And now from the beginning: The information on data protection outlined here applies to the use of the SPIEGEL Group's digital editorial products, such as www.spiegel.de and www.manager-magazin.de. For other SPIEGEL Group websites – for example, corporate communications – separate privacy policies may apply. Data protection information for conventional print subscriptions from the publishers within the SPIEGEL Group can be found in their respective General Terms and Conditions of Business and Delivery. When we link to other websites, we have no influence and no control over the service provider’s compliance with data protection provisions. If you wish to alert us about possible problems on a linked site or with one of our partners, please email us.

The responsible authority for data processing in connection with this website is the company within the SPIEGEL Group named in the respective legal notice (Impressum), represented by its management. You can always contact the SPIEGEL Group, Kennwort Datenschutz, Ericusspitze 1, 20459 Hamburg or send an email to datenschutz@spiegelgruppe.de  if you wish to obtain additional information about how we collect, process or use your data; if you wish to rectify, delete or block such data; or if you have any other general questions that have not been answered. You can find detailed information about your rights in Section 6.

The following is always applicable: We will store, process and use your data only in the manner described in this notice, and in compliance with German and European data protection legislation. Naturally, we maintain data secrecy. We treat your data confidentially and do not pass it on without your consent to third parties other than to closely associated service providers, who may manage subscriptions, payment services, video delivery, or premium and advertising business or other services on our behalf. These service providers are under obligation to use your data only for the purpose provided for in the relevant contract, and not to pass it on to anyone else under any circumstances.

The following documents and information, which can be accessed separately, are part of this privacy policy.

• A detailed overview of the "ad trackers” used can be found in our Privacy Center.

• A detailed overview of the cookies, device identifiers and similar tracking technologies and analysis services that are also used in the »ad-free« service together with detailed information pertaining to them can be found here.

In principle, you can use our websites without explicitly providing classic personal data such as your name, address, bank account details, etc. In some cases, however, it is necessary to provide such data, either because it is required by law or in order to conclude contracts with you or to provide a requested service. The provision of the data in these cases remains at your discretion, of course, but this data is sometimes necessary in order to fulfill the stated purposes. Failure to provide this information may then mean that we are unable to provide you with our services.

Some further information up front: The latest SSL security standard (256-bit Secure Socket Layers) is used across all of our products and services. Your data is encrypted directly during transmission and all data protection-relevant information such as credit card number, bank code, bank account number, name and address is stored in encrypted form in a protected database. This brings us to the particular instances in which you provide us with information about yourself:

a) Purchasing a subscription

When purchasing a digital subscription (SPIEGEL+) and/or a »ad-free« subscription, the following data must be provided: Salutation, first name and surname. Providing your postal address is optional, unless you order a product that includes printed issues. We need your payment data for the payment methods PayPal, SEPA direct debit or credit card to initiate the payment.

The data mentioned above are required to provide limited-time access or to fulfill the subscription contract, in accordance with Art. 6, Par. 1, lit. b of GDPR.

The creation of a SPIEGEL account is mandatory for digital subscription contracts (the periodically updated offer of digital products), limited-time access contracts (e.g., weekly or monthly, multi-month or annual pass for existing paid content) and the »ad-free« subscription. You must provide your email address and a password. The provision of this data is necessary for the fulfillment of the contract and it, too, is processed in accordance with Art. 6, Par. 1, lit. b of GDPR.

We will initially store your data until the end of your contract or the deletion of your SPIEGEL account or until that data is no longer subject to any tax, commercial or other legal retention obligations. The legal basis is Art. 6, Par. 1, lit. b and c of GDPR.

In the course of fulfillment of contracts, on the basis of Art. 6, Para. 1 lit. b. of GDPR, we rely on external payment service providers whose platforms allow users to make payment transactions (for example, PayPal  and for credit cards such as Visa , Mastercard  and American Express  and SEPA direct debit as well as the service provide Stripe .

The data processed by the payment service providers include, for example, the name and address, bank data, such as account numbers or credit card numbers, passwords, transaction authentication numbers (TANs) and checksums, as well as the contract, totals and recipient-related details. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. We do not receive any account- or credit card-related information, only information about whether a payment is confirmed or declined. Under certain circumstances, the data may be transmitted by the payment service provider to credit agencies. The purpose of that transmission is to verify identity and creditworthiness. In this case, we refer to the terms and conditions and data protection information of the payment service providers.

We also use the service provider Stripe to verify age information (for discounted subscriptions, for example). The only information we receive is a confirmation of, or a notification of a contradiction in, the data you have provided, including address, name and date of birth. The documents on which the verification is based are deleted by the provider within 14 days.

In all other respects, we refer to the notes and regulations in our General Terms and Conditions of Business and Delivery.

b) Registration of a SPIEGEL account

On our websites, we offer you the possibility of creating a free user account (SPIEGEL account) by entering your email address, which provides the basis for some services requiring registration and also enables you to use personalized services (Art. 6, Par. 1, lit. b of GDPR).

We will delete your data as soon as you delete your SPIEGEL account on our website and there are no tax, commercial or other legal obligations to keep records.

To register, you only need to enter your email address and a password. Further information such as name and address is optional. When you register or log in to our websites, we ask for your email address and password. As a registered and logged-in user, we can create a profile, and various services are available to you. Among other things, you can use our digital limited-time access contracts and subscriptions, order products or participate in our debate formats with contributions. It also allows you to participate in our daily quiz and access your personal game statistics, in which we process pseudonymously which quizzes you have already participated in and which and how many questions were answered correctly or incorrectly.

You also have the possibility on our web pages to activate the "stay logged in” function by ticking the box, so that you don’t have to log in again after leaving the site and then revisiting it later. For this purpose, we use cookies with your consent, which ensure automatic recognition on the occasion of a renewed visit (Art. 6, Par. 1, lit. a of GDPR).

To make your visit and the use of our websites as comfortable as possible and to help you find relevant information more quickly, we personalize the use of our websites, for example by providing "Recommended for you" articles (Art. 6, Par. 1, lit. a of GDPR).

c) Newsletter

On our websites, you have the option of subscribing to our editorial newsletters without registering for a SPIEGEL account in order to receive news and current information from our editorial teams as well as about our products. Without a SPIEGEL account, the ordering of newsletters and other notifications is carried out via the so-called "double opt-in procedure", i.e. the specification of your e-mail address is verified by means of a confirmation e-mail sent to it. The processing of your personal data then takes place with your consent according to Art. 6 para. 1 lit. a) GDPR.

If you have agreed, we then record your clicks in our newsletters and other notifications using invisible image files, so-called tracking pixels. Together with our service providers Mailjet and Salesforce, we analyze opening and click rates as well as other usage data. Your e-mail address will be stored in a recipient list so that we can keep track of the distribution list. It will also be used in a pseudonymized way to send you personalized newsletters adapted to your preferences and interests.

As a member of the Informationsgemeinschaft zur Feststellung der Verbreitung von Werbeträgern e.V. (IVW - https://www.ivw.eu  ), we use a so-called IVW pixel in the newsletters, i.e. a pixel-sized file that is retrieved from an IVW server when the newsletter is opened. Through this retrieval, technical information and the time of the retrieval are collected as part of an anonymized reach measurement. For more details, please see section 7 at the end of the privacy policy.

You can unsubscribe from any newsletter at any time, thus revoking your consent for both sending and analysis, by clicking on the corresponding link at the end of the respective newsletter, by writing to newsletter@spiegel.de  or unsubscribing yourself in your "My Account" area. This also applies to the editorial newsletters ordered as part of subscriptions and time access contracts.

d) Use of the forums and comments

If you have registered on our websites, you can participate in our debate formats by posting comments. If you submit a comment, it will be published with the username you provide or with a username we create at random. In your profile, you may use a pseudonym as your username instead of your real name so that other readers do not know your real name, except in the manager lounge, where all users are presented with their full real name.

The legal basis for the processing of your data is the consent given by you in accordance with Art. 6 Par. 1, lit. a of GDPR. You can revoke your consent at any time, but doing so precludes any further use of the comment function.

e) Advertising by email, telephone or letter

We use your contact data for advertising if you have given your consent (Art. 6, Par. 1, lit. a of GDPR), as well as for the legally permissible direct advertising of our own and related products if you have provided such data when ordering or registering (Art. 6, Par. 1, lit. f of GDPR in conjunction with Sec. 7, Par. 3 of the German Act Against Unfair Competition (UWG)).

If you no longer wish to receive advertising, you can revoke your consent or object to direct advertising at nasic rates at any time

• by clicking on the unsubscribe link at the end of the email

• by sending an email to aboservice@spiegel.de 

• by writing to DER SPIEGEL, Kundenservice, 20637 Hamburg (please state your name and the email address you used for registration)

• or by telephone at 040 3007-2700.

Your personal data will be passed on to our external and internal marketing and newsletter service providers and contest partners provided that they assist us in data processing. These partners are contractually obliged by us to neither use data for their own purposes nor to pass it on to others. We will not pass your data on for commercial use without your express consent.

The data processed by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not infringe on any legal storage obligations.

f) Contacting us

We process your personal data when you contact us using the form on our website or by email. For this purpose, we partly use the service CognitoForms from Cognito LLC. You can find more information on data protection here. This data processing is necessary for the processing of your request (Art. 6, Par. 1, lit. b of GDPR). The data processing takes place exclusively within the scope of our customer service.
If you agree to the publication of your message, it may be published on our websites as well as in our magazines with the indication of your name and place of residence.

g) Events

We invite our readers and subscribers to events at regular intervals and you have the opportunity to register for various events on our websites. In doing so, we use your personal information, such as first and last name and your e-mail address, as well as other mandatory information, if applicable, to enable you to participate in the event. For paid events, further information and data are required for payment processing, depending on the selected payment method. The data processing takes place exclusively for the implementation and processing of the event and to provide you with the necessary information for your participation. For some events, we use the option to inform you in advance about the start of the livestream by e-mail. In addition, after the event you will receive an email with (further) information about your event as well as a feedback survey. In this respect, the processing is based on Art. 6, Par. 1, lit. b of GDPR. We pass on your data, if necessary, to our event partners and sponsors. The corresponding transfer of this data is necessary for the processing of the event and is also based on Art. 6, Par. 1, lit. b of GDPR.

For the processing of ticket purchases or registration for a free event, functions and content of the service pretix are offered and integrated by rami.io GmbH, Berthold-Mogel-Straße 1, 69126 Heidelberg, Germany. This includes the ticket store, which is integrated via a JavaScript widget. If you buy a ticket or purchase one for free, pretix uses a technically necessary cookie to enable the order process and to remember which shopping cart belongs to you. The cookie is set as soon as you interact with the widget. Pretix does not store IP addresses, browser information or other unnecessary metadata beyond the duration of your request. You can find more info about data protection at pretix here: https://pretix.eu/about/de/privacy .

If the event is (also) transmitted as a livestream, it is possible that this will be replayed on the website http://www.spiegel.de and made permanently publicly available there as a video after the event is over.

In the case of registration for paid events, we store your data for the duration of the contract and thereafter until the expiry of the statutory limitation periods or for the duration of the retention periods under tax law. The corresponding data processing beyond the term of the contract is based on our legitimate interest in retaining the data for the aforementioned purposes and thus on Art. 6, Par. 1, lit. f of GDPR.

In the case of registration for free events, we will retain your data for documentation purposes and in the event of queries after the event for a period of six months.

In addition, your contact data will be stored for advertising purposes as long as you do not object to this.

h) Analysis for abuse prevention

Our digital offerings and in particular subscriptions may only be used in accordance with the applicable terms of use and contractual agreements. In order to detect misuse of our offers and to be able to react appropriately, for example by preventing unauthorized access, data collected during the use of our digital offers (login data, devices, login frequency, date and time) are processed in our internal database to protect our rights and to identify unusual use. Legal basis of this Art. 6, Par. 1, lit. b and f of GDPR. The use of cookies and similar technologies is possible for these purposes without your consent according to Sec. 25, Par. 2, No. 2 of TTDSG.

Which articles are currently being read? How often? By how many people? How much time do viewers spend watching videos? How often do users visit our sites? Are there any suspicious access attempts, so-called "denial of service” attacks?

Here, we explain which (personal or personal-related) data is collected, processed and, if applicable, transmitted to which third parties, where and how it is done.

In the following, we differentiate between four areas of application:

(A.) cookies and analysis that are not personalized or only serve to ensure technical functioning and access security and which as a rule may be set or performed without your consent and which, as such, cannot be deactivated.

(B.) cookies and analysis that are activated and integrated as a standard, also in the »ad-free« offer, which are used to measure reach as well as for our own analysis for the need-based design of the product, and can be partially deactivated.

(C.) without choosing the »ad-free« option, in the case of free use integrated cookies and analysis for advertising tracking and for serving usage-based advertising by third-party cooperating companies with your consent. And, finally,

(D.) optional cookies and analysis of "social media” for all users, which are deactivated by default, and those products used in editorial partnerships, which are activated by default.

In the following passages, we summarize the relevant information on these areas of use and the services related to them in text form. At the same time, you can also inform yourself through the tabular overviews here for areas A.) & B.) and in the Privacy Center for area C.). Further and more detailed information on and directly from individual services can be found in the specified text form and under Section 7 of this privacy policy.

A.) Non-personally identifiable or mandatory cookies & analysis, the technical functional safeguarding of systems and authentication

We use cookies and similar analysis services, which are required for technical function assurance and authentication. For such cookies, no consent is required under the Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (§§ 12 ff. TMG until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG) or under the General Data Protection Regulation (DSGVO).

A first example of this is the cookie »accessInfo«, which is used to check whether you are a user of the advertising tracking-free »ad-free« offer and/or our paid "Plus" content. This cookie is required for authentication and thus performance of contract in accordance with Art. 6, Par. 1, lit. b DSGVO, which is why it can be set and read without your consent under the TTDSG (Sec. 25, Par. 2, Nr. 2 TTDSG).

Another example is the cookie »thirdPartyConsent«, which stores whether or not the user has given consent to the display of content from such third parties as Twitter and YouTube. This cookie is required to secure the function of the default-deactivated integration, and can thus be set and used without consent in accordance with Art. 6, Par. 1, lit. f DSGVO (legitimate interests) and Sec. 25, Par. 2, Nr. 2 TTDSG. You can find the overview of such cookies here.

We also use cookies and similar analysis services with which no personal data is collected and processed. One example here is the service »Hotjar«, which we sometimes use to track mouse movements in order to evaluate whether and, if so, how we can improve the positioning of certain buttons or similar and simplify use of the website for you. The analysis is carried out entirely anonymously – by shortening your IP address, for example, so that no conclusions can be drawn about specific persons. Nevertheless, we require consent for the storage of the cookies from this service on your end device in accordance with the Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. TMG until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG). You give us this consent if you decide to use the website free of charge or the »ad-free« subscription, as it is a prerequisite for using the offer.
Consent in accordance with the DSGVO is not required, since no personal data is processed. You can nevertheless declare an »opt-out« for individual services and even the respective anonymous analyses will be prevented. You can find the aforementioned overview of the services in question here.

Beyond that, when you visit our website, the following data is automatically sent to our server and stored for 30 days in a log file:

• IP address

• Date and time of access

• Name and URL of the data retrieved

• Web page from which the access takes place (referrer URL)

• User agent (usually contains information about the browser used, the computer's operating system, the manufacturer and the model designation of the mobile device)

• Volume of data transferred

• Reporting on whether the access/retrieval was successful (http status code)

The above-mentioned data and its processing is technically necessary for us to ensure the stability and security of our systems, to be able to detect abuses and to protect against them (hacking or DDos, for example), as well as for error analysis and correction. Data processing is based on our justified legitimate interest in accordance with Art. 6, Par. 1, lit. b of GDPR for the purposes mentioned above. We employ state-of-the-art security measures to ensure data security. For the purposes of such processing, no information or cookies will be stored on your end device, which is why the TTDSG does not apply in this case.

Since the collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of our web pages, it is not possible for you to opt-out here. You can only prevent this form of data processing by not using our services.

Finally, we use a service from Sourcepoint to prevent the use of ad blockers on our site. This stores data on usage of our site in cookies to repel advertising blockers and record your settings. All analysis is carried out anonymously and in a non-personalized way. Private data such as IP addresses are used only in truncated form. You are also unable to prevent the use of these services.

B.) Cookies and analyses in the »ad-free« subscription for reach measurement and needs-oriented design (can for the most part be deactivated with an opt-out)

We also use cookies and analytics in both the »ad-free« subscription and the free product to address and design the offer in line with your needs and to measure reach.

To address and design our offers in a way that meets your needs, we use Adobe Analytics, for example, with the cookies listed in detail in the overview here . The use of Adobe Analytics enables us to always adapt products and services to your needs. We use these cookies to be able to address you with on-site campaigns and personalizations according to profile information determined or, if applicable, provided by you. On the basis of pseudonymized cookie information, we do not address you as a person, but your profile on the basis of characteristics that are important to us. These profile characteristics result from the context (the content of the displayed web page), from your profile formation characteristics, from analyses and tests for product development, and from calculated characteristics based on cookie information. Characteristics for profile-related targeting are the engagement score (marking your profile with a calculated usage intensity of our offers), the propensity score (marking your profile with a calculated subscription completion probability) and the churn score (marking your profile with a calculated cancellation probability). These scorings help us to create segments for the playout of precisely fitting and relevant on-site campaigns including suitable surveys, the latter also for the playout of e-mail campaigns.

In addition, we also use the information for personalization in the "For Me" area for our editorial products and also for the SPIEGEL+ newsletter, provided you have consented to this personalization calculated on your customer profile at the appropriate point.

Further detailed information on "Adobe Analytics" can be found in note 7.

The legal basis for the use of such cookies is Sec. 25, Par. 2, No. 2 of TTDSG, the processing of your data is based on a legitimate interest and thus on Art. 6, Par. 1, lit. f of GDPR. If you do not wish such a demand-oriented design, you can set an "Opt-Out" for the services listed in the overview, if necessary. Unlike the advertising trackers under (C.), however, we do not offer our services without these cookies and analyses. If you categorically reject the use, even with the possibility of such an opt-out existing in parts for the future, you cannot use our offer. However, you can object to the processing of your scoring and other advertising measures at any time, for example by sending an e-mail to datenschutz@spiegelgruppe.de .

The same applies to reach measurement, which must be standardized and carried out by neutral third parties in the interest of comparability. If cookies are stored on your computers for this purpose, this is also done in accordance with Sec. 25, Par. 2, No. 2 of TTDSG and also in accordance with Art. 6, Par. 1, lit. f of GDPR on the basis of our legitimate interests, whereby no user and usage profiles are created for range measurement and you can also set an opt-out for this. You can find more information in the overview here .

C.) Ad tracking and the serving of usage-based advertising

If you decide not to use the paid »ad-free« service, advertisements and promotions will be served to finance our products and services. In online advertising, advertisers need reliable information about how many readers view their ads. Moreover, they expect preferential presentation of their advertising to those who are likely to be interested in their products or topics. To enable them to do so, we allow our advertising partners on our free products and services to track usage data for »usage-based« online advertising (in which advertising is tailored to the user's interests), which implies the collection of data and its processing in pseudonymized usage profiles (»ad tracking«). This data helps ensure that you are presented with advertising to which you are likely to be more attentive.

As an advertising partner through Google AdWords, Google is also integrated and can place and use advertising cookies with us according to the same guidelines. If you click on an ad placed by Google, a cookie is stored without personalized data and remains valid for 30 days. It registers your clicks on the ad on our website and is used for statistics. You can opt out here .

You can find an overview of the advertising service providers, the so-called »Third-Party Trackers«, approved for use on our free content offerings in our Privacy Center. Legal basis for our use of cookies described above is consent in accordance with the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (Sec. 12 et seq. until Nov. 30, 2021) or – as of Dec. 1, 2021 – the Law on Regulating Data Protection and the Protection of the Private Sphere in Telecommunications and Telemedia (Sec. 25 et seq. TTDSG) and/or the European General Data Protection Regulation (Art. 6, Par, 1, lit. a of GDPR (consent)).

In general, tracking means that your usage of our products and services is captured, for instance individual clicks, subpages visited, advertising banners viewed, etc. Because such data is related to you as a person, all usage data according to the Telemedia Act must be saved with a random pseudonym that cannot be reconnected with the user (section 15, Par. 3. Sec. 3 TMG, until Nov. 30, 2021). To enable ads to be tailored to your needs in places where cookies do not work optimally, within smartphone apps for example, cookie-like technologies may be used. To prevent this, go to the app "Google Settings" on Android smartphones or scroll down to »Google« in the General Settings app, tap »Ads Settings« and tap the on-off slider next to »Personalized advertising«. On iOS devices, for which we use Apple's Advertising Identifier, go to the Settings app, then to »Privacy«, then to »Advertising« and make your specific settings.

D.) (Optional) additional services

1. Social media

On our site, we integrate posts and recommendation functions from platforms such as Facebook, YouTube, Twitter, Instagram, Giphy, Imgur, Spotify, TikTok and the mapping service Mapbox. These services are inactive by default, but they can be activated by the user. Most of these services are based in the U.S. but are nonetheless subject to the applicable data protection regulations in EU and EEA countries. If, for instance, you actively use a recommendation bar on our site or read an article with an embedded post or YouTube video or Spotify playlist, the embedding technology may transfer general framework data such as your IP address back to the social networks and platforms. We have no influence over the way these platforms use the data, including, in some cases, the creation of user profiles. Please consult Facebook, Twitter, Spotify, TikTok and YouTube, et. al. directly for more information and to adjust your privacy settings.

For social networks and on other external platforms, the companies' respective data protection regulations apply, even if we distribute information and maintain presences there with our brands. With Snapchat, in particular, we are active outside our internet presence, for example with DER SPIEGEL in the network’s Discover section. The U.S.-based company provides us with its content management system and general usage data, such as the number of hits, the length of usage, the demographics of readers and the user names of all contacts. You can read the network's data protection rules here.

You can also create a user account with us by connecting to your Facebook account (»Sign in with Facebook« function). Should you use this option, we will of course have no access to your Facebook log-in information - the social network's privacy policy applies - but we will need to obtain your public information and your email address in order to allow you to register with us. This will enable you to set up a user account with us, and you can later unlink Facebook in our log-in area at any time in order to log in to us independently of Facebook.

The following links will provide you with information about the privacy policies of the individual third-party providers:

• Content from Twitter: We integrate Twitter content into our internet offering using the Tweet plugin. Twitter’s privacy policy can be found here: https://twitter.com/de/privacy 

• Content from Facebook: We integrate Facebook content into our internet offering using the Facebook plugin. Facebook’s privacy policy can be found here: https://www.facebook.com/privacy/explanation 

• Content from YouTube: We use the YouTube player to integrate videos from its YouTube channels or videos from other providers into our internet offering. Google’s privacy policy can be found here: https://support.google.com/youtube/answer/2801895?hl=de 

• Content from Instagram: Instagram's embed feature enables the integration of images and videos from Instagram into our offering. Instagram’s privacy policy can be found here: https://www.instagram.com/legal/privacy/ 

• Content from Giphy: Giphy’s embed function enables the integration of GIFs on our websites. Giphy’s privacy policy can be here: https://giphy.com/privacy 

• Content from Imgur: With Imgur, we can integrate Imgur content, such as images. Imgur’s privacy policy can be found here: https://imgur.com/privacy 

• Content from Spotify: Spotify allows us to integrate songs, albums or playlists into our websites. Spotify’s privacy policy can be found here: https://www.spotify.com/de/legal/privacy-policy/ 

• Content from TikTok: The TikTok plugin allows us to integrate videos from TikTok. TikTok’s privacy policy can be found here: https://www.tiktok.com/legal/privacy-policy?lang=de 

• Content from Mapbox: Mapbox allows us to integrate maps. Mapbox’s privacy policy can be found here: https://www.mapbox.com/legal/privacy/ 

2. Products used in editorial partnerships

In our articles, we often use services from cooperation partners, for surveys or discussion questions, for instance. As with social networks and platforms, the following applies: If, as an example, you read an article with an embedded survey, general framework data such as your IP address may theoretically be transferred back to the social networks and platforms. You can also find more information on their data protection policies on the websites of the cooperation partners:

• Civey: In some products and services, we use this German platform to carry out opinion surveys. Civey also collects data on your personal settings and your voting behavior, which is why you can only fully utilize the service once you log in with your own log-in or through Facebook (in the latter case the social network may theoretically track the fact that you use Civey). If you are not logged in, your voting behavior will be evaluated in anonymized form and a cookie set in each case. Your log-in and voting data is stored in encrypted form on German servers, where it remains confidential and is used solely for survey purposes. You can find out more about data protection details for Civey here .

• Opinary: We integrate a survey tool from Opinary GmbH, Engeldamm 62-64, 10179 Berlin, Germany on our pages. The use of this service allows us to create and display online surveys.Through the Opinary-plugin the following information of the website visitor is retrieved: Cookie IDs and IP address. The maximum storage period of this information is one year. The data processing is based on your consent, Art. 6 para. 1 (a) DSGVO.For the protection of your personal data, we have contractually agreed with Opinary GmbH, which party fulfills which obligations and data protection responsibilities under Art. 26 DSGVO in the context of the cooperation. We are thus the responsible party for collecting and transmitting the user's data to Opinary. The data collected in this way is then made available to us by Opinary in a pseudonymized and aggregated form.To control target group-based advertising, Opinary collects and uses information about activities on our websites (e.g., banner ads clicked, subpages visited) under a pseudonym to deliver third-party advertising tailored to your interests. This may result in cookies from third party advertisers being stored on your computer.For more information about the processing of your personal data, please see Opinary's Privacy Policy .

• Datawrapper: We use this service to create editorial information graphics to accompany our articles. When you load these infographics, general usage data is recorded, but not the IP address of your device. In addition, Datawrapper will not pass on any user data to commercial third parties. You can find more about data protection at Datawrapper here .

• Games: Some of our products and services include embedded browser-based games that are provided by our Karlsruhe-based partner kr3m, which stores the log files of the websites and files that are accessed, the associated time data, the browser and operating system and the IP address including the provider. This data is used solely for statistical purposes to optimize security and the product or service itself, but also to track illegal use. In no case is personal data passed on without the user's consent. You can find more about data protection at kr3m here .

• Heise price information
  On our website we use widgets, e.g., with price information, tables or images (widgets) from Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Hannover (Heise Medien). The widgets provide an overview of the prices of various providers. At the same time, it is possible to access the offer directly via an affiliate link. The widgets are provided by Heise Medien via a programming interface. If you, as a visitor to our website, call up a web page using a widget, your IP address, user agent string and standard headers are transmitted to Heise Medien. This is technically necessary in order to be able to respond to enquiries. This data is stored for a maximum of 7 days and then deleted or rendered anonymous so that it is no longer possible to identify the visiting client. The processing of the data required from you is carried out on the basis of Art. 6, Par. 1, lit. f of GDPR exclusively for the exercise of our legitimate interests, in particular for technical reasons, for IT security purposes as well as for the fulfillment of user interests and the economic operation of our online offer.

We, too, advertise our products and services on the internet. We use various options for individualized advertisements with which we aim to reach you and other potential readers directly:

• Google Remarketing: We use Google's Remarketing function to present you with advertisements for our products and services that correspond with your usage preferences in the global Google advertising network. You will be identified in this network through cookies, but not identified as an individual. You can opt out here .

• Facebook Remarketing/Retargeting: We have integrated remarketing tags from the social network in our products and services where appropriate. If you are logged into Facebook, the platform receives the information that you have visited our site, through which we can present you with advertising on Facebook. The transfer of your data as a Facebook user is regulated in the data protection declaration of the network itself. You can deactivate the »custom audiences« setting for your profile here . We do not use the custom audience email procedure.

• Bing Ads: This service from Microsoft, a U.S.-based company, sets a cookie if you access our website through a Bing ad so that we can find out the total number of clicks leading from an ad to our website. Your user profile is only stored in a pseudonymized form. There is no transfer of data. You can opt out here .

• Sovendus: This German service provider offers some of our products for sale on the internet as an advertising partner. In order to ensure correct billing, the service sets a single pixel at the time of purchase in order to transmit the ordered product in a pseudonymized and encrypted form, including time stamp and IP address, whereby the latter is only used for data security purposes and is normally anonymized after seven days. Details on data protection at Sovendus can be found here .

• Outbrain Amplify: On our websites, we use technology from Outbrain Inc. (»Outbrain«, 39 W 13th Street, New York, NY 10011 USA). This enables us to serve targeted advertising to visitors to our partners' websites who are interested, and have shown interest, in our content. The technology is based on a cookie-dependent analysis of previous user behavior. These ads only appear on Outbrain ad spaces – either Outbrain Engage ad spaces or the Outbrain Extended Network. If you don't want to be shown interest-based ads, you can disable this feature here . More info can be found here: https://lp.outbrain.com/gdpr-ready/ .

• Twitter Conversion Tracking: We have integrated the Twitter website tag on our websites. With this tag, when you visit one of our websites, a direct connection to the Twitter servers is established, and the fact that you have visited our websites is then transmitted. Twitter links this information with your personal Twitter user account. This allows us to target ads based on your previous page views and activities (remarketing). The data processed by Twitter in this way does not allow us to identify you personally. Nor do we combine this pseudonymous information with any other data about you. For further information on the collection and use of data by Twitter and your rights in this regard, please see Twitter’s privacy policy here . Options for protecting your privacy and settings for personalized content on Twitter can be made here .

• TikTok Retargeting: We have integrated retargeting pixels of the social network in our offers where appropriate. If you are logged in on TikTok, the platform receives the information that you have visited our pages, which allows us to target you with ads on TikTok. The transmission of your data as a TikTok user is governed by the "Ads and your data" guide of the network itself, which you can find here . You can turn off personalized advertising settings for your account here .

GDPR Article 15: Right of access by the data subject
You have the right to obtain information from us about the personal data we process.

GDPR Article 16: Right to rectification
If the data concerning you is inaccurate or incomplete, you may request the rectification of incorrect information or the completion of incomplete information.

GDPR Article 17: Right to erasure
In accordance with Article 17 of GDPR, you can request the erasure of your personal data. Your right to erasure depends, among other things, on whether the data concerning you is still needed by us to fulfil our legal or contractual obligations.

GDPR Article 18: Right to restriction of processing
In accordance with Art. 18 of GDPR, you have the right to request that the processing of personal data concerning you be restricted.

GDPR Article 21: Right to object
For reasons relating to your particular situation, you have the right to object to the processing of personal data concerning you at any time.

Art. 7, Par. 1 of GDPR: Right to withdraw consent
You have the right to withdraw your consent for the processing of your personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

A.) Privacy Policy Web - INFOnline Measurement

Our website uses the multi-stage measurement system INFOnline Measurement from INFOnline GmbH (https://www.INFOnline.de ) to determine statistical metrics (page impressions, visits, technical client) about the use of our digital services.

The goal of usage measurement is to statistically determine the number of visits to our websites, the number of website visitors and their surfing behavior – on the basis of a uniform standard procedure – and to thus obtain data that are comparable across the market.

As a member of the German Audit Bureau of Circulation (IVW - https://www.ivw.eu  ), usage statistics are regularly provided by IVW with the performance values "page impressions” and "visits” in IVW’s reporting (https://ausweisung.ivw-online.de/ ).

As a participant in the AGOF daily digital facts study, the usage statistics of our digital services are regularly collected by Arbeitsgemeinschaft Online-Forschung e.V. (AGOF- https://www.agof.de ) and the Arbeitsgemeinschaft Media-Analyse e.V. (AGMA - https://www.agma-mmc.de  into reach figures and published with the performance value "unique user."

1. Legal basis for processing

Measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the scope of usage measurement with consent pursuant to Art. 6 Par. 1 lit. a) GDPR.

Legal basis for processing measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the scope of usage measurement with consent pursuant to Art. 6 Par. 1 lit. a) GDPR.

The purpose of processing personal data is the formation of digital performance values (page impressions, visits and technical client) for the creation of statistics. The statistics help us understand and verify the usage of products and services.

2. Type of data

The types and amounts of data collected using INFOnline Measurement do not make it possible to identify specific users.

A JavaScript code (so-called "measurement Manager”) is used which, when called up via the browser or the end device of the user (client), automatically integrates and executes the necessary measurement sensors for anonymous and/or pseudonymous data processing to determine the key figures on the basis of the consent information from the Consent Management Platform (CMP) used by the provider for the digital service. The INFOnline Measurement is set up as an anonymous system (without a client identifier) and as a pseudonymous system (with a client identifier).

In the anonymous census procedure (IOMb),

no personal data is processed at all, nor is the user’s IP address. This is removed entirely from communication and processing. For this purpose, a communications interface, the "service platform,” as a measurement endpoint prevents the exchange of the user’s IP address with the INFOnline systems within the scope of the INFOnline Measurement. The IP address as personal data is discarded in the census procedure on the service platform before the measurement call is routed to INFOnline. There is no geolocation by means of IP address. The data set generated in the census process is a PI-only data collection.

In the pseudonymous measurement method (IOMp),

the following data is collected with the third-party cookie i00 (ioam.de ) and the first-party cookie ioma2018, which has a personal reference in accordance with EU GDPR:

• IP address

Every device on the internet requires a unique address for the transfer of data – the IP address. Because of the way the internet works, it is a technical requirement that the IP address be stored at least in the short term.

IP addresses are reduced by 1 byte before any processing and only processed further anonymously. There is no saving or processing of non-truncated IP addresses.

• A randomly generated client identifier:

Reach measurement uses unique identifiers of the end device, a "local storage object" (LSO) or a signature generated from a range of information automatically transferred from your browser, to recognize computer systems. This identifier can uniquely identify a browser as long as the cookie or local storage object is not deleted. Measurement of data and subsequent allocation to the relevant identifier is also possible under certain circumstances if you access other websites that also use INFOnline GmbH's pseudonymous measurement system. The following unique identifiers can be transmitted to INFOnline GmbH as a hash:

• shortened client IP or X-Forwarded-For (XFF)

• user agent (as hash)

Personal data pursuant to the EU GDPR are used for measurement only to the extent that the use of a JavaScript takes place with respect to a user who has been assigned an individual IP address and a randomly generated client identifier for accessing up web content.

In the anonymous measurement method (IOMa),

a measurement sensor (JavaScript) is used that calculates the metrics in the user's browser (LocalStorage (LSO)), automatically encrypts them and transmits the aggregated usage data to a communication interface, the "service platform.” In the service platform, identifiers required for internet communication (e.g. IP address of the client) are removed and the encrypted anonymized measurement data is supplemented by geolocation and transmitted to the central server component at INFOnline.

Insofar as the collected measurement data is enriched by a geolocation of the browser, an IP address is also used for this only for the purpose of collecting the geolocation and the enrichment with the collected measurement data. An IP address required for this purpose is discarded immediately after enrichment.

During the deployment phase of IOMa, a first party cookie is used to store the timestamps (Unix Epoch Timestamp) of the last usage per site and per page code. These values are used as a guide for building time-related metrics in situations like a visit in which the HTTP origin changes. No further personal data/IDs are stored in the cookie. After the deployment phase it should then be omitted so that the measurement then takes place entirely without cookies.

Personal data pursuant to the EU GDPR are used for measurement only insofar as the use of a JavaScript takes place with respect to a user who has been assigned an individual IP address for accessing web content.

In that respect, we do not permanently process any personal data about you through the use of the anonymous measurement method (IOMa) in the INFOnline Measurement.

3. Usage of data

INFOnline GmbH's measurement process, which is used on this website, communicates usage data. This occurs for the collection of the performance values "page impressions," "visits" and "clients."

• Geolocation

In the pseudonymous measurement method (IOMp) and in the anonymous measurement method (IOMa), the assignment of a website call to the location of the call is based exclusively on the anonymized IP address and only up to the geographical level of the federal states / regions. The geographic information gathered in this way can never be used to allow deduction of a user's precise whereabouts.

• Consolidation of usage data across all offerings

The usage data of a technical client (e.g. a browser on a device) is compiled across websites using the pseudonymous measurement method (IOMp) and stored in a database.

4. Storage duration of the data

INFOnline GmbH does not store the complete IP address.

The IP address is only used to receive the data packets and is shortened by 1 byte.

In the census procedure (IOMb), the truncated IP address is discarded; in the pseudonymous (IOMp) and anonymous method (IOMa), it is stored for a maximum of 60 days. In the pseudonymous (IOMp) and anonymous (IOMa) methods, the usage data is stored for a maximum of 6 months in connection with the unique identifier.

The validity of the i00 cookie used in the pseudonymous method (IOMp) and the cookie ioma2018 on the user's terminal device is limited to a maximum of 1 year.

5. Transfer of data

Neither the IP address nor the truncated IP address is transferred.

6. Rights of data subjects

Data subjects have the following rights:

Right of access (Art. 15 GDPR)

Right to rectification (Art. 16 GDPR )

Right to object (Art. 21 GDPR)

Right to erasure (Art. 17 GDPR )

Right to restriction of processing (Art. 18 et seq. GDPR)

Right to data portability (Art. 20 GDPR )

Right to withdraw (Art. 7 Par. 3 of GDPR) (with consent)

For any inquiries related to these rights, please contact datenschutz@spiegelgruppe.de . Please note that for this type of inquiry, we must be able to establish that we are dealing with the data subject.

The data subject has the right to lodge a complaint with the data protection authorities.

You can find further information about data privacy on the website of INFOnline GmbH , which operates the measurement process.

Privacy Policy App - INFOnline Measurement

Our app uses the multi-stage measurement system INFOnline Measurement from INFOnline GmbH (https://www.INFOnline.de ) to determine statistical characteristics (page impressions, visits, technical client) about the use of our digital services.

The goal of usage measurement is to statistically determine the intensity of usage and the number of users of our application and their surfing behavior – on the basis of a uniform standard procedure – and to thus obtain data that are comparable across the market.

As a member of the German Audit Bureau of Circulation (IVW - https://www.ivw.eu  ), usage statistics are regularly provided by IVW with the performance values "page impressions” and "visits” in IVW’s reporting (https://ausweisung.ivw-online.de/  ).

As a participant in the AGOF daily digital facts study, the usage statistics of our digital services are regularly collected by Arbeitsgemeinschaft Online-Forschung e.V. (AGOF - https://www.agof.de ) and the Arbeitsgemeinschaft Media-Analyse e.V. (AGMA - https://www.agma-mmc.de  into reach figures and published with the performance value "unique user."

1. Legal basis for processing

Measurement with INFOnline Measurement (pseudonymous system: IOMp) by INFOnline GmbH takes place within the scope of usage measurement with consent pursuant to Art. 6 Par. lit. a GDPR.

The purpose of processing personal data is the formation of digital performance values (page impressions, visits and technical client) for the creation of statistics.

The statistics help us understand and verify the usage of products and services.

2. Type of data

The types and amounts of data collected using INFOnline Measurement do not make it possible to uniquely identify a user as a person.

Measurement libraries are used that automatically integrate and execute the required measurement sensors for anonymous (IOMb) and / or pseudonymous data processing (IOMp) to determine the key figures when the app (client) is launched.

In the anonymous census procedure (IOMb),

no personal data is processed at all, the IP address in particular. This is removed entirely from communication and processing. For this purpose, a communications interface, the "service platform,” as a measurement endpoint prevents the exchange of the user’s IP address with the INFOnline systems within the scope of the INFOnline Measurement. The IP address as personal data is discarded in the census procedure on the service platform before the measurement call is routed to INFOnline. There is no geolocation by means of IP address. The data set generated in the census process is a PI-only data collection.

In the pseudonymous measurement method (IOMp),

the following data is collected by the measurement library, which has a personal reference in accordance with the EU GDPR.

• IP address

Every device on the internet requires a unique address for the transfer of data – the IP address. Because of the way the internet works it is a technical requirement that the IP address be stored at least in the short term.

IP addresses are reduced by 1 byte before any processing and only processed further anonymously. There is no saving or processing of non-truncated IP addresses.

• A randomly generated client identifier:

Reach measurement uses unique identifiers of the end device or a signature generated from a range of information automatically transferred from your browser, to recognize computer systems. Measurement of data and subsequent allocation to the relevant identifier is also possible under certain circumstances if you access other applications that also use INFOnline GmbH's pseudonymous measurement system. The following unique identifiers can be transmitted to INFOnline GmbH as a hash:

- Advertising identifier

- Installation ID

- Android ID

- Vendor ID

Personal data pursuant to the EU GDPR are used for measurement only to the extent that the use of a Library/SDK takes place with respect to a user who has been assigned an individual IP address and a randomly generated client identifier for accessing app content. The pseudonymous measurement (IOMp) is only executed if the user has a valid opt-in from the Consent Management Platform (CMP).

3. Usage of data

INFOnline GmbH's measurement process, which is used on this app, communicates usage data. This occurs for the collection of the performance values "page impressions," "visits" and "clients."

• Geolocation

The allocation of app usage to the location from which it is accessed occurs solely on the basis of the anonymized IP address and only to the geographical level of state/region. The geographic information gathered in this way can never be used to allow deduction of a user's precise whereabouts.

• Consolidation of usage data across all offerings

The usage data of a technical client (e.g. a browser on a device) is compiled across applications and stored in a database.

4. Storage duration of the data

INFOnline GmbH does not store the complete IP address.

The IP address is only used to receive the data packets and is shortened by 1 byte.

In the census procedure, the truncated IP address is discarded; in the pseudonymous method, it is stored for a maximum of 60 days. In the pseudonymous method, the usage data is stored for a maximum of 6 months in connection with the unique identifier.

5. Transfer of data

Neither the IP address nor the truncated IP address is transferred.

6. Rights of data subjects

Data subjects have the following rights:

• Right of access (Art. 15 GDPR)

• Right to rectification (Art. 16 GDPR )

• Right to object (Art. 21 GDPR)

• Right to erasure (Art. 17 GDPR )

• Right to restriction of processing (Art. 18 et seq. GDPR)

• Right to data portability (Art. 20 GDPR )

Right to withdraw (Art. 7 Par. 3 of GDPR) (with consent)

For any inquiries related to these rights, please contact datenschutz@spiegelgruppe.de . Please note that for this type of inquiry, we must be able to establish that we are dealing with the data subject.

The data subject has the right to lodge a complaint with the data protection authorities.

You can find further information about data privacy on the website of INFOnline GmbH (https://www.infonline.de ), which operates the measurement process.

B.) About our partnership with Ad Alliance GmbH

We and our marketer Ad Alliance GmbH use your IP address, which is always transmitted to us for technical reasons, and your user agent, i.e. automatic information about your device, which is transmitted to us by your device, for the following purposes in connection with the playout of advertising in our podcasts:

• Determining the approximate location of your Internet provider's dial-up node (radius approx. 10 km) for the playout of locally relevant advertising: in this process, the IP address is regionally narrowed down in order to select and play out advertising with regional relevance within our podcast. No profile is created about you

• Limitation of the playout frequency (frequency capping): Here, the IP address and user agent are used to log in our systems how often a certain commercial has already been listened to. This enables us to ensure that users do not always receive the same commercial, or to limit the frequency of identical commercials in order to achieve a better overall advertising impact and a more pleasant user experience.

• Statistical determination and analysis of the audience of our podcasts:Here, IP address and user agent are used in order to make - insofar as you have given us consent to this elsewhere - an assignment to a profile that may already exist about you. Such a profile will only exist about you if you have given your consent to this on one of our other offers. If such an assignment can be made, we will use the data from the existing profile to conduct statistical surveys about the listenership of the podcast and assign it to an approximate target group (e.g., certain age group or a general interest profile, such as "interested in sports"). There is no enrichment of a profile of you and no personalized advertising is played to you via this. The data processing only takes place in relation to the content of the podcast, not in relation to you as a person

Legal basis:

The legal basis for the aforementioned processing is Art. 6 1f) DSGVO (legitimate interests). It is our interest to market our podcasts in the best possible way and to make advertising relevant and varied. Furthermore, we have an interest in knowing to which user groups the listeners of our podcasts belong. You will not suffer any disadvantages as a result of this processing. No profiles will be created about you, nor will you be addressed as a person in the form of direct advertising. Rather, you will receive more varied and relevant advertising instead of random repetitive advertising.

There is no right of objection within the meaning of Article 21 (1) sentence 2 of the Data Protection Regulation in terms of the aforementioned balancing of interests.

C.) About Adobe Analytics

We use the tracking tools Adobe Analytics and Adobe Audience Manager on our websites. These are services provided by Adobe Systems Software Ireland Limited, Ireland, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland ("Adobe").

Tracking is pseudonymous, which means that we cannot draw any direct conclusions about you as a person from the information we receive through tracking. As part of the web analytics procedure and for the processing of information about your user behavior, cookies are used to identify the browser of your end device.

We use Adobe for marketing, personalization and optimization purposes, in particular to analyze the use of our websites and services and to continuously improve and personalize individual functions and products as well as the user experience.

The integration of Adobe is based on the legal grounds of Art. 6 para. 1 lit. f) GDPR (Legitimate Interest) and Art. 6 para. 1 lit. b) GDPR (performance of contract).

You can stop tracking by Adobe at any time by clicking on the following link (»opt-out«): "https://www.adobe.com/de/privacy/opt-out.html .

This is inhibited by setting a cookie on the end device you are using. If you delete the cookie or use another end device or web browser, the opt out must be set up again. For our mobile apps, you have to configure this in the respective app settings.

D.) About Opinary

We embed a survey tool from Opinary GmbH, Engeldamm 62-64, 10179 Berlin, Germany, on our pages in joint controllership (in accordance with Art. 26 of the GDPR). The use of this service allows us to create and display online pools or other content. The Opinary plugin retrieves the following information from the website visitor: Cookie IDs, timestamps, click data, vote coordinates and truncated IP addresses. For the protection of your personal data, we have an agreement with Opinary GmbH on the order in which this data is processed (Art. 26, GDPR). As part of our joint responsibility under data protection law, it was agreed which party would fulfil which obligations under the GDPR. We are the responsible party for the collection and transmission of the user’s data to Opinary. The data collected in this way is then anonymized by Opinary and made available to us in aggregated form. In order to control target group-based advertising, Opinary collects information about activities on our websites (advertising banners clicked and subpages visited, for example) under a pseudonym and uses this information to serve you advertising from third parties in line with your interests. This allows cookies from third-party advertisers to be stored on your end device.

For further information on the processing of your personal data, please refer to Opinary’s privacy policy. If you do not consent to the use of your data in the specified form, you can object here by opting out: https://compass.pressekompass.net/static/optout.html 

E.) About Localytics

App analysis with Localytics: To better understand the usage of our apps for smartphones and tablets, we perform analysis in some apps using the service Localytics – how often they are accessed, what is clicked on, etc. Your data is pseudonymized and you are never identified as an individual. You can disable the analysis in the settings (on iOS in iOS Settings > App > Send Usage Data; on Android directly in the app menu in the settings themselves).

F.) Chatbot

For general service requests, we offer you the possibility of obtaining information on our website about our customer service and self-care solutions through the use of Chatbot. Our technical service provider for this service is knowhere GmbH, Steinhöft 9, 20459 Hamburg.

No further information is required from you for the use of Chatbot. Log files and chat histories are stored for 30 days in order to optimize the artificial intelligence behind Chatbot.

Data processing is carried out on the basis of our legitimate interests in accordance with Art. 6, Para. 1, Sentence 1, lit. f of GDPR.

G.) About our partnership with Consentric Technology

Deutsche Post AG's Consentric process was developed from the outset against the backdrop of data protection requirements and aims to process as little personal data as possible. With the Consentric procedure, Deutsche Post AG, with the involvement of various partners, links a cookie stored on a user's terminal device with a microcell of Deutsche Post Direkt GmbH (»DP Direkt«). This microcell contains only one statement about a group - an average of 6.6 people - so that the cookie identifier (cookie ID) cannot be assigned to an individual person. Various addresses have been combined in a microcell, so that the Consentric procedure has been used to link an end device to a microcell as a geographical location in compliance with data protection requirements. You can object to the data processing within the scope of the described procedure under the following link: https://pixel.consentric.de/optout . You can object to the use of the cookie of the service provider intelliAd (diva-e Products GmbH, Sendlinger Str. 7, 80331 Munich, Germany) using the intelliAd opt-out function.

With regard to the forwarding of the cookie ID read during your visit to our website, there is a joint responsibility between us and Deutsche Post AG in accordance with Art. 26 GDPR. We are therefore jointly responsible with Deutsche Post AG for the protection of your personal data. The joint responsibility is limited to forwarding the cookie IDs read by you on our websites to Deutsche Post AG for participation in the Consentric process (conversion to a microcell). The individual process steps are divided as follows: We are responsible for pixelation/installation of a script on our web pages and forwarding of the intelliAd cookie along with campaign information to Deutsche Post AG. Deutsche Post AG is responsible for the operation of the Consentric process and the specifications to us for forwarding your cookie IDs to Deutsche Post AG. With the help of the cookies, it can be recognized that you are visiting a website participating in the measurement. This information is then aggregated on the basis of the anonymous microcell of Deutsche Post Direkt GmbH. This means that it can no longer be assigned to you. At no time are individual users identified by name. Your identity therefore remains protected. Deutsche Post Direkt GmbH has data protection-compliant procedures for sending postal advertising based on the selection of a microcell. This process of selecting a microcell is facilitated by the Consentric process, which automatically indicates which microcells are of interest to an advertising company on the basis of the upstream measurement process. For example, calling up a web page can trigger the sending of a postal advertising letter. If you have any further questions about the handling of personal data, in particular if you would like information about processed personal data or wish to assert further rights, please first contact the website operator. The right to also assert your data subject rights against Deutsche Post AG at consentric@deutschepost.de  remains unaffected.

H.) About our partnership with AWIN AG

We process your personal data to conduct an affiliate marketing campaign. In this way, we are able to track which third-party website, app or other technology provider has referred potential customers to our websites and apps ("referrer") and pay them a commission in return for these referrals. In doing so, we pursue the legitimate interest of running an online advertising campaign that is remunerated based on performance. We work together with Awin, which supports us in implementing this affiliate marketing campaign. The Awin privacy policy can be found here . It contains information about your rights in relation to data processing by Awin. In some cases, Awin may maintain a restricted profile that relates to you. However, this will not reveal your identity, online behavior or other personal characteristics. The sole purpose of this profile is to track whether a referral was started on one device and completed on another.

In some cases, Awin and the referrer of the potential customer may receive and process your personal data in order to implement the affiliate marketing campaign together with us.

Likewise, we receive personal data of potential customers from Awin and the referrers, which can be divided into the following categories: Cookie data, data related to the website, app or technology from which a potential customer was referred to us and technical information about the device you are using.

I.) About our partnership with The Reach Group GmbH

Cookies are used on our websites to enable the placement of retargeting campaigns by The Reach Group GmbH (Am Karlsbad 16, 10785 Berlin, Germany). The data stored within the cookie is only an encrypted, pseudonymized user ID. The adserving technology uses a shortened and hashed IP address to evaluate the geographical region, access speed and Internet provider. In addition, the time of the visit, the IDs of the products that were viewed, searched for or purchased, the URLs of the pages viewed, possible search terms and/or the IDs of the categories called up are stored in order to deliver more relevant advertising content. IP or browser data is stored exclusively in Germany and for the anonymized preparation of visitor statistics and assignment of transactions. A conclusion on concrete persons, the exact address, the location or further personal data is not possible at any time. IP data is not explicitly passed on to third parties. All information also has a maximum expiration date of 90 days, after which your browser automatically deletes the stored data. You can prevent the storage of the cookie by setting your browser software accordingly. You can also prevent the collection of data generated by the cookie and related to your use of the website by activating the OptOut function at the following link:

https://hal9000.redintelligence.net/privacy/8lcfmzhxc8d6/ 

You can find more information about the data protection of The Reach Group GmbH at.

https://trg.de/datenschutzerklarung/ 

This objection is valid as long as the associated OptOut cookie is not deleted. This cookie is set for the domain, per browser and user of a computer. If you access our websites from several end devices and browsers, you must therefore object to the data collection separately and again on each of these devices and in each browser.

J.) About our partnership with mit targeting360 GmbH

So-called »cookies« are used on our websites to enable the placement of retargeting campaigns by targeting360 GmbH (Gredinger Str. 28, 90453 Nuremberg, Germany), which works with the ad serving technology of NEORY GmbH. In addition, after the NEORY technology, further calls to the following technologies can be reloaded, which may set cookies: Adform, Adition, Google, MediaMath, The Trade Desk, Emego. This is used to present interest-based advertisements to website visitors as part of our partner advertising network.

Cookies can basically make it possible to make our offer more user-friendly, effective and secure. Cookies are small text files that are saved by your browser and thus stored on your computer. Most of the cookies used are so-called »session cookies«, which are automatically deleted at the end of your visit to a website. Other cookies remain stored on your terminal device until you delete them. In general, you can prevent the storage of cookies by selecting the appropriate settings on your browser software.

By reading the identifier stored in a cookie, it is possible to recognize your end device when you visit websites that belong to the advertising network. On these pages, the visitor can then be presented with advertisements that relate to content that he has accessed on websites that use the aforementioned ad serving technology. The technology used here uses an IP address anonymized by shortening and hashing and a cookie ID to process or evaluate the following information: Location by country/region/state/city, Internet provider, access speed, technical information on the browser and end device used, operating system, preferred languages according to browser settings, HTTP referrer, time of server request. The hashed IP address and the cookie ID are pseudonyms. The processed data can therefore not be directly assigned to specific persons.

The legal basis for the use of the cookies used here and the subsequent processing is, in accordance with Art. 6 para. 1 lit. a) GDPR, the consent given for this. Consent to the processing of personal data - and also to the use of cookies - can be revoked at any time. You can terminate the processing of the above-mentioned data based on your consent and the further use of the cookies used for this purpose by making use of your right of revocation or objection under the following link: https://ad.ad-srv.net/privacy/kdb0xdq3ls8m/ 

K.) StorifyMe

StorifyMe GmbH: In some offers, we use this German platform to create editorial stories. When you open these stories, general usage data is recorded, but not the IP address of your device. Your IP address, user agent string and standard header will be transmitted to StorifyMe GmbH and processed, but not recorded.

If, as a visitor to our website, you call up a website with a stories widget, your IP address, user agent string and standard header will be transmitted to StorifyMe, but they won't be processed or recorded.

You can find out more about data protection at StorifyMe here .

L.) About our partnership with Linkfire

We use the analysis tool "Linkfire" of Linkfire A/S, Artillerivej 86 3th, Copenhagen 2300 Denmark ("Linkfire"), with whom we have entered into an order processing agreement.

For this purpose, we maintain specially set up websites (so-called landing pages) on Linkfire's platform, on which we can clearly display various online music services to you in a link that redirects to our podcasts.

Linkfire allows us to track and analyze your usage behavior in relation to the displayed Linkfire links. Such analysis is done by Linkfire using cookies ("performance cookies") on our behalf, which are stored on your particular en device when you visit one of our landing pages and interact with a Linkfire link. These cookies store certain settings about your browser as well as data about your interactions with our landing pages. If such a cookie is activated, it is assigned an identification number (cookie ID) that identifies your browser and allows the data contained in the cookie to be used. In particular, this allows us to determine how often the individual Linkfire links were clicked on, which online music services were clicked on and from which channel this was done. The determined usage behavior is then clearly communicated to us by Linkfire in the form of a report. The data collected in this way is anonymous for us. They are stored on Linkfire's servers in Denmark.

For the purpose and scope of the data collection and the further processing and use of the data by Linkfire, as well as your rights in this regard and setting options for protecting your privacy, please refer to Linkfire's privacy policy at https://help.linkfire.com/hc/en-us/articles/360003273554-Privacy-Portal .

If you do not want Linkfire to collect data about you, you have the option to prevent this at https://help.linkfire.com/hc/en-us/articles/360003273554-Privacy-Portal#h_843765285401525169613598 .

This measure is carried out by us on the basis of Art. 6 para. 1 lit. f) GDPR.