The data are processed primarily for the purpose of performing the contract pursuant to Article 6 (1) b) of the GDPR. Pursuant to Article 6 (1) c) of the GDPR, processing may also occur in order to comply with legal requirements, such as, amongst others, Section 161 of the Strafprozessordnung (StOP - German code of criminal procedure), Section 40 of the Postgesetz (PostG - German postal act) and Section 13a of the Unterlassungsklagegesetz (UKlG - German injunctive relief act). Unless a statutory obligation to disclose data to public authorities or third parties exists, data will be disclosed to third parties only where the Postcard holder has given their consent. Hence, Article 6 (1) a) of the GDPR provides the legal basis. Finally, processing is also carried out for the additional purposes listed below:
- As part of our security requirements (e.g., for crime detection purposes).
- For the purpose of compiling statistics.
- For purposes of quality assurance, process optimisation and planning certainty.
- For sending you – where permitted – targeted advertising.
Deutsche Post AG has a legitimate interest in the above with a view to ensuring a smooth process and to improving products and services on an on-going basis. In Deutsche Post AG’s view, no overriding legitimate interest exists as the intrusiveness of the processing is kept to a minimum, e.g., through pseudonymisation. Consequently, Article 6 (1) f) of the GDPR provides the legal basis.
If you would like to exercise your right to object – in particular to the use of your data for advertising purposes – please write to: Deutsche Post AG – Kundenservice BRIEF-Postcard, 53247 Bonn, Germany.