Privacy Policy

We take data protection seriously: as a matter of principle, we only process personal data if this is necessary for the provision of a service or offer or if it is provided voluntarily by the user. We also use technical and operational security measures to protect personal data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We regularly review and modernise these precautions.

If you have applied for a job with us, you will find the necessary data protection information here.

• Inventory data (e.g., names, addresses)
• Contact details (e.g., email, phone numbers)
• Content data (e.g., entries in online forms)
• Payment data (e.g., bank details, invoices, payment history)
• Contract data (e.g., subject matter of the contract, term)
• Usage data (e.g., websites visited, interest in content, access times)
• Meta/communication data (e.g., device information, IP addresses, ID)

We collect the data that is generated when you access our digital offers automatically. Otherwise, we collect data based on your entries or messages or through the use of cookies or similar technologies.

Provision of the contents

• Cookies and similar technologies
• Technical provision and security
• Absolutely necessary technology
• Remember article and My SZ
• Give an article as a gift
• AI annual review
• Integration of external multimedia content (video, audio, map services, Twitter, Instagram, etc.)
• Comments
• Live ticker
• Login
• Podcasts
• Personalised customer approach
• Push messages
• Games
• Content sharing

Product optimisation

• Further development of user-friendliness
• Usage analysis
• SZ-Personalisation
• Surveys

Contract processing

• Ordering products
• Events

Communication

• Contact and communication

Advertising for our own products

• Direct advertising
• Marketing for our own products
• Conversion measurement
• Newsletter
• Competitions and quizzes
• Company presence on social media

Advertising by third parties

• Self-marketing of adverts
• External marketing by third parties

If you have given your consent or we are otherwise legally authorized to do so, we will pass on your personal data to service providers (e.g., hosting, marketing, sales partners, payment service providers) for the above-mentioned purposes. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data to protect your data.

We transfer personal data to other companies within our group of companies or grant them access to this data for administrative purposes. This transfer of data is based on our legitimate business and economic interests or takes place if it is necessary to fulfill our contractual obligations or if the consent of the data subjects or legal permission has been obtained.

In order to use our digital services, it may be necessary to transfer certain personal data to third countries, i.e. countries where the GDPR does not apply. However, we only allow your data to be processed in a third country if the specific requirements of Art. 44 ff. GDPR are met and thus an adequate level of data protection is guaranteed in that country. This means that the third country must either have an adequacy decision by the European Commission or suitable safeguards in accordance with Art. 46 GDPR or one of the conditions of Art. 49 GDPR. Unless otherwise stated below, we use the currently valid [standard contractual clauses](https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/? uri=CELEX:32021D0914&from=DE “current version of the standard contractual clauses”) for the transfer of personal data to processors in third countries.

In order to protect your privacy and ensure a level of protection appropriate to the risk, we take technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of threats to the rights and freedoms of natural persons. These measures ensure the confidentiality, integrity, availability, and resilience of your data. This includes, among other things, the use of recognized encryption methods (SSL or TLS) and pseudonymization.

However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions outside our area of responsibility. In particular, unencrypted data disclosed, e.g., by email, may be read by third parties. We have no technical influence on this.

We delete or anonymize your personal data as soon as it is no longer required for the purposes for which we collected or used it.

However, we may still need to store your data until the expiry of the retention obligations and periods imposed by the legislator or supervisory authorities, which may arise from the German Commercial Code, the German Fiscal Code, and the German Money Laundering Act (usually 6 to 10 years). In addition, we may retain your data until the expiry of the statutory limitation periods (i.e., usually 3 years, but in individual cases up to 30 years) if this is necessary for the assertion, exercise, or defense of legal claims. After that, the relevant data will be deleted.

• Information
• Deletion
• Correction
• Objection

You can contact the data protection officer with your request by mail or by email at swmh-datenschutz@atarax.de.

This privacy policy is updated from time to time. The date of the last update can be found at the beginning of this information.

You can obtain an overview of all the tools and cookies we use as well as an option to withdraw your consent by clicking on Privacy settings at the bottom of the website you are visiting.

You will find detailed data protection information below.

If cookies, device identifiers, or other personal data are stored or accessed on your device for processing purposes, this is done on one of the legal bases of Art. 6 GDPR.

In order to be able to provide the telemedia service you have expressly requested, we also take into account the provisions of Section 25 of the German Telecommunications Digital Services Data Protection Act (TDDDG), in particular the requirement under Section 25 (2) No. 2 TDDDG.

You can find an overview of the technologies used under Privacy settings.

Cookies are text files that contain data from visited websites or domains and are stored by a browser on users' devices. A cookie primarily serves to store information about a user during or after their visit to an online offering. The stored information may include, for example, language settings on a website, login status, a shopping cart, or video interactions. The term “cookies” also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as “user IDs”).

There are the following types of cookies and functions:

• Temporary cookies (also known as session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their browser.
• Permanent cookies: Permanent cookies remain stored even after the browser is closed. This allows, for example, the login status to be saved or preferred content to be displayed directly when the user visits a website again. Similarly, the interests of users, which are used for reach measurement or marketing purposes, can be stored in such a cookie.
• First-party cookies: First-party cookies are set and used by us to process user information.
• Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) or other partners to process user information.
• Strictly necessary (also: essential or necessary) cookies: These cookies ensure functions without which these digital offerings could not be used as desired. They may be absolutely necessary for the operation of a website, for example to store logins or other user entries, or for security reasons.
• Analysis and statistics cookies: These cookies enable us to analyze the use of our digital offerings, in particular to measure reach—i.e., clicks, visits, and visitor numbers. The aim is to statistically determine the number of visits and visitors and their surfing behavior (duration, origin) and thus obtain market-wide comparable values. The information collected is evaluated in aggregate form in order to derive improvements and optimizations for our products.
• Marketing and personalization cookies: Cookies are also used to store a user's interests or behavior (e.g., viewing certain content, using functions, etc.) in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This process is also referred to as “tracking,” i.e., tracking the potential interests of users. If we use cookies or tracking technologies, we will provide separate information about this in our privacy policy or when obtaining consent.

When our offer is used, we automatically employ essential technologies and process the following information:

• Information about the accessing device and the software used
• Date and time of access
• Websites from which the user accesses our website or which the user visits via our website
• IP address

The collection of these logs and their temporary storage and processing are necessary to ensure system security and integrity (in particular to ward off and defend against attempts at attack or damage) and are carried out in accordance with our legitimate interest (§ 25 (2) No. 2 TDDDG, Art. 6 (1) f GDPR).

The storage period for this log data is usually seven days; for reliable detection of AI bots, it is 30 days. From this point on, this specific server log data is anonymized based on our legitimate interest in statistical evaluation to assess AI bots and their impact on our content (Art. 6 (1) f GDPR).

Account takeover for troubleshooting
If you contact us about an error in the operation of our digital service, we can take over your SZ account for a short time to identify and rectify the error so that we can trace the error and rectify it more quickly. This is only necessary for a few minutes in order to obtain information about the version, operating system, etc.

The legal basis for the aforementioned data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

The following tools and cookies are strictly necessary technologies, i.e., essential for providing our services as requested by the user.

The legal basis for the data processing described below is our legitimate interest pursuant to Art. 6 (1) (f) GDPR.

We have introduced a payment model for our online content, i.e. the content of our websites and apps is only made available for a fee. On the one hand, the conclusion of a contract is required for use, whereby the user has the choice of either paying a sum of money for a digital subscription or providing data. On the other hand, our paid content model provides that initially selected content or a certain number of articles can be accessed without prior conclusion of a subscription (so-called metering model) and then the content is restricted and only made available against payment of a sum of money or conclusion of a paid subscription. In addition, access to individual, exclusive "Plus" articles is only granted to subscribers.

The setting of cookies is absolutely necessary for this function, as otherwise it would not be possible for paying customers to access paid journalistic content.

If you have registered with us via Login, these reading authorisations will be linked to the personal data in your user account.

Piano Composer

We set the cookie _Secure_experience-check so that you are tracked less, as we can use it to determine whether our piano applications have already been loaded and how often they could not be loaded.

The Google Tag Manager service is an organizational tool that enables us to control services. The tool only uses the IP address to establish a connection to the server and to function technically. Otherwise, no personal data is processed by the tool itself. Tag Manager ensures that other services are only executed if the conditions (tags) specified in Tag Manager are met. This allows us to ensure, for example, that tools requiring consent are only loaded after you have given your consent. Tag Manager does not access the data processed by the tools.

In order to obtain and store your consent under data protection law, we use the consent management platform from Sourcepoint (Sourcepoint Technologies, Inc., 228 Park Avenue South, #87903, New York, NY 10003-1502, United States). This platform uses strictly necessary cookies to query the consent status and thus display the corresponding content.

The data is stored for a maximum of 13 months.

We use the authId cookie to ensure that the consent status is not lost and to prevent a new consent request. This cookie is absolutely necessary in order to be able to pass on the consent settings across domains and products for logged-in users.

For podcasts that we offer for SZ Plus subscribers on Spotify, it is absolutely necessary to secure communication with Spotify when logging in, for which we set the spotify-oauth-state cookie for one day.

We use Datawrapper (Datawrapper GmbH, Raumerstraße 39, 10437 Berlin) to create interactive charts from statistics. We do not store any personal data and do not perform any tracking. The transfer of the IP address, which is used solely for the provision of the service, and a cookie are essential for embedding and display. This data is only required for the technical implementation of the embedding and is deleted from all systems after a maximum of 24 hours.

To analyse the performance of our articles live, we use the analysis script from Kilkaya (Kilkaya AS, Åsveien 3, 1424 Ski, Norway). Kilkaya is an analysis tool that was specially developed for news sites with high traffic and helps us to optimise and prioritise our pages and articles. Kilkaya captures all traffic metrics in real time, such as page views, clicks, time spent on pages, unique users. The tool uses the IP address to establish the connection to the server and to be able to function technically. We use a user ID to count unique users. No further data is linked to this, so that you cannot be personally identified.

| Name | Purpose | Duration | Type |
| ---------- | ---------- | ---------- |
| _k5a | Analysis of article views | 12 months | Cookie |

In order to display the adverts on our digital offers in the correct size and in a format supported by your device and to be able to redirect you to the corresponding target page when you click on the advert, we, our advertising marketers and the respective third-party provider process your IP address and information about your device type. This is an absolutely necessary technology, which is shown in the data protection settings under the special category "Provide adverts or content technically".

| AdServer | Name | Purpose | AdServer | Type |
| ---------- | ---------- | ---------- |
| adnxs | Deliver ads | Xandr | Cookie |
| szdm_uxid | Deliver ads | AdSpirit | Cookie |

We use technology from the collecting society VG Wort (VG Wort, legally capable association by virtue of the award, Untere Weidenstraße 5, 81543 Munich) to measure access to texts in order to record the probability of individual texts being copied. Many of our pages are therefore equipped with JavaScript calls, which we use to report access to VG Wort. In this way, we enable our authors to participate in the distributions of VG Wort, which ensure the statutory remuneration for the use of copyright-protected works in accordance with Section 53 UrhG.

The measurement of access figures is carried out by Kantar Germany GmbH (Landsberger Str. 284, 80687 Munich) according to the Scalable Central Measurement Method (SZM). It uses either a session cookie or a signature, which is created from various automatically transmitted information from your browser, to recognise computer systems. A randomly generated unique identification number, a so-called session ID, is stored in the session cookie. A cookie also contains information about its origin and the storage period. IP addresses are only processed in anonymised form.

We use Abobe Typekit from Adobe for standardised presentation. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).

When you access this website, your browser loads the required fonts directly from Adobe in order to display them correctly on your device. In doing so, your browser establishes a connection to Adobe's servers in the USA. This gives Adobe knowledge that this website has been accessed via your IP address. No cookies are stored when the fonts are provided.

The legal basis for this data processing is your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). Consent can be revoked at any time.

Data transfer to the USA is based on the existing adequacy decision and the standard contractual clauses of the EU Commission. Adobe is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TNo9AAG&status=Active

You can find more information about Adobe Fonts at https://www.adobe.com/de/privacy/policies/adobe-fonts.html.

You can find Adobe's privacy policy at https://www.adobe.com/de/privacy/policy.html

"My SZ" offers you the option of displaying content that interests you or that you want to remember. Once you have selected your favourite topics, we will show you articles from the selected subject areas or the articles you have bookmarked. This requires a Login.

The legal basis for the aforementioned data processing is Art. 6 para. 1 lit. b) GDPR.

As a SZ Plus subscriber, you have the option of giving SZ Plus articles as gifts. If you click on the "Give article as a gift" link for the respective article, we link your UserID to the gift link and save this date so that we can limit the number of articles given away and prevent misuse of this function. This data processing is carried out on the basis of our overriding legitimate interest in enabling you to make the gift to a third party (Art. 6 para. 1 lit. f) GDPR). The date is automatically deleted after one week.

As the recipient who has received the gift link, you must register with us or log in (login) to be able to read the gifted article. We store the UserID generated during registration for one year so that we can assign the gift to you and you can call up the article again and again during this period. We also set a cookie with the article ID to enable you to read the article, prevent misuse and ensure performance. The setting of the cookie is absolutely necessary (§ 25 TDDDG) and the associated data processing is based on our overriding legitimate interest in enabling you to receive the gifted article (Art. 6 para. 1 lit. f) GDPR).

When you enter a question, our SZ AI tool searches for suitable articles in the SZ article database, selects the five articles that best match the question and passes these together with the question to the language model (LLM, the actual AI). The LLM generates the answer exclusively from these articles. To improve the quality of future answers, we train the LLM with the questions you enter and the answers it receives. There is no personal reference here.

In order to be able to block requests that intentionally overload the system and to block users who deliberately want to force the AI to generate unethical or criminal statements, we analyse the questions entered and answers generated with the help of your SingleSignOn-ID (SSO-ID) on the basis of our overriding legitimate interest (Art. 6 para. I s.1 lit.f) GDPR) in protection against misuse. The SSO ID will be deleted after the purpose has been achieved, at the latest after four months.

We use embeds, i.e., embedded content, to offer you interesting content. The respective embedding is carried out using a technical process known as framing. Framing involves simply inserting a provided HTML link into the code of a website to create a display frame on our pages, enabling the content stored on the servers of the third-party platform to be played.

This third-party content is displayed to you with your consent (Art. 6 (1) (a) GDPR).

Some of this content comes from social networks or other companies, including those in the USA. By integrating their content, cookies and similar technologies may be used by them and data may be transferred to them, including to the USA (e.g., your IP address, browser information, cookie ID, pixel ID, page accessed, date and time of access). Details on the integrated content of the individual networks or these companies, which is stored on their servers and for the provision of which your IP address is transmitted to these companies, as well as on the data processing carried out by these companies, which may also include advertising purposes, can be found in the following lines.

• Bayerischer Rundfunk (BR, Anstalt des öffentlichen Rechts, Rundfunkplatz 1, 80335 Munich). Further information on data protection can be found here.

• Meta Platforms (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland); weitere Informationen zum Datenschutz finden Sie hier.

• Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland); weitere Informationen zum Datenschutz finden Sie hier.

• X (Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland); further information on data protection can be found here.

• Spotify (Spotify AB, Regeringsgatan 19, SE-111 53 Stockholm, Sweden). Further information on data protection can be found here.

• YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Further information on data protection can be found here.

We discuss the big topics of the day with you. You can write comments or other contributions. We use the Conversario tool from ferret go GmbH, Kadiner Str. 11, 10243 Berlin, Germany, both for publishing and moderating comments.

The first registration takes place exclusively via our login. For the comment function, we use a UID to identify you as a user, your e-mail address so that you receive notifications from the community and a nickname that is displayed in the comments. For legal reasons, we have to ask you to give us your real name when you register. Your real name does not have to appear above your posts - it is up to you whether you want to use a pseudonym on our site.

We collect and process the data you provide in order to be able to publish your comment as requested (Art. 6 para. 1 lit. b GDPR). In particular, we also need your e-mail address in order to contact you in the event of complaints about your comment or report and to give you the opportunity to respond (Art. 6 para. 1 lit. c GDPR).

The tool also supports us in moderating user comments on our social media sites. The analysis of user comments also serves to ensure compliance with the netiquette rules in the comment areas.
The following data is processed by Conversario:

• User name (e.g. Facebook name),
• user picture,
• comment text,
• date and time,
• user ID,
• comment ID

The legal basis for data processing in this case is Art. 6 para. 1 sentence 1 lit. f) GDPR and is carried out in our interest in detecting violations of our netiquette rules in advance and preventing publication in this case. Further information can be found in the Conversario privacy policy.

You can change your data and delete it together with your comments by logging into the comment function and making the desired changes under Profile/Settings. There you also have the option of downloading your comment archive.

We use software from our service providers tickaroo (Tickaroo GmbH, Waffnergasse 8, 93047 Regensburg) and Heim:spiel (HEIM:SPIEL Medien GmbH & Co. KG, Am Stadtgraben 48, 48143 Münster) for our live reporting. Your browser calls up the online news ticker directly from the servers of the service providers. Your IP address, date, time and URL of all accesses are stored for a maximum of four weeks. Tickaroo creates anonymised access statistics; it is no longer possible to assign them to individual users. For the statistics, a random token is generated in the browser, stored as a cookie and sent with every ticker call.

The storage of and access to information in your device is absolutely necessary and is carried out in accordance with Section 25 (2) TDDDG.

The legal basis for the aforementioned data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

Mit dem Ausspielen und Anzeigen von Podcasts und Videos haben wir Dienstleister beauftragt, die in unserem Auftrag und nach unserer Weisung ihre Dienste und Tools in unsere digitalen Angebote einbinden. Dabei werden die IP-Adresse und Geräteinformationen für das technische Bereitstellen dieser Dienste sowie das Erheben statistischer Daten wie beispielsweise von Abrufzahlen verarbeitet. Diese Daten werden vor der Speicherung in der Datenbank anonymisiert oder pseudonymisiert, sofern sie für die Bereitstellung der Podcasts nicht erforderlich sind.

The legal basis for the aforementioned data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

If advertisements and adverts from third parties are played in the podcasts, this will only take place with your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

We analyse the behaviour of our users, i.e. we monitor individual browsers and thus the behaviour of users only on the SZ websites and in the SZ apps, in order to be able to display special content or offers tailored to their interests to target groups on our websites and in the apps. We use this data to create reports on the use of the website and apps. We store either the 20 most recently read articles or the behaviour in the last 30 days in order to display appropriately adapted content, i.e. if users have consumed two articles on the same topic within 30 days, we display content or an offer that matches this topic.
To do this, we collect context-related data, i.e. data about the content (article) itself. Only with your consent do we set a cookie with a unique identifier so that we can analyse where and when you have actually consumed the content and so that we can then assign you to user segments with at least five users. We use the user segments for a personalised customer approach, i.e. according to the criteria of the segment, by displaying special content and offers via a user segment ID.

For this purpose, we use software from our service provider Piano Software (Drammensveien 165, 0277 Oslo, Norway), which enables us to use the following functionalities

• A/B tests to check which content leads to more customer loyalty, subscriptions or purchases,
• Recognising an adblocker status.

We use the Piano Composer software from the service provider Piano (Drammensveien 165, 0277 Oslo, Norway) to control these digital reading rights.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

If you allow push notifications, you give your consent to receive the notification and for the statistical analysis with which we can recognise whether and when our push notifications were displayed and clicked on (Art. 6 para. 1 sentence 1 lit. a) GDPR). This includes storing the time of registration and your browser ID or device ID.

Your data will be deleted as soon as you withdraw your consent.

You can revoke your consent at any time with effect for the future by clicking on the corresponding symbol in front of the address bar in your browser and deactivating the notifications.

You can create a digital account (login) via our login systems, which you can use to log in to all of our digital services after your initial registration. Some offers can only be used if you have a login. When you log in, we use cookies in your browser to identify you.

The following data is processed when a digital account is created:

If you do not log out after logging in and before leaving the website or app so that you do not have to log in again the next time you visit, you will remain logged in. If you are inactive, we will log you out after 20 days for security reasons.

The legal basis for the aforementioned data processing is Art. 6 para. 1 lit. b) GDPR.

You can delete your login yourself at sz.de/abo under "Login data" or request this. It will be deleted after two years of inactivity at the latest.

Once you have deleted your login, you will no longer be able to use any digital services that require a login. If you still have digital subscriptions with us that require a login, the login cannot be deleted before the end of the agreed subscription term. If you delete your login, this does not replace the written cancellation of a digital subscription.

If you have a digital account with us as a subscriber to the printed edition, you can delete your digital account or instruct us to do so, but you will then lose the associated functions such as the online subscription service.

We use the data stored in your profile (this may be data that you have actively added there during registration or at a later date, or data that you have entered as part of a previous order and which we automatically adopt when you place a new order) to facilitate the ordering or other processes by means of pre-filled forms (Art. 6 para. 1 sentence 1 lit. f) GDPR).

If you have concluded a subscription contract with us or have given your consent to advertising, we process the following data:

*Voluntary information

Our digital services offer you the option of accessing digital puzzles directly from our services. For this purpose, your IP address is transmitted to the puzzle server of our service provider and stored in a system log file. We also save your score. The IP addresses are deleted after 10 days.

The legal basis for the aforementioned data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

You have the option of recommending content on our websites via the buttons placed on the content; on mobile devices via the native sharing function. We provide the social networks with content - and no personal data - that is used exclusively to display content. If you use the buttons, we merely link to the page of the respective social media provider. We do not process any of your personal data.

We use cookies and tracking tools to optimize our digital offerings based on your usage. To do this, we measure the development of reach and the use of content and functions, and use A/B testing to determine which variants users prefer.

We want to continuously develop and improve our products. To do this, we need to analyze usage. This serves to evaluate visitor traffic to our digital offerings and may include behavior, interests, or demographic information about visitors, such as age or gender, as pseudonymous values. With its help, we can see, for example, when our digital offerings are used most frequently or which functions are popular. This enables us to identify areas that need optimization.

In addition to usage analysis, we also use testing procedures to test different versions of our digital offerings or their components, for example, and to increase certain user actions or reactions if necessary.
For these purposes, profiles, i.e., data summarized for a usage process, are created and information is stored in a browser or on a terminal device and read from it. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used, and information on usage times.

The IP addresses of users are also stored. We use an IP masking procedure (i.e., pseudonymization by shortening the IP address) for your protection. In general, no clear data of users (such as email addresses or names) is stored in the context of web analysis, A/B testing, and optimization, but rather pseudonyms, so that neither we nor the providers of the software used, who act as processors for us, know the actual identity of the users.

To enable you to discover content of interest to you as quickly and directly as possible in our digital offering, we analyse which SZ offerings and SZ products (editorial texts, podcasts, newsletters, quizzes, games, purchases, events, etc.) you use, read or order from us. We create your profile from this collected behaviour and derive possible preferences and interests from it in order to be able to recommend further content and products to you on the one hand and to enable you to personalise our digital offering for yourself on the other.

In practice, this gives you the opportunity to

• prioritise new articles, videos, podcasts, games and other content that match your interests.
• If you explicitly order this, you will receive an annual review in which you can see how many and which articles you have read in the past year and share and compare them with other SZ readers.

We process the following personal data from you

• Your subscription status, i.e. whether and which subscription you have ordered from us,
• Your usage behaviour, i.e. when you use which articles, videos, podcasts, games and other content, how often and for how long,
• A single sign-on ID (SSO ID) if you have registered with us and logged in, for example to be able to use certain services, or
• a unique device ID if you use our digital services without being logged in,

We bring this data from the individual products together via a pseudonymised and cross-product ID so that we can improve the overall user experience with a cross-product analysis and provide you as a user with manual, semi-automated and fully automated content and offers from Süddeutsche Zeitung tailored to your needs.

Secondly, we determine the conversion rate in order to track which users have taken out which digital subscriptions via which channels (websites, apps) and calculate personalised values for our customers. To calculate customer values, we use the SingleSignOn ID (SSO ID) and merge this with usage data in our data platform.

We also process your email address in the following cases:

• If you have subscribed to one of our newsletters, we can use your email address to determine whether you are already a subscriber and whether we should therefore play you subscription adverts or not.
• If you are a new customer, we will greet you with a welcome email and recommendations (if explicit authorisation has been granted) based on your interests. In this case, we will link your Single Sign On ID to the email address you provided.

The data will be deleted after 90 days without activity or after cancellation.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

To find out how satisfied you are with our products, you can participate in our surveys. For each survey, you decide individually whether you want to participate and what information you want to give us.

To enable participants to interrupt a survey embedded in the website and continue it with the same browser, a session cookie is created when the survey participation starts. This also prevents the same survey from being displayed to you multiple times.

You can delete this cookie at any time in your browser's privacy settings. However, this will remove the option to continue a partially completed survey from the point where you left off and the protection against the survey being displayed again.

If personal data is collected in a survey, it will be deleted at the latest at the end of the year in which the survey and its evaluation were completed.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

Für unsere Umfragen verwenden wir das Online-Umfragetool easyfeedback unseres Dienstleisters easyfeedback GmbH, Ernst-Abbe-Straße 4, 56070 Koblenz. Informationen zum Datenschutz finden Sie hier.

If you order one of our offers or products, we need your address, contact and communication data as well as your bank and, if applicable, credit card data when the contract is concluded.

The processing of this data is necessary for the initiation or fulfilment of the contract (Art. 6 para. 1 sentence 1 lit. b GDPR).

After termination of the contract, we delete your data or block it, unless we are legally obliged to retain this data. The deletion usually takes place after ten years at the latest.

You have the option of managing your contract data for your SZ subscriptions yourself in our online service centre. To do this, you must create a digital account (see Registration and login)

In order to offer you various payment functions, we use software from service providers who support us in processing the payment transaction. The software also manages transactions and controls access control, billing, the checkout process, invoice dispatch, and payment transactions. It also supports our user, product, and price management. In doing so, we process your personal master data (e.g., name, address data), your communication data (e.g., email), order data, contract billing and payment data, and our planning and control data.

The legal basis for this is the fulfillment of the contract (Art. 6 (1) (b) GDPR) and our legitimate interest in proper and functioning payment processing (Art. 6 (1) (f) GDPR).

At your request, you can use the services of PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) for payment. For this purpose, we pass on your payment data (total amount of the order, reference on the PayPal account) to PayPal on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. The processing of data for payment with PayPal is necessary for the fulfilment of the contract.

PayPal collects information about the transaction as well as other information associated with the transaction, such as the amount sent or requested, the amount paid for products or services, information about the merchant, including information about the means of payment used to carry out the transaction, device information, technical usage data and location data. In the case of a PayPal payment, we may see your data in our PayPal account.

With PayPal Express Checkout, you do not have to re-enter order information or credit card or address details, as these are transferred directly by PayPal.

PayPal reserves the right to carry out an identity and credit check via credit agencies under certain circumstances. Further information on PayPal's data protection can be found here.

If you choose a payment method offered by the payment service provider Frisbii, payment processing will be handled by Frisbii Germany GmbH (Mainzer Landstraße 51, 60329 Frankfurt am Main), to whom we will forward the information you provided during the ordering process along with information about your order (name, address, country/region, IBAN, BIC, account number, bank code, credit card number, invoice amount, currency, tax rate, transaction number, product name and description, device ID, order ID, customer ID, invoice ID, email address, IP address) in accordance with Art. 6 (1) (b) GDPR.

Your bank details or credit card details will be processed for payment processing by Unzer GmbH, Vangerowstraße 18, 69115 Heidelberg, whose privacy policy can be found here. We would like to point out that Unzer GmbH will transmit your personal data to other parties necessary for processing the transaction, in particular to the credit institutions, banks, credit card institutions involved, HPC GmbH, Vangerowstraße 18, 69115 Heidelberg, PAY.ON AG, Lucile-Grahn-Straße 37, 81675 Munich and HUELLEMANN & STRAUSS ONLINESERVICES S.à r.l. 1, Place du Marché, L-6755 Grevenmacher, R.C.S. Luxembourg B 144133, where your personal data will also be processed.

Billing data may be transmitted to debt collection service providers if this is necessary for the purpose of debt collection. In this context, we reserve the right in particular to assign our claim to a debt collection company or to instruct such a company to collect our claim. We also reserve the right to transmit information about outstanding payments to credit agencies. Of course, this will always be done in strict compliance with the statutory provisions.

We transfer your data (name, address, and, if applicable, date of birth) to infoscore Consumer Data GmbH (“ICD”), Rheinstr. 99, 76532 Baden-Baden, Germany, for the purpose of credit assessment, obtaining information for assessing the risk of payment default based on mathematical-statistical methods using address data, and verifying your address (deliverability check). 76532 Baden-Baden.

The legal basis for these transfers is Art. 6 (1) (f) GDPR, because only by transferring and checking the data can we assess whether payment obligations can be met, enabling us to carry out the contractual activities in a secure manner. Transfers based on these provisions may only be made if this is necessary to safeguard the legitimate interests of our company or third parties and does not outweigh the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data.

Detailed information on ICD within the meaning of Art. 14 GDPR, i.e. information on the business purpose, the purposes of data storage, the data recipients, the right to self-disclosure, the right to erasure or rectification, etc., can be found at [this link](https://finance.arvato.com/icdinfoblatt “Data protection BS Payone”).

At your request, you can use the services of PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) for payment. For this purpose, we pass on your payment data (total amount of the order, reference on the PayPal account) to PayPal on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. The processing of data for payment with PayPal is necessary for the fulfilment of the contract.

PayPal collects information about the transaction as well as other information associated with the transaction, such as the amount sent or requested, the amount paid for products or services, information about the merchant, including information about the means of payment used to carry out the transaction, device information, technical usage data and location data. In the case of a PayPal payment, we may see your data in our PayPal account.

With PayPal Express Checkout, you do not have to re-enter order information or credit card or address details, as these are transferred directly by PayPal.

PayPal reserves the right to carry out an identity and credit check via credit agencies under certain circumstances. Further information on PayPal's data protection can be found here.

Profiling, i.e. automated data processing with the aim of evaluating certain personal aspects, only takes place to check creditworthiness in the course of digital subscription orders in connection with a terminal device.

Prior to transactions with an economic risk, we would like to be able to assess as well as possible whether the payment obligations entered into can be met. This constitutes our legitimate interest in the processing of your data, so that the legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR.

By providing information and using so-called probability values, CRIF GmbH supports us in making decisions and helps us to process everyday (goods) credit transactions quickly.

This involves making a forecast of future events based on collected information and past experience. CRIF GmbH calculates the probability values primarily on the basis of the information stored by CRIF GmbH about a data subject, which is also shown in the information pursuant to Art. 15 GDPR. Address data is also used. Based on the entries stored for a person and the other data, an assignment is made to statistical groups of persons who have shown similar payment behaviour in the past. The method used is known as "logistic regression" and is a well-founded mathematical-statistical method for predicting risk probabilities that has been tried and tested in practice for many years.

The following data is used by CRIF GmbH to calculate the score, although not every type of data is included in every individual score calculation: Date of birth, gender, shopping basket value, address data and length of residence, previous payment defaults, public negative features such as non-disclosure of assets, creditor satisfaction excluded, creditor satisfaction not proven, debt collection proceedings and debt collection monitoring proceedings. CRIF GmbH itself does not make any decisions, it merely provides us with information to help us make decisions. The risk assessment and evaluation of creditworthiness is carried out solely by us, as only we have a wealth of additional information at our disposal.

You can request information about your personal data stored by CRIF at any time: CRIF GmbH, Victor-Gollancz-Str. 5, 76137 Karlsruhe and here for further information on data protection.

For events, we process your name, contact and address data required for the purpose of organising the events. The legal basis for this is Art. 6 para. 1 sentence 1 b) GDPR. Without processing the personal data, we would not be able to organise the events or offer this service to the participants. The data will not be used for advertising purposes and will only be passed on to third parties if a co-organiser or event service provider is permitted to receive this data or if an increased level of security is required (e.g. forwarding to the police, BKA).

As soon as the purpose for collecting the data and statutory retention obligations have been fulfilled, the data will be deleted.

When you contact us, we only collect personal data (e.g. name, e-mail address, telephone number) if you provide it to us voluntarily. This information is expressly provided on a voluntary basis. The purpose of processing your data is to process and respond to your enquiry. This is also our legitimate interest in data processing in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.

In the case of a telephone enquiry, your data will also be processed by telephone applications and in some cases also via a voice dialogue system in order to support us in the distribution and processing of enquiries.

We will delete your data that we have received in the course of contacting you as soon as your request has been fully processed and no further communication with you is required or requested by you.

We also use your contact data beyond contract-related use for advertising purposes. This is only done if you have expressly consented (Art. 6 para. 1 lit. a) GDPR) or on the basis of our legitimate interest in a personalised customer approach or direct advertising (Art. 6 para. 1 lit. f) GDPR), for example for information about the same and similar products of our company (Section 7 para. 3 UWG).

If you no longer wish to receive advertising, you can withdraw your consent or object to advertising at any time.

The data processed by us will be deleted as soon as they are no longer required for their intended purpose, you have objected to the advertising and the deletion does not conflict with any statutory retention requirements.

• by clicking on the unsubscribe link at the end of the e-mail
• by e-mail to werbewiderspruch@sz.de
• in writing to Süddeutsche Zeitung GmbH, Aboservice, Hultschiner Str. 8, 81677 Munich (please include your e-mail address or telephone number and the name from your registration)
• or by phone on +49 89 2183-0.

If you have given your consent, we analyse your clicks in our marketing mailings with the help of so-called tracking pixels, i.e. invisible image files. These are assigned to your e-mail address and are linked to a unique ID so that clicks in the marketing mailings can be clearly assigned to you. The purpose of the user profile is to be able to tailor the marketing mailings to your interests. We record when you read marketing mailings and which links you click on, and use this information to create an interest profile.

You can unsubscribe from any marketing mailing at any time and withdraw your consent to the analysis. There is a corresponding link for this purpose in every marketing mailing.

Your data will be deleted after cancellation of the marketing mailing.

In order to show you adverts for our own products, we use the services of advertising partners or cooperate with advertising partners and advertising networks (remarketing). These use cookies, pixels or similar technical means to display and analyse advertisements.

Adverts can be adapted to the respective user, for example by using information from the browser on usage (such as pages visited, visiting times, length of stay). User-specific adverts are also possible. In addition, analyses of reach or for billing purposes can be carried out in pseudonymised form. The details of the services used, co-operation partners and individual objection options are presented below.

We set a cookie (_pc_sz-hide-mabo) so that you only see our own adverts again after a certain period of time when you close the corresponding banner. This is absolutely necessary so that you do not see advertising too often and is based on our legitimate interest (Art.6 para.1 p.1 lit.f) GDPR)

We use the _ pcfe. cookie to count how often you have been shown a certain number of self-advertisements so that these self-advertisements can no longer be displayed or other self-advertisements can be displayed. This cookie stores up to 30 interactions of each type. The cookie is deleted after 90 days.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

You can obtain an overview of all the tools and cookies we use as well as a cancellation option by clicking on Data protection settings.

In order to measure the success of our marketing campaigns and use them for optimisation, we process data that shows us the interaction with our advertising media, as well as installation and event data, and use it to create anonymised evaluations.

This data is stored for a maximum of 24 months.

We participate in the performance advertising network of AWIN AG, Eichhornstraße 3, 10785 Berlin (hereinafter "AWIN"). As part of its tracking services, AWIN stores cookies on the end devices of users who visit or use websites or other online offers of its customers (e.g. register for a newsletter or place an order in an online shop) to document transactions (e.g. leads and sales). These cookies serve the sole purpose of correctly allocating the success of an advertising medium and the corresponding billing within its network. Only the information about when a specific advertising medium was clicked on by an end device is placed in a cookie. In the AWIN tracking cookies, an individual sequence of digits is stored that cannot be assigned to the individual user, with which the partner programme of an advertiser, the publisher and the time of the user's action (click or view) are documented. AWIN also collects information about the end device from which a transaction is carried out, e.g. the operating system and the calling browser.

In order to show you advertising for our products, we work with Criteo (Criteo, 32 rue Blanche, 75009 Paris, France), an advertising platform that displays personalised online advertising to users. For this purpose, a JavaScript is installed on our websites that starts a call via HTTP or HTTPS protocol to the Criteo domains. This call is processed with an anonymised user ID and the context of the call. By setting cookies on the Criteo domains, usage is tracked anonymously across customer and publisher pages and used for personalised advertising (retargeting). The data is deleted after 13 months.

In order to achieve the optimum performance for a campaign, Criteo loads pixels to signal your current interest in an advert. The control and frequency of the publisher and network pixels is dynamically controlled via the availability of the publisher's inventory and performance.
The pixels are loaded in the protocol of the calling page (HTTP/HTTPS) and are limited to static image pixels. Publishers and networks from which Criteo pixels are loaded are listed here. The list is not exhaustive and is updated regularly.

As both we and Criteo jointly decide on data processing, we have concluded a Joint Controllership Agreement in accordance with Article 26 GDPR. Further information on Criteo's data protection can be found here.

To draw attention to our offers, we place adverts in the Google search network and advertising banners in the Google display network (banners on third-party websites) and use the conversion measurement and remarketing of Google Ads and Analytics. We can combine adverts with search terms or use individual adverts to advertise products and services that you have viewed on our site. With Ads remarketing lists, we can optimise search and display campaigns if you have already visited our site. With conversion measurement, we see the success of interest-based advertising in the Google search network and advertising banners in the Google display network (banners on third-party websites) based on the analysis of user behaviour for more targeted advertising.

For this interest-based advertising, Google analyses your user behaviour with cookies that are set when you click on ads or visit our websites. We and Google then receive information that you have clicked on an advert and have been forwarded to us. Based on these evaluations, we can recognise which of the advertising measures used are particularly effective and can optimise them as a result.

The statistics that Google provides us with include the number of users who have clicked on one of our adverts and show which of our websites you have been redirected to. We can also target you more specifically if you have already visited our website. We can also track which search terms were clicked on particularly often and which adverts lead to the purchase of a subscription, for example.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge: Through the integration of Ads Advertising, Google receives the information that you have called up the corresponding part of our website or clicked on an advert from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out your IP address and store it.

You can also find more information on this in the notes on website statistics and in the data protection provisions of Google.

You can prevent this technology by disabling the use of cookies via your browser settings, deselecting individual types of ads in Google's ad settings, disabling interest-based ads on Google or disabling cookies from advertising providers with the help of the respective deactivation help of the network advertising initiative. We and Google will then only receive statistical information on how many users have visited a page and when. This can only be prevented by appropriate browser extensions.

Within our online offer and also for newsletters and podcasts, we use the "Conversion API" of the social network Meta Platforms and Instagram, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, for the analysis, optimisation and economic operation of our online offer.

In order to ensure suitable and appropriate guarantees for the protection of personal data, we have concluded EU standard contractual clauses with Meta Platforms and, if necessary, take additional measures to protect the rights of data subjects.

The "Conversion API" is an interface to which conversion information can be sent on the server side. By transferring data via the API, we want to ensure that our Meta Platforms and Instagram adverts correspond to the potential interest of users and are not annoying. We can also track the effectiveness of Meta Platforms and Instagram adverts for internal performance measurement purposes by seeing whether users have been redirected to our website after clicking on a Meta Platforms or Instagram advert and whether they have carried out an action (so-called "conversion").
User data is generated, read or sent at the following points:

User clicks on an SZ advert on Meta Platforms or Instagram

• Meta Platforms/Instagram registers the click
• The target URL (e.g. angebote.sueddeutsche.de) is provided with a click ID "fbclid" (unique identifier that Meta Platforms/Instagram can use to match information on the user, advert, campaign, etc.)

User reaches target page (a subdomain of sueddeutsche.de)
If consent is available: fbclid information is read from URL and stored in a cookie ("szpay_fbclid", duration: 7 days)

If a user performs a certain action on the target page (e.g. purchase of a subscription), the system checks whether the fbclid cookie is present. Only if the cookie is present is the information passed on to Meta Platforms.

We save the click ID for 7 days, after which we only see the total number of actions.

In addition to the information about the completion of the purchase, the following information is also transmitted to Meta Platforms:

• Promotion (e.g. SZ Plus basic subscription etc.) or product
• Price of the promotion
  In the case of newsletters and podcasts, only the name of the newsletter/podcast is transmitted (e.g. SZ am Morgen).

At no time is user-related information other than the click ID "fbclid" transmitted to Meta Platforms.

The processing of data by Meta Platforms takes place within the framework of Meta Platforms' Data Usage Policy. Accordingly, general information on the display of Meta Platforms ads can be found in the Meta Platforms Data Usage Policy: https://de-de.facebook.com/policy.php. Specific information and details about the "Meta Platforms Conversion API" and how it works can be found in the Meta Platforms help section: https://www.facebook.com/business/help/2041148702652965?id=818859032317965.

We use the technology "Microsoft Advertising Conversion" and specifically conversion tracking. Microsoft Advertising Conversion Tracking is an analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. If you click on an advert placed by Microsoft, a cookie for conversion tracking will be stored on your PC. If you visit certain pages of our website when the cookie has not yet expired, Microsoft and we can recognise that you have clicked on a specific ad and have been redirected to this page.

The data collected with the help of the conversion cookie is used to create conversion statistics for Microsoft Advertising Conversion customers who use conversion tracking. We find out the number of users who have clicked on an advert and were then redirected to a page with a conversion tracking tag. We do not receive any information that can be used to personally identify users.

We use Outbrain from Outbrain Inc (39 West 13th Street, 3rd floor, New York, NY 10011, USA) to show you adverts on partner sites. It is not the use by you as a person that is analysed, but the usage history of your Internet browser. We use the Outbrain cookie to determine the success of our adverts on the partner sites and how you react to our adverts.

Outbrain uses cookies for this purpose and thus processes data in anonymised form.

You can recognise that you are connected to an Outbrain widget by the text that refers to Outbrain (e.g. "Recommended by Outbrain", "from Outbrain" next to the recommendations). If you click on the link to Outbrain, you will see a detailed note that allows you to navigate to Outbrain's interest profile, where you will find a general presentation of the types of data categories Outbrain uses to make its recommendations.

To find out whether and how effective our adverts are for our own products, we use conversion measurement by embedding a conversion tracking tag or code snippet in our digital products. When you view our adverts, a temporary cookie is stored on your computer or mobile device. As soon as you complete an action, our system recognises the cookie and we record a conversion.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

To measure how many users have responded to and ordered a specific advertising campaign for our products and offers, we use a URL parameter that also sets a cookie (tpcc_). The cookie is deleted after 90 days.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

You will receive newsletters from us if you explicitly order them by providing your e-mail address. We will check the e-mail address you have provided by sending a confirmation e-mail to it ("double opt-in procedure") to ensure that you are really the owner of the e-mail address.

We process the email address to send and analyse the newsletter (Art. 6 (1) (b) GDPR). We analyse your clicks in newsletters with the help of so-called tracking pixels, i.e. invisible image files. These are assigned to your email address and are linked to a unique ID so that clicks in the newsletter can be clearly assigned to you. The purpose of the user profile is to be able to tailor the newsletter offer to your interests. We record when you read newsletters and which links you click on and use this information to create an interest profile.

You can unsubscribe from any newsletter at any time. There is a corresponding link in every newsletter for this purpose.

Your data will be deleted after cancellation of the newsletter at the end of the year in which you unsubscribed from the newsletter.

*Voluntary information

In order to participate in competitions, it is sometimes necessary for you to

• register with us,
• enter your name in the high score/best list
• accept the conditions of participation and
• read the data protection notice.

To take part in quizzes and online games, you only need to register if you want to be entered in the high scores/leaderboards.

For registration and entry in the leaderboard, we process your e-mail address, a user name - preferably a fictitious one - and a password. You must enter the user name in your profile in your SZ account in order to be entered in the leaderboard. The user name will be published in the leaderboard on SZ.de if you click on the "Add to leaderboard" button after registering.
When offering (non-cash) prizes, further personal data is required from the winners, in particular after the end of the competition, such as their address, in order to be able to notify them if they win and send them the prize.

The collection and processing of personal data is used to organise the respective competition and quizzes and, if applicable, to send prizes. The data will be processed with your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR), in the case of competitions in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR. All data will be stored for the purpose and for the duration of the competition and deleted at the end of the campaign, provided there are no statutory retention obligations. The user name published in the high scores/best lists will only be deleted upon cancellation.

Your data may be passed on to our competition service providers and sponsors within the framework of the conditions of participation to which you have consented and deleted if they are no longer required.

For further details in connection with the respective competition, please refer to the conditions of participation.

You have the right to revoke your consent with effect for the future in accordance with Art. 7 para. 3 GDPR at datenschutz@sz.de.

We maintain a presence on social media. Insofar as we have control over the processing of your data, we ensure that the applicable data protection regulations are complied with. Below you will find the most important information on data protection law in relation to our company websites.

In addition to us, we are responsible for the company websites within the meaning of the EU General Data Protection Regulation (GDPR) and other data protection regulations:

• Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland); weitere Informationen zum Datenschutz finden Sie hier.

• Meta Platforms (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland); weitere Informationen zum Datenschutz finden Sie hier.

• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland); further information on data protection can be found here.

• Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland); weitere Informationen zum Datenschutz finden Sie hier.

• TikTok (TikTok Technology Ltd., 10 Earlsfort Terrace, Dublin D02 T380, Ireland); further information on data protection can be found here.

• X (Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland); further information on data protection can be found here.

• Xing (New Work SE, Am Strandkai 1, 20457 Hamburg); further information on data protection can be found here.

We process the data for statistical purposes in order to further develop and optimise the content and to make our offer more attractive. This data includes the total number of page views, page activities and data and interactions provided by visitors. This data is processed and made available by the social networks. We have no influence on the generation and presentation of this data.

Your personal data is also processed for market research and advertising purposes. For example, it is possible that user profiles are created based on your usage behaviour and the resulting interests. This allows, among other things, adverts to be placed within and outside the platforms that presumably correspond to your interests. Cookies are usually stored on your computer for this purpose. Irrespective of this, data that is not collected directly from your end devices may also be stored in your user profiles. Data is also stored and analysed across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.
We do not collect or process any other personal data.

The processing of your personal data by us is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

As we do not have full access to your personal data, you should contact the social media providers directly when asserting your rights as a data subject, as they have access to the personal data of their users and can take appropriate measures and provide information.

Should you nevertheless require assistance, we will of course endeavour to support you. You can find our contact details here.

For a detailed description of the respective processing and the cancellation options, please refer to the information linked below.

• LinkedIn Optout

• Meta-Plattformen Optout

• Pinterest Optout

• TikTok Optout

• X Optout

• Xing Optout

We use the technical platform and services of TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (hereinafter: "TikTok") for the presentation of our company.

If you comment on, share or otherwise respond to one of our posts, we process personal data as the sole controller. This includes your TikTok user data (in particular display name, user name, profile picture), the content of the comments you have made and the related metadata (in particular the date on which you posted the respective comment). If you also follow us on TikTok, we also process this information.

We process this data in order to support the freedom of information, the free formation and expression of opinion, the pluralistic diversity of opinion and thus democratic decision-making and the exchange of views on current topics. We also want to inspire enthusiasm for our brand and products with our contributions. This enables us to communicate with you directly and quickly and you can participate in the discourse on current topics.

We have activated the TikTok Analytics function for our TikTok channel, i.e. TikTok provides us with page statistics that provide anonymised information about visitor groups and visitor activity. We are jointly responsible with TikTok for this data processing, which is regulated in accordance with Art. 26 GDPR in Part B of the TikTok Analytics Joint Controller Addendum.

We store the above-mentioned data as long as it is necessary for these purposes and if and as long as this is necessary for legal proceedings or to fulfil retention obligations.

The legal basis for the processing of the data is your consent (Art. 6 para. 1 lit. a GDPR).

Datenverarbeitung durch TikTok

Wenn Sie uns auf TikTok besuchen, erfasst TikTok u. a. Ihre IP-Adresse sowie weitere Informationen, die zum Beispiel in Form von Cookies auf Ihrem Endgerät vorhanden sind. Die in diesem Zusammenhang über Sie erhobenen Daten werden von TikTok verarbeitet und dabei gegebenenfalls in Länder außerhalb des Europäischen Wirtschaftsraums übertragen. Für diese Datenverarbeitungen ist allein TikTok datenschutzrechtlich Verantwortlicher.

Nähere Informationen zur Datenverarbeitung durch TikTok beschreibt TikTok in seiner Datenschutzrichtlinie. Dort finden Sie auch Informationen über Kontaktmöglichkeiten zu TikTok, wie Sie Ihre Rechte gegenüber TikTok geltend machen können sowie Links zu u.a. den Cookie-Richtlinien von TikTok.

In seinen Cookie-Richtlinien erläutert TikTok, wie es Cookies einsetzt und verwendet. TikTok setzt Cookies sowohl bei registrierten als auch bei nicht registrierten Nutzern ein. Das Bundesamt für Sicherheit in der Informationstechnik (BSI) stellt Informationen bereit, wie Sie auf Ihrem Endgerät Cookies begrenzen können: Begrenzung von Cookies

Informationen dazu, wie Sie Ihre Privatsphäre-Einstellungen bei TikTok verwalten oder Ihr Konto löschen können, finden Sie u.a. auf den TikTok-Support-Seiten.

Nach eigenen Angaben speichert TikTok Daten, so lange, wie es für die Bereitstellung der Plattform und für die anderen in TikToks Datenschutzerklärung genannten Zwecke erforderlich ist. Laut Eigenaussage von TikTok bewahrt es die Daten zudem auch auf, wenn dies zur Erfüllung vertraglicher und rechtlicher Verpflichtungen erforderlich ist, wenn TikTok ein berechtigtes Geschäftsinteresse daran hat, und zur Geltendmachung oder Verteidigung von Rechtsansprüchen. Nähere Informationen zur Speicherung der Daten finden Sie in den TikTok-Datenschutzrichtlinien.

In order to refinance our digital offerings, we market our advertising space - via our marketing service providers but also via third parties.

An overview of the third parties and how they process your data and for what purpose can be found in the data protection settings. As a SZ Plus subscriber, you will be shown fewer adverts. By reducing the amount of advertising, we ensure that the data we collect from SZ Plus subscribers is processed exclusively by us and by partners that we have checked. We oblige these partners to minimise data in accordance with European data protection regulations. Data collection via our verified advertising partners is thus reduced to a necessary minimum, for example in order to carry out reach measurements and quality improvements. These measures prevent unknown and unverified third parties from creating individual profiles of our digital subscribers based on their usage behaviour and using them for their own purposes.

Our advertising marketers support us in marketing our advertising space by acquiring and displaying adverts.
We use the following marketers:

• iq digital media marketing Gmbh, Toulouser Allee 27, 40211 Düsseldorf, Germany
• Taboola Inc, Oneustonsq, 40 Melton Street, 13th Floor, London, NW1 2FD

We have concluded either an agreement within the meaning of Art. 26 GDPR with these third parties and the third parties they use in the context of marketing within the meaning of Art. 4 No. 10 GDPR, in which we have defined the respective responsibilities for the fulfilment of the obligations under the GDPR with regard to joint processing, or an order processing agreement within the meaning of Art. 28 GDPR.

In the case of joint responsibility, we are obliged to enable you to grant and withdraw consent under data protection law. We are also the central point of contact for you as a data subject. We forward data subject enquiries that we receive and that relate to joint processing to our marketers for response without delay. Irrespective of this, you can assert the rights to which you are entitled under the GDPR as a data subject both with and against us and with and against any other controller.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

When you access our digital offerings, you will also be shown content from third parties who use our advertising space to place adverts. We refinance our offering by displaying these adverts. If such content is loaded, this is done from the servers of the respective third-party providers. This always involves the transmission of certain data to the third-party providers, in many cases including personal data. In addition, cookies or similar technologies are used for most of the third-party services used to load the content.

In order to provide advertising that is relevant and tailored to current interests, an attempt is made to draw conclusions about current interests based on the website visit and surfing behaviour. This user data is used to communicate advertising in the form of banners and other marketing methods - possibly based on the user's interests. For the purpose of retargeting (remarketing) of website visitors, as well as for the purpose of measuring success, cookies from third-party providers (so-called third-party cookies) are used and, if necessary, user profiles are created under a pseudonym. These can be analysed for advertising and monitoring purposes. It is not possible to draw direct conclusions about a person.

An overview of the third parties and how they process your data and for what purpose can be found in the privacy settings.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

In this context, data may also be transferred to third countries outside the EU with your consent in accordance with Art. 49 para. 1 lit. a) GDPR.

The publisher uses the Transparency and Consent Framework of IAB Europe 2.2 to manage this type of advertising in compliance with data protection regulations. This framework of the Interactive Advertising Bureau Europe ("IAB Europe"), an industry association for online marketing, defines and monitors the data protection-compliant display of advertising.

IAB Europe has defined the following purposes for the processing of data, including the personal data of users, in order to manage advertising in compliance with data protection regulations:

Saving or accessing information on a terminal device (Purpose 1)
Cookies, terminal device or similar online identifiers (e.g. login-based identifiers, randomly generated identifiers, network-based identifiers) may be stored on or read from your terminal device together with other information (e.g. browser type and browser information, language, screen size, supported technologies, etc.) in order to recognise it each time it accesses an app or a website. This is done for one or more of the processing purposes listed here.
Most of the processing purposes explained in this notice are based on the storage of or access to information on your device when you use an app or visit a website. For example, it may be necessary for a provider or website operator to store a cookie on your device when you first visit a website in order to recognise it on your next visits (by retrieving this cookie each time).

Use of reduced data to select adverts (Purpose 2)
Adverts presented to you on this service may be based on reduced data, such as the website or app you are currently using, your approximate location, your device type or the content you are interacting with (or have interacted with) (e.g. to limit the frequency of adverts displayed to you).

*Examples

• A car manufacturer wants to advertise its electric vehicles to environmentally conscious users who live in the city after hours. The advert is presented on a page with related content (e.g. an article about climate protection measures) after 6.30pm to users whose vague location suggests that they are in an urban area.
• A major manufacturer of watercolour paints wants to run an online advertising campaign for its latest watercolour range. The aim is to diversify the target audience to reach as many amateur and professional artists as possible and to avoid showing the advert alongside inappropriate content (e.g. articles about painting a house). The number of adverts you are presented with is determined and limited to avoid them being shown too often.

Creation of profiles for personalised advertising (Purpose 3)
Information about your activities on this service (such as completed forms, viewed content) may be stored and combined with other information about you (e.g. information from your previous activity on this service or other websites or apps) or similar users. This is then used to create or improve a profile about you (this may include, for example, possible interests and personal characteristics). Your profile may be used (including at a later date) to enable us to present you with adverts that are likely to be more relevant to you based on your potential interests.

*Examples

• For example, if you read several articles about the best bicycle accessories in the trade, this information can be used to create a profile about your interest in bicycle accessories. Such a profile can be used or improved at a later stage on the same or another website or app to show you adverts for a specific brand of bicycle accessories. If you are also looking at a configurator for a vehicle on a luxury car manufacturer's website, this information may be combined with your interest in bicycles to refine your profile and lead to the assumption that you are interested in luxury bicycle equipment.
• A clothing company wants to promote its new collection of high-quality baby clothes. It contacts an agency that has a network of high-income customers (e.g. high-end supermarkets) and asks the agency to create profiles of young parents or couples who can be assumed to be affluent and have recently had a baby, so that these can later be used to advertise in partner apps.

Use of profiles to select personalised advertising (Purpose 4)
Advertising displayed to you on this service may be based on your advertising profile. This advertising profile may include your activities (such as completed forms, viewed content) on this service or other websites or apps, possible interests and personal characteristics.

*Examples

• An online retailer wants to advertise a limited range of running shoes. They want to target adverts to users who have previously viewed running shoes in their mobile app. Tracking technologies could be used to recognise that you have previously used the mobile app to search for running shoes so that you are shown the relevant adverts in the app.
• A profile created for personalised advertising relating to a person who has searched for cycling accessories on a website may be used to present the relevant cycling accessories advertisement on another company's mobile app.

Creating profiles to personalise content (Purpose 5)
Information about your activities on this service (such as: completed forms, non-promotional content viewed) may be stored and combined with other information about you (such as your previous activity on this service or other websites or apps) or similar users.
This is then used to create or complete a profile about you (this may include, for example, possible interests and personal characteristics). Your profile may be used (including at a later date) to show you content that is likely to be more relevant to you based on your potential interests, for example by changing the order in which content is shown to you to make it even easier for you to find content that matches your interests.

*Examples

• You read several articles on a social media platform about how to build a tree house. This information can be added to a profile to record your interest in content about outdoor activities and do-it-yourself instructions (with the aim of enabling the personalisation of content so that you are presented with more blog posts and articles about treehouses and wooden cabins in the future, for example).
• You watched three videos about space exploration on different TV apps. An independent news platform that you have not previously used creates a profile based on this usage behaviour and identifies space exploration as a topic of potential interest for future videos.

Use of profiles to select personalised content (Purpose 6)
Content presented to you on this service may be based on your personalised content profiles, which include your activities on this or other services (such as forms you submit, content you view), possible interests and personal characteristics, such as the changed order in which content is displayed to you, to make it even easier for you to find (non-advertising) content that matches your interests.

*Examples

• You read articles about vegetarian food on a social media platform and then use the cooking app of a company that is independent of the platform. The profile created about you on the social media platform is used to present you with vegetarian recipes on the home page of the cookery app.
• You have watched three rowing videos on various websites. When you use your TV app, a video sharing platform that is independent of the websites recommends five more rowing videos that may be of interest to you, based on a profile that was created about you when you watched the online videos on these websites.

Measurement of advertising performance (Purpose 7)
Information about which adverts are presented to you and how you interact with them can be used to determine how much an advert has appealed to you or other users and whether the objectives of the advertising campaign have been achieved. The information includes, for example, whether you have viewed an advert, whether you have clicked on it, whether it has encouraged you to buy a product or visit a website, etc. This information is helpful in determining the relevance of advertising campaigns.

*Examples

• You clicked on an advert on a website operator's website about a "Black Friday" discount from an online shop and bought a product. Your click is linked to this purchase. Your interaction and that of other users is measured to find out how many clicks on the advert led to a purchase.
• Sie gehören zu den wenigen, die in der App eines App-Betreibers auf eine Werbung, über einen Rabatt anlässlich eines besonderen Ereignisses (z.B. „internationaler Tag der Anerkennung“), eines Online-Geschenkeshops geklickt haben. Der App-Betreiber möchte Statistiken darüber erhalten, wie oft eine bestimmte Anzeige innerhalb der App, insbesondere die Anzeige zu einem besonderen Ereignis (z.B. „internationaler Tag der Anerkennung“) von Ihnen und anderen Benutzern angesehen oder angeklickt wurde, um dem App-Betreiber und seinen Partnern (wie Agenturen) zu helfen, die Anzeigenschaltung zu optimieren.

Measuring the performance of content (Purpose 8)
Information about what advertising is presented to you and how you interact with it can be used to determine whether (non-advertising) content has reached the intended target group and matched your interests, for example. This includes, for example, information about whether you have read a particular article, watched a particular video, listened to a particular podcast or looked at a particular product description, how much time you have spent on that service and the websites you have visited, and so on. This information helps to determine the relevance of (non-advertising) content that is displayed to you.

*Examples

• You have read a blog post about hiking in the mobile app of an app operator and tapped on a link to a recommended similar post. Your interactions are recorded to show that the first post about hiking was useful to you and that it successfully encouraged you to read the similar post. This information is measured to determine whether more posts about hiking should be created in the future and where they should be placed on the home screen of the mobile app.
• You were presented with a video about fashion trends, but you and several other users cancelled it after 30 seconds. This information will be used to evaluate the appropriate length of future fashion trend videos.

Analysing target groups through statistics or combinations of data from different sources (Purpose 9)
Based on the combination of data sets (such as user profiles, statistics, market research, analytics data), reports can be created about your interactions and those of other users with advertising or (non-advertising) content in order to identify common characteristics (e.g. to determine which target groups are receptive to an advertising campaign or to certain content).

*Examples

• The owner of an online bookstore wants to analyse how many visitors have visited his website without buying anything, or how many have visited the website to buy the latest celebrity biography of the month, as well as the average age of visitors and how many of them are male or female, broken down by category. Data about your navigation on the website and your personal characteristics is then used and combined with other such data to create these statistics.
• An advertiser wants to better understand the type of audience that interacts with their adverts. They commission a research organisation to compare the characteristics of users who have interacted with the ad with typical attributes of users of similar platforms across different devices. This comparison shows the advertiser that their target audience mainly accesses the advert via mobile devices and is likely to be between the ages of 45-60.

Development and improvement of offers (Purpose 10)
Information about your activities on this website, such as your interaction with adverts or content, can help to improve products and offers and to develop new products and offers based on user interactions, the type of target group, etc. This processing purpose does not include the development, supplementation or improvement of user profiles and identifiers. This processing purpose does not include the development, enhancement or improvement of user profiles and identifiers.

*Examples

• Information about your activities on this offer, such as your interaction with adverts or content, can help to improve products and offers and to develop new products and offers based on user interactions, the type of target group, etc. This processing purpose does not include the development, enhancement or improvement of user profiles and identifiers.
• An advertiser is looking for a way to display adverts on a new type of device. It collects information about how users interact with this new type of device in order to determine whether it can develop a new mechanism for displaying adverts on this type of device.

Use of reduced data to select content (Purpose 11)
Content presented to you on this service may be based on reduced data, such as the website or app you are using, your approximate location, your device type or information about what content you interact (or have interacted) with (e.g. to limit how often you are shown a video or article).

*Examples

• A travel magazine has published an article on its website about the new online courses offered by a language school to improve the travelling experience abroad. The travel school's blog posts are inserted directly at the bottom of the page and selected based on your approximate location (e.g. blog posts with the syllabus for the course of a language that is not the language of your country).
• A mobile app for sports news has introduced a new section with articles about the latest football matches. Each article contains videos with highlights of the game hosted by an external streaming platform. If you fast-forward a video, this information can be used to play a shorter video afterwards.

Special processing purposes
The user has no choice for the following two special processing purposes, as these are absolutely necessary to provide the service.

• Ensuring security, preventing and detecting fraud and troubleshooting: Your data may be used to monitor and prevent unusual and potentially fraudulent activities (for example, regarding advertising, advertising clicks by bots) and to ensure that systems and processes function properly and securely. The data may also be used to resolve problems that you, the website or app operator or the advertiser may have in delivering content and adverts and in your interaction with them.
  Example
  An advertising intermediary delivers adverts from different advertisers to its network of partner websites and apps. The advertising intermediary notices a sharp increase in clicks on adverts from a particular advertiser. He analyses the data regarding the source of the clicks and finds that 80% of the clicks are from bots and not humans.
• Provision and display of advertising and content: Certain information (such as IP address or device features) is used to ensure the technical compatibility of the content or advertising and to enable the transfer of the content or advertising to your device.
  Example
  When you click on a link in an article, you are usually redirected to another page or another part of the article. To this end, 1°) your browser sends a request to a server linked to the website, 2°) the server responds to the request ("here is the article you requested") using technical information contained by default in the request sent by your terminal in order to properly display the information/images that are part of the article you requested. Technically, such an exchange of information is necessary to provide the content that is displayed on your screen.
• Store and transmit your data protection choices: The choices you make in relation to the purposes and companies listed in this notice will be stored and made available to the companies concerned in the form of digital signals (e.g. a character string). Only in this way can both this service and the companies concerned respect the respective decisions.
  Example:
  If you visit a website and are given the choice of whether or not to consent to the use of profiles for personalised advertising, the decision you make will be stored and transmitted to the advertising providers concerned so that your decision is taken into account in the advertising presented to you.

Functions
For the following functions, personal data will be used for one or more of the above purposes if you consent to these purposes.

• Matching and combining data from different data sources:__ Information about your activities on this service may be matched and combined with other information about you from different sources (e.g. your activities on another online service, your use of an in-store loyalty card or your responses to a survey) to support the purposes explained in this framework.
• Linking of different devices:__ To support the purposes set out in this framework, it may be determined whether it is likely that your device is connected to other devices belonging to you or your household (e.g. because you are logged into the same service on both your mobile phone and your computer or because you use the same internet connection on both devices).
• Identification of end devices based on automatically transmitted information: Your end device can be distinguished to support the purposes explained in this framework using information that it automatically transmits when accessing the Internet (e.g. the IP address of your Internet connection or the type of browser you use).

Special functions
For the following special functions, personal data will be used for one or more of the above-mentioned purposes, provided that you consent to these purposes.

• Use of precise geographical data: With your consent, your precise location (within a radius of less than 500 metres) may be used to support the above purposes.
• Active scanning of device characteristics for identification: With your consent, certain characteristics of your device may be queried and used to distinguish it from other devices (e.g. the fonts or plugins installed, the resolution of your screen) to support the above purposes.

Süddeutsche Zeitung GmbH

Hultschiner Str. 8
D-81677 Munich

atarax group of companies

Luitpold-Maier-Str. 7
D-91074 Herzogenaurach
Phone: 09132 79800
Email: swmh-datenschutz@atarax.de.

• In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. In this context, you also have the right to receive a copy of your personal data processed by us in accordance with Art. 15 para. 3-4 GDPR.
• In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or the completion of your personal data stored by us.
• In accordance with Art. 17 GDPR, you can request the erasure of your personal data stored by us.
• In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data.
• In accordance with Art. 20 GDPR, you can request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format and you can request the transfer to another controller.
• In accordance with Art. 7 para. 3 GDPR, you can revoke your consent once given to us at any time. This means that the processing carried out on the basis of the consent prior to the revocation was lawful and has the consequence that we may no longer continue the data processing based on this consent in the future.

Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR or Art. 6 para. 1 sentence 1 lit. e) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR. In the event of such an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
In the case of direct marketing, you have the right to object at any time to the processing of personal data concerning you. If you object to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority against the processing of your personal data if you feel that your rights under the GDPR have been violated. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.

We are joint controllers in the following cases.

As joint controllers for data protection in accordance with Art. 26 para. 1 GDPR, we have jointly defined the purposes and means of processing as well as any data transfer.

If you participate in an event organised by us, we process your data in order to carry out the event and enable you to participate. This also means that we may include your name, details of your company or institution and your current professional position in a list of participants, which will be made available to other participants in the event (including in electronic form, if applicable), or we may make your data (name, details of company/institution) available to the moderators of the event for the purpose of organising the event.
In addition, we use this data to send you event-related materials created after the event.
We may also pass on your data to cooperation partners if this is necessary to organise the event and enable your participation, e.g. external guest management. The legal basis for this data processing is Art. 6 para. 1 lit. b) GDPR.

Furthermore, we use service providers (processors, e.g. mailing service providers) in accordance with Art. 28 GDPR, bound by instructions, among other things for the postal or digital dispatch of invitations or in the context of guest management. All processors will only have access to your data to the extent and for the period of time required to provide the services.

We store the above-mentioned data for the above-mentioned purposes until your cancellation. We will store your cancellation for a period of three years for evidence purposes.

When you visit our Meta Platforms fan page, we are jointly responsible with Meta Platforms for the processing of your personal data. Below we inform you about the associated data processing on our fan page, which does not affect Meta Platforms' terms of use:

Contact details of the controllers and joint controllership pursuant to Art. 26 GDPR

Joint controllers:
the entity responsible for this website (see the information about us mentioned at the beginning)
and
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland
According to the European Court of Justice (ECJ), we are jointly responsible with Meta Platforms for the processing of your personal data.

Appearance on the Meta Platforms fan page

Scope of data collection and storage

The promotional use of your personal data is particularly important for Meta Platforms. We use the statistics function to find out more about the visitors to our fan page. Using this function enables us to customise our content to the respective target group. In this way, we also utilise demographic information on the age and origin of users, for example, although we are unable to make any personal reference here. In order to provide the social media service in the form of our Meta Platforms fan page and to use the Insight function, Meta Platforms generally stores cookies on the user's end device. These include session cookies, which are deleted when the browser is closed, and persistent cookies, which remain on the end device until they expire or are deleted by the user. As a user, you can use your browser settings to decide for yourself whether and which cookies you wish to allow, block or delete. You can find instructions for your browser here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile (links). Alternatively, you can also install so-called ad blockers, such as Ghostery.

According to Meta Platforms, the cookies used by Meta Platforms are used for authentication, security, website and product integrity, advertising and measurement, website functions and services, performance, analysis and research. Details of the cookies used by Meta Platforms (e.g. names of cookies, duration of function, content collected and purpose) can be viewed here by following the links provided there. There you will also find the option of deactivating the cookies used by Meta Platforms. You can also change the settings for your advertising preferences there.

You can also object to the collection and storage of data through the use of the above-mentioned cookies by Meta Platforms at any time with effect for the future via this opt-out link.
You can use the aforementioned link to manage your preferences regarding usage-based online advertising. If you object to usage-based online advertising with a specific provider using the preference manager, this only applies to the specific business data collection via the web browser you are currently using. Preference management is cookie-based. If you delete all browser cookies, the preferences you have set with the preference manager will also be removed.

Note on Meta Platforms Insights

We use the Meta Platforms Insights function for statistical analysis purposes. In this context, we receive anonymised data on the users of our Meta Platforms fan page. However, we use the filters provided by FacebMeta Platformsook to specify the categories of data according to which Meta Platforms provides anonymised statistics. Meta Platforms provides us with the following criteria or categories for analysing the activities of the website in anonymised form, provided that the corresponding information has been provided by the user or is collected by Meta Platforms:

• Age range
• Gender
• Place of residence (city and country)
• language
• Mobile or stationary page views (YouTube additionally individual device types)
• Interactions in the context of posts (e.g. reactions, comments, shares, clicks, views, video usage time)
• Time of use
  This anonymised data is used to analyse user behaviour for statistical purposes so that we can better tailor our offers to the needs and interests of our audience.

We see our legitimate interest (Art. 6 para. 1 f GDPR) for data processing in the presentation of our company and our products and services for your information.

Disclosure and use of personal data

If you interact with Meta Platforms, Meta Platforms will of course also have access to your data.

We use the technical platform and services of YouTube, a Google company, with its principal place of business at Gordon House, Barrow Street, Dublin 4, Ireland. This means that if you are habitually resident in the European Economic Area or Switzerland, unless otherwise specified in any additional terms, you will be provided with the services of Google Ireland Limited ("Google"), a company incorporated and operated under the laws of Ireland.

In accordance with the Google Privacy Policy, we assume that personal data, including its processing, will also be transferred to servers of Google LLC in the USA.

In its judgement in case C-210/16, the CJEU ruled that platform operators (in this case YouTube) and the operator of a channel located on the platform are jointly responsible for the data processing carried out via the respective channel. In this respect, platform operators and channel operators are to be regarded as joint controllers pursuant to Art. 26 GDPR.

Data processed by us__

Your personal data is processed for the purpose of market observation and user communication, in particular by initiating and obtaining user feedback. We process the following access data for the aforementioned purposes:
Access source, region, age, gender, subscription status regarding YouTube channel, subscription source, playlist, device type, YouTube product, live/on demand, playback location, operating system, subtitles, language for video information, translations used, element type, info card type, info card, where was shared.
The above data processing can be legitimised in accordance with Art. 6 para. 1 lit. f GDPR and our "legitimate interest". We have pointed out the right to object in accordance with Art. 21 GDPR (see below). Our legitimate interest lies in playing video content on YouTube with the widest possible reach. With the help of the data collected, the topics, design, length and playback time of the videos can be better tailored to user behaviour.

If you contact us directly as a YouTube user, for example via enquiries, comments and feedback, this contact and the communication of your details is expressly on a voluntary basis and with your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). We may forward your comments or reply to them or write comments that refer to your account. The data you freely publish and disseminate on our YouTube channel is thus included by us in our offering and made accessible to our followers and other users. In addition, we process the data that you voluntarily provide to us as part of a personal message, if necessary for the purpose of replying to the message.

Data processed by YouTube__

Information about what data is processed by YouTube and for what purposes this data is used can be found in the YouTube Privacy Policy. By using YouTube, your personal data will be collected, transferred, stored, disclosed and used by YouTube and transferred to, stored and used in the United States and any other country in which YouTube does business, regardless of your place of residence.

On the one hand, YouTube processes your voluntarily entered personal data such as your name and user name, email address, telephone number or the contacts in your address book when you upload or synchronise it. On the other hand, YouTube also analyses the content you share to determine which topics you are interested in, stores and processes confidential messages that you send directly to other users and can determine your location using GPS data, information on wireless networks or your IP address in order to send you advertising or other content. YouTube may use analysis tools such as Google Analytics for evaluation purposes. If tools of this type are used by YouTube for our channel, this is not done on our behalf. The data obtained during the analysis is also not made available to us. We can only view the information on access activities listed under point 1. This so-called "log data" can be the IP address, the browser type, the operating system, information about the previously accessed website and the pages you have accessed, your location, your mobile phone provider, the end device you are using (including device ID and application ID), the search terms you have used and cookie information.

You have the option of restricting the processing of your data in the settings of your YouTube account as well as information on these options at https://support.google.com/accounts?hl=de#topic=3382296. In addition, you can restrict YouTube's access to contact and calendar data, photos, location data, etc. on mobile devices (smartphones, tablet computers) in the settings options there. However, this depends on the operating system used.

You also have the option of requesting information via the YouTube privacy policy or the YouTube terms of use or via YouTube's community guidelines and security at:
https://www.youtube.de/t/privacy
https://www.youtube.com/t/terms
https://www.youtube.de/t/community_guidelines
Further information on YouTube's data protection can be found at https://www.youtube.com/?gl=DE&hl=de

Here you will find information about the processing of your personal data if you have applied to our company.

With this privacy policy, we fulfil the information obligations under the GDPR. Our General Terms and Conditions also contain data protection information. These explain in detail how your personal data, which we require to fulfil contracts and for the purpose of identity and credit checks, is processed.

We link to websites of other providers or have integrated elements from them into our website. This data protection information does not apply to them - we have no influence on these sites and cannot check that others comply with the applicable data protection regulations.

We reserve the right to change or adapt this privacy policy at any time in compliance with the applicable data protection regulations.