Skip navigation
SearchDeutsch

Privacy at Facebook

Privacy Policy Applicable to Facebook Fan Pages

I. Data controller


Bertelsmann SE & Co. KGaA
Carl-Bertelsmann-Straße 270
33335 Gütersloh, Germany
Email: info@bertelsmann.de

Bertelsmann is accountable for the processing of the personal information described below (referred to hereinafter as “we”, “us”, “our”).

You can contact our data protection officer by writing todatenschutz@bertelsmann.de or writing to us at the postal address indicated above by using the reference ‘For the attention of the Corporate Data Protection Department (ZCD)’.

Together with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (“Facebook”) we are jointly responsible for processing information. Details on the delimitation of responsibility can be found in the following agreement: https://www.facebook.com/legal/terms/page_controller_addendum . For more information, please consult: https://www.facebook.com/policy.php .

You can contact Facebook’s data protection officer here: https://www.facebook.com/help/contact/540977946302970

You can find information on the processing of personal information by Facebook in your Facebook profile under the Settings menu – Privacy, or here: https://www.facebook.com/help/568137493302217 .

II. Processing of personal information

1. General remarks

According to the GDPR, “personal data” (referred to below as “personal information”) means any information relating to an identified or identifiable natural person (“data subject”). Also pseudonymized information that cannot be directly linked to you, e.g. by way of a name or email address, is also personal information.

2. Your rights

You have the right at any time to request access to your personal information that is currently on file with us. If this information is incorrect or not up to date, you have the right to request that it be corrected. You also have the right to have your personal information deleted and/or its processing restricted as provided for in Art. 17 and Art. 18 GDPR. Where our processing by automated means of information provided by you is based on your consent or is the subject of a contract with you, you have the right to request a copy of this data in a structured, commonly-used, machine-readable format (right to data portability). If you want to exercise any of your rights, you can address these issues to the contact indicated in section 1 above.

If you have given your consent to the processing of your personal information, you can revoke this consent at any time with effect for the future. For information on your right to lodge an objection, see section III of this privacy policy.

You also have the right to lodge a complaint with the competent data protection authority. You can assert these rights by contacting the data controllers.

3. Obligation to provide personal information

As a general rule, you are not obligated to provide personal information to us. You must provide specific information only when concluding a contract (e.g. your email address or your name). Without this information we cannot enter into a contract with you or perform the contract. Facebook may impose other requirements on you. For more information, please consult: https://www.facebook.com/policy.php .

4. Disclosure of personal information to third parties

Your personal information is not disclosed to third parties unless this is necessary for fulfilling obligations under a contract, we or the third party have/has an legitimate interest in disclosure, or your consent has been obtained. In addition, personal information may be shared with third parties in the event that we are obligated by virtue of operation of the law or by virtue of an enforceable directive of a governmental or other regulatory authority, or by order of a court or other authority of competent jurisdiction.

5. Service providers

We contract service providers in part for processing data. Access by service providers to your personal information is restricted to the extent necessary. As a general rule, service providers are engaged as contract data processors who are bound by our directives when processing data.

6. Transfer of data to non-EEA countries

Personal information may be transferred to third parties and contract data processors who are headquartered in non-EEA countries. In these cases, we ensure that the recipient provides for an appropriate level of data protection prior to transferring data. Some of the third parties engaged by us are headquartered in the USA (indicated in the detailed information provided) and are registered under the EU-US Privacy Shield. For a list of the registered companies, see: https://www.privacyshield.gov/list . Facebook is certified under the Privacy Shield (https://www.facebook.com/about/privacyshield ). We have also concluded EU standard contractual clauses with various companies. Details can be obtained from our data protection officer on request.

7. Duration of storage

We store your personal information for as long as it is necessary to provide our offerings and the associated services, or we have a legitimate interest in continued retention. In all other cases we delete your personal information with the exception of information (e.g. invoices) that we must retain for compliance with statutory retention periods (e.g. imposed by the tax code or commercial code).

8. Pseudonymized data processing

The processing of information described below primarily takes place on a pseudonymized basis. This means that we do not provide information to third parties that can be directly linked to you, e.g. by way of a name or email address, but rather a profile is created on the basis of an ID or cookie.

III. Processing of information of users using our Facebook pages

The processing of information described below is for the purpose of operating our Facebook pages.

1. Insights

We receive statistical data from Facebook about the visitors to our Facebook pages by way of Facebook’s Audience Insights service. We are unable to link this information to any specific person. This feature enables us to better analyze our pages and adapt them to the needs and interests of our visitors. Facebook processes personally identifiable information in relation to this service on its own responsibility. Cookies or comparable technologies or the storage of IP addresses by Facebook are used for this purpose. For more information, please visit: https://www.facebook.com/iq/tools-resources/audience-insights . We need no legal basis for processing statistical or anonymized data.

2. Interaction on our pages

We are also able to see when a specific Facebook user likes or subscribes to one of our Facebook pages. We are also able to link comments to individual users on our Facebook pages. The legal basis for this processing of information follows from Art. 6 (1) sentence 1 point b) and f) GDPR. We have a legitimate interest in interacting and continued communication with you. To the extent that the processing of information follows from Art. 6 (1) sentence 1 point f) GDPR, pursuant to Art. 21 (1) GDPR you have the right, for reasons relating to your particular situation, to lodge an objection at any time to the processing of your personal information with effect for the future by writing to info@bertelmann.de and setting out your objection.

3. Monitoring

We review the comments on our Facebook pages for any inappropriate content. In so doing, it is readily clear under which Facebook profile a specific comment was posted. A link is made between the content of the comment, the timestamp created when the comment was posted, the user ID, the Facebook user name, and a reference to the preceding posts and comments. The result of a review may lead to the comment being hidden or the user being blocked. The legal basis for this follows from Art. 6 (1) sentence 1 point c) GDPR.

IV. Processing of information provided by you by way of a contact form or email

On our Facebook pages you have various options for contacting us at info@bertelsmann.de for various purposes. We use the information provided by you in this manner solely to respond to the matter for which you have contacted us. Messages are deleted at the latest upon attending to your query, provided that we are not required to retain them for other reasons.

Last updated: October 2018