Data Privacy Policy

Privacy Policy for Digital Services, as of GPR 08.2024 

Privacy Policy 

Cookie settings: You can revisit your Cookie settings at any time to manage your preferences. 

General provisions 

The protection of your personal data has a high priority for Deutsche Telekom AG. It is important for us to inform you about what personal data is collected, how they are used and what options you have in this regard. 

1. What data is recorded, how is it used, and how long is it stored?

Necessary processing for the provision of the digital service (Art. 6 para. 1b GDPR, §25 para. 2 no. 2 TDDDG) 

  • When using Fashion Fusion hereinafter referred to as the digital service: When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us. The recorded data is used solely for data security purposes, particularly to protect against attempted attacks on our web server (Article 6 (1f) GDPR). We do not use it to create individual user profiles nor do we share this information with third parties. It is erased after seven days at the latest. We reserve the right to statistically analyze anonymized data records. We reserve the right to statistically evaluate anonymized data sets. 
  • Processing in the provision of the digital service that is carried out on the basis of legitimate interest (Art. 6 para. 1 f GDPR, §25 para. 2 no. 2 TDDDG) 

When you use our digital service, our servers temporarily record the domain name or IP address of your device as well as other data, such as the requested content or the response code.  

The logged data is used exclusively for data security purposes, in particular to defend against attacks on our server. They are neither used for the creation of individual user profiles nor passed on to third parties and will be deleted after 7 days at the latest. We reserve the right to statistically evaluate anonymized data sets. 

Fraud prevention: In order to avoid fraud in our online shop, we have commissioned the company Risk.Ident GmbH (Am Sandtorkai 50, 20457 Hamburg) to provide the service. Risk.Ident collects and processes data on the pages of our online shop with the help of cookies and tracking technologies to determine the end device used by the user. If IP addresses are collected by Risk.Ident, they are immediately anonymized. The data processed by Risk.Ident is stored in a database for fraud prevention. We access these as part of the ordering process for the purpose of a risk assessment. In addition, we transmit data to Risk.Ident on end devices from which (attempted) fraud has already occurred. The data is not assigned to persons at any time. 

  • Processing in the provision of the Digital Service by third parties 
  • Many operating systems provide the possibility to dictate the text in addition to input via keyboard. When using this function, the language is processed by the third party (e.g. Apple, Google, Microsoft) as the controller and the result is displayed in the input field. For details of the functionality, how you can switch the use on or off and the legal basis of the processing, please contact the respective operating system manufacturer (third party). 
  • Data control of the social media plug-ins used or links to social media platforms 

Some pages contain buttons from social media networks (such as Facebook, Google, Instagram, X [Twitter], Pinterest, Xing, TikTok or LinkedIn) with which you can recommend the offers of the Deutsche Telekom AG  to your friends and acquaintances.  

Variant 1 One-click solution: 

To ensure that you have full control over your data, the buttons used only establish direct contact between the respective social network and the visitor when you actively click on the button (one-click solution). 

Variant 2 Two-click solution: 

To ensure that you have full control over your data, we display greyed-out images of the respective functions instead of the actual social plug-ins when the page loads. Only by clicking on the checkmark next to the images is the data exchange activated by loading the respective social plug-in with the page. Only with a second click do you trigger the action, e.g. “Like”. 

Variant 3 Forwarding: 

In our digital service, we only use the pictograms of the respective social media network. Only by clicking on the pictogram will you be directed to the company page on the respective social media platform. The social media platforms as well as the third-party content providers, which can be reached via the pictograms, provide these services and the processing of their data under their own responsibility.   

Generally used text module when using social media: 

By activating the social media plug-in or link via the pictogram, also for sharing content (Art. 6 para. 1 a GDPR), the following data can be transmitted to the social media providers: IP address, browser information, operating system, screen resolution, installed browser plug-ins, previous page if you followed a link (referrer), the URL of the current page, etc. 

On the next call, the social media plug-ins are again provided in the default inactive mode, so that no data is transmitted on a subsequent visit.  

Further information on social media plug-ins, the scope and purposes of the respective data processing as well as further data protection-relevant information can be found in the Privacy Policy of the respective controller as well as for the explanation of the <<1-Click solution on Heise.de>> <<2-Click solution on Heise.de>> 

  • Is my usage behavior evaluated, e.g. for advertising or tracking? 

We want you to enjoy using our digital services and using our products and services. In order for you to find the products that interest you and for us to be able to design our digital service in a user-friendly way, we analyse your usage behaviour in pseudonymised form. Within the framework of the legal regulations, user profiles are created. In the following, we provide you with general information about the various purposes of the processing. By clicking on the “Consent to data processing” query, which appears when you access our digital service, you have the option of agreeing to the processing or rejecting it in part or in full. Processing necessary for the provision of the digital service (see explanation above under 1.) cannot be refused. 

  • Basic digital service functionality 

These processing’s are always active and necessary for our digital service to function properly. 

  • Functional 

These processing’s are necessary for you to be able to navigate through the Digital Service and use essential functions. They enable basic functions, such as order processing in the online shop and access to secure areas of the digital service. In addition, they are used for the anonymous evaluation of user behavior, which we use to continuously develop our digital service for you. The legal basis for this processing is §25 (2) No. 2 TDDDG, Art. 6 (1b) GDPR or, in the case of third countries, Art. 44 et seq. GDPR.

Company  Purpose  Storage period  Country of processing 
Borlabs Cookie  Borlabs Cookie: Saves the visitors preferences selected in the Cookie Box of Borlabs Cookie.  1 Year  Germany 
Fashion Fusion, Telekom  Fonts: Tracking the loading of the local fonts.  Session  Germany 
Fashion Fusion, Telekom  Elfsight: Necessary for the implementation of the Instagram image gallery on the website.  Persistent until Deletion  Germany 

 

  • Borlabs Cookie 

This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents. Borlabs cookie does not process any personal data. The borlabs-cookie cookie stores your consents that you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent. 

  • Analytical:  

These processing’s are necessary for us to carry out technical analyses, usage evaluations and reach measurements, with which we can ensure the quality and services offered and improve structural defects of the digital service and its functions. The necessary analytical processing is carried out without access to your terminal device and is based on information already collected for the provision of the digital service, see functionally necessary processing. After pseudonymisation, these are further processed exclusively for the purpose of ensuring a high-quality and service-oriented service implementation, storage period 3 months. The legal basis for this processing is Art. 6 (4) GDPR.  

  • Analytics through partners 

These processing’s help us and our partners improve services. 

We use cookies and similar technologies in our digital service to help us improve our services. These technologies are also used by our partners who offer their services independently or under joint responsibility with Deutsche Telekom AG 

Data and information are transmitted to partners for analysis purposes, processed there also for the partners’ own analysis purposes and merged with third-party data. This means that information about your use of the digital service is collected and processed to better understand and improve our products and offers. 

Processing purpose according to consent category  Processing company with company address/data recipient  Products used/short description of the service used  Description of specific processing purpose  Responsibilities  Processed data  Storage period  Legal basis 

(Processing) 

Third country processing  Legal basis (Third country processing) 
Analytics  Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland.   

 

Abspielen von eingebundenen Videos auf der Website. 

 

YouTube erhebt Daten, um den Nutzern bessere Dienste zur Verfügung zu stellen – von der Feststellung grundlegender Informationen, wie zum Beispiel Ihrer Sprache bis hin zu komplexeren Fragen, wie zum Beispiel Werbung. Welche Daten YouTube erhebt und wie diese verwendet werden, hängt davon ab, wie Sie die Dienste nutzen und wie Sie Ihre Datenschutzeinstellungen verwalten.
Wenn Sie nicht in einem Google-Konto angemeldet sind, werden die erhobenen Daten mit eindeutigen Kennungen gespeichert, die mit dem Browser, der App oder dem Gerät verknüpft sind. Damit kann beispielsweise gewährleistet werden, dass die Spracheinstellungen bei allen Sitzungen beibehalten werden.
Wenn Sie in einem Google-Konto angemeldet sind, werden auch Daten erhoben, die in Ihrem Google-Konto gespeichert und als personenbezogene Daten erachtet werden.
Weitere Informationen finden Sie unter: https://policies.google.com/privacy?hl=de&gl=de   
Google Ireland Ltd.
Gordon House, Barrow Street
Dublin 4, Ireland  
Geräteinformationen, IP- Adresse, Referrer URL, Angesehene Videos 

 

12 Monate 

 

Art. 6 Abs. 1 S. 1 lit. a DSGVO 

 

Dieser Dienst kann die erfassten Daten an ein anderes Land weiterleiten. Das kann auch ein Land sein, in dem das Datenschutzniveau nicht dem gesetzlichen Standard in Deutschland entspricht. Falls Ihre Daten in die USA übertragen werden, können sie von US-Behörden zum Zwecke der Kontrolle und Überwachung genutzt werden, ohne dass Sie rechtlich dagegen vorgehen können. Unten sehen Sie alle Länder , in die der Dienst die Daten überträgt. Weitere Informationen zur Sicherheit Ihrer Daten finden Sie in den Datenschutzrichtlinien des Datenverarbeiters. Sie können sich auch direkt an den Datenschutzbeauftragten dort wenden. 

 

Angemessenheitsbeschluss der EU als auch Einwilligung nach Art. 49 DSGVO 

 

  • Marketing through partners 

We and our partners use these processing’s to show you personalized content that is relevant to you. 

We and our partners use cookies and similar marketing technologies to serve personalized advertising. Some of our partners act independently or in joint controllership with Deutsche Telekom AG. They use these technologies to collect data for marketing purposes. The data can be used for the partners’ advertising purposes, processed further and combined with data from other sources. 

When you use our digital service, we create a profile. This helps us show you ads in other digital services that are tailored to your interests. We also measure the effectiveness of this advertising and collect further information about your online behavior. 

Processing purpose according to consent category  Processing company with company address/data recipient  Products used/short description of the service used  Description of specific processing purpose  Responsibilities  Processed data  Storage period  Legal basis 

(Processing) 

Third country processing  Legal basis (Third country processing) 
  Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland.    Google Ads: Dieser Webdienst ermittelt und dokumentiert Webseitenaufrufe und die Erfolgsmessung von Werbeanzeigen, um anschließend die Werbeaufwendungen zu optimieren.
Bei diesem Webdienst werden Cookies, Pixel und ein Local Storage Eintrag eingesetzt.
Der Webdienst nimmt einen lesenden und schreibenden Zugriff auf Ihr Endgerät.weitere Produkte: Floodlight, Consent Mode, Campaign Manager 360/ Display & Video 360 
– Google Ads: dient dazu, Besuchern im Rahmen des Google-Werbenetzwerks interessenbezogene Werbeanzeigen zu präsentieren. Im digitalen Dienst können dem Besucher dann Werbeanzeigen präsentiert werden, die sich auf Inhalte beziehen, die der Besucher zuvor in anderen digitalen Diensten aufgerufen hat, die die Remarketing Funktion von Google verwenden. Wenn Sie über eine Google-Anzeige auf unseren digitalen Dienst gelangt sind, wird von Google AdWords ein Cookie auf Ihrem Endgerät gespeichert. Dieses Cookie verliert nach 90 Tagen seine Gültigkeit. Die mit Hilfe dieses sogenannten Conversion-Cookies eingeholten Informationen dienen dazu, Statistiken über unsere Konversionsrate zu erstellen. Das bedeutet, dass wir erfahren, wie viele Nutzer durch eine Google-Anzeige auf unsere Webseiten gekommen sind und innerhalb von 90 Tagen ein Produkt erwerben.
– Campaign Manager: Dieser Webdienst wird zur Erfolgsmessung und Optimierung von Werbe-Kampagnen verwendet. Er setzt Cookies ein, um Informationen für Dienste der Google Marketing Plattform (CampaignManager360 (CM360 AdServer), DisplayVideo360 (DV360 programmatische Einkaufsplattform), SearchAds360 (SA360)) zu erheben. Der Webdienst nimmt einen schreibenden und lesenden Zugriff auf ihr Endgerät.
Google Consent Mode ist eine Funktion in Verbindung mit den Webdiensten Google Analytics, Display & Video 360, Google Ads und GMP Floodlight mit der wir Informationen über Ihre erteilten Einwilligungen zu den genannten Webdiensten an die Google Ireland Ltd. übermitteln. Diese Informationen werden für Hochrechnungen zum Zweck einer verbesserten statistischen Auswertung des Erfolgs unserer Online-Werbung genutzt.
Dieser Webdienst wird nur eingesetzt, wenn Sie zusätzlich in den Einsatz des Google Tag Managers eingewilligt haben.
Auf Grundlage Ihrer abgegebenen Einwilligung werden Ihre o.g. Daten bzw. Datenkategorien zudem in den USA verarbeitet. Für diesen Transfer liegt derzeit ein Angemessenheitsbeschluss der EU-Kommission vor (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). 
Controller (C2C),
T-Systems International GmbH und Google Ireland Ltd sind hierbei in eigener Verantwortung tätig. In den Datenschutzhinweisen der Google Ireland Ltd (link einfügen: https://business.safety.google/privacy/?hl=en-US) finden Sie weitere Informationen zur Datenverarbeitung durch Google. 
Cookie ID, Datum und Uhrzeit des Besuchs, Geräteinformationen, IP-Adresse, Informationen über Betriebssystem, Referrer URL, Web-Anfrage, Browser Informationen  Ihre Online-Nutzungsdaten werden bei Telekom nicht gespeichert. Der Webdienst hat eine Funktionsdauer von 13 Monaten. Den Local Storage können Sie über Ihre Browser-Einstellungen löschen  Dieser Webdienst wird auf Grundlage von § 25 Abs. 1 S. 1 TTDSG eingesetzt, die Folgeverarbeitung Ihrer personenbezogenen Daten erfolgt auf Grundlage von Art. 6 Abs. 1 a) DSGVO.  Ihre Online-Nutzungsdaten werden in Argentinien; Israel; Japan; Kanada; Neuseeland; Schweiz; Vereinigte Staaten von Amerika und im Vereinigten Königreich verarbeitet. Für diese Staaten liegt ein Angemessenheitsbeschluss der EU-Kommission vor (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). Auf Grundlage Ihrer abgegebenen Einwilligung werden Ihre Online-Nutzungsdaten zudem in folgenden unsicheren Drittstaaten verarbeitet: Australien; Brasilien; Chile; Indien; Kenia; Kolumbien; Malaysia; Mexiko; Peru; Philippinen; Singapur; Südafrika; Taiwan; Türkei und Vereinigte Arabische Emirate Für diese Staaten liegt kein Angemessenheitsbeschluss der EU-Kommission (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) vor. T-Systems International GmbH kann daher nicht sicherstellen; dass das europäische Datenschutzniveau für diese Datenverarbeitungen eingehalten wird. Es ist nicht auszuschließen; dass lokale Behörden Zugriff auf Ihre Online-Nutzungsdaten haben und dass die Ausübung Ihrer Rechte als von der Datenverarbeitung betroffene Person eingeschränkt oder ausgeschlossen ist.  Angemessenheitsbeschluss der EU als auch Einwilligung nach Art. 49 DSGVO 

 

Privacy Settings: You can revisit your settings at any time to manage your preferences. 

 

2.Where can I find the information that is important to me? 

Additional information on data protection when using our products, in particular on the purposes of use, deletion periods, etc., can be found in the data protection information for the respective product under www.telekom.de/datenschutzhinweise, in the Telekom Shop or under www.telekom.com/datenschutz. 

 

3.What rights do I have? 

You have the right to: 

  •  to request information on categories of data processed, processing purposes, possible recipients of the data, the planned storage period (Art. 15 GDPR); 
  • request the correction or completion of incorrect or incomplete data (Art. 16 GDPR);  
  • to revoke a given consent at any time with effect for the future (Art. 7 para. 3 GDPR); 
  • to object at any time for the future to data processing that is to be carried out on the basis of a legitimate interest, for reasons arising from your particular situation (Art. 21 para. 1 GDPR), stating these reasons. You can object to data processing for direct marketing purposes at any time without stating these reasons (Art. 21 para. 2, 3 GDPR); 
  • in certain cases, request the deletion of data within the framework of Art. 17 GDPR  – in particular if the data is no longer required for the intended purpose or is processed unlawfully, or if you have withdrawn your consent in accordance with (c) above or have declared an objection in accordance with (d) above;  
  • under certain conditions, to demand the restriction of data if deletion is not possible or the obligation to delete is disputed (Art. 18 GDPR); 
  • data portability, i.e. You can receive your data that you have provided to us in a commonly used machine-readable format, such as z.B. CSV, and, if necessary, transmit it to others (Art. 20 GDPR;) 
  • to complain to the competent supervisory authority about the data processing (for telecommunications contracts: Federal Commissioner for Data Protection and Freedom of Information; otherwise: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia). 

4.To whom does Deutsche Telekom share my data? 

To processors, i.e. companies that we commission to process data within the scope provided for by law, Art. 28 GDPR (service providers, vicarious agents). In this case, Deutsche Telekom remains responsible for the protection of your data. In particular, we commission companies in the following areas: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing. 

To cooperation partners who provide services for you on their own responsibility or in connection with your telecom contract. This is the case if you commission services from such partners with us or if you consent to the involvement of the partner or if we involve the partner on the basis of a legal permission. 

Due to legal obligation: In certain cases, we are required by law to transmit certain data to the requesting government entity.  

5.Where will my data be processed? 

Your data will be processed in Germany and other European countries.  

In some cases, your data is also processed in countries outside the European Union (i.e. in so-called third countries), currently for example:  

Storage/hosting of customer data (excluding traffic data) by Amazon Web Services EMEA SARL, Microsoft Ireland Operations Ltd., Google Cloud EMEA Limited, Ireland and Salesforce.com Germany GmbH in Europe. Only administrators with technical support access from the USA are possible. 

In all other respects, the following applies: If data processing takes place in third countries, this will take place insofar as you have expressly consented to this or if it is necessary for our provision of services to you or if it is provided for by law (Art. 49 GDPR). 

Your data will only be processed in third countries if certain measures are taken to ensure that an adequate level of data protection is in place (e.g. adequacy decision of the EU Commission or so-called suitable safeguards, Art. 44 et seq. GDPR, (see here). 

Who is responsible for data processing? Who is my contact person if I have questions about data protection at Deutsche Telekom? 

The data controller is the Deutsche Telekom AG. If you have any questions, you can contact our customer service or our data protection officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, datenschutz@telekom.de. 

Status of the Privacy Policy March, 2025

Partner List

Processing purpose according to consent category Processing company with company address/data recipient Products used/short description of the service used Description of specific processing purpose Responsibilities Processed data Storage period Legal basis
(Processing)
Third country processing Legal basis
(Third country processing)
Marketing with partners (controller or joint controller) and, if applicable, third country processing via Art. 49 GDPR Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads: This web service determines and documents website visits and measures the success of advertisements in order to subsequently optimize advertising expenditure.
This web service uses cookies, pixels and a local storage entry.
The web service has read and write access to your end device.
Google Ads is used to present interest-based advertisements to visitors within the Google advertising network. In the digital service, the visitor can then be presented with advertisements that relate to content that the visitor has previously accessed in other digital services that use Google’s remarketing function. If you have reached our digital service via a Google ad, Google AdWords will store a cookie on your end device. This cookie loses its validity after 90 days. The information collected with the help of this so-called conversion cookie is used to compile statistics about our conversion rate. This means that we find out how many users have come to our websites via a Google ad and purchased a product within 90 days. Controller (C2C),
Telekom Deutschland GmbH and Google Ireland Ltd are responsible for this. You can find further information on data processing by Google in the data protection information of Google Ireland Ltd (insert link).
Online usage data (todo: to be specified according to: Browser information, device information, pb data such as IP address, e-mail address) Your online usage data is not stored by Telekom. The web service has a function duration of 13 months. You can delete the local storage via your browser settings This web service is used on the basis of § 25 para. 1 sentence 1 TTDSG, the subsequent processing of your personal data is carried out on the basis of Art. 6 para. 1 a) GDPR. Your online usage data is processed in Argentina; Israel; Japan; Canada; New Zealand; Switzerland; United States of America and the United Kingdom. The EU Commission has issued an adequacy decision for these countries (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). Based on your consent, your online usage data will also be processed in the following unsafe third countries: Australia; Brazil; Chile; India; Kenya; Colombia; Malaysia; Mexico; Peru; Philippines; Singapore; South Africa; Taiwan; Turkey and United Arab Emirates There is no adequacy decision by the EU Commission (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) for these countries. Telekom Deutschland GmbH can therefore not ensure that the European level of data protection is complied with for these data processing operations. It cannot be ruled out that loca authorities may have access to your online usage data and that the exercise of your rights as a person affected by data processing may be restricted or excluded. EU adequacy decision or – Standard Contractual Clauses (SCC) with TIA or – Consent pursuant to Art 49 GDPR)
The Adform web service is a product of Adform A/S, Silkegade 3B stuen & 1st floor, 1113, Copenhagen, Denmark. Telekom Deutschland GmbH and Adform A/S are jointly responsible for this. This Adform web service is used for the targeted display of advertising on relevant platforms (retargeting).
This web service uses a pixel and the cookies: TPC, GCM, CM, CM14, Otsid, C, Uid, receive-cookie-deprecation
are used. The web service takes read and write access to your end device. This web service is only used if you have not declared a global opt-out to Adform at https://site.adform.com/de/privacy-center/website/datenschutz-opt-out/.
to receive evaluations of the performance of our campaigns, targeting data and advertisements Joint Controller (JC),
Telekom Deutschland GmbH and Adform A/S are jointly responsible for this. You can find further information on data processing by Adform in the data protection information of Adform A/S (insert link).
This web service processes the following data or data categories: IP address; online usage data; information about products ordered here; global opt-out vis-à-vis Adform Your above-mentioned data or data categories are not stored by Telekom Deutschland GmbH. The pixel is no longer used when the browser is closed The cookies have the following functional durations: TPC: 7 days GCM: 1 day CM: 1 day CM14: 14 days Otsid: 10 years C: 10 years Uid: 60 days receive-cookie-deprecation: 60 days This web service is used on the basis of § 25 para. 1 sentence 1 TDDDG, the subsequent processing of your personal data or data categories is based on Art. 6 para. 1 a) GDPR.
The Facebook Pixel web service is a product of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Telekom Deutschland GmbH and Meta Platforms Ireland Limited are jointly responsible for this (further information/the joint responsibility agreement can be found here: https://www.o2online.de/assets/blobs/pdfs/facebook-jc-addendum-pdf). The Facebook Pixel web service is used to measure and analyze the success of Facebook advertising campaigns and re-targeting on Meta platforms.
This web service uses cookies (“fr”, “fbp”, “fbc” and “oo”) and an entry in the local storage and in the index database on your end device.
The web service has read and write access to your end device.
Joint Controller (JC),
Telekom Deutschland GmbH and Meta Platforms Ireland Limited are jointly responsible for this. You can find further information on data processing by Adform in Meta’s privacy policy (insert link).
Analysis with partners (controllers and joint controllers) and, if applicable, third country processing via Art. 49 GDPR Example ?
Marketing by Telekom (or processors) and, if applicable, third-party processing via Art. 49 GDPR The web service is a product of trbo GmbH, Leopoldstr. 41, 80802 Munich. Telekom Deutschland GmbH is responsible for data protection. Trbo GmbH acts on behalf of Telekom Deutschland GmbH This web service trbo is used to personalize the website and for A/B testing of the website. Telekom Deutschland GmbH is responsible for data protection. Trbo GmbH acts on behalf of Telekom Deutschland GmbH. The following categories of data are processed by this service: Online usage data, information about products ordered here. If you have not objected to the processing of certain inventory data with legal permission (you can view information on the processed inventory data in your customer account login area), the following data categories are also processed: User groups (customer segments) based on online usage data and/or inventory data Your data will be deleted when the web service expires or if you withdraw your consent. The web service has a functional life of 3 years. This service is used on the basis of § 25 para. 1 sentence 1 TTDSG, the subsequent processing of your personal data is based on Art. 6 para. 1 a) GDPR.
Analysis by Telekom (or processor) and, if applicable, third-party processing via Art. 49 GDPR The Medallia web service is a product of Medallia Inc, 575 Market St Suite 1850, San Francisco, CA 94105, United States of America. Telekom Deutschland GmbH is responsible for data protection. Medallia Inc. acts on behalf of Telekom Deutschland GmbH. This Medallia web service is used to display and evaluate customer satisfaction surveys and to monitor the frequency of surveys on the website. Cookies and LocalStorage are used for this web service. The following cookies are used: DECLINE_DATE, SUBMIT_DATE, kampyleUserSessionsCount, kampyleUserSession, kampyleSessionPageCounter, kampyleInvitePresented, kampylePageLoadedTimestamp, kampyleUserPercentile, LAST_INVITATION_VIEW, kampyle_userid, cd_user_id. The web service takes read and write access to your end device. Improvement of the website by displaying and analyzing customer satisfaction surveys Telekom Deutschland GmbH is responsible for data protection. Medallia Inc. acts on behalf of Telekom Deutschland GmbH. This web service processes the following data and data categories: IP address; Your survey responses if you have participated in the survey; The frequency of your participation in the surveys; Your MSISDN – if you have provided this as part of the survey with your request to be called for the survey; Randomly generated device ID Your IP address will not be stored. Your above-mentioned data or data categories will be deleted after one year or if you revoke your consent. The web service has a functional life of 12 months. This web service is used on the basis of § 25 para. 1 sentence 1 TTDSG.  The subsequent processing of your data or data categories is carried out on the basis of Art. 6 para. 1 a) GDPR. When using this service, the data collected may be transferred to another country. Please note that in the context of this service, the data may be transferred to a country that does not have the necessary data protection standards. Below you will find a list of the countries to which the data is transferred. For further information on the security measures, please refer to the privacy policy of the respective provider or contact the provider directly. Based on your consent, your data or data categories will be processed in the following third country USA. The EU Commission has issued an adequacy decision for this country (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). EU adequacy decision or – Standard Contractual Clauses (SCC) with TIA or – Consent pursuant to Art 49 GDPR)
The Matomo web service is an open-source web analytics platform which is used by the service provider Mondia Media Germany GmbH (Caffamacherreihe 5, 20355 Hamburg) for Telekom Deutschland GmbH. This web service Matomo is used to statistically analyze website usage (e.g. number of clicks and page views). This web service uses the cookies _pk_id, _pk_ref, _pk_ses, _pk_cvar, _pk_hsr, mtm_consent, mtm_cookie_consent, temp-tracking-data and a pixel. The web service takes read and write access to your end device. Improvement of the website through statistical analysis of website usage  Telekom Deutschland GmbH is responsible for data protection. Mondia Media Germany GmbH acts on behalf of Telekom Deutschland GmbH. This web service processes the following data or data categories: IP address; Online usage data; UserAgent Your IP address will not be stored. Your data will be deleted after 25 months or if you withdraw your consent. The cookies _pk_ses, _pk_cvar, _pk_hsr are deleted after 30 minutes. The cookies _pk_ref, mtm_consent and mtm_cookie_consent are deleted after 6 months. The _pk_id and temp-tracking-data cookies are deleted after 13 months. This web service is used on the basis of § 25 para. 1 sentence 1 TTDSG. The subsequent processing of your data or data categories is carried out on the basis of Art. 6 para. 1 a) GDPR.