Protecting personal data is as much a part of Deutsche Telekom's daily business as smartphones and rate plans. Data protection measures and activities are numerous.
Data privacy is more than a legal obligation for Deutsche Telekom. To achieve a uniformly high level of data privacy within the company, the Group has introduced various internal guidelines. The "Binding Corporate Rules Privacy" (pdf, 373.4 KB) form the Group-wide regulations on data privacy. As far as legally possible, the companies of the Deutsche Telekom Group worldwide have committed themselves to these Group guidelines.
Our goal is to protect personal data in the best possible way. To this end, Deutsche Telekom has comprehensively anchored data privacy measures and regulations in the Group's processes. Data privacy experts advise, monitor and act widely throughout the Group.
Prudent and transparent
Our customers are at the center of our efforts. Like all people, they produce data by making phone calls, surfing the Internet, chatting with a messanger. Data is also generated when people use fitness trackers, navigate, watch MagentaTV or use smart home applications. What data is stored and how it is processed and protected is something Telekom keeps a watchful eye on in the area of customer data protection.
Our experts for employee data privacy also make sure that the personal data of our employees is processed correctly.
In accordance with Article 15 of the General Data Protection Regulation (GDPR), our customers and employees have the right to ask at any time what data we store and process about them. As Telekom, we are always approachable and available - via customer service, by mail to email@example.com or via an online form.
Not without testing
Data privacy experts are involved right from the start when new products and services are developed (privacy by design). As part of the privacy and security assessment, they work with developers and IT security experts to check whether a new product is secure and complies with data protection requirements. Only if this assessment is positive do we offer the product to our customers.
Existing systems and services are also subject to regular controls and audits, so we continuously review data privacy compliance. We always keep an eye on new legal requirements and adapt our products and services accordingly.
Our data privacy experts are also on hand to provide advice and support during the preparation of tenders, the development of business models and during contract negotiations when legal regulations are involved. The data protection requirements for tenders and contracts are many and varied. They include technical and organizational measures, customer-specific confidentiality obligations, or detailed requirements for documentation and data protection concepts.
Dealing with data protection incidents
Wherever people work, things can go wrong. For example, a cover letter intended for customer A may be sent to customer B - meaning that personal data is passed on, albeit inadvertently, without authorization. In such a case, our experts investigate what happened and how it could have happened, report it to the supervisory authorities if necessary and, after analyzing the error, take care to avoid it in the future. In concrete terms, this means that the Data Privacy department works with colleagues in the specialist departments to improve internal processes. To ensure that data protection is successful, the Group raises awareness with awareness measures, trains all employees regularly every two years on the subject of data protection, and offers training tailored to specific data protection topics.