I. General information
As one of the leading telecommunications companies, we take the privacy and security of your personal data seriously. In this document, we will inform you regarding how your data is processed when you visit our website. This policy does not, however, apply to the websites of other companies, even if those website contain links to this website or to another of our company’s websites. This information has no regulatory effect and is for your information only.
To learn what personal data we process, for example in a telecommunications contract, please refer to our data privacy bulletin (see below).
1. The controller’s contact information
Telefónica Germany GmbH & Co. OHG, Georg-Brauchle-Ring 50, 80992 Munich, encrypted contact form: https://www.telefonica.de/datenschutz-kontakt
2. The Data Protection Officer’s contact information
Telefónica Germany GmbH & Co. OHG, Data Protection Officer, Georg-Brauchle-Ring 50, 80992 Munich, encrypted contact form: https://www.telefonica.de/datenschutz-kontakt
3. Your rights
Data subjects as defined by the GDPR (see below) have the following fundamental rights:
- They have the right to obtain information about their processed data (Article 15 GDPR). To do this, please use our form: https://meine-daten.telefonica.de.
- If you would like to have inaccurate personal data rectified and/or have incomplete personal data completed, you can do this in your Online Self-Service Area or in our shop (Article 16 GDPR).
- If certain legal prerequisites are met, you have a right to erasure of your personal data (Article 17 GDPR). You can erase your data in your Online Self-Service Area.
- If certain legal prerequisites are met, you have a right to restrict processing (Article 18 GDPR). You can request this in your Online Self-Service Area.
- If certain legal prerequisites are met, you have a right to receive personal data concerning you, i.e. a right to data portability (Article 20 GDPR). To assert this right, please log into your Online Self-Service Area.
- You have the right to lodge a complaint with a supervisory authority (Article 77 GDPR). You may do this, for example, with a data protection authority
- The right to withdraw your consent: You have the right to withdraw your consent to the processing of your personal data at any time and do so with future effect. Your withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. When we request your consent, we will inform you how to withdraw your consent. In any case, you can provide your withdrawal of consent to our Data Protection Officer.
4. Place of data processing
In principle, we process your personal data only in Germany and the European Union.
We only use service providers to process personal data on our behalf outside the European Union (in a third country) if the European Commission has issued an “adequacy decision” for this third country (Article 45 GDPR) or if the recipient has “appropriate safeguards” (Article 46 GDPR) or “corporate rules” (Article 47 GDPR). You can find information regarding adequacy decisions at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_de, regarding appropriate safeguards at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de and https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_de, and regarding corporate rules at ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/binding-corporate-rules_de. You can obtain further information from our Data Protection Officer.
In addition, your personal data will also be processed in third countries if this is required to execute your contract, you have provided your consent, or there is a legal requirement to do so.
Employees of our company and service providers which do third-party data processing for us (service providers used by the IT department, customer service, etc.) have the degrees of access to your personal data required for the purposes mentioned below. Any deviations from this are expressly mentioned below. In individual cases, we are legally required to transfer your personal data to authorities (for example, in response to requests for information from law enforcement agencies) or to natural persons or legal entities (for example, for the assertion of claims under copyright law).
5. Secure communications
If you wish to transfer confidential information, we recommend that you make contact via telephone, post, or an encrypted contact form. Full data security cannot be guaranteed if you contact us via e-mail, social media, or messenger services (such as WhatsApp) or via other means.
6. Third-party analysis tools and other tools
II. Visiting our website
In what follows, we will provide you with information on what personal data we process when you visit our website.
At various points on our website, you have the option to provide us with your personal data (for example, in a contact form). We have in each case made clear what information is required. Without this information we cannot provide you with the service requested.
1. Log files
When you call up our website, the following data will be stored in a log file: the URL of the requested website and the website from which the data was requested, the cookies the visitor has stored for the domains called up, the access statistics (data transferred, data not found, etc.), the date and time of access, the volume of data transferred during the connection, the type and version of the browser used, the language used, the name of the Internet Service Provider, and your IP address. During this process, your IP address will be anonymised, its last byte will be eliminated, and it will be stored. If this data is not provided, we cannot make our website available to you.
We process this data to investigate and remedy malfunctions (Article 6 Para. 1 Sentence 1 f) GDPR). These log files will be erased seven days after they were created.
2. Web analysis: Matomo (formerly Piwik)
3. Embedding of external content
We have incorporated content from third-party providers into our website. Thus, in certain cases, your browser will establish a connection to the third-party providers’ servers and, in so doing, transfer your personal data to these servers. The following is information on the content incorporated and the resulting data processing:
YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA (represented by Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA)
Data Categories Processed
IP address, URL of the page visited, HTTP header information (e.g. the browser used, the OS used, the resolution, and the language used); possibly connection to existing Google user profile
Purpose of Data Processing
Display of YouTube videos
Further Information / Provider’s Data Privacy Information
Expanded data protection mode on, YouTube does not place cookies;
4. Cookies, pixels, and similar technologies
In certain circumstances, we and our partners store small text files called “cookies” on your computer when you call up our website so that users can be recognized during future visits. Cookies allow us, among other things, to tailor our online products and services and make them user-friendly. You have the option to configure cookie placement at any time. You can, for example, configure your browser to inform you prior to placing cookies or you can completely block cookies. Blocking cookies can in certain cases lead to technical functionality restrictions.
We use tracking cookies to assess the reach of our product and service offering. Placing cookies allows us, among other things, to track which website was visited before our website was called up and how our website was used. We use these data, among other things, to optimise our website by evaluating the campaigns we conduct.
5. Social plugins
This website employs social plugins from the social networks Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA), Google+ (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), Twitter (Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA), Xing (XING SE, Dammtorstraße 30, 20354 Hamburg, Germany), and WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland). You can use the buttons on our website to share content on Facebook, Google+, Twitter, Xing, or WhatsApp with your friends on the social media platforms you use.
No data is automatically sent to the social networks in question when you call up our website. Only when you click on a social media button does your browser create a direct connection to the social network’s server. Even if you are not a member of one of these social networks, they can, via a social plugin, discover your IP address and may store it. We have no influence over the extent of the data that operators of social networks collect in this way. If you are simultaneously logged into one of the social networks, the operator can assign the pages you call up to your account at the social network in question. If you make further use of the social plugins, for example by clicking on a “Like” or “Share” button, the social network processes the corresponding information. Xing reports that it does not store the personal data of users of our website and that it also does not track their usage patterns via cookies. You can obtain specific information on the purpose and extent of data processing, collection, and use by Facebook, Google, Twitter, Xing, and WhatsApp, and on your related rights and settings options, from the respective data privacy policies of those companies: :
If you do not want social networks to collect data on you via our website, do not click the buttons in question. In addition, you can block social plugins via add-ons for your browser.
6 Hyperlinks on the websites of other providers
We have placed links to the websites of other providers on our website. We are not responsible for data processing by these websites. You can learn how these providers handle data privacy by reading their respective data privacy policies.
III. Your right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Sentence 1 of Point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. We then no longer process the personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defence of legal claims. You can make such objections to the controller.
IV. Data protection fact sheet
Here you will find the data protection leaflet for customers of Telefónica Germany GmbH & Co. OHG: