|Telecommunications Data Protection Ordinance (TDSV)
In the version published on 18 December 2000
Translation provided by the Federal Regulatory Authority for Telecommunications and Posts and reproduced with kind permission.
Table of Contents
4. Consent by Electronic Means
5. Contractual Relations 6
8. Itemised Billing
9. Faults in Telecommunications Systems and Telecommunications Service Fraud
10. Information on Incoming Calls
11. Calling and Connected Line Identification Presentation and Restriction
12. Call Forwarding
13. Public Directories
14. Directory Information
15. Telegram Service
16. Store and Forward Systems
17. Administrative Offences
18.Entry into Force
The Federal Government hereby issues the following Ordinance under Section 89(1) of the Telecommunications Act of 25 July 1996 (Federal Law Gazette I p 1120):
(1) This Ordinance regulates the protection of the personal data of parties engaging in telecommunications in respect of the collection, processing and use of these data by companies and persons providing telecommunications services on a commercial basis or contributing to such provision. Particulars subject to telecommunications secrecy of the circumstances of an identified or identifiable legal person or partnership, to the extent that such partnership is capable of acquiring rights or undertaking commitments, shall have the same status as personal data.
(2) Unless otherwise provided in this Ordinance or in other special legislation, the provisions of the Federal Data Protection Act shall apply. In respect of restricted users at public authorities of the federal states this Ordinance shall apply subject to the proviso that the relevant state data protection laws apply in place of the Federal Data Protection Act.
For the purposes of this Ordinance, the following terms have the meanings defined below:
1. Parties engaging in telecommunications
a) parties to a contract (customers) with a service provider (subpara 2) relating to telecommunications services, and
b) persons using telecommunications services offered by a service provider;
2. Service provider
any entity providing telecommunications services on a wholly or partly commercial basis or contributing to such provision;
3. Customer data
personal data of a party engaging in telecommunications, collected in order to establish a contractual relationship with the service provider with regard to telecommunications services, including framing the contents of the same, or to modify such contractual relationship;
4. Traffic data
personal data of a party engaging in telecommunications, collected when telecommunications services are provisioned and supplied;
5. Calling cards
cards that can be used to establish calls and to collect personal data.
(1) Service providers may only collect, process and use for telecommunications purposes the personal data of persons engaging in telecommunications to the extent allowed by this Ordinance or other regulations or if the data subject has given proper consent in line with the provisions of the Federal Data Protection Act or of this Ordinance.
(2) Service providers may not make the provision of telecommunications services dependent on the supply of personal data that are not required for the provision of such services. This shall apply accordingly to the consent of the data subject to the processing or use of the data for other purposes. Data relating to the implementation of a given telecommunications service may also be deemed necessary.
(3) Additionally, service providers may only process or use for other purposes data collected in connection with the provision of telecommunications services if this is expressly provided for by another regulation or if the data subject has given proper consent in line with the provisions of the Federal Data Protection Act or of this Ordinance.
(4) Service providers shall seek to avoid superfluous data and to be economical in their use of data.
(5) Upon concluding a contract with a customer, the service provider shall inform the customer of the nature, extent, place and purpose of the collection, processing and use of personal data in such a way that the customer, in readily comprehensible form, is advised of the fundamental processing facts. Customers' attention must also be drawn to the choices and options available. Persons according to Section 2 subpara 1 letter b shall be informed by their service provider through generally available information about the collection, processing and use of personal data. The right to provision of information as set forth in the Federal Data Protection Act shall remain unaffected.
(6) The communication, by service providers, of personal data to bodies outside the area of application of the Federal Data Protection Act shall only be permitted in accordance with the Federal Data Protection Act to the extent required for the provision of telecommunications services, for the preparation or dispatch of bills, or to combat fraud (Section 9(1) subpara 2).
Consent may also be given electronically when the service provider can ensure that
1. consent is based on an unequivocal, deliberate act by the data
2. consent is recorded,
3. the declaration of consent can be retrieved by the data subject at any time, and
4. a cancel option is available for a minimum of one week from receipt of the declaration.
The right of the data subject to revoke consent at any time with effect for the future shall remain unaffected.
(1) The service provider may collect, process and use personal data provided this is required for the purpose referred to in Section 2 subpara 3. Under the terms of a contractual relationship with another service provider, the service provider may collect, process and use the personal data of his customers and of the customers of the other service provider to the extent required for performance of the contract between the service providers. Unless provided for by this Ordinance or by a law, customer data may only be communicated to third parties with the consent of the party engaging in telecommunications.
(2) The service provider may only process and use the data of his customers and of the customers of his service providers for customer advisory purposes, for publicity purposes and for market research to the extent required for these purposes and provided the customer has given consent.
(3) If the contractual relationship is terminated, the customer data shall be erased by the service provider by the close of the calendar year following termination of the contract. Section 35(3) of the Federal Data Protection Act shall apply accordingly.
(4) In connection with the establishment of or modification to a contractual relationship or with the provision of services the service provider may require presentation of an official identity card, if this is necessary to verify the customer's particulars. The service provider may make a copy of the identity card if he so wishes. He shall destroy the copy without undue delay once the particulars needed for the contract have been established. The service provider may not collect data other than the data admissible under para (1).
(1) The service provider may collect, process and use the following traffic data (Section 2 subpara 4) to the extent required for the purposes set forth in this Ordinance:
1. the number or other identification of the calling and the called party's station or terminal, the authorisation code, additionally the card number when calling cards are used, additionally the position when mobile stations are used;
2. the beginning and end of the call, indicated by date and time and, where relevant to the charges, the volume of data transmitted;
3. the telecommunications service used by the customer;
4. the termination points of fixed connections and the beginning and end of their use, indicated by date and time;
5. any other data required for call set-up and maintenance and for charging purposes.
(2) The traffic data stored may only be processed or used after the termination of a call if required for further call set-up or for the purposes referred to in Sections 7, 8, 9 and 10. Otherwise, data shall be erased without undue delay by the service provider not later than the day following termination of the call.
(3) Service providers may only additionally use traffic data to shape telecommunications services to suit the needs of the market with the consent of the calling party. In that case, the called party data shall be depersonalised without undue delay. The service provider may only process and use data relating to the destination number for the purpose referred to in sentence 1 with the consent of the called party. In that case, the calling party data shall be depersonalised without undue delay.
(1) Service providers may communicate to one another and use the traffic data set forth in Section 6(1) to the extent that the data are required to bill their customers. Service providers entering into a contract with third parties on collection of the rates may transmit to the third party the data referred to in para (2) to the extent required for collection of the rates and preparation of a detailed bill. The third party shall undertake contractually to preserve telecommunications secrecy according to Section 85 of the Telecommunications Act of 25 July 1996 (Federal Law Gazette I p 1120), last amended by Article 2(6) of the Act of 26 August 1998 (Federal Law Gazette I p 2521), and Sections 3, 5, 6, 7, 8 and 9 of this Ordinance.
(2) The service provider may, for proper telecommunications service billing and verification of the accuracy of the same, collect and process the following personal data subject to the provisions of paras (3) to (5):
1. traffic data according to Section 6(1);
2. the address of the customer or recipient of the bill, the type of line (service used), the total number of units of use incurred during the accounting period for a regular bill, the volume of data transmitted, the total amount payable;
3. other information required for billing such as advance payments, payments with date of entry, payments in arrears, reminders, call barring and restoration of service, complaints submitted and handled, extensions of time for payment applied for and granted, payment by instalment and provision of security.
(3) The service provider shall, after termination of the call, establish without undue delay the data that are required for charging from the traffic data according to Section 6(1) subparas 1 to 3 and subpara 5. Any data not required shall be erased without undue delay. Traffic data in which the last three digits of the destination number have been deleted may be stored for purposes of verifying the accuracy of rates charged - subject to para (4) - for a period not exceeding six months after dispatch of the bill. Where, prior to expiry of the time-limit cited in sentence 3, the customer has disputed the amount billed, the traffic data may be stored until such time as the dispute has been definitively settled.
(4) At the customer's request, the service provider issuing the bill shall, in respect of the traffic data held by him,
1. store the traffic data in full, or
2. erase the traffic data completely upon dispatch of the bill to the customer.
Customers liable to pay, in full or in part, for incoming calls on their line do not have the option set forth in subpara 1. Sentences 1 and 2 are not applicable to service providers who, as closed user group providers, offer their services solely to the members of their group.
(5) The service provider may store and communicate traffic data to the extent required for his billing with other service providers or with their customers, or for other service providers' billing with their customers.
(6) Where the service provider's bill includes payment for third-party services provided in connection with the provision of telecommunications services, the service provider may communicate to the said third party customer data and traffic data, if these are required in a given instance to enforce third-party claims on the customer.
(1) The customer shall only be informed of data stored under Section 7(3) sentence 3 and para (4) until dispatch of the bill which relate to calls for which he is liable if he has made a written request for an itemised bill prior to the relevant accounting period. In respect of residential lines, the disclosure of such information shall be permitted only if the customer has declared in writing that he has informed all co-users of the line, and will inform future co-users without undue delay, that the traffic data underpinning the statement are disclosed to him. In respect of business lines in undertakings and public authorities, the disclosure of such information shall be permitted only if the customer has declared in writing that the employees have been informed, and new employees will be informed without undue delay, and that the works council or the personnel representation has been involved in accordance with the statutory requirements or that such participation is not necessary. If public-law religious societies have issued their own staff representation regulations for their domain, sentence 3 shall apply, it being understood that the respective staff representation replaces the works council or the personnel representation. Furthermore, a customer may be informed of data stored after dispatch of the bill as provided for by Section 7(3) sentence 3 if he has disputed the amount payable. In respect of a customer liable to pay, in full or in part, the charges for incoming calls on his line, the numbers of the calling parties may only appear on his itemised bill with the last three digits deleted. Sentence 6 is not applicable to service providers who, as closed user group providers, offer their services solely to the members of their group.
(2) The itemised bill according to para (1) sentence 1 may not allow calls to be identified to or from persons, public authorities or organisations working for the church or in the social domain who or which offer anonymous counselling wholly or predominantly by telephone to callers in emotional or social distress and who or which themselves or whose employees are therefore subject to special secrecy obligations. This shall apply only to the extent that the Regulatory Authority for Telecommunications and Posts has entered the holders of such called stations on its register. Serving to provide counselling as defined in sentence 1, besides the groups cited in Section 203(1) subparas 4 and 4a of the Penal Code, are, notably, the Samaritans and healthcare organisations. The Regulatory Authority for Telecommunications and Posts enters the holders of these stations on its register when they have supplied proof of their remit as set forth in sentence 1 by certification from a public authority or corporation, a public-law agency or foundation. The register is kept available for retrieval in an automated process. The service provider shall call up the register every quarter and incorporate in his billing procedures any changes without undue delay. Sentences 1 to 6 are not applicable to service providers who, as closed user group providers, offer their services solely to the members of their group.
(3) Where calling cards (Section 2 subpara 5) are used, the card shall carry clear indication of the possible disclosure of traffic data stored. Where such indication is not possible for technical reasons or could not reasonably be expected of the card issuer, the customer must have made a declaration according to para (1) sentence 2 or 3.
(1) To the extent necessary in a given instance, the service provider may
1. collect, process and use the customer data and traffic data of the data subjects in order to detect, locate and eliminate faults and errors in telecommunications systems;
2. collect, process and use the customer data and traffic data required to detect and put a stop to the surreptitious use of services and other unlawful use of telecommunications networks and services, when there are grounds, to be recorded in writing, to suppose such.
(2) For the purpose referred to in para (1) subpara 2 the service provider may process and use traffic data in such a way as to identify, from the total file of traffic data not more than six months old, the data relating to those network connections in respect of which there are grounds to suppose that unlawful use of telecommunications networks or services has been made. In particular, the service provider may set up a data file containing all the traffic data collected under para (1) subpara 2 and the customer data of his customers which, in pseudonymised form, provides information on the revenues generated by the individual customers and which, suitable fraud criteria being applied, allows network connections in respect of which there are grounds to suppose that surreptitious use of services has been made, to be found. Data relating to all other calls shall be erased without undue delay.
(3) The Regulatory Authority for Telecommunications and Posts and the Federal Data Protection Commissioner shall be notified without undue delay of the introduction of, and any modification to, the procedure according to para (2) sentence 1.
(4) In cases according to para (1) subpara 2 the service provider may, in a given instance, collect, process and use control signals to the extent that this is indispensable to clarify and put a stop to the acts specified therein. The Regulatory Authority for Telecommunications and Posts shall be notified accordingly. Applicable in other respects shall be Section 89(3) sentences 3 and 4 and Section 89(4) and (5) of the Telecommunications Act.
(1) The service provider shall, upon written request, give any customer arguing conclusively in a procedure for documentation that he is the object of malicious or nuisance calls, information, relating also to more than one network, on the lines on which the calls originated. The information may relate solely to calls made after submission of the request. The service provider may collect, store and disclose to his customer the numbers, the names and addresses of the parties to whom these numbers have been allocated and the date and time of the beginning of the calls and call attempts. Sentences 1 to 3 are not applicable to service providers who, as closed user group providers, offer their services solely to the members of their group.
(2) Disclosure according to para (1) sentence 3 may only be made when the customer has narrowed down the calls beforehand in respect of date, time or any other suitable criteria, if misuse of the monitoring facility cannot be ruled out in any other way. If the parties to whom the numbers referred to have been allocated are not entered in a public directory according to Section 13, the customer may only be notified of their names and addresses.
(3) In the case of information relating to more than one network the other service providers contributing to the connection shall undertake to give the service provider of the customer receiving malicious or nuisance calls the information required, provided they have these data.
(4) The customer of the line on which the identified calls originated shall be advised that information has been given on these calls. An exemption may be made if the applicant can argue conclusively in writing that any such disclosure could bring him significant disadvantages and that these disadvantages, when compared with the legitimate interests of the calling party, appear considerably more serious. Where the customer on whose line the alleged malicious or nuisance calls originated receives notice in another way of the disclosure of information, he shall be informed, upon request, of such disclosure.
(5) The Regulatory Authority for Telecommunications and Posts and the Federal Data Protection Commissioner shall be notified without undue delay of the introduction of, and any modification to, the procedure to enforce paras (1) to (4).
(1) Where the service provider offers calling line identification presentation, the calling and the called party shall have the possibility, via a simple means and without charge, to prevent presentation of the identity of the calling line on a general (per line) or a case-by-case (per call) basis. The called party must have the possibility, via a simple means and without charge, to reject incoming calls from a calling party that has prevented presentation of the identity of the calling line. The service provider shall only be required to offer services according to sentences 1 and 2 to the extent that this is technically feasible. Sentences 1 to 3 are not applicable to service providers who, as closed user group providers, offer their services solely to the members of their group.
(2) The service provider shall, upon application by the customer, provide without charge lines on which presentation on the connected line of the identity of the calling line is ruled out. At the customer's request, such lines shall be indicated in the public directory (Section 13(1)) issued by the customer's provider. Where an indication according to sentence 2 has been made, presentation of the identity of the calling line on a line thus indicated shall only be possible when the indication has been taken out of the latest edition of the public directory.
(3) Where the customer has not applied for directory entry according to Section 13(2), presentation of the identity of his line shall not be made unless the customer expressly wishes such presentation.
(4) Where connected line identification presentation is offered, the called party shall have the possibility, via a simple means and without charge, to prevent presentation of the identity of the connected line to the calling party to the extent that this is technically feasible. Para (1) sentence 4 shall apply accordingly.
(5) Paras (1) and (4) shall also apply to calls to other countries and to calls from other countries, to the extent that the calling party or the called party is in Germany.
(6) In respect of equipment answering or dealing with emergency calls on 110, 112 or 124124 numbers, the service provider shall ensure that presentation of the identity of the calling line on a per-call or a per-line basis cannot be prevented. Para (1) sentence 4 shall apply accordingly.
The service provider shall undertake to give customers the possibility, via a simple means and without charge, to stop calls being forwarded automatically by a third party to their terminal, to the extent that this is technically feasible. Sentence 1 is not applicable to service providers who, as closed user group providers, offer their services solely to the members of their group.
(1) The service provider may compile and publish public directories of his customers in printed or electronic form.
(2) Customers may have their name, address and additional information such as profession, branch and type of line entered in public printed or electronic directories, if requested. Customers may specify what information is to be published in the directory, that the entry should appear in printed or in electronic directories only, or that there should be no entry at all. Each entry shall be marked accordingly. At the customer's request, co-users' names may also be entered, provided they agree.
(1) The service provider may, in a given instance, provide information on call numbers given in public directories or have such information provided by third parties (directory information service). Entrusting third parties to provide directory information shall only be permitted if the service provider has obliged the third party to process and use the data solely for information purposes and to comply with the restrictions of Section 13 and of paras (2) and (3).
(2) Information on customer numbers may only be given when customers have been suitably informed that they may withhold consent to their number being passed on and have not exercised this right to withhold consent. Information on data published under Section 13(2) may only be given in addition to the call number where the customer has consented to provision of such additional personal data.
(3) All withholding of consent as provided for by para (2) sentence 1 and consent as provided for by para (2) sentence 2 shall be noted in the service provider's directories without undue delay. All consent withheld shall also be heeded by other service providers as soon as they could reasonably be expected to know that there was a note to this effect in the service provider's directory.
(4) Providing information on the names and other personal data of customers in relation to whom solely the call number is known shall not be permitted.
(1) Data and documents relating to the operational handling and delivery of telegrams may be stored to the extent necessary to validate proper provision of the telegram service under the customer's contract. The data and documents shall be erased by the service provider after a period of six months at the latest.
(2) Data and documents relating to the content of telegrams may only be stored beyond the date of delivery if the service provider is answerable for transmission faults under the customer's contract. Data and documents relating to inland telegrams shall be erased by the service provider after a period of three months at the latest, and data and documents relating to international telegrams after a period of six months at the latest.
(3) The time-limits for erasure shall begin running on the first day of the month following that in which the telegram was tendered. Erasure may be suspended where the prosecution of claims or international agreements necessitate a longer strorage period.
(1) The service provider may process message content, notably the customer's voice, sound, text and graphics messages, in connection with services based on these and whose implementation requires intermediate storage, subject to the following conditions:
1. processing takes place solely in telecommunications systems of the intermediate service provider, unless the content is re-routed to other providers' telecommunications systems at the customer's request or by customer input;
2. solely the customer determines the content, scope and type of processing by his input;
3. solely the customer determines who may input and access message content (party having right of access);
4. the service provider may inform the customer that the recipient has accessed the message;
5. the service provider may only erase message content as provided for in the customer's contract.
(2) The service provider shall take the necessary technical and organisational measures to rule out transmission errors and the unauthorised disclosure of message content within his organisation or to third parties. Measures shall only be required if the time and effort expended is reasonable in relation to the purpose of protection sought. Measures shall be adjusted to the state of the art if this is necessary to achieve the purpose of protection sought.
An administrative offence within the meaning of Section 96(1) subpara 9 of the Telecommunications Act is deemed to have been committed by anyone who, intentionally or negligently,
1. in contravention of Section 5(2) processes or uses customer data,
2. in contravention of Section 6(2) sentence 1 or para (3) sentence 1 or 3 processes or uses traffic data,
3. in contravention of Section 6(2) sentence 2 or Section 7(3) sentence 2 fails to erase data or fails to erase data within the prescribed period, or
4. in contravention of Section 15(2) sentence 2 fails to erase data or documents or fails to erase data or documents within the prescribed period.
This Ordinance shall enter into force on the day following its promulgation. On that same date the Ordinance regulating Data Protection for Telecommunications Carriers of 12 July 1996 (Federal Law Gazette I p 982) shall expire.
|° Top of Page
|«« Previous page
The above translation was published by the Federal Regulatory Authority for Telecommunications and Posts. Reproduced with kind permission. This HTML edition by Lawrence Schäfer and © 2001 Gerhard Dannemann. The contents of this page may be downloaded and printed out in single copies for individual use only. Making multiple copies without permission is prohibited.