The Airline Codes Web Site Logo
Aircraft Codes Airline Codes Airport Codes Airline Links Boeing Codes Callsigns Civil Aircraft Registers Cheap Flights
Country Codes Privacy Policy About/Terms & Conditions Home Links Other Codes Travel Prices

 
 

Privacy Policy

Contact details of the data controller and the data protection officer

idealo internet GmbH (also referred to in the following as “idealo”, “we” or “us”) offers you the opportunity to use various services free of charge via our website “idealo.de” and our mobile applications (“apps”) “idealo Shopping”, “idealo Hotel” and “idealo Flights” (referred to in the following as “services” or “idealo websites“).

We are the data controller in the meaning of the General Data Protection Regulation (GDPR). Our contact details are as follows:

idealo internet GmbH
Ritterstraße 11
10969 Berlin
Deutschland
Telefon: +49 800 72 40 831
Telefax: +49 30 80 09 70 50 2
E-Mail:

Our data protection officer can be contacted at:

idealo internet GmbH
- Data protection officer -
Ritterstraße 111
10969 Berlin
Deutschland
E-Mail:

In the following we provide you with comprehensive information about the purpose for which and scope within which we process your personal data during the use of the idealo websites.

Collection and processing of personal data

You can generally use the idealo websites – for which no payment or registration is required – without providing personal data. In certain cases, we will collect the personal data listed in Section 3. This fundamentally only occurs where necessary for the provision of a functional website or app, or for our content and services. We furthermore process personal data in connection with the use of idealo where you provide this data voluntarily, e.g. in the context of registration, a competition, an enquiry sent to us, or because there is another legal basis for this (see Section 4).

Categories of data processed

As soon as you visit idealo.de or use one of the apps, our system automatically collects certain technical information. This can include:

- Information about the browser type and version used

- Operating system of the device from which the request originates

- Mobile device ID

- Date and time of access

- Web analysis data / pseudonymised user profile (cookie ID, ad ID etc., see below for more information)

- Websites from which the user got to our website

- Websites accessed by the user from our website

Furthermore, we process the following personal data where a contractual relationship exists between you and us, or where you have communicated the data to us in another manner:

- Personal master data (name, address, date of birth)

- Communication data (telephone number, email address)

- Contract master data (contractual relationship, product or contract interest, order history)

- Login data with password

- Invoicing and payment data

- Comments, submissions etc.

Reason, content and purposes of processing: The idealo websites and services in general

We always process your data on the basis of one or more legal permissions or with your consent.

a. Submission of evaluations and comments

Personal data are collected by idealo when you as a customer submit your evaluation of a product, service, service provider or dealer (also referred to in the following as “online shop”), or participate in a survey. In this context, idealo collects the data specified in the respective form and the IP address assigned to the device used by you at the relevant point in time.

Information about you will only be published on the affected idealo websites where this is marked in the field of the form. In the case of opinions about online shops, these will additionally be shared with the customer or order number specified by you; this is an integral part of our evaluation and comment function, because only then can the online shop gain the opportunity to take notice of your comments or evaluations. We collect and process the data you provide in order to be able to publish your evaluation or comment as desired (Art. 6 Para. 1 lit. b GDPR). In particular, we also require your email address, in order to contact you in the event of complaints and give you the opportunity to respond (Art. 6 Para. 1 lit. c GDPR).

b. Shopping and direct booking function

Based on Art. 6 Para. 1 lit. b) GDPR, we additionally collect personal data when you as a customer submit a contractual offer for certain products listed on the idealo websites directly and without forwarding to the websites of the online shops offering these products (the “shopping function” and “direct booking function”). idealo collects these data in order to initiate the contract and the handling of your order or booking, and for invoicing the respective online shop for our own mediation service.

idealo transmits these personal data to the respective online shop, where this is required for the conclusion and handling of your contract. Where idealo and/or the online shop utilises the services of third parties as service providers for the performance and handling of the contract or the service booked, e.g. for the performance of the booking, the handling of payment or the shipping of goods (referred to in the following as “service providers”), the required data will only be shared with these third parties for purposes of the fulfilment and handling of your order. Within the framework of handling your order or booking, you will also receive emails at the email address you provided from the respective online shop (e.g. order or booking confirmation) and possibly also from service providers (e.g. payment confirmation or information on the shipping process).

Forms, comparison calculator and payment services for the shopping and direct booking function:

Unless otherwise indicated, it is idealo itself that collects your data that you enter in the respective contact forms. Please note that data transmission via the internet may be unsecured, and that data may therefore be intercepted or even falsified by unauthorised parties.

When you enter data in contact forms, we will only use the data for the purpose of conducting the communication with you and/or to provide the service you request; this constitutes our legitimate interest. The processing takes place on the basis of Art. 6 Para. 1 lit. b) GDPR.

idealo sometimes integrates original content from partners in comparison services and for payment services for the shopping and direct booking function. In this case, the data that you enter are collected not by us but by the respective partner. The partners are named on the respective idealo websites. The partners have confirmed to us that they will handle your data in compliance with data protection requirements. Nevertheless, idealo has no influence over the collection, processing and use of your data by the partners. For information on whether and in what scope the partners collect your personal data, and what they use them for, please read the privacy policy of the respective partner, which can be accessed from the corresponding idealo website or the content of the partner. In particular, your credit card data will be processed and forwarded to the payment service providers of the partner, not by idealo itself, but by a company contracted by us and specialising in card security.

d. E-Mails and Newsletter

We use your e-mail address to send you our newsletter, if you subscribed and consented to the receipt of it potentially including advertisements. In this case we process your e-mail address to be able to deliver the newsletter as requested (Art 6 para. 1 lit. b GDPR). You may object to the use of your e-mail address for such purposes at any time in writing or via e-mail () effective for the future, without resulting in any costs other than the transmission costs according to basic tariffs.

For our newsletters, we also select the content partly based on your prior use of the idealo pages and your expressed interests in products and content, so that we can tailor the respective newsletter to you and your interests. For example, if you looked for sporting goods on the idealo pages in the past, we would rather present you sporting goods in our newsletter than other product groups. For this purpose, we also process data that we collected using our cookies (for these cookies, see paragraph 9 c. below), and link them to your e-mail address. The legal basis for this data processing and the display of content relevant to you is Art. 6 para. 1 lit. f GDPR, however you can object to the data processing at any time (see section 16 a).

e. IP addresses

On the internet, every device needs a clear address in order to transmit data, known as its IP address. It is a technical requirement for the IP address to be saved, at least temporarily, in order to facilitate the delivery of the internet page and app content to the device of the user.

aa) Log files

For security purposes, our servers save the IP address in what are known as log files for 14 days, e.g. in order to determine what happens if an attack (DoS) is made on idealo websites, or if illegal analysis of our databases occurs. This is based on Art. 6 Para. 1 lit. f GDPR.

bb) Geolocalisation etc.

Before any further or other processing, we abbreviate the IP addresses before each processing step and then process them in an anonymised state. Unabbreviated IP addresses are not saved or processed further.

The processing of the (thus abbreviated) IP addresses allows us to display content with regional relevance on all idealo websites that are accessed from within a certain region. This is known as geolocalisation, i.e. assigning an instance of website access to the location from which it is accessed, and takes place exclusively on the basis of anonymised IP addresses, and only to the geographical level of German federal states / regions. Based on the geographical information thus obtained, it is never possible to determine the specific location of a user.

Occasion, content and purposes of processing: My favourites and price alert

idealo also offers you the following functionalities:

a. My favourites

You can “save” idealo products and journey components (e.g. flights and hotels), and these are then available to you on your “My favourites”. You are identified as the owner of your “My favourites” list by cookies that are used. The “My favourites” list allows you to compare products with one another in terms of their characteristics, and to access the price alarm function. The “My favourites” list is additionally filled by idealo with any products for which you have not completed the purchase using the “shopping function” from idealo. Based on your “My favourites” list entries, you will receive product recommendations via email, for example if the prices of the products you have saved change.

The legal basis here is Art. 6 Para. 1 lit. b GDPR.

b. Price alert

You have the option of setting up a price alarm for products, e.g. if you wish to purchase them for a cheaper price. You then enter your respective target price using the price alarm function. When you use the price alarm, idealo saves your products and target prices together with your email address, so that we can inform you in the event of price changes. At the same time, the local storage of your browser saves a value (“true” or “false”), which helps us to decide whether to offer you utilisation suggestions for the price alarm (as a pop-up). You can find an overview of the saved price alarms in your customer account. The legal basis here for processing is also Art. 6 Para. 1 lit. b GDPR.

Location of processing

We ourselves do not transfer your personal data to countries outside the European Economic Area ("EEA"), except in cases where it is permitted under the GDPR. Whether third parties, with whom you have your own contractual relationship (such as with Facebook, if you have a Facebook account) transfer data to countries outside the EEA, is beyond our knowledge and influence.

Some of our contractual partners also process data in countries outside the EEA. In order to ensure the protection of your personal rights also in the context of these data transfers, we use the standard contractual clauses of the EU Commission in structuring the contractual relationships with the recipients in third countries in accordance with Art. 46 para. 2 lit. c GDPR.

For the US, the European Commission decided on 12th July 2016, that under the regulations of the EU-U.S. Privacy Shields an appropriate level of data protection exists (adequacy decision, Art. 45 GDPR). Further information - including the certification of the service providers we use - is available at https://www.privacyshield.gov. We only use US service providers who are certified under the EU-US Privacy Shield.

Origin of data

In certain cases, we also receive data because you have consented to them being transmitted to us.

As you know, apps are regularly made available to download by third-party providers (e.g. iTunes, Google etc.). If under the applicable terms and conditions of use of such a provider idealo Internet GmbH becomes your contractual partner for the purchase of the app, we process the data that the third-party provider makes available, in whatever scope is necessary for the fulfilment of contract, so that you can download the app to your mobile device.

Disclosure of your data to third parties

We will only disclose your personal data to third parties where this is necessary in order to fulfil our legal obligations to you, and where this is visibly done by or together with another provider (e.g. in the case of cooperation agreements), where we are otherwise legally entitled or obliged to disclose the data, or where you have provided us with corresponding consent.

In certain cases, we also use external service providers or affiliated companies, which we have contracted to process data for us, and which are bound by instructions. Such service providers are contractually bound by us as data processors in accordance with the strict provisions of the GDPR, and are not permitted to use your data for any further purposes. Data processors used by us perform in particular the following services: data centre, newsletter distribution and web/app analysis.

This disclosure of data to data processors takes place on the basis of Art. 28 Para. 1 GDPR, or alternatively on the basis of our legitimate interest in the economic and technical benefits associated with the use of specialised data processors, Art. 6 Para. 1 lit. f GDPR.

Where we are legally obliged to do so, or where this is permitted under data protection law, we disclose personal data to public authorities, e.g. to police or the state prosecutor’s office (Art. 6 Para. 1 lit. c GDPR). The disclosure of this data takes place on the basis of our legitimate interest in combating abuse, the prosecution of crimes, and in safeguarding, asserting and enforcing claims, which are not considered to be outweighed by your rights and interests in the protection of your personal data, Art. 6 Para. 1 lit. f GDPR.

Cookies and other technologies

a. General

In order to ensure the full functionality of the idealo websites, idealo and the third parties named below save to your device files that serve amongst other things for collecting information regarding the use of a website or app, as well as additional data such as the IP address of the accessing computer and information about the software used (see above).

This typically involves the use of what are known as cookies. Cookies are small files that your browser saves on your device in a folder created for this purpose. These allow it to be determined, for example, whether you have ever visited a website before. If you have decided to stay logged into your customer account despite leaving the idealo websites, cookies can also be used to save your login data e.g. for the customer account, so that you do not need to enter these data every time you access the site.

Many cookies contain what is known as a cookie ID. A cookie ID is a unique code identifying the cookie. It consists of a sequence of characters that allow websites and servers to be mapped to the specific internet browser in which the cookie has been saved. This enables the websites visited to differentiate the individual browser of the data subject from other internet browsers that contain different cookies. This data is not collated with other data sources.

The use of cookies can also take place using what are known as web beacons (also called ClearGIFs or tracking pixels). These are small graphics (e.g. in emails and on websites) that are inserted in order to achieve a better understanding of the interaction between the visitor and the website.

We use different types of cookies: On the one hand, we use technical cookies, without which the functionality of the idealo websites would be restricted, and on the other hand we use optional (see below) analysis and marketing cookies in order to make our services more user friendly. The analysis cookies are used for the purpose of improving the quality of both our content and yours. The analysis cookies tell us how idealo is used, thus allowing us to continuously improve our services. Further information on the individual analysis cookies and services can be found in Section 10 of this privacy policy.

You can prevent us from using cookies at any time by adjusting the corresponding setting in your internet browser, and thus permanently opt out. Furthermore, you can delete existing cookies at any time using your internet browser or other software programs. This is possible in all conventional internet browsers. If you deactivate cookies in the internet browser you use, you may not be able to make full use of all the functions of our website. In addition, you have the opportunity to object to analysis cookies and services (i.e. you can opt out; see Sections 10 and 11).

When using apps, a functionally comparable technology is used instead of cookies.

Cookies cannot identify you personally. In all cases, the use of cookies is justified on the basis of our legitimate interest in needs-oriented design, as well as for statistical analysis by idealo (Art. 6 Para. 1 lit. f GDPR).

b. Web storage (session storage and local storage)

idealo utilises web storage technology, a method for saving application data in your browser on your device, where your browser supports this technology and you have activated JavaScript. Web storage serves for optimising our website and our services. We use this technology for saving application data during the use of the idealo websites, e.g. in order to make navigation when searching for products or services more convenient, and to provide the “Recently viewed” function.

Web storage provides two data objects, the session storage and the local storage. The entries in session storage are removed automatically after the browser or app is closed. You can delete the entries in local storage (“Recently viewed”) at any time by deleting the history in your browser.

The session storage saves information in order to recognise your browser or device immediately, and thus provide you with easier access to our services. You can prevent the use of web storage by changing the corresponding setting in your browser, which may restrict the functionality of the idealo websites.

The processing of data in web storage takes place on the basis of Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the purposes of processing described above.

c. idealo cookies

Cookies created by idealo allow the collection of information regarding browser type/version, resolution, previous/new display variant, URL clickstream (order of the pages of our website that you have visited previously), time of visit(s) to the websites, the reference in the idealo database for the products/services noted in your “My favourites”, and the cookie number, but not personal details such as name, address or email address. We use these cookies for purposes of advertising, market research and where required for the needs-oriented design of our services. The cookies of idealo are valid for a maximum of two years, unless you delete them sooner. The processing of data is justified in this case by Art. 6 Para. 1 lit. f) GDPR, however you may object to this processing with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

Web/app analysis services

In order to continuously improve our content and adapt it to the interests of our users, and to display online advertising, we use a number of services that collect data on our website and in the app, and which analyse these data for us. Where these service providers are not themselves the data controller in the meaning of data protection legislation, they are always bound by instructions when processing the pseudonymised user data on the basis of a data processing agreement. The legal basis for this processing is always Art. 6 Para. 1 lit. f GDPR.

You can deactivate the use of cookies by third-party providers, e.g. by accessing the deactivation page http://www.networkadvertising.org/choices/ or http://www.youronlinechoices.com/de/praferenzmanagement/" target="_blank" class="link-4">http://www.youronlinechoices.com/de/praferenzmanagement/ and acting on the information provided there on opting out.

Not all access to the idealo pages is carried out via a web browser. In cases where users access using a mobile device, disabling cookies or changing web browser settings may not be possible.

In the following, you can find details of the analysis services we use:

a. Adjust

We make use of the usage evaluation and analysis technology Adjust, produced by adjust GmbH, Saarbrücker Str. 36, 10405 Berlin. The Adjust service has been audited and certified under the ePrivacyseal (European Seal for your Privacy) (see http://www.eprivacy.eu/vergebene-siegel/). Adjust collects installation and event data, and makes it available in the form of anonymised evaluations and graphics regarding the number of visits, number of pages accessed or apps opened per user etc. We use this information exclusively for purposes of our own market research, and for the optimisation and needs-oriented design of the website and app. For such an analysis, Adjust uses your anonymised IDFA or Android ID and your anonymised IP and MAC address. It is not possible to identify you personally. You can prevent any corresponding analysis in future at https://www.adjust.com/opt-out/.

b. Ad Up

Our websites use integrated tracking from Ad Up, a technology and service provider from Axel Springer Teaser Ad GmbH (Axel-Springer-Straße 65, 10969 Berlin). By collecting anonymised and/or pseudonymised data, Ad Up can then allow advertising related to your interests to be shown on websites for a certain time.

Ad Up uses cookies in order to offer advertisers what is known as conversion tracking, which determines the effectiveness of their advertisements and keywords. More information on data protection at Axel Springer Teaser Ad GmbH can be found at https://www.adup-tech.com/datenschutz/. By using the “Activate opt-out cookie” button there, you have the option of saving an opt-out cookie to your browser, and thus to deactivate Ad Up in this browser.

c. affilinet

We have integrated components from the company affilinet on this website. Affilinet is a German affiliate network that provides affiliate marketing.

Affiliate marketing is an internet-based form of sales that allows the commercial operators of websites, known as merchants or advertisers, to show advertisements on the websites of third parties, i.e. of sales parties, also known as affiliates or partners, and which are typically paid for on a per-click or per-sale commission basis. The merchant provides advertisement material via the affiliate network, i.e. an advertising banner or other suitable means of online advertising, which is subsequently integrated by affiliates into their own websites or advertised using other channels, e.g. keyword advertising or email marketing.

The operating company of Affilinet is affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany.

Affilinet saves a cookie on the information technology system of the data subject. What cookies are has already been explained above. The tracking cookie from Affilinet does not save any personal data. Only the identification number of the affiliate, i.e. of the partner determining potential customers, as well as the reference number of the visitor to a website and the advertisements clicked are saved. The purpose of saving this data is the handling of commission payments between a merchant and the affiliate, which are handled via the affiliate network, i.e. Affilinet.

The data subject can prevent cookies from being used by our website at any time, as already described above, by adjusting the corresponding setting in the internet browser used, and thus permanently opt out. Such a setting in the internet browser would also prevent Affilinet from saving a cookie on the information technology system of the data subject. Furthermore, cookies already saved by Affilinet can be deleted at any time using your internet browser or other software programs. The applicable privacy policy of Affilinet can be accessed at https://www.affili.net/de/footeritem/datenschutz. Additionally, we use the Affilinet Conversion Pixel to measure our own advertising performance. If you do not want your data to be recorded via the Affilinet Conversion Pixel, please click here.

d. AppNexus

For the extraction of usage-based advertising, we use AppNexus, a service provider for advertising and operator of a mediation platform (AppNexus, 28 W. 23rd Street, New York, New York, 10010, USA). AppNexus collects and saves Information about your activities, which allows the analysis of usage behaviour. These profiles are used to display targeted, interest-oriented advertising. If you do not want this, you can deactivate the usage-based advertising here https://www.appnexus.com/en/company/platform-privacy-policy-de .

e. AWIN

We have integrated components of AWIN on this website. AWIN is a German affiliate network that provides affiliate marketing. Affiliate marketing is an internet-based form of sales that allows the commercial operators of websites, known as merchants or advertisers, to show advertisements on the websites of third parties, i.e. of sales parties, also known as affiliates or partners, and which are typically paid for on a per-click or per-sale commission basis. The merchant provides an advertisement via the affiliate network, i.e. an advertising banner or other suitable means of online advertising, which is subsequently integrated by affiliates into their own websites or advertised using other channels, e.g. keyword advertising or email marketing.

The operating company of AWIN is AWIN AG, Stralauer Allee 2, 10245 Berlin, Germany.

AWIN saves a cookie on the information technology system of the data subject. What cookies are has already been explained above. The tracking cookie from AWIN does not save any personal data. Only the identification number of the affiliate, i.e. of the partner determining potential customers, as well as the reference number of the visitor to a website and the advertisements clicked are saved. The purpose of saving this data is the handling of commission payments between a merchant and the affiliate, which are handled via the affiliate network, i.e. AWIN.

The data subject can prevent cookies from being used by our website at any time, as already described above, by adjusting the corresponding setting in the internet browser used, and thus permanently opt out. Such a setting in the internet browser would also prevent AWIN from saving a cookie on the information technology system of the data subject. Furthermore, cookies already saved by AWIN can be deleted at any time using your internet browser or other software programs. The applicable privacy policy of AWIN can be accessed at https://www.awin.com/de/rechtliches/privacy-policy. Additionally, we use the AWIN Conversion Pixel to measure our own advertising performance. You may object to this processing with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

f. Bing

This website uses Bing Ads Universal Event Tracking, a conversion tracking service provided by Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). This service allows us to track your activities on our website, if you got to our website via a Bing advertisement. This is possible because when you click on a Microsoft Bing Ads advertisement, a cookie (a small text file) is saved on your device. This tells Microsoft and us in particular the total number of users that have clicked on an advertisement and reached a predefined target page. These data are saved by Microsoft for 180 days. No personal information on the identity of the user are transmitted. If you do not wish to participate in Universal Event Tracking, you can reject the saving of cookies, e.g. in your browser settings. In addition, it is possible to deactivate interest-related advertising from Microsoft by opting out using the following link: https://go.microsoft.com/fwlink/?LinkID=286759

Alternatively, the following website allows you to reject interest-related advertising from Microsoft and also other participating companies altogether: http://www.youronlinechoices.com/de/

Further information on the usage and data protection guidelines for this product can be found here: https://privacy.microsoft.com/de-DE/privacystatement/ If you do not want your data to be recorded via Bing, please click here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

g. Crashlytics

Crashlytics is an analysis tool that is provided and operated by Crashlytics Inc., which is registered in Cambridge MA, USA. Crashlytics generates what are known as crash reports, i.e. reports on glitches and crashes in the app, where and in what context these occurred, how many users of the app are affected, etc. We use these reports in order to learn from glitches and crashes, to react faster, more precisely and more efficiently in the interests of our users, and to make corresponding technical improvements to the app. To this end, Crashlytics records not only your Symphony-related app ID, which you can delete at any time, but also data on the “crash” and general data relating to the respective IT environment (in particular the device used, the mobile provider and the operating system). Where this contains personal or pseudonymised data, these are deleted by Crashlytics after seven days at the latest. With this information, Crashlytics and subsequently we learn how and why the app functions and is used, in particular including the glitches and crashes that occur. Further information is available under https://try.crashlytics.com/terms/privacy-policy.pdf.

You can implement an opt-out as follows a) in iOS: select “Settings” > "Data Protection" > and switch off “Send Error Reports” b) in Android: open the idealo App, go to “Settings” > “Data Protection” and switch off “Send Error Reports”.

h. Criteo

The websites operated by idealo publish advertising from third parties, which is provided by Criteo SA, 32 Rue Blanche, 75009 Paris, France. This service serves to draw our users’ attention to further content whose subject matter is related to the content read by the respective user. The content and technical aspects of the content displayed is controlled and delivered by Criteo. Where the user has not opted out (see below), the selection of advertising displayed will also be made based on the content that the user is currently viewing and has recently viewed on the affected website. According to its own statements, Criteo only collects anonymised data.

idealo likewise uses Criteo to publish advertising on the websites of third parties and in emails from third parties (https://emailprivacy.criteo.com/de/index.html) in order to address former customers of idealo. In this process the identity of the customer is not identified, and the customer is only recognised in pseudonymised form. This takes place using various devices of the customer, using an encrypted (undecryptable) email address. The cookies are stored for 180 days. Further information: https://support.criteo.com/hc/de/articles/202427141-Cross-Device-Implementierung

Criteo provides information about the collection and utilisation of usage data and other data as the data controller in its own privacy policy http://www.criteo.com/de/privacy. There you also have the option of objecting to the use of usage data and other data for certain purposes (your preference - “Opt out”). Advertising will then no longer be controlled based on the usage data collected by Criteo. You may object to this processing with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

i. Exact Target (Newsletter success measurement, conversion tracking)

Idealo utilises the ExactTarget email service from the company salesforce.com, inc., Landmark @ One Market, Suite 300, San Francisco, 94105, USA. (“ExactTarget”). Where users have consented to receive emails from idealo and visit the website via these emails, cookies and web beacons will be used in order to make the success of the newsletters transparent, e.g. whether it was opened and which topic was particularly relevant.

Web beacons (also known as ClearGIFs or tracking pixels) are small graphics in the email and on the website, which are inserted in order to achieve a better understanding of the interaction between the visitor and the website. Web beacons function on the website together with cookies. Users can therefore stop the use of web beacons by preventing the installation of the cookies through the browser settings. If users do not wish to receive emails with web beacons, they can also switch emails into text format instead of HTML format. You may object to the processing of data with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

j. ExactTarget (adjustment for users)

Idealo uses the service “Predictive Intelligence” from ExactTarget in order to track the success of the emails, websites and apps from idealo, and to optimise these for the users. Personal data are not transmitted to ExactTarget; instead only pseudonyms are created. You may object to this processing with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

k. Facebook conversion pixel

We use the “conversion pixel” or visitor activity pixel of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). By accessing this pixel from your browser, Facebook can subsequently recognise whether a Facebook advertisement was successful, e.g. whether it resulted in the conclusion of an online purchase. In relation to this we receive exclusively statistical data from Facebook, without reference to any specific person. This allows us to record the effectiveness of Facebook advertisements for statistical and market research purposes. In particular if you are signed into Facebook, we otherwise refer to their privacy policy https://www.facebook.com/about/privacy/.

You may object to this processing of data with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

l. Facebook Website Custom Audiences

Within our website, we use the “Website Custom Audiences” pixel from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. This involves what are known as tracking pixels being integrated into our websites. When you visit our websites, the tracking pixel allows a direct connection to be created between your browser and the Facebook server. Facebook receives from your browser, amongst other things, the information that our website was accessed from your device. If you a are a Facebook user, Facebook can thus collate the visit to our websites with your user account. Please note that as the provider of the websites, we have no knowledge of the content of the data transmitted, or of how they are used by Facebook. We are only able to select which segments of Facebook users (such as age, interests) our advertising should be shown to. In the process, we use one of two functions of Custom Audiences, where none of the data sets, and in particular email addresses of our users are transmitted to Facebook – neither encrypted nor unencrypted. Further information on this can be found in the privacy policy of Facebook under https://www.facebook.com/about/privacy/.

Please click here if you do not wish data to be collected via Custom Audiences. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

m. Google Products

aa) Google AdSSense

We have integrated Google AdSense on this website. Google AdSense is an online service that allows the mediation of advertising on third-party websites. Google AdSense is based on an algorithm that selects advertisements for third-party websites based on the content of the respective third-party website. Google AdSense permits interest-oriented targeting of internet users, which is implemented by generating individual user profiles.

The operating company of the Google AdSense component is Alphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of the Google AdSense component is the integration of advertisements into our website. Google AdSense saves a cookie to the information technology system of the data subject. What cookies are has already been explained above. Saving the cookie allows Alphabet Inc. to analyse the use of our website. Each time one of the individual pages of this website, which we operate and on which a Google AdSense component has been integrated, is retrieved, the internet browser on the information technology system of the data subject is automatically prompted by the respective Google AdSense component to send data to Alphabet Inc. for purposes of online advertising and the invoicing of commissions. Within the framework of this technical process, Alphabet Inc. receives knowledge of personal data, such as the IP address of the data subject, which is used by Alphabet Inc. amongst other things to understand the origin of the visitor and the clicks, and subsequently to facilitate commission invoicing.

The data subject can prevent cookies from being used by our website at any time, as already described above, by adjusting the corresponding setting in the internet browser used, and thus permanently opt out.

Such a setting in the internet browser would also prevent Alphabet Inc. from saving a cookie on the information technology system of the data subject. Furthermore, you can delete any cookie saved by Alphabet Inc. at any time using your internet browser or other software programs.

Google AdSense additionally uses what are known as tracking pixels. A tracking pixel is a miniature graphic that is embedded in websites in order to allow log file recording and log file analysis, which allows statistical analysis to be performed. Using the embedded tracking pixel, Alphabet Inc. can recognise when a website was opened by a data subject, and what links the data subject clicked. Tracking pixels are used amongst other things to analyse the visitor traffic of a website.

Google AdSense sends personal data and information to Alphabet Inc. in the USA, which includes the IP address and is required for the recording and invoicing of the advertisements displayed. These personal data are saved and processed in the USA. Alphabet Inc. never discloses the personal data collected using this technical process to third parties.

Google AdSense is explained in greater detail under this link https://www.google.de/intl/de/adsense/start/. More information and options for the deactivation of this advertising placement can be found at http://www.google.com/settings/u/0/ads/anonymous?hl=de (link “Ads setting”, then “Deactivate”).

bb) Google AdWords

We have integrated Google AdWords on this website. Google AdWords is an online advertising service that allows advertisers to place advertisements both in the search results of Google and in Google’s advertising network. Google AdWords allows an advertiser to predefine certain keywords, by means of which an advertisement is displayed in the search results of Google exclusively when the user of the search engine accesses search results related to the keyword. In the Google advertising network, the advertisements are distributed to thematically relevant websites using an automated algorithm and following the predefined keywords. The operating company of the services of Google AdWords is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The purpose of Google AdWords is to advertise our website by displaying interest-related advertising on the websites of third-party companies and in the search results of the Google search engine, as well as displaying third-party advertising on our website. If a data subject comes to our website via a Google advertisement, Google saves what is known as a conversion cookie to the information technology system of the data subject. What cookies are has already been explained above. A conversion cookie becomes invalid after thirty days, and is not used to identify the data subject. Until the conversion cookie expires, it is used to determine whether certain sub-pages, for example the shopping basket of an online shop system, are accessed on our website. The conversion cookie allows both us and Google to track whether a data subject that comes to our website via an AdWords advertisement generates sales, i.e. whether a purchase has been completed or aborted.

The data and information collected using the conversion cookie are used by Google to prepare visitor statistics for our website. These in turn are used by us in order to determine the total number of users that are sent to us via AdWords advertisements, and thus to determine the success or failure of the respective AdWords advertisement, and to optimise our AdWords advertisements for the future. Neither our company nor any other advertising customers from Google AdWords receive information from Google that could allow the data subject to be identified.

The conversion cookie saves personal information, for example the websites visited by the data subject. For each subsequent visit to our websites, personal data are sent to Google in the USA, including the IP address of the internet connection used by the data subject. These personal data are saved by Google in the USA. Google may disclose the personal data collected using this technical process to third parties.

The data subject can prevent cookies from being used by our website at any time, as already described above, by adjusting the corresponding setting in the internet browser used, and thus permanently opt out. Such a setting in the internet browser would also prevent Google from saving a conversion cookie on the information technology system of the data subject. Furthermore, you can delete any cookie saved by Google AdWords at any time using your internet browser or other software programs.

The data subject also has the option at any time of opting out of Google using interest-related advertising. To do this, the data subject must use each of their internet browsers to access the link https://www.google.de/settings/ads and then change the desired settings.

Further information and the applicable privacy policy of Google can be accessed at www.google.de/intl/de/policies/privacy/" target="_blank" class="link-4">https://www.google.de/intl/de/policies/privacy/.

You can also deactivate or opt out of Google advertisements https://privacy.google.com/?hl=de#google-experience wholly or in part. You may also object to this processing of data with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

cc) Google Analytics

We have integrated Google Analytics (with anonymisation function). Google Analytics is a web analysis service. Web analysis is the recording, collection and evaluation of data regarding the behaviour of visitors to websites. A web analysis service collects data, amongst other things, about which website a data subject came to a website from (known as the referrer), which sub-pages of the website are accessed, or how often and for how long a sub-page was viewed. A web analysis is predominantly used for optimisation of a website and for the cost/benefit analysis of online advertising.

The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

For the web analysis via Google Analytics we use the suffix "_gat._anonymizeIp". This suffix means that the IP address of the internet connection used by the data subject is abbreviated and anonymised by Google if the access to our websites originates in a member state of the European Union or from another signatory state to the Treaty on the European Economic Area.

The purpose of the Google Analytics component is the analysis of visitor traffic on our website. Google uses the data and information obtained, amongst other things, in order to analyse the use of our website, in order to compile online reports for us identifying the activities on our websites, and in order to provide additional services relating to the use of our website.

Google Analytics saves a cookie to the information technology system of the data subject. What cookies are has already been explained above. Saving the cookie allows Google to analyse the use of our website. Each time one of the individual pages of this website, which we operate and on which a Google Analytics component has been integrated, is retrieved, the internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to send data to Google for purposes of online analysis. Within the framework of this technical process, Google receives knowledge of personal data, such as the IP address of the data subject, which is used by Google amongst other things to understand the origin of the visitor and the clicks, and subsequently to facilitate commission invoicing.

The cookie allows personal information to be saved, such as the access time, the location from which the access originated, and the frequency of visits to our website by the data subject. For each visit to our websites, these personal data are sent to Google in the USA, including the IP address of the internet connection used by the data subject. These personal data are saved by Google in the USA. Google may disclose the personal data collected using this technical process to third parties.

The data subject can prevent cookies from being used by our website at any time, as already described above, by adjusting the corresponding setting in the internet browser used, and thus permanently opt out. Such a setting in the internet browser would also prevent Google from saving a cookie on the information technology system of the data subject. Furthermore, you can delete any cookie saved by Google Analytics at any time using your internet browser or other software programs.

The data subject also has the option of opting out of, and thus preventing, the collection and processing by Google of data generated by Google Analytics in relation to the use of this website. To do this, the data subject needs to download and install a browser add-on from the link http://tools.google.com/dlpage/gaoptout?hl=de.

This browser add-on uses JavaScript to inform Google Analytics that it is not permitted to transmit data and information regarding visits to websites to Google Analytics. The installation of the browser add-on is treated by Google as an opt-out. If the information technology system of the data subject is subsequently deleted, formatted or reinstalled, the data subject must repeat the installation of the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or by another person within their sphere of influence, it is possible to reinstall or reactivate the browser add-on.

Further information and the applicable privacy policy of Google can be accessed at www.google.de/intl/de/policies/privacy/" target="_blank" class="link-4">https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html Google Analytics is explained in greater detail under this link https://www.google.com/intl/de_de/analytics/.

You may also object to this processing of data with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

dd) Google DoubleClick

We have integrated components of DoubleClick by Google on this website. DoubleClick is a brand owned by Google, under which predominantly online marketing solutions are marketed to advertising agencies and publishers.

The operating company of DoubleClick by Google is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

DoubleClick by Google transmits data to the DoubleClick server with every impression, as well as with clicks or other activities. Each of these transfers triggers a cookie request to the browser of the data subject. If the browser accepts this request, DoubleClick saves a cookie on the information technology system of the data subject. What cookies are has already been explained above. The purpose of the cookies is to optimise and display advertising. The cookie is used amongst other things to identify and display advertising that is relevant to the user, and to prepare reports about advertising campaigns and improve such campaigns. The cookie is also used to prevent multiple versions of the same advertisement being displayed.

DoubleClick uses a cookie ID which is necessary for the handling of the technical process. The cookie ID is required, for example, in order to display an advertisement in a browser. DoubleClick can additionally use the cookie ID to record which advertisements are already being displayed in a browser, in order to avoid displaying duplicates. The cookie ID also enables DoubleClick to record conversions. Conversions are recorded, for example, when a user was previously shown a DoubleClick advertisement, and then subsequently uses the same internet browser to complete a purchase on the website of the advertiser.

A cookie from DoubleClick contains no personal data. A DoubleClick cookie can, however, contain additional campaign IDs. A campaign ID serves to identify the campaigns with which the user has already been in contact.

Each time one of the individual pages of this website, which we operate and on which a DoubleClick component has been integrated, is retrieved, the internet browser on the information technology system of the data subject is automatically prompted by the respective DoubleClick component to send data to Google for purposes of online advertising and the invoicing of commissions. Within the framework of the technical process, Google receives knowledge of data that Google also uses for the creation of commission invoices. Google can determine, amongst other things, that the data subject has clicked certain links on our website.

The data subject can prevent cookies from being used by our website at any time, as already described above, by adjusting the corresponding setting in the internet browser used, and thus permanently opting out. Such a setting in the internet browser would also prevent Google from saving a cookie on the information technology system of the data subject. Furthermore, cookies already saved by Google can be deleted at any time using your internet browser or other software programs. Detailed information on opting out of cookies can be found here:

Further information and the applicable privacy policy of DoubleClick by Google can be accessed at https://www.google.com/intl/de/policies/.

ee) Google Dynamic Remarketing

On the website, we use the remarketing or “similar audiences” function of Google Inc. (“Google”). The operating company of the services of Google Remarketing is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. This function allows the provider to target visitors to the website specifically, by displaying interest-related advertisements that are personalised for the visitors to the provider’s website, if they have visited other websites in the Google Display network. Google uses what are known as cookies to perform the analysis of the website use, which forms the basis for creating interest-related advertisements. To this end, Google saves a small file with a series of numbers in the browsers of visitors to the website. This number is used to record visits to the website and anonymised data about the use of the website. The personal data of visitors to the website is not saved. If you subsequently visit another website in the Google Display network, you will be shown advertisements that have a greater probability of relating to types of products and information that you have previously accessed. You can permanently deactivate the use of cookies by Google specifically by using the following link and then downloading and installing the plug-in: https://www.google.com/settings/ads/plugin" target="_blank" class="link-4">https://www.google.com/settings/ads/plugin.

The data subject also has the option at any time of opting out of Google using interest-related advertising. To do this, the data subject must use each of their internet browsers to access the link https://www.google.com/settings/ads/ and then change the desired settings.

Alternatively, you can deactivate the use of cookies by third-party providers by accessing the deactivation page of the Network Advertising Initiative under http://www.networkadvertising.org/choices/ and following the information provided there on opting out.

Further information on Google Remarketing and the privacy policy of Google can be viewed at: http://www.google.com/privacy/ads/.

ff) Google Firebase

We use Firebase. This is a real-time database that allows real-time information to be embedded in one’s own website, in order to better understand and optimise user behaviour in the apps. Furthermore, other functions of Firebase are also used that allow better user navigation or evaluation of what causes crashes in the apps. Firebase is a Google subsidiary and is headquartered in San Francisco (CA), USA. Further information can be found in the privacy policy of Firebase at https://www.firebase.com/terms/privacy-policy.html.

You can implement an opt-out as follows a) in iOs: please select “Settings” > "idealo" > "Data Protection" > and switch off “Send User Data” b) in Android: open the idealo App, select “Settings” > “Data Protection” and switch off “Send User Data”.

gg) Google Tag Manager

idealo uses the Tag Manager from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Tags are the IDs of data elements. Tracking pixels from the third-party providers named here are loaded on the websites. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record personal data. The tool ensures that other tags are triggered, which in turn may record data. However, Google Tag Manager does not access this data. Further information is available here: https://www.google.com/intl/de/tagmanager/faq.html and http://www.google.com/intl/de/policies/privacy

n. Hotjar

idealo uses the analysis software “Hotjar” provided by Hotjar Ltd, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, to measure and evaluate user behaviour (mouse movements, clicks, scrolling position, etc.) on our websites. For this purpose, Hotjar uses cookies on the user’s devices to record non-personal user data, such as browser information, operating system, time spent on the website, etc. (only with an anonymised IP address). Please click here for further information:https://www.hotjar.com/privacy, and click here to find out about possibilities to deactivate this function: https://www.hotjar.com/opt-out

o. Ingenious Technologies

For some offers on idealo, a cookie of Ingenious Technologies AG, Französische Straße 48, 10117 Berlin, is activated when the link to online shop’s offer is clicked. These cookies are used to subsequently assign online shop sales to the respective offer on idealo and to invoice the online shop. Art. 6 Para. 1 lit. b) GDPR serves as the legal basis for using these cookies; in any case, idealo has a legitimate interest in tracking. Should you not wish for tracking to be used, you can prevent tracking by activating the “Do Not Track” function in your browser.

p. Outbrain

We use the services of London-based Outbrain UK Limited. Outbrain UK Limited uses cookies to collect and process information about which websites your browser has visited, which advertising space has been clicked, how long a website has been visited, and about the general interaction with the website. In addition, Outbrain UK Limited collects information about the attractiveness of online advertising, such as the number of clicks and the resulting online sales that an advertisement generates. As a result, we can adapt the displayed online advertising to be more relevant to you. If you would like to deactivate the technology of Outbrain UK Limited for your browser, please click on the “Opt-Out” button on the following link:https://www.outbrain.com/legal/privacy#privacy-policy. You can always return to this page and re-activate the function by ticking next to Opt-in. Please note that if you configure browser settings to erase, restrict or block cookies, or use another browser or device, you may have to carry out the opt-out process again. You may also object to this processing of data with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

q. Remerge Retargeting

idealo uses the retargeting (remarketing) function of remerge GmbH (“remerge”). This function allows us to address visitors (users) to our app with personalised advertising when they visit our sites or third-party offers at a later point in time. For this purpose, information based on the user behaviour, e.g. which app content users have viewed or which advertisement they have clicked on, is stored in pseudonymised form. These pseudonymised usage profiles are never combined with users’ personal data and are only used to facilitate interest-based advertising. Users, who do not wish for remerge’s retargeting (remarketing) function to be used, can deactivate it by following the instructions provided under “Opt-out”: https://www.remerge.io/privacy-policy.html.

Alternatively, you can implement an opt-out as follows a) in iOS select “Settings” > “idealo” > “Data Protection”, and switch off “Send Campaign Data” b) in Android: open the idealo App, select “Settings” > “Data Protection” and switch off “Send Campaign Data”.

r. SiteSpect

We use SiteSpect (SiteSpect Inc., 10 Milk Street, Suite 820, Boston, MA02108, USA) to test user behaviour on the various versions of our website. SiteSpect saves a cookie to the data subject’s information technology system in order to analyse user behaviour. What cookies are has already been explained above. If you do not want to participate in improving idealo through A/B tests conducted by SiteSpect, you can, for example, reject the saving of cookies in your browser settings and opt out of them in this manner. In addition, you have the option to object via this link.

s. Scalable central measurement next Generation (range measurement)

The website uses the measurement procedure (“SZMnG”) of INFOnline GmbH, Brühler Str. 9, 53119 Bonn, to determine statistical characteristic values about the use of this website. The purpose of the measurement survey is to determine the usage intensity, the number of users of a website and the surfing behaviour statistically – on the basis of a standardised standard procedure – and thus to obtain comparable values across the market.

INFOnline GmbH collects and processes data in accordance with German data protection laws. Technical and organisational measures are used to ensure that individual users cannot be identified at any point in time. Data that can be associated with a particular, identifiable person are anonymised as soon as possible.

The IP addresses are abbreviated before any data is processed. Data is only ever processed in anonymous form. Unabbreviated IP addresses are not stored or processed further. This is known as geolocalisation, i.e. assigning an instance of website access to the location from which it is accessed, and takes place exclusively on the basis of anonymised IP addresses, and only to the geographical level of German federal states/regions. Based on the geographical information thus obtained, it is never possible to draw conclusions about a user’s specific location.

To recognise computer systems, reach measurement also uses either a cookie with the identifier “ioam.de”, a “local storage object” or an anonymous signature, which is created based on different information automatically transmitted by your browser. The cookie is only valid for a period of up to one year. To measure distributed use (i.e. the use of a service of different devices), the user ID can be transmitted to INFOnline when the user logs in if it is available as an anonymised checksum.

The stored data on usage events (visits) shall be erased no later than seven months later.

Should you not want to participate in the measurement, you can opt out by clicking the following link: https://optout.ioam.de

Further information about data protection in regards to measuring methods is available on the website of INFOnline GmbH (http://www.infonline.de) which carries out the measurement procedure, on the data protection website AGOF (http://www.agof.de/datenschutz) and the data protection website IVW (http://www.ivw.eu).

t. Tealium Audience Stream

Our website uses the service “Tealium Audience Stream” which is provided by Tealium Inc., 11085 Torreyana Road, San Diego, CA 92121, USA (Tealium), to collect and store data to be used to create pseudonymised usage profiles. On behalf of this website’s operator, Tealium uses this information to automate and design your website usage to meet your needs in real time and to display advertising. The following information, for example, is collected for this purpose: viewed and clicked ads, articles, advertising, visitor numbers, site topic, etc.

The pseudonymised usage profiles are not combined with personal data about the pseudonymised data subject without the granting of a separate consent. The IP address transmitted by your browser shall also not be merged with the usage profiles.

Cookies are used to create usage profiles or to activate similar technologies on mobile devices. The information generated by the cookie about your use of this website is stored exclusively in Germany. You can prevent cookies from being saved by activating the corresponding setting in your browser software; however, we point out that in this case you may not be able to make full use of all the functions on this website.

You can object to data being collected and stored for web analysis and advertising purposes at any time with effect for the future by following the instructions provided here: http://tealium.com/de/privacy/.

u. Tealium Tag Management System

This website uses the Tag Management System (TMS) service provided by Tealium Inc., 11085 Torreyana Road, San Diego, CA 92121, USA (Tealium), in order to dynamically adapt sections of the website. A cookie named utag_main is created in order to enable this functionality. TMS is required to provide the service and therefore cannot be deactivated.

v. Twitter Remarketing (contact of idealo users)

This website uses Twitter’s remarketing feature (Twitter Inc., 1355 Market Street Suite 900, San Francisco, CA 94103, USA) to enable idealo to address users with advertising on Twitter that is based on their interests. For this purpose, Twitter uses so-called “tags”. These tags are used to record data on website visits and website usage. When a user visits a website containing such a tag, Twitter saves a cookie in the user’s browser. This cookie’s unique ID is recorded and it is included in the target audience for remarketing on Twitter. Twitter users can deactivate this function by following the instructions provided here: https://support.twitter.com/articles/20171528. You may also object to this processing with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

Social networks

You can also find us on the social networks of foreign companies, e.g. Facebook or Twitter. We have also integrated individual functions of these networks into our online services. You can only use both if you are registered and logged into the respective social network. Please note that this company’s terms of use and data protection conditions apply when using the respective social network over which we have no control. We would like to explain to you how such networks process your personal data in this context:

a. Facebook

We have integrated components of Facebook on this website. Facebook is a social network.

A social network is a place for social meetings on the internet, an online community which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for exchanging opinions and experiences, or enable the internet community to provide personal or business-related information. Facebook allows social network users to create private profiles, upload photos and socialise by making friend requests, amongst other things.

Facebook’s operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a data subject lives outside of the United States or Canada, the controller responsible for processing personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time one of the individual pages of this website – which we operate and on which a Facebook component (Facebook button) has been integrated – is accessed, the internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a display of the corresponding Facebook component of Facebook. An overview of all Facebook plug-ins can be found at: https://developers.facebook.com/docs/plugins/?locale=de_DE. During the course of this technical procedure, Facebook gains knowledge of what specific subpage of our website was visited by the data subject.

Every time a data subject accesses our website and is simultaneously logged into Facebook, Facebook detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the Facebook component and associated with the data subject’s respective Facebook account. If the data subject clicks on one of the Facebook buttons integrated on our website, e.g. the “Like” button, or if the data subject posts a comment, Facebook then assigns this data and information to the personal Facebook user account of the data subject and stores the personal data.

The Facebook component sends Facebook information that the data subject has visited our website, provided that the data subject is logged into Facebook at the time the website is accessed; this occurs regardless of whether the data subject clicks the Facebook component or not. If the data subject does not wish for this information to be transmitted to Facebook, then they may prevent this transmission by logging out of their Facebook account before accessing our website.

Facebook’s published privacy policy, available at https://de-de.facebook.com/about/privacy/, provides information about Facebook’s collection, processing and use of personal data. Information is also provided there on what setting options Facebook offers to protect the data subject’s privacy. In addition, different applications are provided to prevent the transmission of data to Facebook. These applications may be used by the data subject to stop data from being transmitted to Facebook.

b. Google+

We have integrated components of the Google+ button on this website. Google+ is a so-called social network. A social network is a place for social meetings on the internet, an online community which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for exchanging opinions and experiences, or enable the internet community to provide personal or business-related information. Google+ allows social network users to create private profiles, upload photos and socialise by making friend requests, amongst other things.

The operating company of Google+ is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the individual pages of this website – which we operate and on which a Google+ button has been integrated – is accessed, the internet browser on the information technology system of the data subject is automatically prompted by the respective Google+ button to download a display of the corresponding Google+ button of Google+ button. During the course of this technical procedure, Google gains knowledge of what specific subpage of our website was visited by the data subject. Further information about Google+ is available here: https://developers.google.com/+/.

Every time a data subject accesses our website whilst being logged into Google+, Google detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the Google+ button and associated with the data subject’s respective Google+ account.

If the data subject clicks on one of the Google+ buttons integrated on our website and thereby makes a Google+1 recommendation, Google then assigns this information to the personal Google+ user account of the data subject and stores this personal data. Google stores the data subject’s Google+ 1 recommendation and makes it publicly available in accordance with the terms and conditions accepted by the data subject in this regard. A Google+ 1 recommendation given by the data subject on this website is subsequently stored and processed alongside other personal data, such as the Google+1 account name used by the data subject and the photo saved in other Google services, such as search-engine results of the Google search engine, the Google account of the data subject or in other places, e.g. on websites or in relation to advertisements. Google is also able to link the visit to this website with other personal data stored by Google. Google further records this personal information with the purpose of improving or optimising various Google services.

The Google+ button sends Google information that the data subject has visited our website, provided that the data subject is logged into Google+ at the time our website is accessed; this occurs regardless of whether the data subject clicks the Google+ button or not.

If the data subject does not wish for personal data to be transmitted to Google, then the data subject may prevent this transmission by logging out of their Google+ account before accessing our website.

Further information and the applicable privacy policy of Google can be accessed at: www.google.de/intl/de/policies/privacy/" target="_blank" class="link-4">https://www.google.de/intl/de/policies/privacy/. Further information provided by Google on the Google+ 1 button can be found at: https://developers.google.com/+/web/buttons-policy.

c. Instagram

We use components of Instagram. Instagram is a service that may be qualified as an audio-visual platform, which allows users to share photos and videos, as well as disseminate such data in other social networks. Instagram’s operating company is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA. Each time one of the individual pages of this website, on which an Instagram component (Insta button) has been integrated, is accessed, Instagram gains knowledge of what specific subpage of our website was visited by the data subject. Every time a data subject accesses our website and is simultaneously logged into Instagram, Instagram detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the Instagram component and associated with the data subject’s respective Instagram account. If the data subject clicks on one of the Instagram buttons integrated on our website, Instagram then assigns this data and information to the personal Instagram user account of the data subject and stores and processes the personal data. The Instagram component sends Instagram information that the data subject has visited our website, provided that the data subject is logged into Instagram at the same time the website is accessed; this occurs regardless of whether the person clicks the Instagram component or not. If the data subject does not wish for this information to be transmitted to Instagram, then the data subject may prevent this transmission by logging out of their Instagram account before accessing our website. Further information and Instagram’s applicable privacy policy can be found here: https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

d. LinkedIn

We have integrated components of the LinkedIn Corporation on this website. LinkedIn is an internet-based social network that allows users to connect to existing business contacts and make new business contacts. Over 400 million registered persons use LinkedIn in more than 200 countries, making LinkedIn one of today’s largest platforms for making business contacts as well as one the world’s most popular websites.

LinkedIn's operating company is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for issues regarding data protection outside of the United States.

Each time our website, which is equipped with a LinkedIn component (LinkedIn plug-in button), is accessed, this component prompts the browser used by the data subject to download a display of the corresponding LinkedIn component. Further information about the LinkedIn plug-in is available here: https://developer.linkedin.com/plugins. During the course of this technical procedure, LinkedIn gains knowledge of what specific subpage of our website was visited by the data subject.

Every time a data subject accesses our website and is simultaneously logged into LinkedIn, LinkedIn detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the LinkedIn component and associated with the data subject’s respective LinkedIn account. If the data subject clicks on one of the LinkedIn buttons integrated on our website, LinkedIn then assigns this information to the personal LinkedIn user account of the data subject and stores the personal data.

The LinkedIn component sends LinkedIn information that the data subject has visited our website, provided that the data subject is logged into LinkedIn at the time the website is accessed; this occurs regardless of whether the data subject clicks the LinkedIn component or not. If the data subject does not wish for this information to be transmitted to LinkedIn, then the data subject may prevent this transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the ability to opt out of email messages, text messages and targeted ads, as well as to manage ad settings, at: https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners capable of saving cookies, such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame. The use of such cookies can be rejected at: https://www.linkedin.com/legal/cookie-policy. The applicable privacy policy of LinkedIn is available at: https://www.linkedin.com/legal/privacy-policy. LinkedIn’s policy on cookies can be accessed at: https://www.linkedin.com/legal/cookie-policy.

e. Pinterest

We have integrated components of Pinterest Inc. on this website. Pinterest is a so-called social network. A social network is a place for social meetings on the internet, an online community which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for exchanging opinions and experiences, or enable the internet community to provide personal or business-related information. Pinterest enables the users of the social network to publish, inter alia, picture collections and individual pictures as well as descriptions on virtual pinboards (so-called pins), which can then be shared by other users (so-called re-pins) or commented on.

Pinterest's operating company is Pinterest Inc., 808 Brannan St., San Francisco, CA 94103, USA.

Each time one of the individual pages of this website – which we operate and on which a Pinterest component (Pinterest plug-in) has been integrated – is accessed, the internet browser on the information technology system of the data subject is automatically prompted by the respective Pinterest component to download a display of the corresponding Pinterest component of Pinterest. Further information about Pinterest is available here: https://pinterest.com/. During the course of this technical procedure, Pinterest gains knowledge of what specific subpage of our website was visited by the data subject.

Every time a data subject accesses our website and is simultaneously logged into Pinterest, Pinterest detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the Pinterest component and associated with the data subject’s respective Pinterest account. If the data subject clicks on one of the Pinterest buttons integrated on our website, Pinterest then assigns this information to the personal Pinterest user account of the data subject and stores this personal data.

The Pinterest component sends Pinterest information that the data subject has visited our website, provided that the data subject is logged into Pinterest at the time our website is accessed; this occurs regardless of whether the data subject clicks the Pinterest component or not. If the data subject does not wish for this information to be transmitted to Pinterest, then the data subject may prevent this transmission by logging out of their Pinterest account before accessing our website.

Pinterest’s privacy policy, available at https://about.pinterest.com/privacy-policy, provides information about Pinterest’s collection, processing and use of personal data.

f. Twitter

We have integrated components of Twitter on this website. Twitter is a multilingual, publicly accessible microblogging service on which users may publish and spread so-called “tweets” (i.e. short messages) which are limited to 140 characters. These short messages are available for everyone, including those who are not logged into Twitter. The tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow a user's tweets. Furthermore, Twitter allows you to address a wide audience via hashtags, links or retweets.

Twitter’s operating company is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Each time one of the individual pages of this website – which we operate and on which a Twitter component (Twitter button) has been integrated – is accessed, the internet browser on the information technology system of the data subject is automatically prompted by the respective Twitter component to download a display of the corresponding Twitter component of Twitter. Further information about Twitter buttons is available here: https://about.twitter.com/de/resources/buttons. During the course of this technical procedure, Twitter gains knowledge of what specific subpage of our website was visited by the data subject. The purpose of integrating the Twitter component is to enable our users to further disseminate the contents of this website, to introduce this web page to the digital world and to increase our visitor numbers.

Every time a data subject accesses our website and is simultaneously logged into Twitter, Twitter detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the Twitter component and associated with the data subject’s respective Twitter account. If the data subject clicks on one of the Twitter buttons integrated on our website, Twitter then assigns this transmitted data and information to the personal Twitter user account of the data subject and then stores and processes the data.

The Twitter component sends Twitter information that the data subject has visited our website, provided that the data subject is logged into Twitter at the time the website is accessed; this occurs regardless of whether the data subject clicks the Twitter component or not. If the data subject does not wish for this information to be transmitted to Twitter, then the data subject may prevent this transmission by logging out of their Twitter account before accessing our website.

Twitter’s applicable privacy policy is available at: https://twitter.com/privacy?lang=de.

g. Xing

We have integrated components of Xing on this website. Xing is an internet-based social network that allows users to connect to existing business contacts and make new business contacts. Individual users can create a personal profile at Xing. Companies can, for example, create company profiles or publish job offers on Xing.

Xing’s operating company is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time one of the individual pages of this website – which we operate and on which a Xing component (Xing button) has been integrated – is accessed, the internet browser on the information technology system of the data subject is automatically prompted the respective Xing component to download a display of the corresponding Xing component of Xing. Further information about the Xing plug-in is available here: https://dev.xing.com/plugins. During the course of this technical procedure, Xing gains knowledge of what specific subpage of our website was visited by the data subject.

Every time a data subject accesses our website and is simultaneously logged into Xing, Xing detects which specific subpage of our website was visited by the data subject for the entire duration of each respective stay on our website. This information is collected by the Xing component and associated with the data subject’s respective Xing account. If the data subject clicks on one of the Xing buttons integrated on our website, e.g. the “Share” button, Xing then assigns this information to the personal Xing user account of the data subject and stores this personal data.

The Xing component sends Xing information that the data subject has visited our website, provided that the data subject is logged into Xing at the time the website is accessed; this occurs regardless of whether the data subject clicks the Xing component or not. If the data subject does not wish for this information to be transmitted to Xing, then the data subject may prevent this transmission by logging out of their Xing account before accessing our website.

Xing’s privacy policy, available at https://www.xing.com/privacy, provides information about Xing’s collection, processing and use of personal data. Xing also has information available on the XING Share button at: https://www.xing.com/app/share?op=data_protection Datenschutzhinweise.

h. YouTube

We have integrated components of YouTube on this website. YouTube is an internet video portal that enables video publishers to upload video clips, and which also allows other users to view, evaluate and comment on these videos for free. YouTube allows for all kinds of videos to be published so users can access both full movies and TV broadcasts, as well as music videos, trailers and videos made by users via the internet portal.

YouTube’s operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the individual pages of this website – which we operate and on which a YouTube component (YouTube button) has been integrated – is accessed, the internet browser on the information technology system of the data subject is automatically prompted by the respective YouTube component to download a display of the corresponding YouTube component of YouTube. Further information about YouTube is available here: https://www.youtube.com/yt/about/de/. During the course of this technical procedure, YouTube gains knowledge of what specific subpage of our website was visited by the data subject.

Every time a data subject accesses a subpage containing a YouTube video and is simultaneously logged into YouTube, YouTube detects which specific subpage of our website was visited by the data subject. This information is collected by YouTube and Google and then associated with the data subject’s respective YouTube account.

The YouTube component sends YouTube and Google information that the data subject has visited our website, provided that the data subject is logged into YouTube at the time our website is accessed; this occurs regardless of whether the data subject clicks the YouTube video or not. If the data subject does not wish for this information to be transmitted to YouTube and Google, then the data subject may prevent this transmission by logging out of their YouTube account before accessing our website.

YouTube’s privacy policy, available at www.google.de/intl/de/policies/privacy/" target="_blank" class="link-4">https://www.google.de/intl/de/policies/privacy/, provides information about YouTube’s and Google’s collection, processing and use of personal data.

The aforementioned services are often not implemented by plug-ins on smartphones and tablets, but by a device-internal “sharing” function. Depending on how its settings are configured, information can also be provided to other social media service providers. Please refer to details of your device information.

Payment providers

Should you use a paid service or purchase something via our website/app, we have a variety of different payment methods available. If you decide to use one of these payment service providers, you will leave our site. This payment service provider then collects and processes all data. No personal data, in particular no bank or credit card data, is disclosed to us. We are only informed about successful payment transactions. The following payment service providers are available:

a. PayPal

We have integrated the PayPal payment method on this website. PayPal is an online payment service provider of PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. PayPal is also able to process virtual payments through credit cards when a user does not have a PayPal account. A PayPal account is managed using an email address, meaning there are no classic account numbers. PayPal makes it possible to prompt online payments to third parties or to receive payments. PayPal also accepts trustee functions and offers buyer protection services. If the data subject selects “PayPal” as the payment option in the online shop during the ordering process, we automatically transmit PayPal the data subject’s data. By selecting this payment option, the data subject agrees to the transmission of personal data required for payment processing. The personal data transmitted to PayPal typically includes the first name, last name, address, email address, IP address, telephone number, mobile phone number or any other data necessary for the processing of payments. The conclusion of the purchase contract also requires such personal data which is connected with the respective order. The purpose of transmitting data is to process the payment and prevent fraud. In particular, we shall transmit personal data to PayPal if a legitimate interest in the transmission exists. The personal data exchanged between PayPal and the controller shall be transmitted by PayPal to economic credit agencies. This transmission is intended for identity and creditworthiness checks. PayPal will, if necessary, pass on personal data to affiliated companies and service providers or subcontractors to the extent that this is necessary to fulfil contractual obligations or if the data is to be processed on behalf of PayPal. The data subject can revoke their consent from PayPal to handle personal data at any time. A revocation shall not have any effect on personal data which must be processed, used or transmitted for the (contractual) processing of payments.

PayPal’s applicable privacy policy can be accessed at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

b. Sofortüberweisung

We have integrated components of Sofortüberweisung on this website. Sofortüberweisung is a payment service that allows cashless payment of products and services on the internet. Sofortüberweisung is a technical procedure by which the online merchant immediately receives a payment confirmation. This enables a merchant to deliver goods, services or downloads to the customer immediately after ordering. Sofortüberweisung’s operating company is SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany. If the data subject selects “Sofortüberweisung” as the payment option in our online shop during the ordering process, the data subject’s data shall be automatically transmitted to Sofortüberweisung. By selecting this payment option, the data subject agrees to the transmission of personal data required for the processing of payments. If Sofortüberweisung is used to process a purchase, the buyer sends the PIN and TAN to Sofort GmbH. Sofortüberweisung then carries out a transfer to the online merchant after carrying out a technical verification of the account balance and retrieving additional data to check for sufficient funds. The online merchant is then automatically informed that the financial transaction has been carried out. The personal data exchanged with Sofortüberweisung typically includes the first name, last name, address, email address, IP address, telephone number, mobile phone number or any other data necessary for the processing of payments. The purpose of transmitting data is to process the payment and prevent fraud. We shall also transmit other personal data to Sofortüberweisung if a legitimate interest in the transmission exists. Under certain circumstances, Sofortüberweisung shall transmit economic credit agencies the personal data exchanged between Sofortüberweisung and us. This transmission is intended for identity and creditworthiness checks. Sofortüberweisung will, if necessary, pass on personal data to affiliated companies and service providers or subcontractors to the extent that this is necessary to fulfil contractual obligations or if the data is to be processed on behalf of Sofortüberweisung. The data subject can revoke their consent from Sofortüberweisung to handle personal data at any point in time. A revocation shall not have any effect on personal data which must be processed, used or transmitted for the (contractual) processing of payments. Further information about Sofortüberweisung’s applicable privacy policy is available at: https://www.klarna.com/sofort/datenschutz/.

c. HeidelPay

We have integrated the payment service provider HeidelPay on this website. HeidelPay’s operating company is heidelpay GmbH, Vangerowstraße 18, 69115 Heidelberg, Germany. If a user selects this payment method, they will then be forwarded directly to the service provider who will then be responsible for processing the data. We send the following data to HeidelPay: First and last name, credit card information. Further information is available at: https://www.heidelpay.com/de/datenschutz/

Other services

Other services used by us include:

a. Accengage

We use the provider Accengage’s service (ACCENGAGE SA, 31, rue du 4 Septembre, 75002 Paris, France) to send visitors to our website messages from idealo directly via the browser if they have agreed to it (so-called web push). For messaging and success monitoring, Accengage processes data (e.g. browser’s device ID) and non-personal data (e.g. browser type, language, time zone, etc.) on our behalf.

You may object to this processing with effect for the future by clicking here. The subsequently set opt-out cookie and your objection remain valid as long as you do not delete your browser cookies.

b. Disqus comment feature

This website uses the DISQUS comment feature provided by Disqus Inc., 301 Howard Street, Suite 300, San Francisco, CA 94105, USA (hereinafter referred to as “Disqus”). Disqus is an interactive comment system that enables registered users to post comments on Disqus-enabled websites by only logging in once. Disqus allows users to log in via existing accounts on Facebook (via Facebook Connect), Twitter and Google+. When users log in via their Facebook, Twitter, Google+ account, these providers may also collect, store and use data. Further information on this subject can be found in the provider’s respective privacy policy. It is also possible to use the comment function as a “guest” without having to register. In this case, however, some functions may not be available.

In addition to the comment text, Disqus also transmits your email address and IP address to us. We require the comment text in order to be able to publish it. The other information is only required so that we may contact you in connection with your use of DISQUS, for example, if we have queries about your user comments or to avoid liability and misuse. In order not to be liable for the contents of comments, it may be necessary for us to erase comments, exclude them from publication or, as a more lenient measure, to edit them with appropriate labelling.

The terms of use and privacy notice from DISQUS, which are available at http://docs.disqus.com/help/30/ and http://docs.disqus.com/help/29/, apply to the collection, processing and use of data by DISQUS and to your rights in this regard.

c. Facebook Connect

You can also log into a Facebook account to post comments on certain idealo websites.

Facebook Connect is a service provided by Facebook Ireland Limited, 5-7 Hanover Quay, Dublin 2, Ireland. The use of Facebook Connect is subject to the privacy policy and terms of use of Facebook. If you decide to register with a Facebook account, you will be redirected to Facebook as a first step. Facebook then asks you to provide your access data and log into Facebook or register. If you are already logged into Facebook, this request to log in shall be skipped. Important: No access data shall be disclosed to us. When you log in via Facebook Connect, Facebook profile data and data defined as “public information” by Facebook (https://www.facebook.com/about/privacy/your-info/) – i.e. information that you have publicly made available or which you release for the respective application – shall be transferred to us from your Facebook profile. In connection with Facebook, “public” means that anyone outside of Facebook can see this data. This data includes your name, your profile and cover picture, your gender, networks, username (Facebook URL) and user ID number (Facebook ID). Vice versa, data from your Facebook profile can also be transferred to us. When you register via Facebook Connect, we store and process your data transmitted to us for the purpose of registration.

d. Google Maps

We use Google Maps to display maps. This integration requires Google to be able to access the user’s IP address. The IP address is necessary to send content to the user’s browser. Please note that Google has its own data protection guidelines that is independent of ours. Before using our website, please read about Google’s privacy policy at www.google.de/intl/de/policies/privacy/. Google Maps is based on JavaScript code, meaning that you can prevent execution in general by deactivating JavaScript in your browser’s settings or installing a JavaScript blocker. Please note that doing so may prevent our website from being correctly displayed.

e. Google reCaptcha

For security purposes, this site uses reCaptcha, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google). This service determines whether a human being manually provides information in an online form or has been fraudulently been carried out by automated machine processing. Your previously abbreviated IP address and any other data required for the service will be transmitted to Google. Only in exceptional cases will the full IP address be transferred to a Google server in the US and abbreviated there. The data transmitted by your browser while using reCaptcha will not be merged with other data from Google. Further information about Google's data protection guidelines is available at: https://www.google.com/intl/de/policies/privacy/.

Retention period

We only store personal data as long as we are legally entitled to do so and as long as the purpose for processing data is still valid. They will then be erased after a short period of time.

In addition to information regarding the retention period of certain data elsewhere in this Privacy Policy, we shall provide you with information in the following manners:

- Data shall only processed based on the virtue of you giving consent and the data shall only be stored up until the point where you revoke your consent.

- The exact retention period of a cookie can be found in the respective cookie by displaying the cookie in your browser.

- Applicable laws also provide for certain minimum retention periods. The German Commercial Code (HGB) and the German Revenue Code (AO) call for business letters to be retained for a period of (at least) six years; “business letters” also include emails which we exchange with you. The German Revenue Code (AO) also requires a wide range of other data to be stored for at least ten years.

It is, however, not always possible for us to specify the retention period exactly for all data or data categories. In regards to the retention period, we strictly adhere to the law. If, for example, it is still possible to make claims in regards to a contract, we shall retain the corresponding data and, if Art. 6 Para. 1 lit f) GDPRis applied, limit your interests and/or basic rights and fundamental freedoms when considering the retention period to be implemented and shall play a significant role in this.

Repetition of notices of consent

Below you will find the notices of consent idealo uses on its websites and which you have issued to idealo if required. idealo records these statements of consent where appropriate. You may revoke your statement(s) of consent at any point in time, with effect for the future.

Consent to receive email advertising

- idealo deals and campaigns via email

- idealo informs you about merchant offers and idealo services. You can unsubscribe at any point in time as described in the data protection guidelines.

- idealo informs you about merchant offers and idealo services. You can unsubscribe at any point in time.

- Receive idealo deals, campaigns and news via email. You may unsubscribe at any point in time.

- I hereby agree to have idealo inform me about merchant offers and idealo services. I can revoke this consent at any time (see data privacy policy).

Contact data and your rights as the data subject

If you have any questions or suggestions regarding data protection or how to exercise your rights as the data subject, please contact our data protection officer (immediately) at any time:

idealo internet GmbH
Ritterstraße 11
10969 Berlin
Deutschland
Telefon: +49 800 72 40 831
Telefax: +49 30 80 09 70 50 2
E-Mail:

idealo internet GmbH
- Data protection -
Ritterstraße 111
10969 Berlin
Deutschland
E-Mail:

a. Revocation of consent/Objection to the processing of data

You may revoke your consent previously given at any point in time, with effect for the future, by contacting the address provided above. With effect for the future, you may object to your email address being used for the purpose of sending out the newsletter at any time by contacting us either electronically or in writing at or Ritterstraße 11 in 10969 Berlin, without incurring any costs other than the transmission costs in accordance with the basic tariff.

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is carried out on the basis of a legitimate or public interest. This also applies to profiling based on these provisions. In the event of an objection, we will no longer process personal data unless we can prove compelling and legitimate reasons for processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

If we process the personal data for direct marketing purposes, you have the right to object at any time to the processing of the personal data for the purpose of such advertising by contacting us at the aforementioned contact address; this also applies to profiling, insofar as it is associated with such direct marketing. In addition, you have the right, on grounds relating to your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes, or for statistical purposes, unless such processing is necessary for the performance of a task carried out for reasons of public interest.

b. Art. 15 GDPR – right of access for the data subject

You have the right to request confirmation from us as to whether personal data relating to you is processed and, if so, what data this entails as well as the specific circumstances surrounding the processing of data.

c. Art. 16 GDPR – right to rectification:

You have the right to request that we immediately rectify any incorrect personal data concerning you. For the purpose of processing data, you also have the right to request that incomplete personal data concerning you be completed immediately, including by means of a supplementary declaration.

d. Art. 17 GDPR – right to erasure:

You have the right to request that we immediately erase personal data concerning you if and to the extent the legal requirements to this regard are met.

e. Art. 18 GDPR – right to the restriction of processing:

You have the right to restrict the processing of data if and to the extent the legal requirements are met.

f. Art. 20 GDPR – right to data portability:

If data is processed by virtue of consent or in order to fulfil a contract, you have the right to be provided with the personal data that you have provided to us in a structured, common and machine-readable format, and in so far that it is technically feasible, to transmit this data to another controller without us impeding this process or to have this data directly transferred to another controller.

g. Art. 77 GDPR in connection with Section 19 of the Federal Data Protection Act (BDSG) (new) – right to lodge a complaint with a supervisory authority:

You have the right to lodge a complaint with any supervisory authority at any time, in particular in the Member State of your habitual residence, your place of work or the place of alleged infringement, if you believe that the processing of personal data concerning you infringes existing law.

h. Exisence of automated decision-making

We refrain from automatic decision-making including profiling according to Art. 22 GDPR.

Issued on: 24 May 2018

Print