Desk with mobile, laptop, notepad, glasses and keys

Deutsche Telekom

Data privacy information

Cookie Settings: You can view your cookie settings at any time to manage your preferences.

The protection of your personal data has a high priority for Deutsche Telekom AG. It is important for us to inform you about what personal data is collected, how they are used and what options you have in this regard.

1. What data is collected, how is it used, and how long is it stored?

a) Necessary processing for the provision of the digital service (Art. 6 para. 1b GDPR, §25 para. 2 no. 2 TDDDG)
When using our website telekom.com, hereinafter referred to as the digital service: 
When you visit our websites, the web server temporarily records the domain name or IP address of your computer, the file request (file name and URL) from the client, the http response code, and the website from which you are visiting us. The data logged is used solely for data security purposes, particularly to protect against attempted attacks on our web server (Article 6 (1) f GDPR). We do not use it to create individual user profiles, nor do we share the data with third parties. It is erased after seven days at the latest. We reserve the right to statistically analyze anonymized data records.

b) Additional processing in the provision of the digital service that is carried out on the basis of consent, e.g. optionally offered communication channels (Art. 6 para. 1a GDPR, §25 para. 1 TDDDG)

  • The ReadSpeaker plugin from the company ReadSpeaker (Am Sommerfeld 7, 86825 Bad Wörishofen) serves the barrier-free poverty of the digital service. The read-aloud service at article and blog level is activated when you click on the "Read aloud" button. The text is then passed to the ReadSpeaker server via the user's IP address, where an audio file is generated and streamed back to the user's IP address. Immediately after the audio file is delivered, the process and the user's IP address on the ReadSpeaker server will be deleted. ReadSpeaker does not store any personally identifiable information. All services are provided in Europe. When using the ReadSpeaker, technical cookies are stored on the end device, which are deleted after the session or, depending on the function, after about 4 days. If the function is not activated, no cookies will be stored.
  • Dynamic FAQs: If you use the FAQs and submit a question that is not covered in the pool of available answers, you will be prompted to enter your email address. We will only use this email address to send you your answer.
  • Web forms: Other personal details, such as your name, address, telephone number, or email address, will not be collected unless you provide this information voluntarily. You will find detailed information on the topic of newsletters under point 9.

c) Processing in the provision of the digital service that is carried out on the basis of legitimate interest (Art. 6 para. 1 f GDPR, §25 para. 2 no. 2 TDDDG)
When you use our digital service, our servers temporarily record the domain name or IP address of your device as well as other data, such as the requested content or the response code. 
The logged data is used exclusively for data security purposes, in particular to defend against attacks on our server. They are neither used for the creation of individual user profiles nor passed on to third parties and will be deleted after 7 days at the latest. We reserve the right to statistically evaluate anonymized data sets.

2. Data control of the social media plug-ins used or links to social media platforms

Some pages contain buttons from social media networks (such as Facebook, Google, Instagram, X [Twitter], Pinterest, Xing, TikTok or LinkedIn) with which you can recommend the offers of the corporate website telekom.com of Deutsche Telekom AG to your friends and acquaintances. 

To ensure that you have full control over your data, the buttons used only establish direct contact between the respective social network and the visitor when you actively click on the button (one-click solution).

In our digital service, we only use the pictograms of the respective social media network. Only by clicking on the pictogram will you be directed to the company page on the respective social media platform. The social media platforms as well as the third-party content providers, which can be reached via the pictograms, provide these services and the processing of their data under their own responsibility.  

By activating the social media plug-in or link via the pictogram, also for sharing content (Art. 6 para. 1 a GDPR), the following data can be transmitted to the social media providers: IP address, browser information, operating system, screen resolution, installed browser plug-ins, previous page if you followed a link (referrer), the URL of the current page, etc.
On the next call, the social media plug-ins are again provided in the default inactive mode, so that no data is transmitted on a subsequent visit. 
Further information on social media plug-ins, the scope and purposes of the respective data processing as well as further data protection-relevant information can be found in the privacy policy of the respective controller as well as for the explanation of the 1-Click solution on Heise.de.

3. Is my usage behavior evaluated, e.g. for advertising or tracking?

Explanations and definitions:
We want you to enjoy using our digital services and using our products and services. In order for you to find the products that interest you and for us to be able to design our digital service in a user-friendly way, we analyse your usage behaviour in pseudonymised form. Within the framework of the legal regulations, user profiles are created. In the following, we provide you with general information about the various purposes of the processing. By clicking on the "Consent to data processing" query, which appears when you access our digital service, you have the option of agreeing to the processing or rejecting it in part or in full. Processing necessary for the provision of the digital service (see explanation above under 1.) cannot be refused.

  • Tag management (strictly necessary)
    Tag management allows us to manage the use of tools on the different websites of our web portal. A tag is set for each page to do this. The tag content determines which tools are to be used for this page. Tag management is used to ensure that tools are only used in a targeted way, where their use is appropriate.
  • Market research/Reach measurement (opt-in)
    Reach measurement provides statistics on a website's usage intensity and the number of users, along with comparable figures for all of the connected services. Individual users are not identified at any time. Your identity is always protected. 

a) Required processing
(i) Required functional
This processing is necessary for you to be able to navigate through the Digital Service and use essential functions. They enable basic functions, such as order processing in the online shop and access to secure areas of the digital service. In addition, they are used for the anonymous evaluation of user behavior, which we use to continuously develop our digital service for you. The legal basis for this processing is §25 (2) No. 2 TDDDG, Art. 6 (1b) GDPR or, in the case of third countries, Art. 44 et seq. GDPR.

Company

Purpose

Storage period

Processing country

Telekom

Opt-in procedure

Cookie (3 months)

Germany

Telekom

Comment function

Session cookie

Germany

Telekom

Voting

Session cookie

Germany

Telekom

Multi-step forms

Session cookie

Germany

Telekom

Zip code check

Session cookie

Germany

Telekom

Rating function

Session cookie

Germany

Tealium

Tag management

Cookie (12 months)

Germany

Mapp (formerly Webtrekk)

Website improvement, fault analysis

Session, no cookies

Germany

Operation

Session cookie

Germany

Telekom

Ensuring CMS functionality

Session cookie

Germany


b) Optional Processing
This processing is used when you use additional features, such as share price charts provided by the company Investis. The possible functions are explained in section 1 of this Privacy Notice. The legal basis for this processing is §25 (1) TDDDG, Art. 6 (1) (a) GDPR or, in the case of third countries, Art. 49 (1) (a) GDPR. 

Company

Purpose

Storage period

Processing country

Investis

Stock exchange function

Session cookie

Europe

ReadSpeaker

Text-to-speech function

Cookie (4 days)

Sweden

Mapp (formerly Teradata)

Newsletter

No cookies

Germany


c) Analytical Processing
This processing helps us to better understand user behaviour. Analytical processing enables the collection of usage and recognition options by first-party or third-party providers, in pseudonymous user profiles. For example, we use analytical processing to determine the number of unique users of the Digital Service or to collect technical information in the event of a Digital Service crash, as well as to analyze user behavior based on pseudonymous information about how users interact with the Digital Service. The legal basis for this processing is Art. 6 (1) (a) GDPR or, in the case of third countries, Art. 49 (1) (a) GDPR.

Company

Purpose

Storage period

Processing country

Tealium

Tag management

Cookie (12 months)

Germany

Mapp (formerly Webtrekk)

Website improvement, fault analysis

Session, no cookies

Germany

Cookie Settings: You can view your cookie settings at any time to manage your preferences.


d) Marketing / Retargeting Processing
This processing is used in order to be able to show you personalised and therefore relevant advertising content. 

Marketing processing is used to display interesting advertising content and to measure the effectiveness of our campaigns. This happens not only in Telekom's digital services, but also in other digital services (third-party providers). This is also known as retargeting. It is used to create pseudonymous content or ad profiles, to serve relevant advertisements on other digital services, and to derive insights about audiences who viewed the ads and content. Marketing and retargeting processing helps us to display possible relevant advertising content to you. By opting out of marketing processing, you will continue to see the same number of advertisements, but they may be less relevant to you. The legal basis for this processing is §25 (1) TDDDG, Art. 6 (1a) GDPR or, in the case of third countries, Art. 49 (1a) GDPR.
 

Company

Purpose

Storage period

Country of processing

Meta Platforms Ireland Ltd. (Facebook)

Event tracking (further information can be found in the next section)
Privacy Policy

Cookie (3 months)

United States

Cookie Settings: You can view your cookie settings at any time to manage your preferences.


 

e) Services from other companies (self-responsible third-party providers)
We have integrated services from third-party providers who provide their services independently or under joint responsibility with Telekom. When using our digital service, data is collected by means of cookies or similar technologies and transmitted to the respective third party, in some cases for Deutsche Telekom's own purposes. The legal basis for this data processing is Art. 6 (1) (a) and Art. 49 (1a) GDPR. For information on further processing for the third-party provider's own purposes, please refer to the third-party provider's privacy policy (purposes, storage period and legal basis). Insofar as data processing is also carried out under joint responsibility of Telekom, we inform you about the possible risks as follows.

Third countryRecipientTypes of dataPotential risk

United States of America (data exporter: Google Ireland)

Google LLC

Usage data

EU-US Data Privacy Framework ensures an adequate level of data protection for data processing in the USA

United States of America (data exporter: LinkedIn Ireland)

LinkedIn Inc.

Usage data

EU-US Data Privacy Framework ensures an adequate level of data protection for data processing in the USA

United States of America (data exporter: Meta Ireland)

Meta Platforms Inc.

Usage data

EU-US Data Privacy Framework ensures an adequate level of data protection for data processing in the USA

United States of America (data exporter: Twitter Ireland)

X Corp.

Usage data

EU-US Data Privacy Framework ensures an adequate level of data protection for data processing in the USA

(i) Google
On individual websites, e.g. in the job search, we use Google Maps to show maps and sites. Google Maps is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The embedding of Google Maps means that your IP address is transferred directly to Google and a cookie is stored as soon as you visit this type of website. You can obtain information and opt out of data processing by Google at any time at http://www.google.de/intl/de/policies/privacy.

Google YouTube Videos:
YouTube collects data to provide better services to users, from determining basic information, such as your language, to more complex questions, such as advertising. What data YouTube collects and how it is used depends on how you use the Services and how you manage your privacy settings. If you're not signed in to a Google Account, the data collected is stored with unique identifiers associated with the browser, app, or device. This can ensure, for example, that the language settings are maintained for all sessions. If you're signed in to a Google Account, we'll also collect information that's stored in your Google Account and is considered personal information. For more information, please visit: https://policies.google.com/privacy?hl=de&gl=de 

(ii) Meta/Facebook
We use the Meta pixel and the Custom Audience service in our digital service to optimize our advertising offering, provided that you have given Facebook your consent to this. Further information about these Facebook services and the privacy policy of Meta Ireland Ltd., Merrion Road Dublin 4, Ireland ("Meta") can be found at the link https://www.facebook.com/privacy/explanation.
If you use a Facebook user account, this can be recognized by the Meta pixel on our digital service by the Facebook cookie set, via which the collected usage data is transmitted to Meta for analysis and marketing purposes. You can check and/or deactivate this data collection and the further processing and use of the data by Meta directly on Facebook. The Meta pixel is a JavaScript code that transmits the following data to Facebook:

  • HTTP header information (including IP address, web browser information, page location, document, digital service URL and web browser user agent, referrer URL, and day and time of use)
  • Pixel-specific data; this includes the pixel ID and Facebook cookie data, including your Facebook ID (this data is used to link events to a specific Facebook ad account and associate them with a Facebook user)

The aforementioned data processing only applies to users who have an account with Facebook or have accessed a Facebook partner page (which has set a cookie). The display of advertising on Facebook (partner) pages using the "Custom Audience" service does not affect users who are not members of Facebook. If it is possible to assign the Facebook ID contained in the Facebook cookie to a Facebook user, Facebook will assign this user to a target group ("Custom Audience") based on the rules we have defined, provided that the rules are relevant. We use the information obtained in this way for the presentation of Telekom advertising on Facebook (partner) pages. If you would like to object to the use of the Facebook pixel, you can set an opt-out cookie on Facebook or deactivate JavaScript in your browser. For further information as well as the setting options for protecting your privacy for advertising purposes, please refer to Facebook's privacy policy, which  can be found on https://www.facebook.com/ads/website_custom_audiences/, among others.


(iii) X (formerly Twitter) for Internet data
Some digital services have integrated Twitter content. These can be, for example, the embedded timeline or Twitter buttons. When you view such a page, X (formerly Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland) may receive log data that includes data of the digital service you are visiting. This information is used to improve the use of the Digital Services, to protect the security and integrity of the Platform, and to display more relevant content, including ads. No link is made between your activity and your name, email address, phone number, or username, and deletion, obfuscation, or aggregation will take place after a maximum of 30 days. There is no collection of this data as it is located in the European Union. X´s (Twitter) Privacy Policy: https://x.com/de/privacy  

(iv) LinkedIn
The re-targeting and conversion tracking of LinkedIn (LinkedIn Ireland Ltd., Wilton Plaza, Wilton Place, Dublin 2, Ireland) by means of the LinkedIn Insight Tag enables the collection of statistical, pseudonymous data (referrer URL, IP address (abbreviated), device and browser characteristics) via the LinkedIn Insight Tag. In addition, this information is used to display interest-specific and relevant offers and recommendations after you have shown interest in certain products, information and offers on our digital service. This information is stored in a cookie for 6 months. You can find out about data processing by LinkedIn at any time under https://www.linkedin.com/legal/privacy-policy?trk=registration_footer-privacy-policy and object to it or revoke your consent via the cookie settings. Telekom Deutschland and LinkedIn are joint controllers for this processing in accordance with Art. 26 GDPR. If you have any questions, you can  contact datenschutz@telekom.de or LinkedIn.

Cookie Settings: You can view your cookie settings at any time to manage your preferences.

4. Where can I find the information that is important to me?

Additional information on data protection when using our products, in particular on the purposes of use, deletion periods, etc., can be found in the data protection information for the respective product under https://www.telekom.de/datenschutzhinweise, in the Telekom Shop or unter www.telekom.com/datenschutz.

5. What rights do I have?

You have the right to:

a) to request information on categories of data processed, processing purposes, possible recipients of the data, the planned storage period (Art. 15 GDPR);

b) request the correction or completion of incorrect or incomplete data (Art. 16 GDPR); 

c) to revoke a given consent at any time with effect for the future (Art. 7 para. 3 GDPR);

d) to object at any time for the future to data processing that is to be carried out on the basis of a legitimate interest, for reasons arising from your particular situation (Art. 21 para. 1 GDPR), stating these reasons. You can object to data processing for direct marketing purposes at any time without stating these reasons (Art. 21 para. 2, 3 GDPR);

e) in certain cases, request the deletion of data within the framework of Art. 17 GDPR  - in particular if the data is no longer required for the intended purpose or is processed unlawfully, or if you have withdrawn your consent in accordance with (c) above or have declared an objection in accordance with (d) above; 

f) under certain conditions, to demand the restriction of data if deletion is not possible or the obligation to delete is disputed (Art. 18 GDPR);

g) data portability, i.e. You can receive your data that you have provided to us in a commonly used machine-readable format, such as z.B. CSV, and, if necessary, transmit it to others (Art. 20 GDPR); 

h) to complain to the competent supervisory authority about the data processing (for telecommunications contracts: Federal Commissioner for Data Protection and Freedom of Information; otherwise: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia).
 

6. To whom does Telekom share my data?

To processors, i.e. companies that we commission to process data within the scope provided for by law, Art. 28 GDPR (service providers, vicarious agents). In this case, Deutsche Telekom remains responsible for the protection of your data. In particular, we commission companies in the following areas: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing.

To cooperation partners who provide services for you on their own responsibility or in connection with your telecom contract. This is the case if you commission services from such partners with us or if you consent to the involvement of the partner or if we involve the partner on the basis of a legal permission.
In addition, Deutsche Telekom is striving to cooperate with other service providers (e.g. smart home services). If you are also a user of these services, you can link your respective account to them. This linking must be done by you separately for each service. Once you have made a link, the personal data listed in this Privacy Notice may be used from your respective account for the relevant service. The respective service provider will inform you about the processing of your personal data.

Due to legal obligation: In certain cases, we are required by law to transmit certain data to the requesting government entity. 

7. Where will my data be processed?

Your data will be processed in Germany and other European countries. 
In some cases, your data is also processed in countries outside the European Union (i.e. in so-called third countries), currently for example: 
Storage/hosting of customer data (excluding traffic data) by Amazon Web Services EMEA SARL, Microsoft Ireland Operations Ltd., Google Cloud EMEA Limited, Ireland and Salesforce.com Germany GmbH in Europe. Only administrators with technical support access from the USA are possible.
In all other respects, the following applies for the company website telekom.com: If data processing takes place in third countries, this will take place insofar as you have expressly consented to this or if it is necessary for our provision of services to you or if it is provided for by law (Art. 49 GDPR).
Your data will only be processed in third countries if certain measures are taken to ensure that an adequate level of data protection is in place (e.g. adequacy decision of the EU Commission or so-called suitable safeguards, Art. 44 et seq. GDPR, (see here).

8. Who is responsible for data processing? Who should I contact if I have any queries regarding data privacy at Deutsche Telekom?

The data controller is the Deutsche Telekom AG. If you have any questions, you can contact our customer service or our data protection officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, datenschutz@telekom.de.

9. Deutsche Telekom AG data privacy information for newsletters

Deutsche Telekom AG’s General Data Privacy Information applies to the processing of your personal data. 

If you use and/or have subscribed to our newsletter, the following additional information applies.

The data privacy information for sending newsletters provides information on which personal data is collected when sending the newsletter, for what purposes this data is processed, when the data is erased, and the legal basis for this.

a) What data is collected and for what purposes is it processed? 

When you register for our newsletter, we use your email address to send this newsletter, which provides regular information on topics relevant to Deutsche Telekom AG. The legal basis for processing is your consent in accordance with Article 6 (1) (a) GDPR. To ensure that you are registered for the newsletter correctly, i.e., in order to prevent unauthorized registrations in the name of third parties, we will send you a confirmation email after your initial registration as part of our double opt-in process. This email will ask you to confirm your registration.

In the context of your newsletter registration, we also store your registration data (e.g., email address, date and time of registration/confirmation of opting in) so that we can track and provide evidence of your registration at a later date. The legal basis for storing this data is a legitimate interest, Article 6 (1) f and Article 7 (1) GDPR. The legitimate interest is based on the controller’s ability to demonstrate consent.

b) How long do we store your data?

In order to send you the newsletter, we store your email address until you unsubscribe or we cease sending the newsletter to you. If you unsubscribe, your registration data will be stored for up to three and a half years, purely for purposes of demonstrating your consent.

c) How can I cancel my subscription to the newsletter?

You can revoke your consent to receive the Deutsche Telekom AG newsletter at any time with future effect by clicking on the unsubscribe link at the end of any newsletter you receive.


Data privacy information last revised July 12, 2024.

Datenschutz und Sicherheit

Data privacy and security

Find security tips and current information on data privacy and security here.