IDG Codex – IDG – Media, Data and Services for the Technology Industry

Image result for idg codex Preamble:

IDG Communications Media AG and its affiliated companies IDG Business Media GmbH, IDG Entertainment Media GmbH, IDG Tech Media GmbH, IDG TechNetwork GmbH and OnlineWelten GmbH want to create a regulatory framework for their activities with this commitment (IDG Code).

The service providers cooperating with us, which are listed below, have also joined the commitment to privacy. These are: GmbH, Giergasse 2, 53113 Bonn

DataM-Services GmbH, PO Box 9161, 97091 Würzburg

dsb AG, Konrad-Zuse-Str. 16, 74172 Neckarsulm

All regulations listed below must be adhered to when personal data are processed, ie stored, modified, transmitted, blocked or deleted.

All members of the Association, represented by their respective management, undertake to comply with the applicable statutory provisions – in particular data protection, consumer protection, unfair competition and the provisions on general terms and conditions.

IDG Communications Media AG will publish a regularly updated list of all affiliate members committed to comply with the IDG Code. By signing the IDG Code, the Verbund member agrees to be included in the corresponding list.

Art. 1. External data protection officer

IDG Communications Media AG and its affiliates, listed in the attached list, have appointed an External Privacy Officer.

In its function, this affects compliance with the Federal Data Protection Act (BDSG) and other regulations on data protection.

The Data Protection Officer is free in his activity and has, in particular, to monitor the proper application of the computer programs by means of which personal data are to be processed. The undertakings subject to the data protection undertaking undertake to inform the data protection officer in good time about plans for the automated processing of personal data. In addition, the external data protection officer trusts the persons involved in the processing of personal data with appropriate measures with the provisions of the Federal Data Protection Act as well as with other regulations on data protection and with the respective special requirements of data protection.

As external data protection officer of the IDG Communications Media AG and its affiliated subsidiaries is ordered:

RA Markus Wiese
Trautenwolfstr. 6
80802 Munich
Tel .: 089/39 10 19
Fax: 089/39 39 98

E-mail address:

Art. 2 technical and organizational measures

The association members take the technical and organizational measures acc. § 9 BDSG, to ensure data protection and data security in the company.

Art. 3 Collection of personal data

When collecting personal data, it is structurally ensured that no person affected receives emails against his will. As a rule, the double opt-in procedure will be used, in exceptional cases also the confirmed opt-in procedure. With the Double-Opt-In procedure, an addressee registers on a website with his email address and then receives a welcome message, in which a link must be clicked to confirm the registration.

With the confirmed opt-in, the person concerned also receives a welcome message. However, he does not have to confirm his registration here, but only points out that he can delete his entry by clicking on an attached unsubscribe link or by replying to the message.

In the welcome messages, make sure that they are not allowed to contain advertising. In this respect, only information on the service or services for which the registration is permitted.

Other methods of collecting the address are only permissible if the proof can be furnished that a data subject has registered himself / herself and has not been contacted against his will.

All addresses that were already collected by other means prior to the entry into force of the IDG Code and the associated regulations will only be used if the respective address has already been changed 6 times in Art. 7 “Revocation of consent in use of personal data “Described cancellation options written and such is not done.

Art. 4 Avoidance of politically or religiously radical environments

Image result for idg codex

When collecting personal data, it is essential to ensure that they are not generated in politically or religiously radical environments. This applies in particular to subscription advertising on external websites.

Art. 5 Exclusion of unauthorized data transmission

Personal data are treated in compliance with the current regulations of the Federal Data Protection Act and transmitted only with the express consent of the person concerned. Excluded from this is the transfer of personal data to an external service provider for the purpose of sending an advertising e-mail on behalf of the responsible body or for the purpose of duplicate matching. Such service providers are gem. commissioned in writing in accordance with § 11 BDSG Auftragdatenverarbeitung and committed to compliance with the IDG Code.

Art. 6 Verifiability / Transparency

Each personal data must be collected in such a transparent manner that technical protocols / database entries ensure that it is comprehensible at all times, when and how the personal data was collected and the data subject was fully informed about the purpose, scope and duration of the storage of his data.

Art. 7 Revocation of consent in use of personal data

Each e-mail, in particular for advertising contact, must be provided with a note that the data subject at any time has the right to revoke the consent to the processing and use of personal data with effect for the future.

The person concerned is granted the right to revoke consent by e-mail, fax or post. For this purpose, the corresponding email address, fax number and postal address of the responsible body, in clearly visible, best highlighted place.

The revocation must be processed immediately.

Art. 8 Request for information

Any person concerned may request information about the personal data stored about them, their origin, recipients or categories of recipients to whom the data were transmitted and the purpose of the storage. Such a request for information will be processed without delay. This is done by passing on to the appointed data protection officer, who in turn contacts the person concerned.

Art. 9 Internal blocked list

All members of the association maintain an internal blocking list on which personal data are stored by data subjects who have either objected to the use of their data for specific purposes from the outset or have revoked a consent once given. In subsequent advertising contact the distributors are compared against this blacklist before sending the advertising emails. If a data subject expressly requests the deletion of his personal data, this reconciliation can not take place. The data subject must be informed of the deletion of his data together with the notification, as well as the consequence that the deletion can not prevent that advertising will not be sent again at a later date.

Art. 10 competitions, surveys etc.

In the collection of personal data, especially the address collection in general and in particular via the so-called co-sponsorship process, in which the organizer the advertising opt-in and the permission to address address to one or more third parties obtained the following points should be noted:

The opt-in receiver and all third parties (sponsors) must be named with the company and the registered office. For the person who gives his consent, it must be clear that the potential advertising channels are e-mail, post office and telephone. The advertising object (eg type of goods or services offered) should be specified and limited.

The co-sponsorship process will be limited to a manageable circle of companies.

The aim is to limit it to a maximum of 8 sponsors and to refrain from so-called “re-marketers”.

In principle, when collecting the addresses, a separation of the advertising opt-ins from the conditions of participation / general terms and conditions is carried out by a separate check box that must be actively filled out.

In no case may the check-box be pre-filled / pre-clicked as this may constitute a violation of competition law and the rules on general terms and conditions.

Art. 11 No coupling

Under no circumstances will the association members make the conclusion of a contract (raffle, raffle, etc.) subject to the consent of the data subject for the purposes of advertising if the data subject has different access to equivalent contractual services is not possible without consent or in an unreasonable manner.

Art. 12 Actual chances of winning or values

Image result for idg codex

In accordance with the provisions of the Unfair Competition Act, personal data will in no case be generated by means of fake earnings promises or opportunities to participate.

Art. 13 Sent manuscripts and applications

The members of the association shall ensure that they are provided with sent manuscripts and applications that use personal data exclusively for their intended purpose and are not stored or deleted after the application process has been completed.

After completing the application process, candidates’ documents will only be saved if there is an explicit declaration of consent for the storage of the documents in the pool of applicants.

There is no entitlement to a return of the documents to the sender.

Art. 14 Use of cookies

Cookies are small text files that are used, for example, in online forums to save the access data of registered users during a session. Cookies are not programs, so they can not cause harm to the user’s PC.

For technical reasons, it is not possible to post in online forums if no cookies are accepted. However, these cookies can be automatically deleted when leaving the forum by selecting the “Log out” button instead of “Leave the forum”.

In this case, the access data must be entered again on the next visit. The option “Log out” if other people have access to the relevant computers is recommended.
In the context of the advertising circuit, the members or their advertising partners may deposit cookies on the user’s computer or recall already stored cookies. The information about visiting a website, eg. The frequency of the ad call (but not name, address, or other personal information) is stored for the purpose of serving advertisers tailored advertisements.

The members undertake to inform the user in each case on the use of cookies and the possibility of deletion of such cookies in the context of the privacy policy in an appropriate place.

Art. 15 Market analyzes by IDG

If own or in cooperation with partners, eg. For example, if market research studies are conducted with the Arbeitsgemeinschaft Online Forschung eV (AGOF), these must be carried out strictly within the framework of the BDSG and the Telemedia Act (TMG). In this context, after access to the website of the affiliated service provider on the PC of the person concerned any string can be stored in a cookie. This string is random and statistically unique. It may not be assigned to a specific person and must be anonymous. The string may only be used for the preparation of a market research study on the use of Internet offers for the respective service providers whose offers the person concerned has visited and for the respective partner, eg. B. the Arbeitsgemeinschaft Online Forschung AGOF eV serve. A suitable reference must be made to the appropriate place to refuse the storage of cookies. In the case of recording the user behavior, care must be taken to ensure physically separate storage of personal data.

Art. 16 Partner sites Disclaimer

The members point out that they themselves can not assume any responsibility or liability for the offers of partner sites. However, they undertake in any case to ensure that the partners are obliged to comply with the guidelines of the IDG Code.