Data Policy What We Do with Your Data


zur deutschen Version wechseln


Dear Reader,

How do we analyze your activity on our websites? Which advertising is presented to you? How can you view your personal data if you are a digital subscriber or registered user? In short, how do we deal with the data that arises from the users of our digital products and services? We aim to answer these and many other questions in this data protection declaration, which applies to all the titles of our media group: the SPIEGEL product family, manager magazin and manager lounge, Harvard Business Manager, Planestream and bento.

The regulations for data collection, processing and usage defined here apply as soon as you use one of our digital products or services, set up a user account or navigate one of our sites in any other way. They define the basis for data protection on our sites. Important: For some actions we work with selected partners - on service pages, for example, or when you buy products, for competitions, in the analysis of usage of our content, products and services as well as the integration of advertising. In these cases, you may find additional references to the data protection regulations of these partners. If the content of third parties - particularly of social networks and platforms - is integrated, this may also contain data; this will be explained at greater length later on.

You may reject any analysis or services that are not essential for the operation of the products and services we offer, which we will also explain. Before we begin, though: With regards to our advertising service providers, we offer a central option for deselecting tracking services using an "opt-out." The list on the website Your Online Choices will show you which trackers are active on your current browser. You can deactivate each of them with one click.

The deactivated services are not just blocked for our services, but also overall for the device that you are using. The settings are stored in cookies with your browser (more on cookies below). Should you be using multiple browsers on multiple devices, you must (de-)activate settings on each browser individually, because we are neither able nor permitted to synchronize opt-outs for you.

The list of services will change, so please revisit this page regularly. Generally, we are also updating this declaration constantly to comply with legal framework conditions. However, this will in no way affect your fundamental right to data protection. Should we hold personal data about you, you have the right to information and rectification at any time, and in most cases to restriction of processing, erasure, blocking and/or transfer of the data to you. If you have questions you can contact us at any time at Datenschutz@spiegelgruppe.de.

What we promise you

We will store, process and use your data only in the manner described in this declaration, and in compliance with German and European data protection legislation. Naturally, we maintain data secrecy. We treat your data confidentially and do not pass it on to third parties other than to closely associated service providers, who may process subscriptions, payment services, video delivery, advertising business or other services on our behalf. These service providers are under obligation to use your data only for the purpose provided for in the relevant contract, and not to pass it on to anyone else under any circumstances. When we refer to "we" in this declaration, this also includes these closely associated service providers.

For each visit, we temporarily record the IP address used for your Internet access, as well as the pages you access. If you are accessing the site from an app, we temporarily record the device number so that basic services like access authorization can function. However, we never use this data to identify you personally.

We, our external cooperation partners and content providers as well as advertising service providers who activate advertising on our site - more on this below - store cookies on your browser. These are small files with information that serves to differentiate users (using software and device IDs, etc.), as well as settings for advertising trackers and usage preferences. You may delete or deactivate cookies in your browser, but you must then log in again and create new settings, etc. Generally, you are able to use our sites without cookies. You can find out more about cookies at www.meine-cookies.org. Generally, we and our cooperation partners establish no reference to you as an individual from the cookies, but rather use them at most as pseudonyms. The legal basis for this is the European ePrivacy Directive in conjunction with the German Telemedia Act (Telemediengesetz; Par 12 et seq.) and/or the European General Data Protection Regulation (Art. 6(1)(b) and (f)).

Only when you are registered and logged in with us will your user account - including concrete details about you - be stored in cookies, so that you can use our products and services without having to log in every time. To personalize the products and services which use advertising and market research, this personal data is only used in limited scope and with your express consent which you may grant on a case-by-case basis.

For all of our purchasing and order sites to which you may submit personal data, we use only the latest SSL security standard (256-bit Secure Sockets Layer). Your data is encrypted directly upon transfer, and all information that may be subject to data protection such as credit card numbers, routing numbers, account numbers, names and addresses are stored in a protected database in encrypted form. In order to administer your basket, we use a session cookie (which is deleted when the browser closes) or alternatively a session identifier in the access path of the website (12 characters with a leading dollar sign) which becomes invalid after half an hour of inactivity (in which case the basket and data are discarded).

What we know about you as an individual

  • We only know your name, your address, your age and other personal details if, for example, you are registered for a digital subscription or membership in the manager lounge with a user account and have supplied these details yourself - either to us or perhaps to our implementation partner Plenigo, which is closely integrated with our site and manages digital subscriptions, and which is obligated to protect your data that they process on our behalf.
  • We only know you by your email address if you have used it to directly register with us for a newsletter, forum or a contest, for example, or with one of our cooperation partners Newsletter2Go, MailChimp or Salesforce which send emails on our behalf and which also must protect your data in the framework of our cooperation. In the event of contests, we pass them on to prize sponsors for processing, if necessary, within the scope of the applicable conditions of participation.
  • We only know you by your mobile phone number if you have actually registered it for a service, such as WhatsApp messages operated by our partner WhatsBroadcast, which offers a service on our behalf and as a processor must also protect your data.

In each case, we first ask for your consent and then only use the respective data relating to you as an individual in the provision of the actual products and services for which you have registered. If you contact us as an identifiable individual, through a contact form, for example, in addition to your name and email address we may also store such details in our system as the time and place a registration takes place or a message is sent to us; the download, purchase or attempted purchase of products or services; in some cases, also the dispatch or opening of newsletters, emails and push messages; also contact via email or interest in individual products or services. As long as and to the extent that we do not need to make the data available, you may revoke your consent for usage at any time. This often requires nothing more than unsubscribing from the product or service in question, but naturally this means that you can no longer use it. You can always find more information on unsubscribing in the product or service in question. For newsletters, you can unsubscribe from the newsletter itself, for the WhatsApp service from WhatsApp, and so on.

Essentially, we only process personal data to fulfill our contractual obligations to our users. We need to process data to be able to suggest suitable contacts to you, for instance, or products and services, or information. With certain products and services, we have to ensure that access requests come from humans and not automated programs. To prevent such abuses, we use Google's reCaptcha service, which uses a truncated version of your IP address and other necessary data (only in the event of technical outage in Europe, for instance, is it possible that the IP address will be truncated in the USA). The reCaptcha data is not merged with other Google data.

Please note that if you make a purchase through one of our apps, the payment is usually processed by Apple or Google as the operator of the respective app store. The companies receive your order information and link it to your App Store account to complete the purchase transaction and inform us of your eligibility to access paid products like subscriptions. Under no circumstances, however, do we receive your personal profile and payment data from the stores in question - that is the responsibility of the companies in the U.S.

How we analyze the usage of our products and services

Which articles are currently being read? How often? By how many people? How much time do viewers spend watching videos? How often do users visit our sites? For us it is important to learn about the preferences and desires of our readers. That's why we use analysis services which can offer us trending topics in real time and comparison with the competition on a daily or monthly basis. These services are largely integrated via the Google Tag Manager, which does not collect any data itself and these services never record you as an individual with your identity data, rather they use a pseudonym at most. They also do not present advertising or other products or services.

  • Market comparison of reach: The company INFOnline analyzes the general reach of our sites and other sites in Germany with anonymized cookies and/or information that your browser automatically transfers - you can find details on anonymization at the end of this declaration. The data is used for official reach comparison by the associations IVW (www.ivw.eu), AGOF (www.agof.de) and agma (www.agma-mmc.de). You can reject this measuring in web browsers here; in apps you can deactivate them in settings (for iOS in iOS Settings > App > AGOF-Zählung, for Android directly in the app menu under Data protection > IVW/AGOF-Zählung). Through the company INFOnline, we also set session cookies from the copyright collective VG Wort, which analyze the use of a specific text without recording your data, not even anonymously. The analysis is performed to estimate how often texts are printed, copied or otherwise reproduced. Authors are then paid a share of the copyright fees to which they are legally entitled.
  • Real-time analysis for editorial staff: Meetrics and Parse.ly: We use the German service Meetrics and the U.S. service Parse.ly for real-time analysis, to see which stories have a resonance and which topics are popular. You can opt out of Meetrics here and Parse.ly here. We also monitor access to our content in a general sense with software from Netmind. This is an integral component of our technical system and cannot be deactivated.
  • General analysis with Google Analytics and supplementary services: To comprehensively optimize our products and services beyond this analysis, we use the web analysis service Google Analytics, which uses cookies to scan usage both in real time and over the long term. The data is generally transferred to U.S. servers and stored there; however, because we have activated IP anonymization, Google must first truncate your IP address in an EU or EEA state (only in the event of technical outage in Europe, for instance, is the IP address first truncated in the USA). Even when you have registered with us through a user account and are logged in, you will never be personally identified in Google Analytics - rather only through a pseudonym that we create from your user account and for which organizational measures prevent any connection to you. In particular, we need this pseudonym to standardize analytics data from your various devices and browsers and to optimize our products and services across them. To learn more about the basic composition of our users - even if many readers are not registered - we also use the AMP Client ID interface to integrate text usage with the rapid AMP standard for mobile devices; we also use Google Advertising Reporting Features to interweave anonymous usage data with demographic and interest data from Google's DoubleClick advertiser network and the Google advertising services that we use. You can find out more about deactivating cookies from DoubleClick (which whom we share anonymous usage data) in the section on our web partners. In each case, Google works on our behalf and guarantees not to merge data from Analytics with other Google data. You can reject the above-mentioned data capture and processing in web browsers here by installing a browser plug-in; in apps you can deactivate it in settings (for iOS in iOS Settings > App > Google Analytics, for Android directly in the app menu under Data protection > Google Analytics).
  • Optimization analysis with Google Optimize and Hotjar: We use the analysis service Google Optimize to experimentally configure our sites in a number of different variations and to optimize them using comparative statistics. By using cookies, we can anonymously differentiate between test groups. The data is processed by Google Analytics in the manner described; if you deactivate Google Analytics, your data is not included in the comparative tests. We also use spot samples to analyze movement, clicks or swiping behavior on some of our webpages to improve the structure of our projects and pages. For this purpose, the service Hotjar records data in a small number of sessions randomly and pseudonymously, without making you identifiable to us. This data is anonymized in Ireland, stored and deleted after 365 days. It can be deleted earlier upon request.
  • Usage analysis with Firebase and Pushwoosh: We use the services Firebase and Pushwoosh to bring information into websites and apps in real time, for example push messages in apps. These are integral components of our products and services and cannot be deactivated. Anonymous data is also sent to Firebase and Pushwoosh so that we too may analyze usage.
  • App analysis with Localytics, adjust and Crashlytics: To better understand the usage of our apps for smartphones and tablets, we perform analysis in some apps using the service Localytics - how often they are accessed, what is clicked on, etc. Your data is pseudonymized and you are never identified as an individual. You can deactivate the analysis in settings (for iOS in iOS Settings > App > Deactivate sending of usage data; in Android directly in the app menu under Settings). Alternatively, the bento app may use the service adjust, which anonymously analyzes IP and MAC addresses such that no reference may be established to you as an individual. This analysis is obligatory; by using the app you declare your consent to this. We use Crashlytics to analyze in some apps where and in what context the app has malfunctioned or failed to function properly. In doing so, your App ID, general data on problems encountered and on the device, mobile network provider and operating system are collected, though potentially personal or pseudonymous data is deleted after seven days. As with Localytics, you can deactivate the service directly in the settings.
  • Newsletter statistics: We track clicks from our newsletters to our products and services with the help of the statistics services mentioned, and we also analyze opening and click rates as well as other usage data for individual newsletters with our service providers Newsletter2Go, MailChimp and Salesforce. Your email address is stored in a recipients list used to maintain distributions and sometimes also used in pseudonymized form to send you personalized newsletters tailored to your preferences. You can unsubscribe from the newsletter at any time.
  • Market research: In surveys, we may sometimes ask for details on usage of our products and services and for demographic details such as age and sex. Your responses are collected anonymously and separately from other data, meaning no connection can be made to you. We need this for our own, legally permissible analysis and to present proposals to potential partners, advertising customers and other contacts. Data from accompanying betting games for which you may have submitted your email address, for instance, is recorded separately and not associated with your responses.
  • Typeform and CognitoForms: We use these tools in some products and services to present surveys and forms on our pages to enable you to provide us with feedback or send us messages, for example. The data is also stored on servers in the U.S., but it is treated confidentially and only evaluated by a limited group of people in our company. You can find out more about data protection at Typeform and CognitoForms here.

What social networks and external tools can see about you through us

On our site, we integrate posts and recommendation functions from platforms such as Facebook, YouTube, Twitter, Instagram, Giphy, Imgur or the mapping service Mapbox, most of which are located in the USA but are nonetheless subject to the applicable data protection regulations in EU and EEA countries. If, for instance, you actively use a recommendation switch on our site or read an article with an embedded post or YouTube video, the embedding technology may transfer general framework data such as your IP address back to the social networks and platforms. We have no influence over the way these platforms use the data. Please consult Facebook, Twitter and YouTube directly for more information, and adjust your privacy settings.

For social networks and on other external platforms, the companies' respective data protection regulations apply, even if we distribute information and maintain presences there with our brands. With Snapchat, in particular, we are active outside our internet presence, for example with SPIEGEL ONLINE in Snapchat's Discover section. The U.S. company provides us with its content management system and general usage data, such as the number of hits, the length of usage, the demographics of readers and the user names of all contacts. You can read the network's data protection rules here.

You can also create a user account with us by connecting to your Facebook account. In this case, of course, we will not have access to your Facebook log-in information -- the social network's privacy policy applies -- but we will need to obtain your public information and your email address in order to allow you to register with us. This will enable you to set up a user account with us, and you can later unlink Facebook in our login area at any time in order to log in to us independently of Facebook.

How advertising works in our products and services

Advertising ensures the existence of our products and services, and advertisers require reliable information on the number of readers viewing their advertisements. Moreover, they are interested in preferentially presenting their advertising to those who are interested in certain products or topics. For this we allow our advertising partners to track usage data for "usage-based" online advertising (in which advertising is tailored to the user's interests), in other words to collect and process it in usage profiles in pseudonymized form. This data helps ensure that you are presented with advertising to which you are likely to be more attentive. You can identify this "advertising tracking" by the OBA symbol, a turquoise triangle with an "i" in the middle. In the list above, you can reject tracking from advertising partners by setting anti-tracking cookies. You can find out more about technology and your opt-out options here and here.

Only some of the companies listed there are partners. A list of our specific advertising partners, their data protection statements and the possibilities they provide for opting out (meaning to deactivate the tracking) can be found in our German privacy policy.

The following advertising partners, which also use tracking options, perform particular functions on our site. In some cases you may need to unsubscribe from separately:

  • IP Deutschland is jointly responsible with us for data processing in the marketing of our website. To serve personalized advertising based on a person's individual interests and to reach target groups, the company measures reaches, controls the delivery of ads, limits them with so-called frequency capping and employs cookies and other identification options to analyze your clicks. Other sources are also used, including, for example, profile segments from registration areas, device data, behavior patterns in our products and services, at times sociodemographic data or assumptions about them. This also extends beyond our website, but it is always in the form of pseudonymized profiles in which you are never identified as an individual. Your data will also only be used for relatively short periods of time. You can find detailed information about the technology, the data used, service providers and participants employed, options for opting out, the storage duration and more here. You can also find all the details about our partnership with IP Deutschland at the end of this data protection statement.
  • Google. In addition to the usage analysis with the analytics cookies described above, Google is also integrated as an advertising partner through Google AdWords and can place and use advertising cookies with us according to the same guidelines. If you click on an ad placed by Google, a cookie is stored without personal data that is valid for 30 days and registers your clicks on the ad on our website and is used for statistics. You can opt out here.
  • Outbrain presents both individualized advertisements and personal reading recommendations from our products and services at the bottom of articles. The data that appears there is not actually compiled by us, rather it is used solely by the British service provider, which is subject to EU and EEA regulations. To deactivate Outbrain, click here and scroll down to "Opt-out."
  • Cuponation, which presents voucher deals on article and overview pages in our products and services; this is subject to additional data privacy regulations, which you can find here.

In general, tracking means that your usage of our products and services is captured, for instance individual clicks, subpages visited, advertising banners viewed, etc. Because it can never be entirely discounted that the data may be indirectly associated with you, all usage data is saved with a random pseudonym, and this pseudonymous data cannot be personalized again. To enable ads to be tailored to your needs in places where cookies do not work optimally, in apps on smartphones, for example, cookie-like technologies may be used. To prevent this, go to the app "Google Settings" on Android smartphones or scroll down to "Google" in the General Settings app, tap "Ads Settings" and tap the on-off slider next to "Personalized advertising." On iOS devices, for which we use Apple's Advertising Identifier, go to the Settings app, then to "Privacy," then to "Advertising" and make your specific settings.

Finally, we use a service from Sourcepoint to prevent the use of ad blockers on our site. This stores data on usage of our site in cookies to repel advertising blockers and record your settings. All analysis is carried out anonymously and not in a personalized way. Private data such as IP addresses are used only in truncated form.

What our editorial cooperation partners analyze

In our articles, we often use services from cooperation partners, for surveys or discussion questions, for instance. As with social networks and platforms, the following applies: If, as an example, you read an article with an embedded survey, theoretically general framework data such as your IP address may be transferred back to the social networks and platforms. You can also find more information on their data protection policies on their websites:

  • Disqus: In some products and services, we use this U.S.-based platform to enable user discussion. You can only take part in debates when you log in to your user account with us, through Disqus or another service such as Facebook or Google (in the latter case these services may theoretically be able to follow your Disqus usage). Disqus uses cookies to identify you, and may also integrate services for usage-based advertising. You can opt out here. You can find the data protection details for Disqus here.
  • Civey: In some products and services, we use this German platform to carry out opinion surveys. Civey also collects data on your personal settings and your voting behavior, which is why you can only fully utilize the service once you log in with your own log-in or through Facebook (in the latter case the social network may theoretically track the fact that you use Civey). If you are not logged in, your voting behavior will be evaluated in anonymized form and a cookie set in each case. Your log-in and voting data is stored in encrypted form on German servers, where it remains confidential and is used solely for survey purposes. You can find out more about data protection details for Civey here.
  • Opinary: In some products and services we use this German platform to carry out rapid opinion surveys. Only when you register there are you identifiable as an individual, otherwise a cookie will be set in order to present you with usage-related advertisements; Opinary analyzes the usage of websites and advertising space where it is deployed. You will only be captured using a pseudonym. You can opt out here.
  • Playbuzz: In some products and services we use this Israeli platform to present quizzes and other games and interactive surveys. Playbuzz may set cookies for advertising marketing. This is impeded if you deactivate the use of advertisement cookies in your browsers; your browser and device may be roughly identifiable through characteristics such as operating system and other settings. You can find more data protection details for Playbuzz here.
  • Games: Some of our products and services include embedded browser-based games that are provided by our Karlsruhe-based partner kr3m, which stores the log files of the websites and files that are accessed, the associated time data, the browser and operating system and the IP address including the provider. This data is used solely for statistical purposes to optimize security and the product or service itself, but also to track illegal use. In no case is personal data passed on without the user's consent. You can find more about data protection at kr3m here.

How we advertise ourselves

We, too, advertise our products and services on the Internet. We use various options for individualized advertisements with which we aim to reach you and other potential readers directly:

  • Google Remarketing: We use Google's Remarketing function to present you with advertisements for our products and services that correspond with your usage preferences in the global Google advertising network. You will be identified in this network through cookies, but not identified as an individual. You can opt out here.
  • Facebook Remarketing/Retargeting: We have integrated remarketing tags from the social network in our products and services where appropriate. If you are logged into Facebook, the platform receives the information that you have visited our site, through which we can present you with advertising on Facebook. The transfer of your data as a Facebook user is regulated in the data protection declaration of the network itself. You can deactivate the "custom audiences" setting for your profile here.
  • Bing Ads: This service from Microsoft, a U.S.-based company, sets a cookie if you access our website through a Bing ad so that we can find out the total number of clicks leading from an ad to our website. Your user profile is only stored in a pseudonymized form. You can opt out here.

Also good to know

The responsible authority for data processing is the company within the SPIEGEL Group named in the respective legal notice (Impressum), represented by its management. You can always contact the SPIEGEL Group, Kennwort Datenschutz, Ericusspitze 1, 20459 Hamburg or send an email to datenschutz@spiegelgruppe.de if you have questions about the way we collect, process or use your data; if you wish to rectify, delete or block such data; or if you have any other general questions that have not been answered. You can also contact the Data Protection Officer for the SPIEGEL Group in this way. We will always address your concern promptly as long as we are not legally prevented from doing so. If we do not address your concern within the legal time limit or fail to address it sufficiently, you may lodge a complaint with the responsible supervisory authority. Generally speaking, the authority applicable to the headquarters of the company is responsible, so for us this is the Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (Hamburg Commissioner for Data Protection and Freedom of Information).

One last thing: This declaration applies to all digital products and services of the SPIEGEL Group. When we link to other websites, we have no influence and no control over whether the service provider complies with data protection provisions. If you wish to raise possible problems on a linked site or with one of our partners, please email us.


Details on individual services

On market reach comparison

Our websites use the measurement procedure known as "next-generation innovative scalable central measurement process," or SZMnG, from INFOnline GmbH for calculating key statistical figures on the usage of our products and services. The goal of usage measurement is to statistically determine the number of visits to our websites, the number of website visitors and their surfing behavior - on the basis of a uniform standard procedure - and so obtain values that are comparable across the market. For all digital products and services that are members of the Informationsgemeinschaft zur Feststellung der Verbreitung von Werbeträgern e.V. (IVW; German Audit Bureau of Circulation) or take part in studies of the Arbeitsgemeinschaft Online-Forschung e.V. (AGOF; Working Group for Online Media Research), usage statistics on reach are regularly processed further by AGOF and the Arbeitsgemeinschaft Media-Analyse e.V. (agma; Media Analysis Working Group) and published with the performance value "unique user" as well as the performance values "page impression" and "visits" from IVW. These reach values and statistics can be seen on the respective websites.

1. Legal basis for processing

Measurement using INFOnline GmbH's SZMnG process is carried out on the basis of legitimate interest as defined by Art. 6(1)(f) GDPR. The purpose of processing personal data is the generation of statistics and the formation of user categories. The statistics help us understand and verify the usage of products and services. The user categories form the basis for provision of advertising material and/or advertising measures aligned with your interests. For the marketing of our website, usage measurement that guarantees comparability with other market participants is vital. Our legitimate interest arises from the economic usability of the findings generated by statistics and user categories and the market value of our website - including direct comparison with the websites of third parties - which can be determined using statistics. Moreover, we have a legitimate interest in making available the pseudonymized data from INFOnline, AGOF, agma and IVW for the purposes of market research (AGOF, agma) and for statistical purposes (INFOnline, IVW). Moreover, we have a legitimate interest in making available the pseudonymized data from INFOnline for further development and provision of advertising materials aligned with interests.

2. Type of data

INFOnline GmbH collects the following data which, according to the GDPR, may contain references to individuals:

  • IP address: Every device on the Internet requires a unique address for transfer of data - the IP address. Because of the way the Internet works it is a technical requirement that the IP address be stored at least in the short term. IP addresses are reduced by 1 byte before any processing and only processed further anonymously. There is no saving or further processing of non-truncated IP addresses.
  • A randomly generated client identifier: To identify computer systems, reach processing uses either a cookie with the identifier "ioam.de," a "local storage object" or a signature generated from a range of information automatically transferred by your browser. This identifier can uniquely identify a browser as long as the cookie or local storage object is not deleted. Measurement of data and subsequent allocation to the relevant client identifier is therefore also possible if you access other websites that use INFOnline GmbH's measurement process ("SZMnG").

The validity of cookies is restricted to a maximum of one year.

3. Usage of data

INFOnline GmbH's measurement process, which is used on this website, communicates usage data. This occurs for the collection of the performance values "page impressions," "visits" and "clients" and to generate other key figures from them (e.g. qualified clients). Moreover, we may use the measurement data as follows:

  • "Geo-localization," the allocation of website access to the location from which it was accessed, occurs solely on the basis of the anonymized IP address and only to the geographical level of state/region. The geographic information gathered in this way can never be used to allow deduction of a user's precise whereabouts.
  • The usage data of a technical client (e.g. a browser on a device) is compiled across websites and stored in a database. This information is used for technical estimation of the demographic details of age and sex and transferred to the AGOF service provider for further reach processing. As part of the AGOF study, a random sample of social characteristics is used to provide a technical estimate that allows assignment to the following categories: age, sex, nationality, profession, marital status, general household details, household income, place of residence, Internet usage, online interests, usage location, user type.

4. Storage duration of the data

INFOnline GmbH does not store the complete IP address. The truncated IP address is stored for a maximum of 60 days. The usage data in connection with the unique identifier is stored for a maximum of six months.

5. Transfer of data

Neither the IP address nor the truncated IP address is transferred. In generating the AGOF study, data is transferred to the following AGOF service providers with client identifiers:

6. Rights of data subjects

Data subjects have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR )
  • Right to object (Art. 21 GDPR)
  • Right to erasure (Art. 17 GDPR )
  • Right to restriction of processing (Art. 18 et seq. GDPR)
  • Right to data portability (Art. 20 GDPR )

For any inquiries related to these rights, please contact datenschutz@spiegelgruppe.de. Please note that for this type of inquiry, we must be able to establish that we are dealing with the data subject. The data subject has the right to lodge a complaint with the data protection authorities. You can find further information on the measurement process on the website of INFOnline GmbH, which operates the measurement process, the data protection website of AGOF and the data protection website of IVW.

About Our Partnership with IP Deutschland GmbH

1) Overview

Various companies are involved in the marketing of our Internet products and services, both in the collection of data and in the serving of advertising. These companies play different roles. In some cases, they are individually responsible for data processing (controller) or act purely as a service provider carrying out the instructions of a controller (processor). In the context of advertising marketing, IP Deutschland GmbH, Picassoplatz 1, 50679 Cologne, Germany, e-mail: kontakt@ip.de, is responsible and are thus, together with us, "joint controllers" under Article 26 of the EU General Data Protection Regulation in terms of our internet products and services. You can find more details about this, about roles and about other responsible parties here.

2) Collection of data in the context of marketing (tracking, profiling, etc. ...)

In order to personalize advertising, design it according to interests and find suitable target groups, to collect information for billing, measure reach and control/limit the serving of ads through frequency capping, a system is used in online advertising that examines user behavior and produces pseudonymized profiles of users, which can then be used in the serving of advertising. As part of that process, products and services that have been visited, content that has been clicked on, etc., are captured and stored. This data is stored within a profile in a database that can be accessed with a cookie or by another means of identification. Names and personal data of users are not stored. The cookie is essentially a pseudonym and does not contain the real name or identity of the user. In some cases, data from other sources, e.g. parts of profiles from registered areas or also technical data about the device used, the time the activity occurred or data from party sources can also be stored. Behavior patterns of users of our products and services are stored and analyzed within the profile and it is in part supplemented by sociodemographic data or assumptions about sociodemographic data (so-called statistical twins of profiles with known data that are compared based on similar or identical surfing behavior). The formation of this profile is also possible across networks, i.e. across a number of internet products or services.

3) Legal basis

Both the operators of the products and services and the other marketers and other entities that serve advertising on the products and services have a legitimate interest in marketing and monetizing their (marketed) products and services through the target group-specific serving of advertising as well as measuring the reach and controlling the serving of advertising with the use of frequency capping. The same applies to the creation of user profiles that make this possible in the first place. This purpose could not be achieved without data processing. Given the pseudonymous nature of the data, users of the products and services will not be individually identifiable to us or our marketers beyond the recognition of the browser and end devices used. Incursions on the user's right of informational self-determination are justified by the fact that the user's data is pseudonymized and is only used for relatively short periods of time. Because users are informed transparently of the procedures used in data protection statements and are also provided with effective possibilities for opting out, incursions on users' rights are minimal and at the expected level. Furthermore, no profiles are produced that focus on children. The legal basis for all processing of data in the scope of marketing is Art. 6 1f of the GDPR ("legitimate interests") or § 15, para. 3 of the German Telemedia Act (Telemediengesetzt).

4) Detailed information about options for objecting

  • Information about marketers and technology opt-out opportunities

Here, you can find detailed information about the individual data processing procedures and the service providers and participants involved. This overview contains general and detailed information about the names and addresses of the companies that collect, process and/or make personal data available to other third parties, the data categories collected, the purpose of processing and the opt-out options, recipients of data, transfer to third countries, duration of storage and data sources and provides the ability to contact the data protection officer of IP Deutschland GmbH.

  • Advertising IDs for mobile apps

To enable advertisements to be delivered in services that lack cookie technology - in mobile apps, for example - technologies similar to cookies may be employed. To disable personalized advertising on your mobile device, please follow the instructions below.

Android

1. Depending on the device, you will find Google Settings at one of the following places:

a. in a separate app called Google Settings

b. scroll through your main Settings app and tap Google

2. Tap on Ads

3. Tap the on-off slider to deactivate personalized ads

iOS

iOS devices use Apple's Advertising Identifier. You can find further information about the different possibilities for using this identifier in the app settings on your device.

You can find it as follows:

1. Tap "Settings"

2. Tap "Privacy"

3. Tap "Advertising." From there, you select specific settings using a slider.

Right to object

Should you not wish to take part in measurement on websites, you can object at the following link: https://optout.ioam.de. For technical reasons a cookie must be set to guarantee your exclusion from measuring. Should you delete the cookies in your browser, you will need to repeat the opt-out process at the link above. You can reject measuring in settings; in apps you can deactivate them in settings: for iOS in iOS Settings > App > AGOF-Zählung for Android directly in the app menu under Data protection > IVW/AGOF-Zählung.



© SPIEGEL ONLINE 2018
Alle Rechte vorbehalten
Vervielfältigung nur mit Genehmigung der SPIEGELnet GmbH


TOP
Die Homepage wurde aktualisiert. Jetzt aufrufen.
Hinweis nicht mehr anzeigen.