T-Systems International GmbH attaches great importance to protecting your personal data. We always inform you what personal data we collect, how your data is used, and how you can influence the process.
a) When registering: To use the app no registration is needed and by this also no user-id, password, or something similar. To target dedicated app installations only the unique ID (UID) of the phone is used.
b) When using the app: No personal data gets saved while using the app. Technical mandatory information, like the unique ID of the phone, or the information about agreed data privacy information get just stored on the phone itself. This information is for the usage of the app necessary (fulfillment of contract) and will be deleted with the deinstallation of the app.
For the app to work on your device, it needs access to various functions and data on the device. You need to grant certain authorizations to do so (Art. 6 (1) a GDPR).
The authorizations are programmed differently by the various manufacturers. Individual authorizations may e.g. be combined in authorization categories, and you can only grant consent to the authorization category as a whole.
Please remember that if you withhold consent for one or a number of authorizations, you may not have access to the full range of functions offered by our app.
If you have granted authorizations, we will only use them to the extent described below:
Internet communication
The app requires access to the Internet via Wi-Fi or mobile data network for the purpose of accessing Open Telekom Cloud related information and data (for example Status Dashboard, Community, Release notes, Blog entries).
Camera, microphone, USB, photos, videos, message content, etc.
The app requires access to the camera for the purpose of scanning QR codes for the multi-factor authentication (MFA) feature.
Push notifications are messages that the app sends to your device and that are displayed with top priority. This app uses push notifications by default, provided you have given your consent during the app installation or the first time you use the app (Art. 6 (1) a GDPR).
You may revoke your consent at any time on a fine granular level. To do so, please click on more settings within the app, settings, push notifications, and withdraw the push notification elements you would not receive. Elements you want to receive please keep activated.
On top of this you can also fully deactivate receipt of push notifications at any time in your device settings. Please keep here in mind, that you will not receive any more push notifications of the app.
Explanations and definitions:
We want you to enjoy using our app and take advantage of our products and services. We have an economic interest in ensuring this is the case. We analyze your usage habits on the basis of anonymized or pseudonymized data so you can find the products that interest you and so we can make our app user-friendly. We or companies commissioned by us to process data create usage profiles to the extent permitted by law. This information cannot be traced back to you directly. The following information is intended to provide you with general information on the various purposes of processing data. You can change your data privacy settings to consent to the use of the tool, or reject their use accordingly. Tools that are strictly necessary to provide the app’s cannot be rejected (see explanation at 1. above).
Tag management (strictly necessary)
Tag management is used to manage tracking tools in apps. A tag is set for each page to do this. Based on the tag, the system can determine which tracking tools should be used for this page. Tag management can be used to specifically control tracking so that the tools are only used where appropriate.
a) Strictly necessary tools
These tools are strictly necessary to enable you to navigate the pages and use essential functions. They enable basic functions, such as order processing in the online shop and access to secured areas of the app. They also serve the purpose of performing an anonymous analysis of user patterns, which we use to continuously develop and improve our app for you. The legal basis for these tools is Art. 6 (1) b GDPR respectively for third Countries Art. 49 (1) b GDPR respectively for third Countries Art. 49 (1) b GDPR.
Company |
| Storage period | Country of processing |
Crashlytics | Maintaining app functions, as well as fault detection and elimination | 90 days | USA |
Sending of push notifications | 90 days | USA |
This data privacy information provides an overview of the items which apply to Deutsche Telekom processing your data in this app.
Further information, including information on data protection in general and in specific products, is available at https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/data-protection and https://www.telekom.com/en/deutsche-telekom/privacy-policy-1744.
6. Who is responsible for data processing? Who should I contact if I have any queries regarding data privacy at Deutsche Telekom?
T-Systems International GmbH, Hahnstraße 43d, D – 60528 Frankfurt am Main acts as the data controller. If you have any queries, please contact our Customer Services department or the Group Data Privacy Officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany datenschutz@telekom.de.
You have the right
a) To request information on the categories of personal data concerned, the purposes of the processing, any recipients of the data, and the envisaged storage period (Art. 15 GDPR);
b) To request that incorrect or incomplete data be rectified or supplemented (Article 16 GDPR);
c) To withdraw consent at any time with effect for the future (Art. 7 (3) GDPR);
d) To object to the processing of data on the grounds of legitimate interests, for reasons relating to your particular situation (Article 21 (1) GDPR);
e) To request the erasure of data in certain cases under Art. 17 GDPR – especially if the data is no longer necessary in relation to the purposes for which it was collected or is unlawfully processed, or you withdraw your consent according to (c) above or object according to (d) above;
f) To demand, under certain circumstances, the restriction of data where erasure is not possible or the erasure obligation is disputed (Art. 18 GDPR);
g) To data portability, i.e., you can receive the data that you provided to us in a commonly used and machine-readable format such as CSV, and can, where necessary, transfer the data to others (Art. 20 GDPR);
h) To file a complaint with the competent supervisory authority regarding data processing (for telecommunications contracts: the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit); for any other matters: State Commissioner for Data Protection and Freedom of Information, North Rhine-Westphalia (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen).
To processors, i.e., companies we engage to process data within the legally defined scope, Article 28 GDPR (service providers, agents). In this case, Deutsche Telekom also remains responsible for protecting your data. We engage companies particularly in the following areas: IT, sales, marketing, finance, consulting, customer services, HR, logistics, and printing.
To cooperation partners who, on their own responsibility, provide services for you or in conjunction with your Deutsche Telekom contract. This is the case if you order services of these partners from us, if you consent to the involvement of the partner, or if we involve the partner on the basis of legal permission.
Owing to legal obligations: In certain cases, we are legally obliged to transfer certain data to a state authority that requests it. Example: Upon presentation of a court order, we are obliged under Section 101 of the German Copyright Act (UrhG) to provide the owners of copyrights/ancillary copyrights with information about customers who have allegedly offered copyrighted works via Internet file sharing services.
Your data will be processed in Germany and other European countries. If, in exceptional cases, your data is processed in countries outside the European Union (in so-called third countries), this will take place
a) if you have expressly consented to this (Article 49 (1) a GDPR). (In most countries outside the EU, the level of data protection does not meet EU standards. This concerns in particular comprehensive monitoring and control rights of state authorities, e. g. in the USA, which disproportionately interfere with the data protection of European citizens,
b) or to the extent necessary for our service provision to you (Article 49 (1) b GDPR),
c) or to the extent required by law (Article 49 (1) c GDPR).
Furthermore, your data will only be processed in third countries if certain measures ensure a suitable level of data protection (e.g., EU Commission's adequacy decision or suitable guarantees, Art. 44 et seq. GDPR).
d) Furthermore, the data will also be processed in the United States of America. In order to establish an appropriate level of protection for this, reference is made to the agreement of the EU standard contractual clauses.
This privacy information was last updated 02.03.2022