Privacy Policy How we deal with your data
zur deutschen Version wechseln
Dear Reader,
What data do we collect during your visit or through your use of our websites? What ads are served to you? How can you view your data if you are a digital subscriber or registered user? In short, how do we deal with the data that arises from the use of our digital products and services? We aim to answer these and many other questions for you in this data protection declaration.
Current as of: May 2, 2022
The entity responsible for data protection is the SPIEGEL Group company named on each legal notice (Impressum) of the company’s websites. You can contact the data protection officer at datenschutz@spiegelgruppe.de or by addressing your query by post to DER SPIEGEL, Datenschutz, Ericusspitze 1, 20459 Hamburg, Germany.
Before we get started: There are two ways of using our products and services. With our "PUR” option, we dispense entirely with ad tracking and also, to the extent possible, with advertising. With this option, we analyze your usage solely for the purpose of tailoring our services to your needs and do not pass usage data on to third parties.
If you wish to continue reading this site for free, however, we finance our offerings with your consent, with further advertising and, in particular, with advertising tracking including data transfer to selected third parties to serve and optimize those ads according to your usage behavior and your presumed interests and needs.
In order to facilitate this ad tracking, we use cookies, device IDs and similar tracking technologies on your end devices. A detailed overview of the services and cookies used for this purpose can be found in the Privacy Center. The legal basis for their use is the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. TMG) until Nov. 30, 2021 – as of Dec. 1, 2021 it will be the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. of the Telecommunications and Telemedia Data Protection Act (TTDSG)) and/or the European General Data Protection Regulation (Art. 6, Par. 1, lit. a (consent)). You may revoke your consent to ad tracking at any time. Should you do so, however, the only way for you to continue to access to the site is by selecting the "PUR” option.
Falls Sie weiterhin Probleme haben, finden Sie hier mehr Informationen.
(You can edit your consent for AMP articles here).
Delete cookies:
The legal basis for the few cookies and tracking technologies that are also used in the PUR offer, without the creation of user profiles, for the essential measure of reach, for an interest-oriented-needs-based design of our offerings and for ensuring the security and functionality of our websites (details of these services can be found here) is also the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et sec. TMG until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG) and the European General Data Protection Regulation (GDPR) Art. 6, Par. 1, lit. b (performance of contract) and Art. 6, Par. 1, lit f (legitimate interests).
If you wish to completely deactivate ad tracking with data transfer to third parties on our websites, then we recommend the »PUR« option. Simply activating the Do Not Track Mode in your browser is not sufficient. Alternatively, you have the choice to "opt out” of all service providers included in our Privacy Center. To do so, you have to use the opt-out function on the websites of the respective service providers.
The deactivated services are not only blocked for our services, but also generally for the end device that you are using. The settings are saved for your device or browser. If you are using more than one browser on more than one device, you must (de-)activate settings on each browser individually, because we are neither able nor permitted to synchronize opt-outs for you. The "PUR” option, on the other hand, is of course usable on all devices with your log-in.
And now from the beginning: The information on data protection outlined here applies to the use of the SPIEGEL Group's digital editorial products, such as www.spiegel.de and www.manager-magazin.de. For other SPIEGEL Group websites – for example, corporate communications – separate privacy policies may apply. Data protection information for conventional print subscriptions from the publishers within the SPIEGEL Group can be found in their respective General Terms and Conditions of Business and Delivery. When we link to other websites, we have no influence and no control over the service provider’s compliance with data protection provisions. If you wish to alert us about possible problems on a linked site or with one of our partners, please email us.
The responsible authority for data processing in connection with this website is the company within the SPIEGEL Group named in the respective legal notice (Impressum), represented by its management. You can always contact the SPIEGEL Group, Kennwort Datenschutz, Ericusspitze 1, 20459 Hamburg or send an email to datenschutz@spiegelgruppe.de if you wish to obtain additional information about how we collect, process or use your data; if you wish to rectify, delete or block such data; or if you have any other general questions that have not been answered. You can find detailed information about your rights in Section 6.
The following is always applicable: We will store, process and use your data only in the manner described in this notice, and in compliance with German and European data protection legislation. Naturally, we maintain data secrecy. We treat your data confidentially and do not pass it on without your consent to third parties other than to closely associated service providers, who may manage subscriptions, payment services, video delivery, or premium and advertising business or other services on our behalf. These service providers are under obligation to use your data only for the purpose provided for in the relevant contract, and not to pass it on to anyone else under any circumstances.
The following documents and information, which can be accessed separately, are part of this privacy policy.
A detailed overview of the "ad trackers” used can be found in our Privacy Center.
A detailed overview of the cookies, device identifiers and similar tracking technologies and analysis services that are also used in the "PUR” service together with detailed information pertaining to them can be found here.
In principle, you can use our websites without explicitly providing classic personal data such as your name, address, bank account details, etc. In some cases, however, it is necessary to provide such data, either because it is required by law or in order to conclude contracts with you or to provide a requested service. The provision of the data in these cases remains at your discretion, of course, but this data is sometimes necessary in order to fulfill the stated purposes. Failure to provide this information may then mean that we are unable to provide you with our services.
Some further information up front: The latest SSL security standard (256-bit Secure Socket Layers) is used across all of our products and services. Your data is encrypted directly during transmission and all data protection-relevant information such as credit card number, bank code, bank account number, name and address is stored in encrypted form in a protected database. This brings us to the particular instances in which you provide us with information about yourself:
a) Purchasing a subscription
When purchasing a digital subscription (SPIEGEL+) and/or a PUR subscription, the following data must be provided: Salutation, first name and surname. Providing your postal address is optional, unless you order a product that includes printed issues. We need your payment data for the payment methods PayPal, SEPA direct debit or credit card to initiate the payment.
The data mentioned above are required to provide limited-time access or to fulfill the subscription contract, in accordance with Art. 6, Par. 1, lit. b of GDPR.
The creation of a SPIEGEL account is mandatory for digital subscription contracts (the periodically updated offer of digital products), limited-time access contracts (e.g., weekly or monthly, multi-month or annual pass for existing paid content) and the PUR subscription. You must provide your email address and a password. The provision of this data is necessary for the fulfillment of the contract and it, too, is processed in accordance with Art. 6, Par. 1, lit. b of GDPR.
We will initially store your data until the end of your contract or the deletion of your SPIEGEL account or until that data is no longer subject to any tax, commercial or other legal retention obligations. The legal basis is Art. 6, Par. 1, lit. b and c of GDPR.
In the course of fulfillment of contracts, on the basis of Art. 6, Para. 1 lit. b. of GDPR, we rely on external payment service providers whose platforms allow users to make payment transactions (for example, PayPal and for credit cards such as Visa , Mastercard and American Express and SEPA direct debit as well as the service provide Stripe .
The data processed by the payment service providers include, for example, the name and address, bank data, such as account numbers or credit card numbers, passwords, transaction authentication numbers (TANs) and checksums, as well as the contract, totals and recipient-related details. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. We do not receive any account- or credit card-related information, only information about whether a payment is confirmed or declined. Under certain circumstances, the data may be transmitted by the payment service provider to credit agencies. The purpose of that transmission is to verify identity and creditworthiness. In this case, we refer to the terms and conditions and data protection information of the payment service providers.
We also use the service provider Stripe to verify age information (for discounted subscriptions, for example). The only information we receive is a confirmation of, or a notification of a contradiction in, the data you have provided, including address, name and date of birth. The documents on which the verification is based are deleted by the provider within 14 days.
In all other respects, we refer to the notes and regulations in our General Terms and Conditions of Business and Delivery.
b) Registration of a SPIEGEL account
On our websites, we offer you the possibility of creating a free user account (SPIEGEL account) by entering your email address, which provides the basis for some services requiring registration and also enables you to use personalized services (Art. 6, Par. 1, lit. b of GDPR).
We will delete your data as soon as you delete your SPIEGEL account on our website and there are no tax, commercial or other legal obligations to keep records.
To register, you only need to enter your email address and a password. Further information such as name and address is optional. When you register or log in to our websites, we ask for your email address and password. As a registered and logged-in user, we can create a profile, and various services are available to you. Among other things, you can use our digital limited-time access contracts and subscriptions, order products or participate in our debate formats with contributions.
You also have the possibility on our web pages to activate the "stay logged in” function by ticking the box, so that you don’t have to log in again after leaving the site and then revisiting it later. For this purpose, we use cookies with your consent, which ensure automatic recognition on the occasion of a renewed visit (Art. 6, Par. 1, lit. a of GDPR).
To make your visit and the use of our websites as comfortable as possible and to help you find relevant information more quickly, we personalize the use of our websites, for example by providing "Recommended for you" articles (Art. 6, Par. 1, lit. a of GDPR).
c) Newsletter
You also have the option on our website of registering for our newsletter to receive news and current information from our editorial departments and about our products. The ordering of the newsletter is carried out using the "Double Opt-In Procedure,” which means that the email you have entered is verified by means of a confirmation email sent to it. Your personal data will then be processed with your consent in accordance with Art., 6 Par. 1, lit. a of GDPR.
If you have agreed, we then record your clicks in our newsletters using invisible image files, so-called tracking pixels. Together with our service providers Newsletter2Go, MailChimp and Salesforce, we analyze opening and click rates as well as other usage data. Your email address will be stored in a recipient list so that we can keep track of the distribution list. It will also be used in a pseudonymized way to send you personalized newsletters adapted to your preferences and interests.
You can unsubscribe from any newsletter at any time, thus revoking your consent for both sending and analysis, by clicking on the corresponding link at the end of the respective newsletter or by writing to newsletter@spiegel.de .
d) Use of the forums and comments
If you have registered on our websites, you can participate in our debate formats by posting comments. If you submit a comment, it will be published with the username you provide or with a username we create at random. In your profile, you may use a pseudonym as your username instead of your real name so that other readers do not know your real name, except in the manager lounge, where all users are presented with their full real name.
The legal basis for the processing of your data is the consent given by you in accordance with Art. 6 Par. 1, lit. a of GDPR. You can revoke your consent at any time, but doing so precludes any further use of the comment function.
e) Surveys
On our websites, you have the opportunity to participate in surveys about various topics. Within the scope of these surveys, which we conduct using the service Typeform, we ask you to answer various questions and provide personal information that varies from survey to survey, such as name, email address, salary level, etc. Participation is, of course, voluntary, and the provision of personal data isn’t required. You can find more about data protection at Typeform here.
If you provide data as part of the survey, you are simultaneously providing your consent for the collection, processing and use of the data for the aforementioned purpose; the corresponding processing of data is thus in accordance with Art. 6, Par. 1, lit. a of GDPR. You may, of course, revoke this consent at any time.
f) Advertising by email, telephone or letter
We use your contact data for advertising if you have given your consent (Art. 6, Par. 1, lit. a of GDPR), as well as for the legally permissible direct advertising of our own and related products if you have provided such data when ordering or registering (Art. 6, Par. 1, lit. f of GDPR in conjunction with Sec. 7, Par. 3 of the German Act Against Unfair Competition (UWG)).
If you no longer wish to receive advertising, you can revoke your consent or object to direct advertising at nasic rates at any time
by clicking on the unsubscribe link at the end of the email
by sending an email to aboservice@spiegel.de
by writing to DER SPIEGEL, Kundenservice, 20637 Hamburg (please state your name and the email address you used for registration)
or by telephone at 040 3007-2700.
Your personal data will be passed on to our external and internal marketing and newsletter service providers and contest partners provided that they assist us in data processing. These partners are contractually obliged by us to neither use data for their own purposes nor to pass it on to others. We will not pass your data on for commercial use without your express consent.
The data processed by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not infringe on any legal storage obligations.
g) Contacting us
We process your personal data when you contact us using the form on our website or by email. For this purpose, we partly use the service CognitoForms from Cognito LLC. You can find more information on data protection here. This data processing is necessary for the processing of your request (Art. 6, Par. 1, lit. b of GDPR). The data processing takes place exclusively within the scope of our customer service.
Which articles are currently being read? How often? By how many people? How much time do viewers spend watching videos? How often do users visit our sites? Are there any suspicious access attempts, so-called "denial of service” attacks?
Here, we explain which (personal or personal-related) data is collected, processed and, if applicable, transmitted to which third parties, where and how it is done.
In the following, we differentiate between four areas of application:
(A.) cookies and analysis that are not personalized or only serve to ensure technical functioning and access security and which as a rule may be set or performed without your consent and which, as such, cannot be deactivated.
(B.) cookies and analysis that are activated and integrated as a standard, also in the "PUR” offer, which are used to measure reach as well as for our own analysis for the need-based design of the product, and can be partially deactivated.
(C.) without choosing the "PUR" option, in the case of free use integrated cookies and analysis for advertising tracking and for serving usage-based advertising by third-party cooperating companies with your consent. And, finally,
(D.) optional cookies and analysis of "social media” for all users, which are deactivated by default, and those products used in editorial partnerships, which are activated by default.
In the following passages, we summarize the relevant information on these areas of use and the services related to them in text form. At the same time, you can also inform yourself through the tabular overviews here for areas A.) & B.) and in the Privacy Center for area C.). Further and more detailed information on and directly from individual services can be found in the specified text form and under Section 7 of this privacy policy.
A.) Non-personally identifiable or mandatory cookies & analysis, the technical functional safeguarding of systems and authentication
We use cookies and similar analysis services, which are required for technical function assurance and authentication. For such cookies, no consent is required under the Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (§§ 12 ff. TMG until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG) or under the General Data Protection Regulation (DSGVO).
A first example of this is the cookie »accessInfo«, which is used to check whether you are a user of the advertising tracking-free »PUR« offer and/or our paid "Plus" content. This cookie is required for authentication and thus performance of contract in accordance with Art. 6, Par. 1, lit. b DSGVO, which is why it can be set and read without your consent under the TTDSG (Sec. 25, Par. 2, Nr. 2 TTDSG).
Another example is the cookie »thirdPartyConsent«, which stores whether or not the user has given consent to the display of content from such third parties as Twitter and YouTube. This cookie is required to secure the function of the default-deactivated integration, and can thus be set and used without consent in accordance with Art. 6, Par. 1, lit. f DSGVO (legitimate interests) and Sec. 25, Par. 2, Nr. 2 TTDSG. You can find the overview of such cookies here.
We also use cookies and similar analysis services with which no personal data is collected and processed. One example here is the service »Hotjar«, which we sometimes use to track mouse movements in order to evaluate whether and, if so, how we can improve the positioning of certain buttons or similar and simplify use of the website for you. The analysis is carried out entirely anonymously – by shortening your IP address, for example, so that no conclusions can be drawn about specific persons. Nevertheless, we require consent for the storage of the cookies from this service on your end device in accordance with the Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. TMG until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG). You give us this consent if you decide to use the website free of charge or the »PUR« subscription, as it is a prerequisite for using the offer.
Consent in accordance with the DSGVO is not required, since no personal data is processed. You can nevertheless declare an »opt-out« for individual services and even the respective anonymous analyses will be prevented. You can find the aforementioned overview of the services in question here.
Beyond that, when you visit our website, the following data is automatically sent to our server and stored for 30 days in a log file:
IP address
Date and time of access
Name and URL of the data retrieved
Web page from which the access takes place (referrer URL)
User agent (usually contains information about the browser used, the computer's operating system, the manufacturer and the model designation of the mobile device)
Volume of data transferred
Reporting on whether the access/retrieval was successful (http status code)
The above-mentioned data and its processing is technically necessary for us to ensure the stability and security of our systems, to be able to detect abuses and to protect against them (hacking or DDos, for example), as well as for error analysis and correction. Data processing is based on our justified legitimate interest in accordance with Art. 6, Par. 1, lit. b of GDPR for the purposes mentioned above. We employ state-of-the-art security measures to ensure data security. For the purposes of such processing, no information or cookies will be stored on your end device, which is why the TTDSG does not apply in this case.
Since the collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of our web pages, it is not possible for you to opt-out here. You can only prevent this form of data processing by not using our services.
Finally, we use a service from Sourcepoint to prevent the use of ad blockers on our site. This stores data on usage of our site in cookies to repel advertising blockers and record your settings. All analysis is carried out anonymously and in a non-personalized way. Private data such as IP addresses are used only in truncated form. You are also unable to prevent the use of these services.
B.) Cookies and analyses in the "PUR" offer for reach measurement and needs-oriented design (can for the most part be deactivated with an opt-out)
We also use cookies and analytics in both the »PUR« subscription and the free product to tailor our offerings to your needs and to measure reach.
We use Adobe Analytics with the cookies listed here in detail in the overview for a design of our product that meets your needs. By using Adobe Analytics, we are able to customize products and services to meet your needs. Individualization plays an important role here, for example through personal reading recommendations based on your reading history. Further detailed information about Adobe Analytics is available here.
The legal basis for the use of such cookies is the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG)) and/or the European General Data Protection Regulation (Art. 6, Par. 1, lit. f of GDPR (legitimate interests)). If you do not want such a needs-based design, you can select an opt-out for the services listed in the overview. If you wish to delete past data, you can do so here [xxx]. Unlike with ad trackers under (C.), we cannot, however, offer our services without these cookies and analytics. If you categorically refuse the placement of such cookies, even with the possibility of such an opt-out, you cannot use our website.
The same applies to the measurement of reach, which must be standardized and carried out by neutral third parties in the interest of comparability. Insofar as cookies are stored on your computers for this purpose, this is done in accordance with the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. TMG until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG) and the European General Data Protection Regulation (Art. 6, Par. 1, lit. f of GDPR (legitimate interests)), although no user and usage profiles are created in the measurement of reach, and you can also set an opt-out for these. You can find more information in the overview here.
C.) Ad tracking and the serving of usage-based advertising
If you decide not to use the paid "PUR" service, advertisements and promotions will be served to finance our products and services. In online advertising, advertisers need reliable information about how many readers view their ads. Moreover, they expect preferential presentation of their advertising to those who are likely to be interested in their products or topics. To enable them to do so, we allow our advertising partners on our free products and services to track usage data for »usage-based« online advertising (in which advertising is tailored to the user's interests), which implies the collection of data and its processing in pseudonymized usage profiles (»ad tracking«). This data helps ensure that you are presented with advertising to which you are likely to be more attentive.
As an advertising partner through Google AdWords, Google is also integrated and can place and use advertising cookies with us according to the same guidelines. If you click on an ad placed by Google, a cookie is stored without personalized data and remains valid for 30 days. It registers your clicks on the ad on our website and is used for statistics. You can opt out here .
You can find an overview of the advertising service providers, the so-called »Third-Party Trackers«, approved for use on our free content offerings in our Privacy Center. Legal basis for our use of cookies described above is consent in accordance with the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG) and/or the European General Data Protection Regulation (Art. 6, Par, 1, lit. a of GDPR (consent)).
In general, tracking means that your usage of our products and services is captured, for instance individual clicks, subpages visited, advertising banners viewed, etc. Because such data is related to you as a person, all usage data according to the Telemedia Act must be saved with a random pseudonym that cannot be reconnected with the user (section 15, Par. 3. Sec. 3 TMG, until Nov. 30, 2021). To enable ads to be tailored to your needs in places where cookies do not work optimally, within smartphone apps for example, cookie-like technologies may be used. To prevent this, go to the app "Google Settings" on Android smartphones or scroll down to »Google« in the General Settings app, tap »Ads Settings« and tap the on-off slider next to »Personalized advertising«. On iOS devices, for which we use Apple's Advertising Identifier, go to the Settings app, then to »Privacy«, then to »Advertising« and make your specific settings.
D.) (Optional) additional services
1. Social media
On our site, we integrate posts and recommendation functions from platforms such as Facebook, YouTube, Twitter, Instagram, Giphy, Imgur, Spotify, TikTok and the mapping service Mapbox. These services are inactive by default, but they can be activated by the user. Most of these services are based in the U.S. but are nonetheless subject to the applicable data protection regulations in EU and EEA countries. If, for instance, you actively use a recommendation bar on our site or read an article with an embedded post or YouTube video or Spotify playlist, the embedding technology may transfer general framework data such as your IP address back to the social networks and platforms. We have no influence over the way these platforms use the data, including, in some cases, the creation of user profiles. Please consult Facebook, Twitter, Spotify, TikTok and YouTube, et. al. directly for more information and to adjust your privacy settings.
For social networks and on other external platforms, the companies' respective data protection regulations apply, even if we distribute information and maintain presences there with our brands. With Snapchat, in particular, we are active outside our internet presence, for example with DER SPIEGEL in the network’s Discover section. The U.S.-based company provides us with its content management system and general usage data, such as the number of hits, the length of usage, the demographics of readers and the user names of all contacts. You can read the network's data protection rules here.
You can also create a user account with us by connecting to your Facebook account (»Sign in with Facebook« function). Should you use this option, we will of course have no access to your Facebook log-in information - the social network's privacy policy applies - but we will need to obtain your public information and your email address in order to allow you to register with us. This will enable you to set up a user account with us, and you can later unlink Facebook in our log-in area at any time in order to log in to us independently of Facebook.
The following links will provide you with information about the privacy policies of the individual third-party providers:
Content from Twitter: We integrate Twitter content into our internet offering using the Tweet plugin. Twitter’s privacy policy can be found here: https://twitter.com/de/privacy
Content from Facebook: We integrate Facebook content into our internet offering using the Facebook plugin. Facebook’s privacy policy can be found here: https://www.facebook.com/privacy/explanation
Content from YouTube: We use the YouTube player to integrate videos from its YouTube channels or videos from other providers into our internet offering. Google’s privacy policy can be found here: https://support.google.com/youtube/answer/2801895?hl=de
Content from Instagram: Instagram's embed feature enables the integration of images and videos from Instagram into our offering. Instagram’s privacy policy can be found here: https://www.instagram.com/legal/privacy/
Content from Giphy: Giphy’s embed function enables the integration of GIFs on our websites. Giphy’s privacy policy can be here: https://giphy.com/privacy
Content from Imgur: With Imgur, we can integrate Imgur content, such as images. Imgur’s privacy policy can be found here: https://imgur.com/privacy
Content from Spotify: Spotify allows us to integrate songs, albums or playlists into our websites. Spotify’s privacy policy can be found here: https://www.spotify.com/de/legal/privacy-policy/
Content from TikTok: The TikTok plugin allows us to integrate videos from TikTok. TikTok’s privacy policy can be found here: https://www.tiktok.com/legal/privacy-policy?lang=de
Content from Mapbox: Mapbox allows us to integrate maps. Mapbox’s privacy policy can be found here: https://www.mapbox.com/legal/privacy/
2. Products used in editorial partnerships
In our articles, we often use services from cooperation partners, for surveys or discussion questions, for instance. As with social networks and platforms, the following applies: If, as an example, you read an article with an embedded survey, general framework data such as your IP address may theoretically be transferred back to the social networks and platforms. You can also find more information on their data protection policies on the websites of the cooperation partners:
Civey: In some products and services, we use this German platform to carry out opinion surveys. Civey also collects data on your personal settings and your voting behavior, which is why you can only fully utilize the service once you log in with your own log-in or through Facebook (in the latter case the social network may theoretically track the fact that you use Civey). If you are not logged in, your voting behavior will be evaluated in anonymized form and a cookie set in each case. Your log-in and voting data is stored in encrypted form on German servers, where it remains confidential and is used solely for survey purposes. You can find out more about data protection details for Civey here .
Opinary: In some products and services we use this German platform to carry out rapid opinion surveys or to create and display other content (like advertising). Only when you register there are you identifiable as an individual, otherwise a cookie will be set in order to present you with usage-related advertisements; Opinary analyzes the usage of websites and advertising space where it is deployed. You will only be captured using a pseudonym and then anonymously analyzed. You can opt out here . Further details about the partnership with Opinary can also be found in Section 7 at the end of the privacy policy.
Datawrapper: We use this service to create editorial information graphics to accompany our articles. When you load these infographics, general usage data is recorded, but not the IP address of your device. In addition, Datawrapper will not pass on any user data to commercial third parties. You can find more about data protection at Datawrapper here .
Games: Some of our products and services include embedded browser-based games that are provided by our Karlsruhe-based partner kr3m, which stores the log files of the websites and files that are accessed, the associated time data, the browser and operating system and the IP address including the provider. This data is used solely for statistical purposes to optimize security and the product or service itself, but also to track illegal use. In no case is personal data passed on without the user's consent. You can find more about data protection at kr3m here .
Heise price information
On our website we use widgets, e.g., with price information, tables or images (widgets) from Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Hannover (Heise Medien). The widgets provide an overview of the prices of various providers. At the same time, it is possible to access the offer directly via an affiliate link. The widgets are provided by Heise Medien via a programming interface. If you, as a visitor to our website, call up a web page using a widget, your IP address, user agent string and standard headers are transmitted to Heise Medien. This is technically necessary in order to be able to respond to enquiries. This data is stored for a maximum of 7 days and then deleted or rendered anonymous so that it is no longer possible to identify the visiting client. The processing of the data required from you is carried out on the basis of Art. 6, Par. 1, lit. f of GDPR exclusively for the exercise of our legitimate interests, in particular for technical reasons, for IT security purposes as well as for the fulfillment of user interests and the economic operation of our online offer.
We, too, advertise our products and services on the internet. We use various options for individualized advertisements with which we aim to reach you and other potential readers directly:
Google Remarketing: We use Google's Remarketing function to present you with advertisements for our products and services that correspond with your usage preferences in the global Google advertising network. You will be identified in this network through cookies, but not identified as an individual. You can opt out here .
Facebook Remarketing/Retargeting: We have integrated remarketing tags from the social network in our products and services where appropriate. If you are logged into Facebook, the platform receives the information that you have visited our site, through which we can present you with advertising on Facebook. The transfer of your data as a Facebook user is regulated in the data protection declaration of the network itself. You can deactivate the »custom audiences« setting for your profile here . We do not use the custom audience email procedure.
Bing Ads: This service from Microsoft, a U.S.-based company, sets a cookie if you access our website through a Bing ad so that we can find out the total number of clicks leading from an ad to our website. Your user profile is only stored in a pseudonymized form. There is no transfer of data. You can opt out here .
Sovendus: This German service provider offers some of our products for sale on the internet as an advertising partner. In order to ensure correct billing, the service sets a single pixel at the time of purchase in order to transmit the ordered product in a pseudonymized and encrypted form, including time stamp and IP address, whereby the latter is only used for data security purposes and is normally anonymized after seven days. Details on data protection at Sovendus can be found here .
Outbrain Amplify: On our websites, we use technology from Outbrain Inc. (»Outbrain«, 39 W 13th Street, New York, NY 10011 USA). This enables us to serve targeted advertising to visitors to our partners' websites who are interested, and have shown interest, in our content. The technology is based on a cookie-dependent analysis of previous user behavior. These ads only appear on Outbrain ad spaces – either Outbrain Engage ad spaces or the Outbrain Extended Network. If you don't want to be shown interest-based ads, you can disable this feature here . More info can be found here: https://lp.outbrain.com/gdpr-ready/ .
Twitter Conversion Tracking: We have integrated the Twitter website tag on our websites. With this tag, when you visit one of our websites, a direct connection to the Twitter servers is established, and the fact that you have visited our websites is then transmitted. Twitter links this information with your personal Twitter user account. This allows us to target ads based on your previous page views and activities (remarketing). The data processed by Twitter in this way does not allow us to identify you personally. Nor do we combine this pseudonymous information with any other data about you. For further information on the collection and use of data by Twitter and your rights in this regard, please see Twitter’s privacy policy here . Options for protecting your privacy and settings for personalized content on Twitter can be made here .
GDPR Article 15: Right of access by the data subject
You have the right to obtain information from us about the personal data we process.
GDPR Article 16: Right to rectification
If the data concerning you is inaccurate or incomplete, you may request the rectification of incorrect information or the completion of incomplete information.
GDPR Article 17: Right to erasure
In accordance with Article 17 of GDPR, you can request the erasure of your personal data. Your right to erasure depends, among other things, on whether the data concerning you is still needed by us to fulfil our legal or contractual obligations.
GDPR Article 18: Right to restriction of processing
In accordance with Art. 18 of GDPR, you have the right to request that the processing of personal data concerning you be restricted.
GDPR Article 21: Right to object
For reasons relating to your particular situation, you have the right to object to the processing of personal data concerning you at any time.
Art. 7, Par. 1 of GDPR: Right to withdraw consent
You have the right to withdraw your consent for the processing of your personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
A.) Privacy Policy Web - INFOnline Measurement
Our website uses the multi-stage measurement system INFOnline Measurement from INFOnline GmbH (https://www.INFOnline.de ) to determine statistical metrics (page impressions, visits, technical client) about the use of our digital services.
The goal of usage measurement is to statistically determine the number of visits to our websites, the number of website visitors and their surfing behavior – on the basis of a uniform standard procedure – and to thus obtain data that are comparable across the market.
As a member of the German Audit Bureau of Circulation (IVW - https://www.ivw.eu ), usage statistics are regularly provided by IVW with the performance values "page impressions” and "visits” in IVW’s reporting (https://ausweisung.ivw-online.de/ ).
As a participant in the AGOF daily digital facts study, the usage statistics of our digital services are regularly collected by Arbeitsgemeinschaft Online-Forschung e.V. (AGOF- https://www.agof.de ) and the Arbeitsgemeinschaft Media-Analyse e.V. (AGMA - https://www.agma-mmc.de into reach figures and published with the performance value "unique user."
1. Legal basis for processing
Measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the scope of usage measurement with consent pursuant to Art. 6 Par. 1 lit. a) GDPR.
Legal basis for processing measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the scope of usage measurement with consent pursuant to Art. 6 Par. 1 lit. a) GDPR.
The purpose of processing personal data is the formation of digital performance values (page impressions, visits and technical client) for the creation of statistics. The statistics help us understand and verify the usage of products and services.
2. Type of data
The types and amounts of data collected using INFOnline Measurement do not make it possible to identify specific users.
A JavaScript code (so-called "measurement Manager”) is used which, when called up via the browser or the end device of the user (client), automatically integrates and executes the necessary measurement sensors for anonymous and/or pseudonymous data processing to determine the key figures on the basis of the consent information from the Consent Management Platform (CMP) used by the provider for the digital service. The INFOnline Measurement is set up as an anonymous system (without a client identifier) and as a pseudonymous system (with a client identifier).
In the anonymous census procedure (IOMb),
no personal data is processed at all, nor is the user’s IP address. This is removed entirely from communication and processing. For this purpose, a communications interface, the "service platform,” as a measurement endpoint prevents the exchange of the user’s IP address with the INFOnline systems within the scope of the INFOnline Measurement. The IP address as personal data is discarded in the census procedure on the service platform before the measurement call is routed to INFOnline. There is no geolocation by means of IP address. The data set generated in the census process is a PI-only data collection.
In the pseudonymous measurement method (IOMp),
the following data is collected with the third-party cookie i00 (ioam.de ) and the first-party cookie ioma2018, which has a personal reference in accordance with EU GDPR:
• IP address
Every device on the internet requires a unique address for the transfer of data – the IP address. Because of the way the internet works, it is a technical requirement that the IP address be stored at least in the short term.
IP addresses are reduced by 1 byte before any processing and only processed further anonymously. There is no saving or processing of non-truncated IP addresses.
• A randomly generated client identifier:
Reach measurement uses unique identifiers of the end device, a "local storage object" (LSO) or a signature generated from a range of information automatically transferred from your browser, to recognize computer systems. This identifier can uniquely identify a browser as long as the cookie or local storage object is not deleted. Measurement of data and subsequent allocation to the relevant identifier is also possible under certain circumstances if you access other websites that also use INFOnline GmbH's pseudonymous measurement system. The following unique identifiers can be transmitted to INFOnline GmbH as a hash:
• shortened client IP or X-Forwarded-For (XFF)
• user agent (as hash)
Personal data pursuant to the EU GDPR are used for measurement only to the extent that the use of a JavaScript takes place with respect to a user who has been assigned an individual IP address and a randomly generated client identifier for accessing up web content.
In the anonymous measurement method (IOMa),
a measurement sensor (JavaScript) is used that calculates the metrics in the user's browser (LocalStorage (LSO)), automatically encrypts them and transmits the aggregated usage data to a communication interface, the "service platform.” In the service platform, identifiers required for internet communication (e.g. IP address of the client) are removed and the encrypted anonymized measurement data is supplemented by geolocation and transmitted to the central server component at INFOnline.
Insofar as the collected measurement data is enriched by a geolocation of the browser, an IP address is also used for this only for the purpose of collecting the geolocation and the enrichment with the collected measurement data. An IP address required for this purpose is discarded immediately after enrichment.
During the deployment phase of IOMa, a first party cookie is used to store the timestamps (Unix Epoch Timestamp) of the last usage per site and per page code. These values are used as a guide for building time-related metrics in situations like a visit in which the HTTP origin changes. No further personal data/IDs are stored in the cookie. After the deployment phase it should then be omitted so that the measurement then takes place entirely without cookies.
Personal data pursuant to the EU GDPR are used for measurement only insofar as the use of a JavaScript takes place with respect to a user who has been assigned an individual IP address for accessing web content.
In that respect, we do not permanently process any personal data about you through the use of the anonymous measurement method (IOMa) in the INFOnline Measurement.
3. Usage of data
INFOnline GmbH's measurement process, which is used on this website, communicates usage data. This occurs for the collection of the performance values "page impressions," "visits" and "clients."
• Geolocation
In the pseudonymous measurement method (IOMp) and in the anonymous measurement method (IOMa), the assignment of a website call to the location of the call is based exclusively on the anonymized IP address and only up to the geographical level of the federal states / regions. The geographic information gathered in this way can never be used to allow deduction of a user's precise whereabouts.
• Consolidation of usage data across all offerings
The usage data of a technical client (e.g. a browser on a device) is compiled across websites using the pseudonymous measurement method (IOMp) and stored in a database.
4. Storage duration of the data
INFOnline GmbH does not store the complete IP address.
The IP address is only used to receive the data packets and is shortened by 1 byte.
In the census procedure (IOMb), the truncated IP address is discarded; in the pseudonymous (IOMp) and anonymous method (IOMa), it is stored for a maximum of 60 days. In the pseudonymous (IOMp) and anonymous (IOMa) methods, the usage data is stored for a maximum of 6 months in connection with the unique identifier.
The validity of the i00 cookie used in the pseudonymous method (IOMp) and the cookie ioma2018 on the user's terminal device is limited to a maximum of 1 year.
5. Transfer of data
Neither the IP address nor the truncated IP address is transferred.
6. Rights of data subjects
Data subjects have the following rights:
Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR )
Right to object (Art. 21 GDPR)
Right to erasure (Art. 17 GDPR )
Right to restriction of processing (Art. 18 et seq. GDPR)
Right to data portability (Art. 20 GDPR )
Right to withdraw (Art. 7 Par. 3 of GDPR) (with consent)
For any inquiries related to these rights, please contact datenschutz@spiegelgruppe.de . Please note that for this type of inquiry, we must be able to establish that we are dealing with the data subject.
The data subject has the right to lodge a complaint with the data protection authorities.
You can find further information about data privacy on the website of INFOnline GmbH , which operates the measurement process.
Privacy Policy App - INFOnline Measurement
Our app uses the multi-stage measurement system INFOnline Measurement from INFOnline GmbH (https://www.INFOnline.de ) to determine statistical characteristics (page impressions, visits, technical client) about the use of our digital services.
The goal of usage measurement is to statistically determine the intensity of usage and the number of users of our application and their surfing behavior – on the basis of a uniform standard procedure – and to thus obtain data that are comparable across the market.
As a member of the German Audit Bureau of Circulation (IVW - https://www.ivw.eu ), usage statistics are regularly provided by IVW with the performance values "page impressions” and "visits” in IVW’s reporting (https://ausweisung.ivw-online.de/ ).
As a participant in the AGOF daily digital facts study, the usage statistics of our digital services are regularly collected by Arbeitsgemeinschaft Online-Forschung e.V. (AGOF - https://www.agof.de ) and the Arbeitsgemeinschaft Media-Analyse e.V. (AGMA - https://www.agma-mmc.de into reach figures and published with the performance value "unique user."
1. Legal basis for processing
Measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the scope of usage measurement with consent pursuant to Art. 6 Par. lit. a GDPR.
The purpose of processing personal data is the formation of digital performance values (page impressions, visits and technical client) for the creation of statistics.
The statistics help us understand and verify the usage of products and services.
2. Type of data
The types and amounts of data collected using INFOnline Measurement do not make it possible to uniquely identify a user as a person.
Measurement libraries are used that automatically integrate and execute the required measurement sensors for anonymous (IOMb) and / or pseudonymous data processing (IOMp) to determine the key figures when the app (client) is launched.
In the anonymous census procedure (IOMb),
no personal data is processed at all, the IP address in particular. This is removed entirely from communication and processing. For this purpose, a communications interface, the "service platform,” as a measurement endpoint prevents the exchange of the user’s IP address with the INFOnline systems within the scope of the INFOnline Measurement. The IP address as personal data is discarded in the census procedure on the service platform before the measurement call is routed to INFOnline. There is no geolocation by means of IP address. The data set generated in the census process is a PI-only data collection.
In the pseudonymous measurement method (IOMp),
the following data is collected by the measurement library, which has a personal reference in accordance with the EU GDPR.
• IP address
Every device on the internet requires a unique address for the transfer of data – the IP address. Because of the way the internet works it is a technical requirement that the IP address be stored at least in the short term.
IP addresses are reduced by 1 byte before any processing and only processed further anonymously. There is no saving or processing of non-truncated IP addresses.
• A randomly generated client identifier:
Reach measurement uses unique identifiers of the end device or a signature generated from a range of information automatically transferred from your browser, to recognize computer systems. Measurement of data and subsequent allocation to the relevant identifier is also possible under certain circumstances if you access other applications that also use INFOnline GmbH's pseudonymous measurement system. The following unique identifiers can be transmitted to INFOnline GmbH as a hash:
- Advertising identifier
- Installation ID
- Android ID
- Vendor ID
Personal data pursuant to the EU GDPR are used for measurement only to the extent that the use of a Library/SDK takes place with respect to a user who has been assigned an individual IP address and a randomly generated client identifier for accessing app content. The pseudonymous measurement (IOMp) is only executed if the user has a valid opt-in from the Consent Management Platform (CMP).
3. Usage of data
INFOnline GmbH's measurement process, which is used on this app, communicates usage data. This occurs for the collection of the performance values "page impressions," "visits" and "clients."
• Geolocation
The allocation of app usage to the location from which it is accessed occurs solely on the basis of the anonymized IP address and only to the geographical level of state/region. The geographic information gathered in this way can never be used to allow deduction of a user's precise whereabouts.
• Consolidation of usage data across all offerings
The usage data of a technical client (e.g. a browser on a device) is compiled across applications and stored in a database.
4. Storage duration of the data
INFOnline GmbH does not store the complete IP address.
The IP address is only used to receive the data packets and is shortened by 1 byte.
In the census procedure, the truncated IP address is discarded; in the pseudonymous method, it is stored for a maximum of 60 days. In the pseudonymous method, the usage data is stored for a maximum of 6 months in connection with the unique identifier.
5. Transfer of data
Neither the IP address nor the truncated IP address is transferred.
6. Rights of data subjects
Data subjects have the following rights:
• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR )
• Right to object (Art. 21 GDPR)
• Right to erasure (Art. 17 GDPR )
• Right to restriction of processing (Art. 18 et seq. GDPR)
• Right to data portability (Art. 20 GDPR )
Right to withdraw (Art. 7 Par. 3 of GDPR) (with consent)
For any inquiries related to these rights, please contact datenschutz@spiegelgruppe.de . Please note that for this type of inquiry, we must be able to establish that we are dealing with the data subject.
The data subject has the right to lodge a complaint with the data protection authorities.
You can find further information about data privacy on the website of INFOnline GmbH (https://www.infonline.de ), which operates the measurement process.
B.) About our partnership with IP Deutschland GmbH
1). The following general information applies:
Various companies are involved in the marketing of our internet products and services, both in the collection of data and in the serving of advertising. These companies play different roles. In some cases, they are individually responsible for data processing (controller) or act purely as a service provider carrying out the instructions of a controller (processor). In the context of advertising marketing, IP Deutschland GmbH, Picassoplatz 1, 50679 Cologne, Germany, email: kontakt@ip.de , is responsible and are thus, together with us, »joint controllers« under Article 26 of the EU General Data Protection Regulation in terms of our internet products and services. You can find more details about this, about roles and about other responsible parties here .
2. Collection of data in the context of marketing (tracking, profiling, etc.)
In order to personalize advertising, design it according to interests and find suitable target groups, to collect information for billing, measure reach and control/limit the serving of ads through frequency capping, a system is used in online advertising that examines user behavior and produces pseudonymized profiles of users, which can then be used in the serving of advertising. As part of that process, products and services that have been visited, content that has been clicked on, etc., are captured and stored. This data is stored within a profile in a database that can be accessed with a cookie or by another means of identification. Names and personal data of users are not stored. The cookie is essentially a pseudonym and does not contain the real name or identity of the user. In some cases, data from other sources, e.g., parts of profiles from registered areas or also technical data about the device used, the time the activity occurred or data from party sources can also be stored. Behavior patterns of users of our products and services are stored and analyzed within the profile and it is in part supplemented by sociodemographic data or assumptions about sociodemographic data (so-called statistical twins of profiles with known data that are compared based on similar or identical surfing behavior). The formation of this profile is also possible across networks, i.e., across a number of internet products or services.
3. Legal basis
Both the operators of the products and services and the other marketers and other entities that serve advertising on the products and services have a legitimate interest in marketing and monetizing their (marketed) products and services through the target group-specific serving of advertising as well as measuring the reach and controlling the serving of advertising with the use of frequency capping. The same applies to the creation of user profiles that make this possible in the first place. This purpose could not be achieved without data processing. Given the pseudonymous nature of the data, users of the products and services will not be individually identifiable to us or our marketers beyond the recognition of the browser and end devices used. Incursions on the user's right of informational self-determination are justified by the fact that the user's data is pseudonymized and is only used for relatively short periods of time. Because users are informed transparently of the procedures used in data protection statements and are also provided with effective possibilities for opting out, incursions on users' rights are minimal and at the expected level. Furthermore, no profiles are produced that focus on children. The legal basis for all processing of data in the scope of marketing is Art. 6 1f of the GDPR ("legitimate interests") or Sec. 15, Par. 3 of the German Telemedia Act (TMG).
4. Detailed information and objection options
Information about marketers and technology opt-out opportunities
Here , you can find detailed information about the individual data processing procedures and the service providers and participants involved. This overview contains general and detailed information about the names and addresses of the companies that collect, process and/or make personal data available to other third parties, the data categories collected, the purpose of processing and the opt-out options, recipients of data, transfer to third countries, duration of storage and data sources and provides the ability to contact the data protection officer of IP Deutschland GmbH.
Advertising IDs for mobile apps
To enable advertisements to be delivered in services that lack cookie technology – in mobile apps, for example – technologies similar to cookies may be employed. To disable personalized advertising on your mobile device, please follow the instructions below.
Android
1). Depending on the device, you will find Google Settings at one of the following places:
a. in a separate app called Google Settings
b. scroll through your main Settings app and tap Google
2. Tap on Ads
3. Tap the on-off slider to deactivate personalized ads
iOS
iOS devices use Apple's Advertising Identifier. You can find further information about the different possibilities for using this identifier in the app settings on your device.
You can find it as follows:
1). Tap »Settings«
2. Tap »Privacy«
3. Tap »Advertising«. From there, you select specific settings using a slider.
Right to object
Should you not wish to take part in measurement on websites, you can object at the following link: https://optout.ioam.de . For technical reasons, a cookie must be set to guarantee your exclusion from measuring. If you delete the cookies in your browser, it will be necessary to repeat the opt-out process under the link above. In applications, you can opt out of this measuring here; in apps you can deactivate them in settings (for iOS in iOS Settings > App > AGOF-Zählung, for Android directly in the app menu under Data protection > IVW/AGOF-Zählung).
C.) About Adobe Analytics
We use the tracking tools Adobe Analytics and Adobe Audience Manager on our websites. These are services provided by Adobe Systems Software Ireland Limited, Ireland, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland ("Adobe").
Tracking is pseudonymous, which means that we cannot draw any direct conclusions about you as a person from the information we receive through tracking. As part of the web analytics procedure and for the processing of information about your user behavior, cookies are used to identify the browser of your end device.
We use Adobe for marketing, personalization and optimization purposes, in particular to analyze the use of our websites and services and to continuously improve and personalize individual functions and products as well as the user experience.
Adobe is integrated with your consent, which you can revoke at any time. The legal basis for this is Art. 6, Par. 1, lit. a of GDPR.
You can stop tracking by Adobe at any time by clicking on the following link (»opt-out«): "https://www.adobe.com/de/privacy/opt-out.html .
This is inhibited by setting a cookie on the end device you are using. If you delete the cookie or use another end device or web browser, the opt out must be set up again. For our mobile apps, you have to configure this in the respective app settings.
D.) About Opinary
We embed a survey tool from Opinary GmbH, Engeldamm 62-64, 10179 Berlin, Germany, on our pages in joint controllership (in accordance with Art. 26 of the GDPR). The use of this service allows us to create and display online pools or other content. The Opinary plugin retrieves the following information from the website visitor: Cookie IDs, timestamps, click data, vote coordinates and truncated IP addresses. For the protection of your personal data, we have an agreement with Opinary GmbH on the order in which this data is processed (Art. 26, GDPR). As part of our joint responsibility under data protection law, it was agreed which party would fulfil which obligations under the GDPR. We are the responsible party for the collection and transmission of the user’s data to Opinary. The data collected in this way is then anonymized by Opinary and made available to us in aggregated form. In order to control target group-based advertising, Opinary collects information about activities on our websites (advertising banners clicked and subpages visited, for example) under a pseudonym and uses this information to serve you advertising from third parties in line with your interests. This allows cookies from third-party advertisers to be stored on your end device.
For further information on the processing of your personal data, please refer to Opinary’s privacy policy. If you do not consent to the use of your data in the specified form, you can object here by opting out: https://compass.pressekompass.net/static/optout.html
E.) About Localytics
App analysis with Localytics: To better understand the usage of our apps for smartphones and tablets, we perform analysis in some apps using the service Localytics – how often they are accessed, what is clicked on, etc. Your data is pseudonymized and you are never identified as an individual. You can disable the analysis in the settings (on iOS in iOS Settings > App > Send Usage Data; on Android directly in the app menu in the settings themselves).
F.) Chatbot
For general service requests, we offer you the possibility of obtaining information on our website about our customer service and self-care solutions through the use of Chatbot. Our technical service provider for this service is knowhere GmbH, Steinhöft 9, 20459 Hamburg.
No further information is required from you for the use of Chatbot. Log files and chat histories are stored for 30 days in order to optimize the artificial intelligence behind Chatbot.
Data processing is carried out on the basis of our legitimate interests in accordance with Art. 6, Para. 1, Sentence 1, lit. f of GDPR.
G.) About our partnership with Consentric Technology
Deutsche Post AG's Consentric process was developed from the outset against the backdrop of data protection requirements and aims to process as little personal data as possible. With the Consentric procedure, Deutsche Post AG, with the involvement of various partners, links a cookie stored on a user's terminal device with a microcell of Deutsche Post Direkt GmbH (»DP Direkt«). This microcell contains only one statement about a group - an average of 6.6 people - so that the cookie identifier (cookie ID) cannot be assigned to an individual person. Various addresses have been combined in a microcell, so that the Consentric procedure has been used to link an end device to a microcell as a geographical location in compliance with data protection requirements. You can object to the data processing within the scope of the described procedure under the following link: https://pixel.consentric.de/optout . You can object to the use of the cookie of the service provider intelliAd (diva-e Products GmbH, Sendlinger Str. 7, 80331 Munich, Germany) using the intelliAd opt-out function.
With regard to the forwarding of the cookie ID read during your visit to our website, there is a joint responsibility between us and Deutsche Post AG in accordance with Art. 26 GDPR. We are therefore jointly responsible with Deutsche Post AG for the protection of your personal data. The joint responsibility is limited to forwarding the cookie IDs read by you on our websites to Deutsche Post AG for participation in the Consentric process (conversion to a microcell). The individual process steps are divided as follows: We are responsible for pixelation/installation of a script on our web pages and forwarding of the intelliAd cookie along with campaign information to Deutsche Post AG. Deutsche Post AG is responsible for the operation of the Consentric process and the specifications to us for forwarding your cookie IDs to Deutsche Post AG. With the help of the cookies, it can be recognized that you are visiting a website participating in the measurement. This information is then aggregated on the basis of the anonymous microcell of Deutsche Post Direkt GmbH. This means that it can no longer be assigned to you. At no time are individual users identified by name. Your identity therefore remains protected. Deutsche Post Direkt GmbH has data protection-compliant procedures for sending postal advertising based on the selection of a microcell. This process of selecting a microcell is facilitated by the Consentric process, which automatically indicates which microcells are of interest to an advertising company on the basis of the upstream measurement process. For example, calling up a web page can trigger the sending of a postal advertising letter. If you have any further questions about the handling of personal data, in particular if you would like information about processed personal data or wish to assert further rights, please first contact the website operator. The right to also assert your data subject rights against Deutsche Post AG at consentric@deutschepost.de remains unaffected.
H.) About our partnership with AWIN AG
We process your personal data to conduct an affiliate marketing campaign. In this way, we are able to track which third-party website, app or other technology provider has referred potential customers to our websites and apps ("referrer") and pay them a commission in return for these referrals. In doing so, we pursue the legitimate interest of running an online advertising campaign that is remunerated based on performance. We work together with Awin, which supports us in implementing this affiliate marketing campaign. The Awin privacy policy can be found here . It contains information about your rights in relation to data processing by Awin. In some cases, Awin may maintain a restricted profile that relates to you. However, this will not reveal your identity, online behavior or other personal characteristics. The sole purpose of this profile is to track whether a referral was started on one device and completed on another.
In some cases, Awin and the referrer of the potential customer may receive and process your personal data in order to implement the affiliate marketing campaign together with us.
Likewise, we receive personal data of potential customers from Awin and the referrers, which can be divided into the following categories: Cookie data, data related to the website, app or technology from which a potential customer was referred to us and technical information about the device you are using.
I.) About our partnership with The Reach Group GmbH
Cookies are used on our websites to enable the placement of retargeting campaigns by The Reach Group GmbH (Am Karlsbad 16, 10785 Berlin, Germany). The data stored within the cookie is only an encrypted, pseudonymized user ID. The adserving technology uses a shortened and hashed IP address to evaluate the geographical region, access speed and Internet provider. In addition, the time of the visit, the IDs of the products that were viewed, searched for or purchased, the URLs of the pages viewed, possible search terms and/or the IDs of the categories called up are stored in order to deliver more relevant advertising content. IP or browser data is stored exclusively in Germany and for the anonymized preparation of visitor statistics and assignment of transactions. A conclusion on concrete persons, the exact address, the location or further personal data is not possible at any time. IP data is not explicitly passed on to third parties. All information also has a maximum expiration date of 90 days, after which your browser automatically deletes the stored data. You can prevent the storage of the cookie by setting your browser software accordingly. You can also prevent the collection of data generated by the cookie and related to your use of the website by activating the OptOut function at the following link:
https://hal9000.redintelligence.net/privacy/8lcfmzhxc8d6/
You can find more information about the data protection of The Reach Group GmbH at.
https://trg.de/datenschutzerklarung/
This objection is valid as long as the associated OptOut cookie is not deleted. This cookie is set for the domain, per browser and user of a computer. If you access our websites from several end devices and browsers, you must therefore object to the data collection separately and again on each of these devices and in each browser.
J.) About our partnership with mit targeting360 GmbH
So-called »cookies« are used on our websites to enable the placement of retargeting campaigns by targeting360 GmbH (Gredinger Str. 28, 90453 Nuremberg, Germany), which works with the ad serving technology of NEORY GmbH. In addition, after the NEORY technology, further calls to the following technologies can be reloaded, which may set cookies: Adform, Adition, Google, MediaMath, The Trade Desk, Emego. This is used to present interest-based advertisements to website visitors as part of our partner advertising network.
Cookies can basically make it possible to make our offer more user-friendly, effective and secure. Cookies are small text files that are saved by your browser and thus stored on your computer. Most of the cookies used are so-called »session cookies«, which are automatically deleted at the end of your visit to a website. Other cookies remain stored on your terminal device until you delete them. In general, you can prevent the storage of cookies by selecting the appropriate settings on your browser software.
By reading the identifier stored in a cookie, it is possible to recognize your end device when you visit websites that belong to the advertising network. On these pages, the visitor can then be presented with advertisements that relate to content that he has accessed on websites that use the aforementioned ad serving technology. The technology used here uses an IP address anonymized by shortening and hashing and a cookie ID to process or evaluate the following information: Location by country/region/state/city, Internet provider, access speed, technical information on the browser and end device used, operating system, preferred languages according to browser settings, HTTP referrer, time of server request. The hashed IP address and the cookie ID are pseudonyms. The processed data can therefore not be directly assigned to specific persons.
The legal basis for the use of the cookies used here and the subsequent processing is, in accordance with Art. 6 para. 1 lit. a) GDPR, the consent given for this. Consent to the processing of personal data - and also to the use of cookies - can be revoked at any time. You can terminate the processing of the above-mentioned data based on your consent and the further use of the cookies used for this purpose by making use of your right of revocation or objection under the following link: https://ad.ad-srv.net/privacy/kdb0xdq3ls8m/