Internet governance is the development and application by governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet.

(Working Group on Internet Governance (WGIG), 2005)

Internet governance is based on the multistakeholder model, a governance structure that aims to bring together a wide range of stakeholders to participate in dialogue, decision-making and the implementation of solutions to common issues – ALL for ONE Internet.

Data Privacy Statement

Thank you very much for your interest in our company and in our website. The protection of your personal data and your privacy are very important to us. In this privacy statement, we would like to inform you about how we handle your data. The party responsible for data processing is

Theodor-Stern-Kai 1
60596 Frankfurt am Main
Phone: +49 69 27 235 0
Fax: +49 69 27 235 238
E-mail: info[at]denic[dot]de

You can contact our Data Protection Officer at privacy[at]denic[dot]de

When you make use of one of DENIC eG's offerings, e.g. visit our website, we will process your personal data.

We process your data in strict confidence and only for the purpose we tell you when we collect the data. The processing of your data will always be in keeping with the standards of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other applicable data protection provisions.

1. Provision of the Website

Whenever you visit our Internet offerings or retrieve a file, a range of data referring to this action is temporarily stored in a log file. The following data is processed:

  • IP address
  • Date and time of your access (time stamp)
  • Details of the access request and destination address (protocol version, HTTP method, referrer, user-agent string)
  • Name of the file that has been accessed and amount of data transmitted (requested URL incl. query string, size in bytes)
  • Message whether the request was successful (HTTP status code)
  • Website from which the request is made
  • Browser type or app used
  • Operating system and the interface it uses
  • Language and version of browser software

When processing this data, we will not draw conclusions about your person. Neither a personal evaluation nor an evaluation of the data for marketing or profiling purposes will take place. The legal basis for data processing in this context is Article 6(1) (f) of the GDPR. The processing of this data is technically inevitable in order to make our website available and to guarantee stability and security of our systems. It is not possible to use our website without such processing of data, so you cannot object to this processing. Your data will be deleted after seven days.

2. Use of Cookies

2.1 Essential Cookies

When specific pages are accessed, we use so-called essential cookies. The essential cookies used by us are technically required to allow the website to function correctly. Essential cookies do not contain personal data, i.e. no IP addresses and other information is collected that would allow tracking.

The legal basis for the processing of personal data using essential cookies is Article 6(1) (f) of the GDPR. We use this type of cookies to enhance the security and functionality of our website and the web applications we offer. Some functions of our website will not work without essential cookies. For these functions, it is necessary that your browser will be recognised when you revisit our website after visiting other websites. The purposes pursued with the aforementioned constitute our legitimate interest. It is not possible to use our website without such processing of data, so you cannot object to this processing. The essential cookies expire at the end of your session.

We do not use techniques that allow us to track your access behaviour. Since we occasionally used such techniques in the past, it may happen that your browser settings still display tracking cookies. In such cases, the deadlines set in the cookies have not yet expired. There is no interaction with these cookies from our side. You can delete the cookies in your browser settings at any time.

2.2 Cookies for Usage Analysis

Usage analysis cookies enable us to analyse in which way you use our website. With the help of these cookies we can test the effectiveness of our website and identify errors. Moreover, the cookies provide information that help us to optimise our services and that is useful for web analyses. We use the cookies listed below for usage analysis:

_pk_refMatomoTo store the attribution information of the referrer that was originally used to visit the website6 months
_pk_idMatomoIs used to store some details about the user, such as the unique visitor ID13 months
_pk_sesMatomoShort-lived cookies used to temporarily store data for the visit.30 minutes
_pk_cvarMatomoShort-lived cookies used to temporarily store data for the visit.30 minutes

The legal basis for personal data processing with usage analysis cookies is your declaration of consent according to Article 6(1) (a) of the GDPR.


Our website uses Matomo, a web analysing service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. With Matomo, we analyse the usage of our website and of individual functions and services, with the aim to optimise our website. Matomo uses cookies, which allow us to analyse your way of using our website (including your IP address).

We have activated the "Anonymise Visitor's IP addresses" function on our website. This means that your IP addresses are processed in a shortened form so that a reference to a person can be ruled out.

The legal basis for data processing in this context is Article 6(1) (a) of the GDPR.

Right to Object

You have the right to withdraw your consent at any time with effect for the future without giving reasons.
If you do not agree with your data being transmitted to Matomo when you use our website in the future, you can opt for fully deactivating Matomo in your browser settings (see item 2 above). If you choose that option, it may no longer be possible to fully use all functions of our website.

For further information about the terms and conditions of use and data protection of Matomo please go to

You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data nor is that data necessary to enter into a contract. However, if you do not provide that data it might not be possible for you to use our website at all or to its full extent.

3. Contacting Us

There are various possibilities to get into contact with us.

3.1. Scope of Data Processing

You can contact us via the contact details (e-mail, post, phone) provided on our website. If you do so, we will store your personal data transmitted to us (e.g. e-mail address, postal address, phone number, information revealed in the text of the communication).

3.2. Legal Basis

If you contact us in the context of an existing contract or prior to entering into a contract, the legal basis is Art.  6(1) (b) of the GDPR. In all other cases, the legal basis for processing your data is Art. 6(1) (f) of the GDPR. It is our legitimate interest to process your contact inquiry.

3.3. Purpose of Data Processing and Categories of Recipients

The purpose of the data processing is the handling of your contact request. Your data is processed exclusively for this purpose. Your data is not passed on to any third party in this context. Depending on the nature of your enquiry and the way you contact us, we may transfer your personal data to external service providers that we commission within the framework of order processing relationships.

3.4. Duration of Storage of Your Personal Data

After your contact request has been processed completely, we restrict your data for further processing. Your data will be deleted once the statutory retention periods under fiscal and commercial law have expired. Pursuant to Section 147 of the German Fiscal Code, the retention period is ten full years for accounting records and, pursuant to Section 257 of the German Commercial Code, six full years for business documents.

You are not obliged to make available your personal data. There are neither legal nor contractual provisions that require the provision of your personal data, nor is it necessary to enter into a contract. However, if you do not provide that data it might not be possible for you to enter into contact with us.

4. Rights of the Data Subject

If we process your personal data, you are a data subject within the meaning of Article  4(1) of the GDPR, which gives you the following rights vis-à-vis DENIC:

  • Right of Access (Art. 15 GDPR)
  • Right to Rectification (Art. 16 GDPR)
  • Right to Erasure (Art. 17 GDPR)
  • Right to Restriction of Processing (Art. 18 GDPR)
  • Notification Obligation (Art. 19 GDPR)
  • Right to Data Portability (Art. 20 GDPR)
  • Right to Object (Art. 21 GDPR)
  • Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
  • Right to revoke your declaration of consent under data protection law (Art. 7(3) GDPR).

You have the right to withdraw your consent vis-à-vis DENIC at any time, for instance by e-mail to privacy[at]denic[dot]de. The withdrawal of consent shall not affect the lawfulness of data processing based on your consent before its withdrawal.

Right to Object (Art. 21 GDPR)

Pursuant to Article 21 of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on Article 6(1) (e) or (f) of the GDPR, including profiling based on these provisions.
If you do so, DENIC will no longer process your personal data, unless DENIC demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing is necessary to assert, exercise or defend any legal claims.

If you want to exercise one of these rights, please contact our Data Protection Officer at privacy[at]denic[dot]de.

We would like to point out that in certain cases we may ask you to provide additional information in order to verify your identity. This enables us to ensure that information is not disclosed to unauthorised persons, e.g. when you exercise your right of access.

Pursuant to Article 77 of the GDPR, you also have the right to complain to a data protection supervisory authority if you believe that we are not processing your personal data in a lawful way. The competent authority for DENIC is the data protection supervisory authority of Hesse. The contact details are:
Hessischer Beauftragter für Datenschutz und Informationsfreiheit, Postfach 3163, 65021 Wiesbaden, Germany, e-mail:

Automated decision making does not take place on our website.

5. Security

DENIC has technical and organisational safety measures in place to protect your personal data from accidental or intentional manipulation, loss, destruction, or access by unauthorised persons. We continuously improve our security measures in line with technological evolution.

6. Responsibility for External Content

Our website contains links that lead to Internet pages of external providers. We have no influence on such providers and cannot ensure that they comply with the applicable data protection regulations. If you believe that linked external sites violate applicable law or have other inappropriate content, please let us know. We will check on that and remove the external link, if appropriate. We cannot be held responsible for the content and availability of linked external web pages.

7. Validity of the Data Privacy Statement

Continuous development of our website or the implementation of new technologies may render amendments to this data privacy statement necessary. We reserve the right to change this privacy statement at any time with effect for the future. The relevant version of this statement is always the version that is available at the time you visit our website.

Last updated: October 2021