Privacy Policy

radio.net App

1. Preamble

With this Privacy Policy, we would like to inform you about the nature, scope and purpose of the collection and processing of your personal data when using the mobile radio.de app (hereinafter also referred to as “App”) offered by radio.de GmbH, Mühlenkamp 59, 22303 Hamburg (hereinafter also referred to as “radio.de”, “we”, “us”). The protection of your personal data is an important matter to radio.de when collecting and processing such data when using our App.

Please note that this is a translation of the German Privacy Policy, which is available in the App after you have changed the language settings to German. In case of contradiction between the different versions, the German version will prevail.

2. Controller for data collection and data protection officer

The controller responsible for the collection and processing of your personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016679) (hereinafter also referred to as “GDPR”) is:

radio.de GmbH

Mühlenkamp 59

22303 Hamburg

Deutschland

Phone: + 49 40 - 570 065 150

Email: datenschutz@radio.de

If you have any questions concerning data protection, you can reach the data protection officer via email datenschutz@madsack.de or by post to:

MADSACK Mediengruppe Datenschutz August-Madsack-Straße 1 30559 Hannover Germany

3. Personal data and processing by radio.de

3.1 When downloading the App

When downloading the App from the Apple App Store, a service of Apple Inc, One Apple Park Way, Cupertino, California, USA, 95014 (“Apple”), the Google Play Store, a service of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, (“Google”), the Amazon App Store, a service of Amazon Europe Core S.à.r.l., 38, avenue John F. Kennedy, L-1855 Luxembourg (“Amazon”), the Samsung Galaxy Store, a service of Samsung Electronics (UK) Limited, Samsung House, 1000 Hillswood Drive, Chertsey, Surrey KT16 0PS (“Samsung”), the Huawei AppGallery, a service of Huawei Technologies Co, Ltd, Huawei Base, Bantian, Longgang District, Shenzhen, China (“Huawei”), your personal data required for the respective download and usually contained in your respective Apple Account, Google Account, Amazon Account, Samsung Account, Huawei Account will be transferred to the Apple App Store, Google Play Store, Amazon App Store, Samsung Galaxy Store, Huawei AppGallery. radio.de has no influence on the scope of this data processing. For more information on the scope of data collection by the respective providers, please refer to their respective data privacy policy.

3.2 When opening the app

In order to enable you to use the App optimally, radio.de collects, processes and stores data regarding your use of the App, so-called “server log files” (hereinafter also “log files”). Every access to our App is therefore logged. The log files created from this contain the following data: IP address, date and time of access, operating system version, app version. The collection and processing of the information stored in the log files only serves the anonymised evaluation for statistical purposes, i.e. to analyse your use of our App and thus to continuously improve our services. Our legitimate interest within the meaning of Art. 6 para. 1 s. 1 (f) GDPR follows from the aforementioned purposes. The data collected in this way cannot be assigned to you as a specific person. This data will not be merged with other data sources.

3.3 When using the App

In our App, we refer to third-party radio streams. In order to enable you to receive the programmes of the various stations, the respective service providers will process the following information as soon as you play the respective station: IP address, date and time, operating system of your end device. Please refer to the privacy policy of the respective service providers for more information. We have no influence on the storage and further use of your data by the service providers.

In order to be able to offer you functions and services of our App that are tailored to your location (e.g. the display of stations in your surroundings), the collection of location data is necessary for this specific use of the App. This so-called “geolocalisation”, i.e. the assignment of an app opening to the location of the app opening, is carried out on the basis of the IP address of your end device and possibly also by determining your location data via GPS. Our App therefore uses your IP address to determine your rough location in accordance with Art. 6 para. 1 s. 1 (b) GDPR for the purpose of providing the service. At no time can conclusions be drawn about your specific location. In order to improve the display of local stations for you, our App can also access the GPS location data of your mobile device in accordance with Article 6 para. s. 1 (a) GDPR on the basis of your consent, provided that you enable the collection of location data on your device by granting the corresponding authorisation. This is initially done through a pop-up window that is displayed on the screen of your mobile device when you use the App. You can also grant or withdraw the authorisation to collect location data at any time in the device settings of your mobile device. radio.de hereby points out, however, that it cannot be guaranteed that some functions of the app cannot be used or cannot be used completely. Even when GPS data is collected, no conclusions can be drawn about your specific location at any time, as the location data determined by GPS is technically shortened by radio.de. If the location survey via GPS is active, your mobile end device will usually show you this within the scope of the screen display by using a specific symbol. This data is not merged with other data sources. If location data is also transmitted to third parties via iOS, Android, Amazon, Samsung or Huawei, radio.de has no influence on this.

3.4 Help center and contacting radio.de

If you need help with the use of our App and the contents available on it, you can use our help center by clicking on the link “FAQ” in the app settings, where the most frequently asked questions and suitable help are listed. The FAQs are stored on the servers of the operator Zendesk Inc. (for more information on Zendesk, see section 5.3.).

In addition, you can directly request help from us via email in the settings of the App under the link “Feedback”. For this purpose, we also use the services of Zendesk Inc. to improve processing your requests. You can also contact us by email, letter or telephone. In doing so, we collect, process and store your contact data and the content of your enquiry in order to be able to answer your enquiry, in accordance with Art. 6 para. 1 s. 1 (a) GDPR on the basis of your consent or in accordance with Art. 6 para. 1 s. 1 (b) GDPR, if the subject of your enquiry is (pre-)contractual information or in accordance with Art. 6 para. 1 s. 1 (f) GDPR, if there is a legitimate interest of radio.de in the data processing.

3.5 Duration of storage and deletion of personal data

We process and store personal data only for the period required to achieve the processing purpose or for as long and to the extent required by law, but at least for the duration of the statutory limitation periods.

If the storage purpose no longer applies or if a legally prescribed storage period expires, the personal data will be blocked or deleted routinely after 30 days and in accordance with legal regulations.

4. Cookies and similar technologies, iab standard, Consent Management Platform

radio.de uses cookies, PPID and similar technologies to collect various device information (also known as “identifiers” or “IDs”), in particular device identifiers, IDFA and advertising IDs. The following section is intended to briefly explain the technologies and terms used in the privacy policy. Some functions and elements of the app and the content it offers require that the mobile device you are using can be identified even after the app has been reopened. The technologies used for this purpose also enable your personal settings or advertisements to be retained over a longer period of time. The data processing that takes place in this context therefore serves the purpose of being able to provide you with all functions and to simplify the use of our app for you as a user.

Some of the technologies used by radio.de or its service providers enable us to analyze the usage behavior of users. This tells us how the app is used and enables us to optimize our app and the quality of the content it offers and adapt it to the respective user behavior. In particular, we record how often users access the app and its various functions or the frequency of advertisements accessed. The data is not stored together with other personal user data. In the Apple App Store and Google Play Store, we can also see how often the app has been downloaded and how many users actively use the app.

The legal basis on which your personal data is processed using cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the declared consent in accordance with Section 25 (1) TDDDG in conjunction with Art. 6 (1) (a) GDPR and further data processing in accordance with Art. 6 (1) GDPR. Otherwise, the data processed using cookies will be processed on the basis of Section 25 (2) TDDDG (e.g. technically necessary cookies for the error-free display of our websites) or if the use of cookies is necessary to fulfill our contractual obligations.

Processing of cookie data on the basis of consent: Before your data is processed in the context of the use of cookies, we ask for your consent, which can be revoked at any time. Before consent has not been given, cookies that are necessary for the operation of our online offer will be used. They are used on the basis of Section 25 (2) TDDDG and the user’s interest in the expected functionality of our online offering.

The data processing processes described above are carried out - unless otherwise described in this privacy policy - on the basis of your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

The following technologies and device information are particularly relevant in the context of the app

Cookies are small pieces of text information that are stored on your mobile device.

PPID enables publishers to send an identifier to Google Ad Manager that is used for frequency capping, audience segmentation and targeting, sequential ad rotation and other audience-based ad delivery features on any device.

Opt-out: As a user, you can prevent Google from collecting the PPID by clicking here.

Tracking pixels are small “invisible” graphics that are often used for statistical evaluations for online marketing

SDKs (software development kits) are software libraries and interfaces that enable the integration of various services and functions. Device identifiers enable the unique identification of app users’ end devices.

IDFA (Identifier for Advertisers), or Ad-ID (iOS operating system) or Advertising ID (Android operating system), enable advertising partners to create user profiles and display personalized advertising to users.

Click URLs with tracking parameters can be used to register when a link or other element is clicked on.

As part of the various Google Firebase services, further device information, such as instance IDs, UUIDs (Universally Unique Identifier), IDFV (Identifier for Vendors, iOS) or the Android ID (Android), are relevant, the functions of which are described in more detail in section 5.2.1.

By changing the settings in your mobile device, you can deactivate or restrict the transmission of the IDFA and advertising ID and IDFV (iOS) or the Android ID (Android). radio.de cannot, however, rule out the possibility that some content of the app may not be usable or not fully usable in this case. For more information on which technologies we or our third-party service providers use for which purpose and on the data processed in each case, please refer to section 5.

In order to provide you with the highest level of transparency and control over the processing of your data, we follow the iab europe Transparency and Consent Framework (hereinafter “iab Standard”), including its specifications and guidelines. The iab Standard provides participating advertising partners with a common language to communicate users’ choices about the delivery of relevant online advertising and content. The majority of our advertising partners are vendors certified according to the iab Standard (an overview of participating advertising partners can be found here).). You can find out more about the Transparency and Consent Framework on the iab europe website: iabeurope.eu/

We have integrated a Consent Management Platform (hereinafter “CMP”) in our app, which is based on the specifications of the iab standard and is offered by Sourcepoint Technologies, Inc. (For more information on Sourcepoint Technologies, Inc., please refer to section 5.2.). The CMP provides you with information on the cookies and similar technologies used and allows you to set the use of these in relation to certain service providers. You can also give and withdraw your consent to the use of the technologies and device information described here. When you open our app for the first time and make settings via the CMP, your configuration is stored in the NSUserDefaults (iOS) or in the Shared Preferences (Android) of the app on your device, where the settings you have made are saved.

You can access and change your selection at any time under “Privacy Manager” in the app settings.

The CMP is used in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR in order to obtain and document your consent to certain data processing processes and in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR due to our legitimate interest in being able to offer you a convenient way to control the processing of your personal data.

With the CMP, we offer you the opportunity to decide for yourself in which cases you want to consent to tracking via cookies and other technologies - to display content and advertising relevant to you - or to use a paid PRIME subscription. If you opt for the PRIME subscription, only those cookies will be set that are necessary to provide essential functions of our apps or are functionally necessary for the stability and security of the apps. The storage of information in the end user’s terminal equipment or access to information already stored in the end user’s terminal equipment takes place, if this is absolutely necessary, on the basis of Section 25 (2) No. 2 TTDSG, so that we can provide the telemedia service expressly requested by the user. The legal basis for the further processing of this technically necessary personal data as part of the PRIME offer is Art. 6 para. 1 lit. b or lit. f GDPR, depending on the type of service.

If you decide to USE our offer without any obligation to pay, we finance our offer through advertising. For this purpose, the advertisers set cookies that enable tracking for the display and optimization of advertising based on your usage behavior and your presumed interests and needs. In order to provide this service, we use cookies, device identifiers and similar technologies on your end devices.

The storage of information in the end user’s end device or access to information is carried out in accordance with § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit a. GDPR. The legal basis for further processing is your consent in accordance with Art. 6 para. a GDPR. The legal basis for the transfer of data to the USA is Art. 49 para. 1 sentence 1 lit. a GDPR.

Note on consent: Some of the services listed in the CMP transfer data to the USA. Data processing and data protection in the USA do not meet the standard of the GDPR. The services are subject to US law and may therefore be obliged to disclose data to US authorities or intelligence agencies if legal requirements are met. Risks for you arise in particular from the difficulty of enforcing the law, the lack of control over the further processing or disclosure of data and the aforementioned access by government agencies.

5. Processing of personal data by service provider

Personal data collected in the context of your use of our App will only be processed by radio.de and third parties listed in this privacy policy. Beyond that, radio.de does not transmit personal data to other third parties. Personal data will only be transmitted on to other third parties in the exceptional case that radio.de is obliged to transmit the collected data due to an official or court order.

5.1 Amazon Web Services Inc.

radio.de cooperates with the following external web host, through which we are able to offer you our App and to process your data securely and efficiently. We have a legitimate interest in this according to Art. 6 para. 1 s. 1 (f) GDPR. Web host is Amazon Web Services Inc, 410 Terry Avenue North, Seattle, WA 98109-5210, USA (“Amazon Web Services”). Amazon Web Services is certified according to the ISO 27001, ISO 27017 and ISO 27018 standards, which take into account aspects such as data security, data protection and reliability. The data servers used by Amazon Web Services are located within Germany in the Amazon Web Services Region Frankfurt. The Amazon Web Services privacy policy can be found at https://aws.amazon.com/privacy/.

5.2 App Analysis Services

5.2.1 Google Firebase

The App uses various functionalities of Google Firebase (“Firebase”), a technology of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, (“Google”). Firebase enables us to perform various analyses on the installation and use of our App. We use Firebase Crashlytics and Firebase Crash Reporting, which help the developers of radio.de to identify and fix app crashes. Stack traces are used to trace crashes back to an app, to display them in the Firebase interface and make them evaluable, and to send notifications (e.g. by e-mail) to radio.de. Furthermore, Crashlytics processes installation UUIDs to measure the number of users affected by a crash and minidump data, small memory images containing information about a crash, to process crashes in Android. The minidump data is stored while the crash session is being processed and then discarded. The aforementioned data is stored by Firebase for 90 days.

Furthermore, we use Firebase Dynamic Links and Firebase Remote Config. Dynamic Links uses device specifications and IP addresses on iOS to open newly installed apps for a specific page or context. Dynamic Links stores device specifications and IP addresses only temporarily to provide the service. Firebase Remote Config allows radio.de to show or hide content in the App and turn certain features on or off by processing Firebase installation IDs. Firebase stores the Firebase installation IDs until we delete them. Then the data is removed from the live and backup systems within 180 days. Finally, we use Google Analytics for Firebase. Google Analytics for Firebase uses tracking data to be able to create evaluations about the use of the apps. For this purpose, Google Analytics uses so-called Mobile Ad IDs, IDFVs (iOS) or Android IDs (Android), Instance IDs, as well as Analytics App Instance IDs. Google Analytics stores some of the data linked to the ad ID (e.g. IDFVs, Android IDs) for 60 days and retains aggregate reporting without automatic expiry. The other aforementioned data is stored by Google Analytics for up to 14 months.

The legal basis for the collection of personal data by Firebase Remote Config is Art. 6 para. 1 s. 1 (f) GDPR, as we have a legitimate interest in being able to present the content and functions to you in the best possible way; to do so Firebase Remote Config is technically necessary. Furthermore, the processing of your personal data within the scope of Firebase is based on your consent in accordance with Art. 6 para. 1 s. 1 (a) GDPR. You can give or revoke your consent at any time via our Consent Management Platform (CMP).

For the purpose and scope of the data collection and the further processing and use of the data by Google, as well as your rights in this regard and further setting options for protecting your privacy, please refer to the data privacy information on Google Firebase at https://firebase.google.com/terms/data-processing-terms https://firebase.google.com/support/privacy/manage-iids https://firebase.google.com/support/privacy

5.2.2. InfoOnline

radio.de uses the Scaleable Centralised Measuring System [Skalierbare Zentrale Messverfahren] (“SZM”), an analysis system of INFOnline GmbH, Brühler Str. 9, D-53119 Bonn to determine statistical values regarding the use of the App. Measurement values are collected in an anonymous manner. Your identity always remains protected. You will not receive any advertising via the system. The aim of the audience measurement is to statistically determine the intensity of use and the number of users of an app. With the statistics obtained, we can improve our offer and make it more interesting for you as a user. SZM audience measurement uses an SDK (see section 4) to recognise mobile devices, via which various technical data on your mobile device is created and collected. IP addresses are not stored in the procedure and are only processed in anonymised form. At no time are individual users identified. Further information on the SZM procedure can be found at https://www.infonline.de/datenschutz. The SZM is used on the basis of your consent pursuant to Art. 6 para. 1 s. 1 (a) GDPR, which you can give or withdraw at any time via our Consent Management Platform (CMP). Our App also participates in the audience measurement of the Arbeitsgemeinschaft Online-Forschung e.V. (“AGOF” - Working Group for Online Media Research) and the alliance between Informationsgemeinschaft zur Feststellung der Verbreitung von Werbeträgern e. V. (“IVW” - German Audit Bureau of Circulation) and the Arbeitsgemeinschaft Media-Analyse e.V. (“agma” - Media Analysis Council). AGOF, IVW and agma issue reports on a regular basis in studies about the usage statistics of participating services. Anonymous measured values are collected.

5.2.3 Adjust GmbH

The app uses various functionalities of Adjust, a technology of Adjust GmbH, Saarbrücker Str. 37A, 10405 Berlin, Germany, (“Adjust”). Adjust enables us to analyze the installation and use of our app in various ways. Adjust uses device specifications and IP addresses to open newly installed apps for a specific page or context. Adjust only stores device specifications and IP addresses temporarily in order to provide the service. Adjust stores the data for 12 months, after which it is automatically deleted. Adjust uses tracking data to be able to create evaluations about the use of the apps. For this purpose, Adjust uses so-called Mobile Advertising IDs, IDFVs (iOS) or Android IDs (Android), IDFA (iOS), Adjust Device ID (ADID), App Set ID, Install Referrer. The other aforementioned data is stored by Adjust for 12 months. The legal basis for the collection of personal data by Adjust is Art. 6 para. 1 sentence 1 lit. f GDPR, as we have a legitimate interest in being able to present the content and functions for you in the best possible way and Adjust is technically necessary for us in this respect. We also use Adjust Third Party Sharing. Adjust shares device IDs and app tokens with third-party marketing partners in order to measure the success of marketing campaigns. The data can be shared with the following partners AppleAds, Meta(Facebook), GoogleAds, GoogleMarketingPlatform, Snapchat, Tencent, TikTokSan, X(Twitter), YahooGemini, YahooJapanSearch. The processing of your personal data in the context of Adjust Third Party Sharing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can give or withdraw your consent to Adjust Third Party Sharing at any time via our Consent Management Platform (CMP). The purpose and scope of the data collection and the further processing and use of the data by Adjust as well as your rights in this regard and further setting options to protect your privacy can be found in the Adjust data protection information at https://www.adjust.com/terms/general-terms-and-conditions/

5.3 Ticketing system and help centre for customer enquiries

Zendesk

radio.de uses Zendesk, a customer service platform of Zendesk Inc, 1019 Market Street, San Francisco, CA 94103, USA (“Zendesk”, see also section 3.4). Zendesk is a ticket system for processing customer enquiries. To use Zendesk, necessary data such as your contact details and the content of your request are collected via our App in order to be able to process your support ticket. The data processed in each case is stored on Zendesk servers, which may also be located outside the EU, in particular the USA or the Asia-Pacific region. Zendesk processes the personal data exclusively in accordance with our instructions pursuant to a commissioned processing agreement and using the standard contractual clauses pursuant to Art. 46 para. 5 s. 2 GDPR. The legal basis for the use of Zendesk is Art. 6 para. 1 s. 1 (a) GDPR, insofar as you have given us your express consent, as well Art. 6 para. 1 s. 1 (f) GDPR, insofar as we have a legitimate interest in using a third-party service provider for the purpose of simplifying our operational processes when answering your questions about our services. The purpose and scope of the data collection and the further processing of the data by Zendesk as well as the related rights and setting options for the protection of privacy can be found in the data protection information of Zendesk: https://www.zendesk.com/company/customers-partners/privacy-policy/?_ga=2.87503192.1116616280.1609951268-2106221984.1609951268, https://support.zendesk.com/hc/en-us/articles/360022366953-Complying-with-Privacy-and-Data-Protection-Law-in-Zendesk-products.

5.4 Consent Management Platform

Sourcepoint Technologies, Inc.

In our App we use the “Consent Management Platform” (CMP) of the service provider Sourcepoint Technologies, Inc., 228 Park Avenue South, #87903, New York, NY 10003-1502, USA (hereinafter “Sourcepoint”). When you open our App for the first time and make settings via the CMP, your configuration is stored in the NSUserDefaults (iOS) or in the Shared Preferences (Android) of the app on your end device, where the settings you have made are saved. The settings collected via the configuration are transmitted to Sourcepoint servers located in France. Sourcepoint processes the personal data exclusively according to our instructions in accordance with an order processing agreement. Any transfer to a country outside the EU or the EEA that may be necessary in individual cases is based on data protection guarantees in accordance with Art. 45 ff. GDPR, in particular in the form of data transfer agreements containing the standard contractual clauses approved by the EU Commission. Sourcepoint is used in accordance with Art. 6 para. 1 s. 1 (f) GDPR due to our legitimate interest in using a suitable service provider for the documentation of your consent. Sourcepoint is a member of iab europe (https://iabeurope.eu/members/sourcepoint/). Further information on data protection and the CMP of Sourcepoint can be found at www.sourcepoint.com/privacy-policy; https://documentation.sourcepoint.com/web-implementation/sourcepoint-gdpr-and-tcf-v2-support.

5.5 Push-Messages

Airship

radio.de uses the push message service of Airship Group, Inc., 1225 West Burnside, Suite 401, Portland, OR 97209, USA („Airship“). While using our App, it is possible that you will receive push messages in order to offer you functions and services that are tailored to your use. An example of such a push message is “Your favourite station misses you - tune in now”. You will only receive such push messages if you have given your explicit consent for radio.de in the settings of your device’s operating system. You can adjust the authorisations at any time, also in the settings of your operating system, so you can allow or withdraw the sending of push messages at any time in the device settings of your mobile device. Airship stores your IP address, data about your mobile device such as device number and operating system, push notification token and usage data about your use of the app. We also ask you for your consent to collect, process and store the data necessary for sending the push notifications. The legal basis for the collection and processing of your personal data is Art. 6 para. 1 s. 1 (a) GDPR, which you can also give or withdraw at any time via our Consent Management Platform (CMP). Further information on data protection can be found in Airship’s data protection information: https://www.airship.com/legal/privacy/.

Accengage

radio.de uses the push message service of Accengage S.A.S, 31, rue du 4 Septembre, 75002 Paris, France (“Accengage”). While using our App, it is possible that you will receive push messages in order to offer you functions and services that are tailored to your use. An example of such a push message is “Your favourite station misses you - tune in now”. You will only receive such push messages if you have given your explicit consent for radio.de in the settings of your device’s operating system. You can adjust the authorisations at any time, also in the settings of your operating system, so you can allow or withdraw the sending of push messages at any time in the device settings of your mobile device. Accengage stores your IP address, data about your mobile device such as device number and operating system, push notification token and usage data about your use of the app. We also ask you for your consent to collect, process and store the data necessary for sending the push notifications. The legal basis for the collection and processing of your personal data is Art. 6 para. 1 s. 1 (a) GDPR, which you can also give or withdraw at any time via our Consent Management Platform (CMP). Further information on data protection can be found in Accengage’s data protection information: https://www.accengage.com/privacy-policy/.

5.6 Advertising

radio.de uses the following additional external advertisers for marketing purposes. Advertisers market online advertising space in digital services - including our App. In doing so, we comply with the data protection regulations and - where necessary - have concluded contracts for the processing of personal data. Insofar as personal data is transferred to countries outside the EU or EEA for the purpose of advertising marketing, any transfer is based on data protection guarantees pursuant to Art. 45 ff. GDPR, in particular in the form of data transfer agreements containing the standard contractual clauses approved by the EU Commission.

5.6.1 Google Ad Manager

radio.de uses Google Ad Manager, a tool of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland, („Google“) for marketing advertising space. Google Ad Manager uses technologies to show you advertisements that are relevant to you. This involves assining a pseudonymous identification number (ID) with your mobile device by means of a cookie and/or similar pseudonymous user identification in order to verify which ads have been shown in an App and which ads have been clicked on. This use of Ad Manager user IDs enables Google and its partner sites and other third parties on whose behalf Google solely works to serve ads based on previous visits of our App and other digital content on the internet. When Google receives an ad request, it usually also collects the IP address of the App user, which is transmitted to the relevant advertising partners for the purpose of delivering advertisements. Google Ad Manager is used on the basis of your consent pursuant to Art. 6 para. 1 s. 1 (a) GDPR, which you can give or withdraw at any time via our Consent Management Platform (CMP). You can find more information about the Google Ad Manager at https://support.google.com/admanager/answer/9035987?hl=de and about data protection at Google in general at https://policies.google.com/privacy?hl=de

5.6.2 Marketing by iab TCF v2.0 verified partners

For the digital advertising marketing of our services, we use vendors that are certified according to the iab standard in accordance with TCF v2.0 (for more information on the iab standard, please see section 4). Our cooperation with these vendors is not continuous; some vendors only become active through our contractual cooperation with the service providers listed under 5.6.3. For this reason, the vendors operating within the scope of our services may change. An overview of the vendors certified according to the iab standard with whom our cooperation is currently considered likely, can be found here. Here you can also find out to what extent and on what legal basis the vendors are active and specify and configure their preferences for the processing of their data by them.

5.6.3 Forms of advertising

The advertising marketing carried out by us and/or in our App takes place in different forms. In the following, we will explain to you which forms of advertising are used and which recipients (or categories of recipients, also “advertising partners”) can process the personal data collected in this context. The service providers listed in this section operate within the framework of specific agreements with us and exclusively on the basis of your consent in accordance with Art. 6 para. 1 s. 1 (a) GDPR which you can give or withdraw at any time via our Consent Management Platform (CMP) and are largely certified in accordance with the IAB standard. Please note that other advertising partners may process your data within the framework of the iab network (for more details, please refer to section 5.6.2).

5.6.3.1 Direct campaigns

Occasionally we carry out direct campaigns with different changing advertising partners or agencies with limited runtimes and targeting. Such advertising partners are themselves responsible for data processing.

Possible technical implementation:

Redirects and VAST advertising media - Via the Google Ad Manager we establish a technical connection between our advertising spaces and the advertising partner’s ad server. A pixel-code and click URLs can also be integrated directly.

Physical advertising material (videospots and graphics)- Some files are stored directly in the Google Ad Manager – in that case no personal data is transmitted to the advertising partner.

Pixel-code - An “invisible” graphic is delivered at the same time as the advertising material. The graphic is located on an external server of the advertising partner. In most cases, a third-party service provider works for the advertising partner.

Click URLs with tracking parameters - If you click on the advertising material, you may be directed to the target page of the advertising partner via a tracking service provider. The tracking service provider will not collect any data until you click on the ad.

Type of personal data

Online identifier (IP addresses, cookie IDs, device IDs)

Transaction data (such as time of an ad impression, time of an ad click)

Nature and scope of data processing Shortened IP addresses and cookie or device IDs are used to create monthly reports and to deliver advertising material within the App.

5.6.3.2 Reach marketing

With other advertising partners we carry out campaigns with fixed technical setups for an unlimited period of time.

Technical implementation

Redirects and VAST advertising media - Via the Google Ad Manager we establish a technical connection between our advertising spaces and the ad server of the advertising client. A pixel-code and click URLs can also be directly integrated.

Type of personal data

Online identifiers (IP addresses, cookie IDs, device IDs)

Transaction data (such as time of an ad impression, time of an ad click)

Nature and scope of data processing IP addresses and cookie or device IDs are used to create monthly reports and to deliver advertising material.

radio.de’s advertising partners for reach marketing

smartclip Europe GmbH Privacy Policy: https://privacy-portal.smartclip.net/en/

SMARTSTREAM.TV GmbH Privacy Policy: https://www.smartstream.tv/en/productprivacy

Goldbach Germany GmbH Privacy Policy: https://goldbach.com/de/de/datenschutz/goldbach-germany

Goldbach Austria GmbH Privacy Policy: https://goldbach.com/at/de/datenschutz/datenschutz-goldbach-austria

YOC AG Privacy Policy: https://yoc.com/privacy/

Spot X Privacy Policy: https://www.spotx.tv/privacy-policy/

Weischer.Media GmbH & Co. KG Privacy Policy: https://weischer.media/de/de/datenschutzerklaerung/

5.6.3.3 Programmatic Advertising and Real Time Bidding

Via Google’s Ad Manager we are connected to various networks that bid on the advertising space within our App. Some of these networks are active in the Google ADX, a digital real-time marketplace, where they bid on our advertising space, while others are activated separately for that purpose. The selection and delivery of the advertising is then carried out via the Google Ad Manager. The entire process is carried out automatically with regard to both the control of the advertising contact opportunities (so-called “Programmatic Advertising”) and the pricing between the supply and demand side (so-called “Real Time Bidding”).

Technical implementation

Redirects and VAST advertising media - Via the Google Ad Manager we establish a technical connection between our advertising spaces and the ad server of the advertising client. A pixel-code and click URLs can also be directly integrated.

Type of personal data

Online identifiers (IP addresses, cookie IDs, device IDs)

Transaction data (such as time of an ad impression, time of an ad click)

Technical parameters of the browser (browser identifier, operating system, screen resolution, device classes, device manufacturer)

Nature and scope of data processing The personal data used to create monthly reports and to deliver advertising material.

radio.de’s advertising partners for Programmatic Advertising and Real Time Bidding

Google ADX (You can find a list on all advertising partners that are connected via Google ADX here.) Privacy Policy: https://policies.google.com/privacy?hl=en

Google Adsense Privacy Policy: https://policies.google.com/privacy?hl=en

Index Exchange Privacy Policy: https://www.indexexchange.com/privacy/

Rubicon Privacy Policy: https://rubiconproject.com/rubicon-project-advertising-technology-privacy-policy/

Xandr (Appnexus) Privacy Policy: https://www.xandr.com/privacy/platform-privacy-policy/

Sovrn Privacy Policy: https://www.sovrn.com/privacy-policy/

Pubmatic Privacy Policy: https://pubmatic.com/legal/privacy/

RhythmOne Privacy Policy: https://www.rhythmone.com/privacy-policy/

Improve Digital Privacy Policy: https://www.improvedigital.com/platform-privacy-policy/

Media.net Privacy Policy: https://www.media.net/privacy-policy/

YOC AG Privacy Policy: https://yoc.com/privacy/

Smart Privacy Policy: https://smartadserver.com/end-user-privacy-policy

Ströer SSP GmbH Privacy Policy: https://www.stroeer.de/en/data-protection/

5.7 Other Marketing Tools

Google Ads

radio.de uses Google Ads, a service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland („Google“), to display advertisements. If you open our App, we and Google can recognise this. radio.de thus learns the total number of users who open the App. The measurement and statistical analysis described above is carried out by Google Analytics for Firebase (see under 5.2.1). The use of Google Analytics for Firebase is based on your consent pursuant to Art. 6 para. 1 s. 1 (a) GDPR, which you can give or withdraw at any time via our CMP.

Maze

For surveys and user tests radio.net utilizes Maze that is a service of Maze.Design Ltd, England. Upon usage of this app you may be asked to participate in a survey or user test. If you choose to participate, you will be directed to Maze. You will find the privacy policy of Maze here: https://maze.co/privacy-policy/

6. Your data protection rights

In accordance with the GDPR as well as in accordance with the relevant provisions of European law and national law, you have the following rights within the scope of the respective provision, which you can exercise over radio.de - unless otherwise stated - e.g. by sending an email to datenschutz@radio.de or to the contact data stated under section 2. radio.de will fulfil your rights if the relevant conditions are met:

Right of access

In accordance with Art. 15 GDPR, you can obtain confirmation from radio.de as to whether or not your personal data is collected, processed and stored by radio.de. If such a collection, processing and storage exists, you can, among other things, obtain information from radio.de about the purposes for which the personal data is collected and processed and the planned duration of storage of your personal data or, if specific information on this is not possible, about criteria for determining the duration of storage.

Right to rectification

If the personal data collected and processed concerning you is incorrect or incomplete, you have the right of rectification and/or completion of your personal data in accordance with Art. 16 GDPR towards radio.de.

Right to restriction of processing

In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data.

Right to erasure

In accordance with Art. 17 GDPR, you can obtain from radio.de the erasure of your personal will be deleted immediately. radio.de may be obliged to delete this data immediately if the personal data relating to you is no longer necessary for the purposes for which it was collected or otherwise processed, or if you have withdrawn your consent to which the collection, processing and storage relates. The right to deletion does not exist, among other things, if the processing is necessary to fulfil a legal obligation which requires the collection and processing according to the law of the EU or the member states to which radio.de is subject and if the collection and processing is necessary for the assertion, exercise or defence of legal claims.

Right to data portability

In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us as the data controller in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another person in charge, without hindrance from us.

Right to object

**According to Art. 21 GDPR, you have the right to object to the processing of personal data concerning you. Pursuant to Art. 21 para. 1 GDPR, you may at any time, for reasons arising from your particular situation, object to the processing of personal data carried out on the basis of Art. 6 para. 1 s. 1 (f) GDPR. **

Right to withdraw consent

If you have given us your consent to the collecting and processing of your personal data, you have the right to withdraw your consent under data protection law at any time in accordance with Art. 7 para. 3 GDPR. Processing that took place before the withdrawal remains unaffected by this.

Right to lodge a complaint with a supervisory authority

According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, in case that you believe that the collection and processing of your personal data infringes the GDPR.

7. Miscellaneous

In the further development of the services offered and the implementation of new technologies, radio.de reserves the right to update this data protection declaration at any time. radio.de therefore asks you to regularly take note of our privacy policy available here.

Last updated: November 2024