please rotate your device
Status 2022

Who knows what
about me?

It’s a familiar story. You install a new app on your cellphone and a pop-up appears telling you authorizations are required. Just one click and the inconspicuous app gains access to contacts, images, or the microphone, even though it doesn’t actually need them. Is that even legal?

Data about data

The short answer is yes – but only if we agree. People who value their privacy should think carefully before doing so, though. If this data gets into the wrong hands, criminals can use it for illegal purposes. Consequently, applications should only be given the authorizations they actually need to work.

What’s more, people who think they aren’t paying for free online offerings are wrong. We pay with our data. It’s obviously difficult to check whether we’re paying a fair price for the service in question and, unlike money, our data is always linked to us. Find out more about this issue here.

Going all out for data privacy

Data privacy has top priority for the entire Deutsche Telekom Group. In addition to complying with legal requirements such as European data protection regulations, we’re also actively shaping data privacy. We work closely with data privacy experts, ensure the ongoing further development of technical standards, and are committed to maximum transparency. This means you can always be sure that one thing is safe – your data. Detailed information about what data of yours we hold, and how we protect it, is available here.

“Data privacy lays the foundation for the trust people have in our solutions. And this trust creates the basis for the company’s sustainable success.”

Dr. Clas Dieter UlmerDr. Claus-Dieter Ulmer, Global Data Privacy Officer, Deutsche Telekom

An outside perspective

Leading scientific, economic, and political experts and independent organizations hold regular meetings with the Deutsche Telekom management team to discuss data protection and data security. This provides an independent take on data privacy issues at Deutsche Telekom. Other aspects covered include digitalization, social developments, and ethical considerations. Our CEO Timotheus Höttges and Birgit Bohle, Board of Management member for Human Resources and Legal Affairs, have also been represented at these meetings since 2020.

The Data Privacy Advisory Board is made up of 13 independent experts and 5 leading Deutsche Telekom managers. A full list of its members, and its annual agenda, are available on our website.

Data privacy from
the outset

The PSA (Privacy & Security Assessment) process was devised to ensure technical security and data privacy are taken into account early on in Deutsche Telekom’s relevant development processes. PSA integrates the principles of privacy by design and privacy by default into all products, services, platforms, and IT applications. In other words, by both developing relevant technical and organizational measures, and using default settings that are conducive to data privacy, Deutsche Telekom is able to achieve a maximum level of data protection and data security.

See our PSA booklet for more information about the PSA process.

The Corona-Warn-App –
data privacy in action

At the request of the German government, we joined forces with SAP to develop a coronavirus contact tracing app, the Corona-Warn-App. Both the Federal Commissioner for Data Protection and Freedom of Information and the Federal Office for Information Security were involved in the development process. The GitHub platform also enabled all interested members of the public to download the program code, submit their comments, and suggest improvements. Critics such as the Chaos Computer Club examined the software, too. The resulting app shows how helpful digitalization in the healthcare sector can be and demonstrates how data privacy is safeguarded in the context of such applications.

To ensure
the protection
of personal data:

No central data storage

The encrypted codes are stored on the cellphones only – there is no central data storage.


The data is erased after 14 days.


When a person tests positively for Covid-19, they can voluntarily enter this in the app.


People who are alerted by the app do not find out who the infected person is or when and where they met this person.

Data privacy

At no point is personal data collected or processed.

External accreditation

Important as strict requirements are, they’re pointless unless compliance is also checked. Every year, we carry out hundreds of data privacy and data security checks at our company in the form of internal audits.

We also have our processes and management systems as well as products and services certified by independent organizations such as TÜV and DEKRA. T-Systems’ cloud products are based on the “Cloud Code of Conduct” standard of Scope Europe. Furthermore, we support the AUDITOR research project, which is developing a new standard for data protection certification of cloud services.

In addition, telecommunications companies are required to train their employees on issues related to data protection law when they begin their employment. At Deutsche Telekom, we go beyond that and ensure our employees receive appropriate training every two years. In addition, we offer courses on specific topics such as data protection for employees.

to the future

The Internet of Things (IoT) and artificial intelligence (AI) are the key to connected cars and fully automated houses, factories, or even entire cities. This involves recording and evaluating huge volumes of data. If this also includes personal data, then data privacy is the top priority. For example, smart traffic management systems can reduce emissions by preventing congestion. To do so, however, these systems require data. This can be recorded by items such as cameras or detectors that receive signals from Bluetooth devices. It’s then vital to make sure this data can’t be misused. To help ensure that such systems operate in compliance with data privacy requirements and for the benefit of our customers, we have defined data privacy guidelines. These guidelines describe how Deutsche Telekom aims to handle AI, loT and big data img, and how we will develop our products and services that are based on these technologies in the future.

Digital safety

The website answers typical security-related questions from our customers’ everyday lives in a way that is easy to understand and to the point. It also covers what you can do to prevent identity theft and how to protect your privacy on social media.

What each of us
can do ourselves

Sooner or later, everyone who makes regular use of digital technology will ask themselves what they personally can do to protect their data online? As we see it, Deutsche Telekom has a responsibility not only to protect our customers’ data, but also to help them protect themselves. After all, prevention is better than cure. That’s why we provide relevant information. The website answers typical security-related questions from our customers’ everyday lives in a way that is easy to understand and to the point. We cover aspects such as what you can do to prevent identity theft and how to protect your privacy when using social media. Our “Media, sure! But secure.” website provides details of all our initiatives to improve media literacy and it assists users in using digital media competently and securely.


823 inquiries and requests for information about data privacy from customers and other sources outside the company were received and dealt with by us in 2022.

Greater transparency

We keep you up to date on the latest news and publish many different reports on our data privacy websites:

Telecommunications companies are legally obligated to assist security authorities and, e.g., hand over information on subscribers. Our annual transparency report outlines how often we do this and in what form.

Also, our status report on data privacy discloses all major data privacy breaches, on an ongoing basis. This status report, along with many other useful articles, documents, and information, is available here.