Privacy Policy

Last update: 25 March 2019

United Internet AG wants you to be familiar with how we collect, use and disclose information. This Privacy Policy describes our practices in connection with information that we collect:

  • Through websites operated by us from which you are accessing this Privacy Policy (the “Websites”),
  • through our Twitter account located at twitter.com/unitedinternet and
  • through HTML-formatted email messages that we send to you that link to this Privacy Policy

Collectively, we refer to the Websites and the Apps, as the “Services”.

You will find special information on our shareholder privacy policy here

PERSONAL INFORMATION

United Internet AG processes your Personal Data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the German Stock Corporation Act (AktG) and all other relevant legal provisions.

"Personal Information” is information that identifies you as an individual or pertains to an identifiable natural person, e.g.,

  • Name
  • Title
  • Email address
  • Telephone number
  • Company
  • Postal address (including billing and shipping addresses)

COLLECTION OF PERSONAL INFORMATION

We and our service providers collect Personal Information in a variety of ways, including:

  • Through the Services
    • We collect Personal Information through the Services, for example, when you sign up for a newsletter
  • From Other Sources
    • We receive your Personal Information from other sources, for example from publically available databases

We need to collect Personal Information in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

USE OF PERSONAL INFORMATION

We and our service providers use Personal Information for legitimate business purposes including:

  • Providing the functionality of the Services and fulfilling your requests.
    • To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, or compliments.
    • To send administrative information to you, such as changes to our terms, conditions and policies.
    We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation. The legal basis for processing is established by Art. 6 (1) sentence 1 lit. b) and/or lit. f) GDPR.
  • Providing you with investor newsletters, press releases and/or other information materials and facilitating social sharing
    • To send you investor newsletters, press releases, or other mails, with information about our corporation, our services, new products and other news about our company.
    • To facilitate social sharing functionality that you choose to use.
    We will engage in this activity with your consent or where we have a legitimate interest. The legal basis for processing in these cases is established by Art. 6 (1) sentence 1 lit. a) and/or lit. f) GDPR.
  • Analysis of Personal Information for business reporting.
    • To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services.
    • To better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
  • Aggregating and/or anonymizing Personal Information.
    • We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
  • Accomplishing our business purposes. 
    • For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements;
    • For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
    • For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
    • For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests;

We will engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest. The legal basis for processing is established by Art. 6 (1) sentence 1 lit. a), lit. c) and/or lit. f) GDPR.

DISCLOSURE OF PERSONAL INFORMATION

We disclose Personal Information:

  • To our affiliates for the purposes described in this Privacy Policy.
    • You can consult the list and location of our affiliates in our annual report which you can download here.
  • To our third party service providers, to facilitate services they provide to us.
    • These can include providers of services such as website hosting, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, services related to our shareholder meetings and other services.
  • By using the Services, you may elect to disclose Personal Information
    • On message boards, chat, profile pages, blogs and other services to which you are able to post information and content. Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
    • Through your social sharing activity. When you connect your Services account with your social media account, you will share information with your friends associated with your social media account, with other users, and with your social media account provider. By doing so, you authorize us to facilitate this sharing of information, and you understand that the use of shared information will be governed by the social media provider’s privacy policy. 

OTHER USES AND DISCLOSURES

We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:

  • To comply with applicable law and regulations.
    • This can include laws outside your country of residence.
  • To cooperate with public and government authorities.
    • To respond to a request or to provide information we believe is important
    • These can include authorities outside your country of residence.
  • • To cooperate with law enforcement.
    • For example, when we respond to law enforcement requests and orders or provide information we believe is important.
  • For other legal reasons.
    • To enforce our terms and conditions; and
    • To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
  • In connection with a sale or business transaction.
    • We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). Such third parties may include, for example, an acquiring entity and its advisors.

COOKIES

When using the website purely for information, meaning if you do not register yourself or provide us with other information, we only collect Personal Data which your browser sends to our server. If you would like to look at our website for this reason, we collect the following data which we require for technical reasons to be able to display our website to you and to guarantee stability and security (legal basis established in Art. 6 (1) sentence 1 lit. f) GDPR):

  • Name of the file accessed,
  • Date and time of access,
  • Data volume transferred,
  • Report on successful access,
  • Description of the web browser type,
  • Referrer URL (previously visited page),
  • Host name of accessing computer (IP address).

These data are not combined with other data sources, most particularly not with your contact data or other data you share in the context of using the website or our shareholder portal.

In addition to the above-mentioned data, when you use our website, both "session cookies" in your web browser and "permanent cookies" may be stored on your computer. Cookies are small text files which are transferred to the computer when a web page is accessed and which send us certain information. Basically there are two types of cookies; Cookies that are only generated when an Internet page is accessed and which are deleted again when the browser is closed (known as session cookies) and cookies which are stored on the user’s computer when a web page is accessed (known as permanent cookies). These cookies can be used for various purposes such as the user-friendly presentation of the offering.

You can prevent a cookie from being installed by changing the settings on your Internet browser so that it does not permit text files of this kind to be stored on your computer. In addition, you can delete cookies stored on your computer at any time.

OTHER INFORMATION

"Other Information" is any information that does not reveal your specific identity or does not directly relate to an identifiable individual

  • Browser and device information
  • App usage data
  • Information collected through pixel tags and other technologies
  • Demographic information and other information provided by you that does not reveal your specific identity
  • Information that has been aggregated in a manner such that it no longer reveals your specific identity 

If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy.

COLLECTION OF OTHER INFORMATION

We and our service providers may collect Other Information in a variety of ways, including:

  • Through your browser or device: 
    • Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the App) you are using. We use this information to ensure that the Services function properly. 
  • Using Pixel tags and similar technology
    • Cookies are pieces of information stored directly on the computer that you are using. Cookies allow to collect information such as browser type, time spent on the Services, pages visited, language preferences, and other traffic data. We and our service providers use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Services in order to continually improve their design and functionality, understand how they are used and assist us with resolving questions regarding them. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also wish to refer to www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Services.
    • Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates.
    • We use Adobe's Omniture analytics service, which uses cookies and web beacons to help us understand more about how our website is used by its users so we can continue to improve it. Adobe does not have the right to use the information we provide to them beyond what is necessary to assist us. For more information on Adobe's Omniture service, including how to opt-out, go to www.adobe.com/privacy/opt-out.html.
    • We use Matomo (formerly known as Piwik), which uses cookies and web beacons to collect information about how our website is used by its users so we can continue to improve it. To opt-out, please follow these instructions:

USES AND DISCLOSURES OF OTHER INFORMATION

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

SECURITY

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.

CHOICES AND ACCESS 

YOUR CHOICES REGARDING OUR USE AND DISCLOSURE OF YOUR PERSONAL INFORMATION

We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt-out from:

  • Receiving electronic communications from us: If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out by contacting us as at info@united-internet.de.

We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.

DATA SUBJECT RIGTHS

Under the legal provisions you have the right to obtain information on the processed Personal Data concerning you from the aforementioned contact address (Art. 15 GDPR) and to apply for the rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) of your Personal Data or a restriction on processing (Art. 18 GDPR).

Please indicate clearly in your enquiry which Personal Information you would like to have changed or whether you would like your Personal Information to be removed from our database. With your protection in mind, we are only able to respond to enquiries in connection with Personal Information which is linked to the specific email address which you use to send us your enquiry. In the event, we may initially have to verify your identity before we can begin to process your enquiry. We will try to respond to your enquiry as soon as reasonably practicable.

Moreover, you have the option of consulting the competent supervisory authority.

Right to object (Art. 21 GDPR): If we process your data for the purpose of safeguarding your legitimate interests (Art. 6 (1) sentence 1 lit. f), you can object to this processing on grounds arising from your special situation. Please send your objection to the aforementioned contact address.

Right to withdraw consent (Art. 7 (3) GDPR): If we process your Personal Data on the basis of your consent (Art. 6 (1) sentence 1 lit. a) GDPR), you can withdraw this consent at any time. Please send your request for withdrawal to the aforementioned contact address.

Right to data portability (Art. 20 GDPR): If we process your Personal Data based on your consent (Art. 6 (1) sentence 1 lit. a) GDPR), you have the right to receive your Personal Data in a structured, customary and machine-readable format.

RETENTION PERIOD

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.

The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations). Die Zeitspanne, über die wir eine laufenden Vertragsbeziehung zu Ihnen haben und die Dienste für Sie bereitstellen (solange Sie beispielsweise ein Konto bei uns haben oder die Dienste weiter nutzen);

THIRD PARTY SERVICES

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

The service providers we work with process your Personal Data exclusively in accordance with our instructions and only to the extent that this is necessary for carrying out the contracted service. All employees of United Internet AG and the employees of mandated service providers who have access to your Personal Data and/or process them are under obligation to treat these data confidentially.

In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.

USE OF SERVICES BY MINORS

The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.

JURISDICTION AND CROSS-BORDER TRANSFER

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.

ADDITIONAL INFORMATION REGARDING THE EEA:

If we pass on Personal Data to service providers outside the European Economic Area (EEA), the relaying of data only takes place if the non-EU country has had a suitable level of data protection confirmed by the EU Commission or if other suitable data protection guarantees are in place (e.g., binding data protection rules within the company or an agreement making use of the EU Commission’s standard contractual clauses).

You are welcome to request detailed information on this as well as on the data protection level of service providers in non-EU countries from the aforementioned contact address.

SENSITIVE INFORMATION

Wir bitten Sie, uns keine sensiblen Personenbezogenen Informationen (z. B. Sozialversicherungsnummern, Informationen über Rasse oder ethnische Herkunft, politische Meinungen, Religion oder sonstige Überzeugungen, Gesundheit, biometrische oder genetische Eigenschaften, kriminellen Hintergrund oder Gewerkschaftszugehörigkeit) auf den oder über die Dienste oder anderweitig zu übermitteln oder offenzulegen, sofern wir dies nicht von Ihnen verlangen.

AKTUALISIERUNGEN DIESER DATENSCHUTZRICHTLINIE

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.

UPDATES TO THIS PRIVACY POLICY

The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services. Your use of the Services following these changes means that you accept the revised Privacy Policy.

CONTACTING US

United Internet AG, located at Elgendorfer Straße 57, 56410 Montabaur, is the company responsible for collection, use and disclosure of your Personal Information under this Privacy Policy.

If you have any questions about this Privacy Policy, please contact us at:

info@united-internet.de

United Internet AG
Elgendorfer Straße 57
56410 Montabaur
Germany

If you have comments on or inquiries about the processing of Personal Data, please contact United Internet AG’s Data Protection Officer at:

United Internet AG
The Data Protection Officer
Elgendorfer Straße 57
56410 Montabaur
Germany
E-Mail: info@united-internet.de