Data protection information of Otto (GmbH & Co KG), as of: 1 October 2019
In the following data protection information, we will inform you about the processing of personal data by Otto (GmbH & Co. KG) (“Otto,” and/or “we,” and/or the “Controller”) in accordance with the GDPR and the Bundesdatenschutzgesetz (the Federal Data Protection Act (“BDSG 2018”)).
Please read through our data protection information carefully. Should you have any questions or comments concerning our data protection information, please contact us at email@example.com.
This data protection information applies to data processing by:
OTTO (GmbH & Co. KG)
Represented by the managing director(s) Alexander Birken (Chair), Dr. Marcus Ackermann, Sebastian Klauke, Petra Scharner-Wolff, Kay Schiebur, Sven Seidel
Tel.: +49 1806-303030
for the following website www.otto.market; as well as all subdomains
You can reach the company data protection officer(s) of the Controller at:
OTTO (GmbH & Co. KG)
- Data Protection Officer -
Each time access is made to websites/applications, information is sent by the respective internet browser on your respective end device to the server of our website/application, and temporarily stored in log data files, the so-called log files. The data sets stored in this way contain the following data which are stored up until automatic erasure: date and time of the retrieval, name of the site retrieved, referrer URL (source URL, from which you arrived at our websites), the data quantity transferred, loading time, and the product and version information of each browser used as well as the name of your access provider.
The legal basis for the processing of the IP address is Article 6(1)(f) GDPR. We have a legitimate interest in
No immediate inference as to your identity is possible by means of the information; nor do we draw any such inference.
The data are stored and automatically erased after the aforementioned purposes have been achieved. The standard periods for erasure are determined by the criterion of necessity.
In order to provide you with the greatest possible convenience, we offer the long-term storage of your personal data in a password-protected user account.
Setting up a user account is entirely voluntary. After your user account is set up, no new data need be entered. What is more, you can view and change any data stored regarding you in your user account at any time.
Please treat your personal access data confidentially and, in particular, please do not make the data accessible to any unauthorized third parties. Please note that you will automatically remain logged in after you leave our website, unless you logout actively. Your data will be automatically erased after the expiration of the retention duties applicable to us under commercial and tax law. The legal basis for such data processing is Article 6(1)(c) GDPR and Article 6(1)(f) GDPR.
On our websites/applications, we offer you the option of subscribing to our newsletter. In order to be sure that no error has been made when you entered your email address, we use the so-called double opt-in procedure (DOI Procedure): after you have entered your email address in the register field, we send you a confirmation link to the address provided. Only after you click the confirmation link will your email address be included in our newsletter distribution list. The legal basis for such data processing is Article 6(1)(a) GDPR.
Right of withdrawal notice
You can withdraw your consent at any time for the future by emailing your withdrawal to firstname.lastname@example.org or sending it by mail to
OTTO (GmbH & Co. KG)
Most of the cookies used by us are deleted again after the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer again during the next visit (so-called permanent or cross-session cookies). These cookies, in particular, serve to make our offer user-friendly, more effective, and more secure.
To be sure, you can set up your browser in such a manner that it does not store our cookies on your hard drive. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, provided that you set up your browser to notify you whenever you receive a new cookie, or how you can delete all of the cookies already received and block any additional ones.
Please proceed as follows
In Internet Explorer:
Select “Internet Options” in the “Tools” menu.
Click on the “Privacy” tab.
Now you can make security adjustments for the internet. Here, you can set whether and which cookies are supposed to be allowed or blocked.
Confirm your setting by clicking on “OK.”
Click the menu button and choose “Options.”
Click on “Privacy & Security.”
Select the entry “Use custom settings for history” in the drop-down menu.
Confirm your setting by clicking on “OK.”
In Google Chrome:
Click on the Chrome menu on the symbols bar of the browser.
Click on “Advanced.”
Under “Privacy and security,” click on “Content settings.”
Under “Cookies” you can make the following settings for cookies:
Block cookies by default
Delete cookies and website data by default after closing the browser
Allow exceptions for cookies from particular websites or domains
However, we would like to point out that in this event, it is possible that you will not be able to use all of the features of this website in their fullest scope.
Insofar as personal data are involved with these cookies and/or the information contained therein, the legal basis of the data processing is Article 6(1)(f) GDPR. Our interest in optimizing our website is in the course of such to be regarded as legitimate within the meaning of the aforementioned regulatory provision.
For the purpose of the needs-based configuration and ongoing optimization of our websites, we use – upon the basis of Article 6(1)(f) GDPR – Google Analytics, a web analysis service of Google, Inc. (“Google”). Google Analytics uses so-called “cookies,” text data files that are stored on your computer and facilitate an analysis of your use of the website. In this connection, pseudonymized use profiles are created and cookies are used. The information generated by the cookie about your use of this website includes:
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about website activities, and to render additional services affiliated with the website use and the internet use vis-à-vis the website operator. The IP address transferred by your browser within the framework of Google Analytics is not merged with other data from Google. Using a corresponding setting on your browser software, you can prevent cookies from being stored; however, we would like to point out that in this event, it is possible that you will not be able to use all of the features of this website in their fullest scope. Moreover, you can prevent the recording of the data generated by the cookie and related to your use of the website (incl. your IP address) by Google as well as the processing of these data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
As an alternative to the browser add-on, particularly with browsers on mobile end devices, you can also prevent the recording by Google Analytics by clicking on this link. An opt-out cookie is set that prevents any future recording of your data when visiting this website. The opt-out cookie is valid only in this browser and only for our website, and is stored on your device. If you delete the cookies in this browser, then you will have to set the opt-out cookie again. You can find additional information about data protection in connection with Google Analytics on the Google Analytics website.
You have the opportunity to contact us in several ways: via email, telephone, or surface mail. If you contact us, then we will use the personal data that you provide us voluntarily in this context, exclusively for the purpose of getting in touch with you and being able to process your inquiry.
Article 6(1)(a), Article 6(1)(b), Article 6(1)(c), and Article 6(1)(f) GDPR establish the legal basis for this data processing.
With the exception of the processing set forth herein, we do not share your data with any recipients having their seat outside the European Union or the European Economic Area. The processing activities set forth under 3.4.2 effectuate a data transfer to the servers of the providers. The data transfer is effected upon the basis of so-called standard contractual clauses of the EU Commission or in accordance with the principles of the so-called Privacy Shield.
Alongside the right to withdrawal of the consents you have given to us, if the respective statutory prerequisites are fulfilled, then you are entitled to the following additional rights:
You can avail yourself of the above rights to which you are entitled with regard to us at email@example.com.
You can avail yourself of your right to data portability under firstname.lastname@example.org.
It is possible under the prerequisites of Article 21(1) GDPR to object to the data processing on grounds relating to the particular situation of the data subject.
The general right to objection above applies to all processing purposes described in this data protection information, which purposes are processed on the basis of Article 6(1)(f) GDPR. In contrast to the special right of objection oriented to data processing for promotional purposes, we are obligated under the GDPR to implement such a general right of objection only if you set forth to us reasons of overarching significance (e.g., a potential risk to life or health).
Insofar as we process data upon the basis of a consent that you have issued, you have the right to withdraw the consent issued at any time. The withdrawal of the consent does not result in the data processing becoming ineffective which has taken place upon the basis of the consent up to the date of the withdrawal.