche-telekom/privacy-policy-1744.

5. Who is responsible for data processing?Who should I contact if I have any queries regarding data privacy at Deutsche Telekom?

Deutsche Telekom AG acts as the data controller. If you have any queries, please contact our Customer Services department or the Global Data Privacy Officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany, datenschutz@telekom.de.

6. What rights do I have?

You have the right

  1. To request information on the categories of personal data concerned, the purposes of the processing, any recipients of the data, and the envisaged storage period (Art. 15 GDPR);
  2. To request that incorrect or incomplete data be rectified or supplemented (Article 16 GDPR);
  3. To withdraw consent at any time with effect for the future (Art. 7 (3) GDPR);
  4. To object to the processing of data on the grounds of legitimate interests, for reasons relating to your particular situation (Article 21 (1) GDPR);
  5. To request the erasure of data in certain cases under Art. 17 GDPR – especially if the data is no longer necessary in relation to the purposes for which it was collected or is unlawfully processed, or you withdraw your consent according to (c) above or object according to (d) above;
  6. To demand, under certain circumstances, the restriction of data where erasure is not possible or the erasure obligation is disputed (Art. 18 GDPR);
  7. To data portability, i.e., you can receive the data that you provided to us in a commonly used and machine-readable format such as CSV, and can, where necessary, transfer the data to others (Art. 20 GDPR);
  8. to file a complaint about the data processing with the responsible supervisory authority (for telecommunications contracts: the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit); for any other matters: State Commissioner for Data Protection and Freedom of Information, North Rhine-Westphalia (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen)).

7. Who does Deutsche Telekom pass my data on to?

To processors, i.e., companies we engage to process data within the legally defined scope, Article 28 GDPR (service providers, agents). In this case, Deutsche Telekom also remains responsible for protecting your data. We engage companies particularly in the following areas: IT, sales, marketing, finance, consulting, customer services, HR, logistics, and printing.

To cooperation partners who, on their own responsibility, provide services for you or in conjunction with your Deutsche Telekom contract. This is the case if you order services of these partners from us, if you consent to the involvement of the partner, or if we involve the partner on the basis of legal permission.

Owing to legal obligations: In certain cases, we are legally obliged to transfer certain data to a state authority that requests it.

8. Where is my data processed?

Your data will be processed in Germany and other European countries. If, in exceptional cases, your data is processed in countries outside the European Union (in so-called third countries), this will take place

  1. if you have expressly consented to this (Article 49 (1) a GDPR). (In most countries outside the EU, the level of data protection does not meet EU standards. This concerns in particular comprehensive monitoring and control rights of state authorities, e. g. in the USA, which disproportionately interfere with the data protection of European citizens,
  2. or to the extent necessary for our service provision to you (Article 49 (1) b GDPR),
  3. or to the extent required by law (Article 49 (1) c GDPR). Furthermore, your data will only be processed in third countries if certain measures ensure a suitable level of data protection (e.g., EU Commission's adequacy decision or suitable guarantees, Art. 44 et seq. GDPR).
This privacy information was last updated 17-02-2022