Privacy Policy

1. Introduction

The Controller within the meaning of Art. 4 No. 7 GDPR (hereinafter "we", "us/our") takes appropriate measures to enable the best possible protection of your privacy and the security of your personal data. This privacy notice describes how we collect, use, store, and disclose your personal data when you visit our Corporate Website or interact with us.

The website of IONOS Group SE serves as a central information platform for our Corporate Stakeholders (investors, analysts, business partners, institutional actors) and has the main purpose of providing transparent and detailed information about the company structure, strategy, financial results, and important regulatory announcements. The use of the website is not directed at the distribution of products or services.

2. Information and Contact details of the Controller

The Controller for data processing is:

IONOS Group SE
Elgendorfer Str. 57
56410 Montabaur
Germany

E-mail: datenschutz@ionos.de

You can reach our Data Protection Officer at:

IONOS Group SE
The Data Protection Officer
Elgendorfer Straße 57
56410 Montabaur
Germany

E-mail: datenschutz@ionos.de

3. What Data We Process

We may process various types of personal data about you, primarily in connection with your visit to our Corporate Website or your direct contact with us:

Technical Data: IP address, browser type and version, operating system, device information, access time stamp.
Usage Data: Information about how you use our website (e.g., which pages are visited, duration of stay).
Contact Data/Inventory Data: Name, email address, telephone number, address (only in case of direct contact or use of contact forms for stakeholder inquiries).
Marketing and Communication Data: Your preferences when receiving corporate newsletters or communications.

4. How We Process Your Data

We process your data in the following ways:

Direct Interactions: You provide us with your data when you fill out forms (e.g., for investor newsletters), contact us by email, or provide feedback.
Automated Technologies or Interactions: We collect Technical and Usage Data about your equipment, browsing actions, and patterns when you use our website, through cookies and similar technologies.
Third Parties or Publicly Accessible Sources: We may receive personal data about you from public sources (e.g., web crawling for market/press analysis).

5. How We Use Your Data

We use your personal data for the following purposes related to the Corporate Website:

Provision and Improvement of Corporate Website Functionality

We process technical data to ensure the operability, security, and stability of our website.
To Improve Our Website

We process usage data, IP addresses, and cookies to optimize functionality and adapt content to the interests of our stakeholders.
Corporate Communications and Investor Relations

We process contact data to send you contractual information (e.g., ad-hoc announcements or general meeting documents) or information within the scope of our corporate communication and IR activities.
Execution of Webinars and Events

We process your registration data for the execution of webinars or investor/analyst events.
Compliance with Legal Obligations

We process your data to comply with legal obligations to which we are subject (e.g., tax, accounting, and record-keeping obligations, securities trading law obligations, official orders).
Fraud Prevention and Security

For fraud prevention and ensuring the IT security of the website.
Business Intelligence Analyses

We use aggregated and, where possible, anonymized data for the analysis of website usage trends and the optimization of corporate communication.
Data Transfer within the Group

Data exchange with affiliated companies can take place for the purpose of synergy and optimization of administrative processes, as well as due to corporate or contractual provisions.
Operation of Social Media Presences

We process your data if you visit our corporate presences on social media.
Contact Form

We process your personal data if you contact us via the contact form. We process your contact data and the content of your inquiry.
Use and Training of Artificial Intelligence ("AI")

We use AI to improve corporate processes and communication.
Corporate Communications and Stakeholder Information

We use your personal data for informing our stakeholders and for corporate communications. For this purpose, we also use podcasts or integrated videos from external video platform providers.

6. Legal Bases for Processing

We process your personal data on the following legal bases:

Consent: You have given your consent to the processing of your personal data for specific purposes (e.g., cookie settings, newsletter subscription).
Legitimate Interests: Processing is necessary for our legitimate interests, provided your interests or fundamental rights and freedoms do not override them. Legitimate interests we pursue include, in particular: operation and security of the website, corporate communication and stakeholder information, IT security, data transfer to affiliated companies.
Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject (e.g., commercial and tax retention obligations, regulatory and, in particular, notification obligations under securities trading laws).

7. Disclosure of Your Data

Where necessary, we pass on your personal data to the following categories of recipients:

Technology and Functionality Service Providers:

Providers who provide technical services for the operation and optimization of the Corporate Website (e.g., hosting providers, content delivery networks, anti-fraud software, video platform providers such as Vimeo or Youtube).

Analysis and Communication Tools:

Partners who assist with the analysis of usage data and corporate communication (e.g., web analysis services, email dispatch service providers).

Authorities:

In accordance with legal obligations, data may be passed on to governmental institutions, judicial authorities, or other official bodies such as financial supervisory authorities.

Affiliated Companies:

Within the corporate group (IONOS Group SE or United Internet AG) for the purpose of internal administrative processes and corporate or contractual provisions.

Corporate Transactions and Joint Ventures:

We transmit your information to third parties in the event of restructuring, merger, sale, joint venture, assignment, transfer, or other disposition of all or a part of IONOS Group SE as well as affiliated companies of IONOS Group SE, their assets, or shares. Such third parties may be, for example, an acquiring company and its advisors.

8. International Data Transfer

We may transfer your personal data to countries outside the European Union (EU) and the European Economic Area (EEA). In such cases, we will ensure that appropriate safeguards are in place to protect your data within the framework of the legal requirements (e.g., Standard Contractual Clauses).

9. Data Security

We have taken appropriate technical and organizational security measures to protect your personal data against loss, misuse, unauthorized access, disclosure, alteration, or destruction.

10. Data Storage

We generally store your personal data only for as long as it is necessary for the purposes mentioned in this privacy notice or as long as we are obliged or entitled to do so due to statutory retention periods.

Further information on individual case-related retention periods can be found, for example, in the list below.

Legal Obligations:

Data subject to statutory retention obligations (e.g., tax and commercial law documents as well as WpHG documentation) are stored for up to 10 years.

Legitimate Interests:

Log files and temporary storage data: Often between a few days and a maximum of 60–90 days.

Analysis and tracking data: Storage duration depends on the cookie lifetime or until objection.

Processing Based on Consent:

Marketing and newsletter data are stored until the withdrawal of consent.

11. Automated Decision-Making/Profiling

No automated individual decision-making within the meaning of Art. 22 GDPR, including profiling, takes place that produces legal effects concerning you or similarly significantly affects you.

12. Your Rights

You have the following rights regarding your personal data:

Right of Access: You have the right to receive information about your stored data.
Right to Rectification: You have the right to have inaccurate data corrected.
Right to Erasure: You have the right to demand the erasure of your data.
Right to Restriction of Processing: You have the right to restrict the processing of your data.
Right to Data Portability: You have the right to receive your data in a portable format.
Right to Object: You have the right to object to the processing of your data.
Right to Withdraw Consent: You have the right to withdraw any consent given at any time.
Right to Lodge a Complaint with a Supervisory Authority: You also have the right to lodge a complaint with a competent data protection supervisory authority at any time.

To assert your rights, please use the contact details provided under point 2.

13. Cookies and Similar Technologies

We use cookies and similar technologies to enable and improve the display and use of our website and to carry out usage analyses. Further information can be found in our Cookie Policy.

14. Changes to this Privacy Notice

We may update this privacy notice from time to time. The current version will be published on this website.