Data Protection Policy - Otto (GmbH & Co KG), Werner-Otto-Str. 1-7, 22179 Hamburg for the Website www.ottogroup.com
As of: May 2022
In the following data protection policy, we will inform you about the processing of personal data by Otto (GmbH & Co KG), Werner-Otto-Str. 1-7, 22179 Hamburg (“OTTO” and/or “We” and/or “Controller”) in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG 2018).
Please read our data protection policy carefully. If you have any questions or comments about our data protection policy, please contact us at dtnschtzbftrgtrttgrpcm.
Table of contents
1. Name and Contact Details of Controller Responsible for Processing
2. Contact Details of Data Protection Officer
3. Online Presence and Website Optimization (with cookies)
3.1. Cookies—General Information
3.2 Web Analytics with Matomo
3.3 Intervention Options/Browser Settings
4. Document Requests
5. Contact
6. Social Media Plugins
6.1. Facebook and YouTube
6.2. Twitter
6.3. Instagram
6.4 Xing and LinkedIn
7. Recipients outside of the EU
8. Duration of Data Storage
9. Data processing in connection with registration for and participation in events
10. Otto Group Talent Pool System
11. Your Rights
11.1 Your Rights in Detail
This data protection policy applies to data processing by
Otto (GmbH & Co KG)
Werner-Otto-Straße 1-7
22179 Hamburg, Germany
Phone: 040 - 3603 3603
EMail address: dtnschtzbftrgtrttgrpcm
Represented by Managing Director(s):
Alexander Birken (Chairman)
Dr. Marcus Ackermann
Sergio Bucher
Sebastian Klauke
Petra Scharner-Wolff
Kay Schiebur
for the following websites: www.ottogroup.com.
You can reach the Controller’s data protection officer at
Otto (GmbH & Co KG)
Werner-Otto-Straße 1-7
22179 Hamburg, Germany
Email address: dtnschtzbftrgtrttgrpcm
3.1.1 Technically Necessary Cookies
This website uses cookies. Cookies are small text files that are generated automatically by your browser and stored on your device (notebook, tablet, smartphone, and suchlike). Information is stored in the cookie relating to the specific device being used. This does not mean, however, that We obtain direct knowledge of your identity. Some of the cookies We use are deleted at the end of the browser session (known as session cookies).
As a rule, it is only permitted by law to store information on devices (desktops, smartphones, tablets, and suchlike) — e.g., by setting cookies — and to access information on devices (tracking) if you have given your prior consent. The legal basis for this is Section 25 para. 1 sentence 1 of the Telecommunications and Telemedia Data Protection Act (TTDSG). Consent is not required if this form of storage/tracking is necessary in order to make the website available. The legal basis for this is Section 25 para. 2 number 2 TTDSG. Necessity is deemed to include assurance of the following functionalities/the achievement of the following objectives:
- To ensure system security
- To enable billing of partners
- To provide the services requested by the website visitor
You do not have the right to object to data processing that is necessary for operation of the website.
You can use the website at www.ottogroup.com without data being tracked or stored on your device that are not necessary in order to make this website available. Only ‘basic tracking’ is therefore enabled on this website.
We use open source software by the web analytics provider Matomo for the purpose of demand-oriented design and continuous optimization of this website, and in doing so invoke the legal basis provided in Article 6 para. 1 point f) of the General Data Protection Regulation (GDPR), namely our legitimate interest. The Matomo plug-in enables us to store cookies (text files) on your computer that allow us to analyze your use of our website. We will evaluate your use of the website in this regard and compile reports on website activities.
You can set up your browser so that it does not place our cookies on your end device. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, and also how to clear all already received cookies and how to lock your browser for all others.
Please proceed as follows:
In Internet Explorer:
In Firefox:
In Google Chrome:
If you want to clear individual cookies placed in your browser or want to learn what service provider/company placed cookies in your browser, you can do or learn this via a “preference manager.” This can be found, for example, at www.youronlinechoices.com.
Should you request documents on our website (e.g., an annual report), We will use the data specified by you for this purpose exclusively to send these documents.
The legal basis for this processing is Article 6, para. 1 point f) GDPR.
You have the opportunity to enter into contact with us in multiple ways. By email, phone, or mail. If you contact us, We will use the personal data that you have voluntarily provided to us in this context solely for the purpose of contacting you and processing your request.
The legal basis for this data processing consists of Article 6 (1) (a), Article 6 (1) (b), Article 6 (1) (c) GDPR and Article 6 (1) (f) GDPR.
On our website, We use social plugins provided by the social networks Facebook, YouTube, Pinterest, Twitter, Instagram, and WhatsApp to publicize our company. This is done on the basis of Article 6 (1) (f) GDPR. The commercial purpose behind this is to be viewed as a legitimate interest within the meaning of the GDPR. Responsibility for operation in conformity with data protection must be guaranteed by the respective provider.
You will find the purpose and scope of the data collection and the further processing and use of data by the respective provider and your rights and setting options in this regard to protect your private sphere in the respective data protection or privacy policies of each provider that We link to in the following.
By logging out of social networks beforehand and clearing cookies that have been placed, you can prevent social networks from assigning the information collected about you to your user account with the respective social network during your visit to this website. If you do not want social networks to directly assign the data collected via our website to your profile, you must log out of the corresponding social networks before visiting our website.
This website uses social plugins from Facebook and YouTube (Google). These are services offered by the U.S. companies Facebook and Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”)).
If you visit a page that contains such a plugin, your browser will connect to Facebook or YouTube and these sites will load the content. Your visit to this website can be tracked by Facebook and YouTube as a result, even if you do not actively use the function of the social plugin. If you have an account at Facebook or YouTube, you can use such a social plugin and share the information with your friends. We have no influence on the content of the plugins and the transmission of information.
On their websites, Facebook and Google provide detailed information on the scope, type, purpose, and further processing of your data. You will also find additional information on your rights and setting options for the protection of your private sphere here.
You can find Facebook’s privacy policy here and Google’s privacy policy here .
This website has also integrated functions of Twitter. These functions are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter”). The use of Twitter and the “retweet” function mean that the websites you have visited are linked with your Twitter account and announced to other users. Data are also transferred to Twitter. Your internet browser will establish a direct connection to the servers of Twitter and transfer data to Twitter.
We would like to point out that We do not receive any information about the content of the transmitted data or their use by Twitter. You will find more information in Twitter’s privacy policy here.
You can change your data protection settings for Twitter here in the account settings.
This website also has integrated plugins provided by the network Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (“Instagram”). You will recognize the Instagram plugin by the “Instagram” button on our page.
If you click on the “Instagram” button while you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile. This lets Instagram associate your visit to our website with your user account. We would like to point out that We do not receive any information about the content of the transmitted data and their use by Instagram. You can find additional information on Instagram’s privacy policy here.
This website also has integrated plugins provided by the social networks LinkedIn, of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA and Xing AG, Gänsemarkt 43, 20354 Hamburg, Germany. You can find information about data protection in the privacy policies of here and Xing here.
With the exception of processing operations for which We provide information about the possibility of transmitting data to recipients based outside of the EU in this data protection policy, We do not transmit your data to recipients based outside of the European Union or the European Economic Area. Data are transmitted on the basis of so-called standard contractual clauses of the EU Commission.
The duration for storing data collected on you depends on the purpose for which We process the data. These data are stored as long as they are required for the achievement of the pursued purpose. If We are required to store certain categories of data for a specific period of time due to legal obligations (e.g., tax obligations), the continued storage of the data after such are no longer necessary for the achievement of the respective purpose will be exclusively for the purpose of fulfilling the legal obligation. In this case, the data will be restricted for access.
On this website you have the possibility of registering for events in order to participate in them. If you would like to participate in an event, the details of the participating persons necessary for that purpose will be collected. As a rule, they consist of your first name, last name, address, and contact details (e.g. email address). If you would like to register a minor for the event, this is only possible if you are authorized to register as their parent or guardian and participation of minors is planned. If you provide further personal data, we will process any personal data that you voluntarily provide here exclusively in connection with the event.
The legal basis for such data processing is Article 6(1) (b), (f) GDPR.
In certain cases we may offer you the opportunity for inclusion in the Otto Group Talent Pool system. The purpose of the Otto Group Talent Pool system is to identify, retain and promote Talent, as well as to secure succession by actively promoting Talents' Otto Group-internal mobility. If you have consented to the disclosure of your personal data to other Otto Group companies and have thus opted to store your data within the Otto Group Talent Pool system, we will transmit the data you have provided as part of the profiling process to Otto (GmbH & Co KG) (hereinafter referred to as "OTTO"), which will store it in the Otto Group Talent Pool system. With regard to including you in the internal Otto Group Talent Pool system as well as the provision of this same system, we are jointly responsible alongside Otto (GmbH & Co KG) and the other Otto Group companies that participate in this system. We are primarily responsible for gathering, transmitting and registering your data, while OTTO holds responsibility for storing your data and providing the Otto Group Talent Pool system. After Otto (GmbH & Co KG) has transmitted your data to the companies participating in the Otto Group Talent Pool system, the Group companies process this data as "data controllers", as defined by applicable data-protection law, e.g. for the purpose of establishing contact. A potential application process will then normally take place directly via the respective company's processes.
Data processing takes place based on your consent (as defined under Article 6 (1) (a) GDPR). You may revoke your consent here at any time.
With regard to data processing, we and OTTO are available to you as central contacts with joint responsibility, each in our own area of influence. Please contact yrnxtmvttgrpcm at any time with enquiries regarding data protection, or to assert your rights as "data subject". You can also assert your rights against us. If you contact us, we will coordinate in accordance with the agreement on joint responsibility in order to respond to your request and to ensure your rights as data subject are upheld.
You are entitled to the rights of data subjects in connection with our processing of personal data. You have the right, for example, to receive information about the data We have stored on you. You can also revoke consent granted to us and object to individual cases of data processing. You also have the right to have incorrect data corrected and to request that We provide you with certain data in a standard electronic format. Furthermore, you have a right to erasure of the data stored on you. Please remember in this regard that We may be obligated for legal reasons to continue to store the data despite your assertion of your right to erasure. Furthermore, in some situations, We have an interest in the ongoing storage of your data such that this interest outweighs your interest in their erasure (e.g., if We still have outstanding claims against you).
You have the right to revoke the consent you have given to us and are entitled to the following rights if the legal requirements are met in the individual case:
The rights indicated above and to which you are entitled can be asserted at dtnschtzbftrgtrttgrpcm.