Privacy policy

We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.

Below is some information on our processing of your personal data and your rights.

1. Who processes my data and who can I contact about this processing?

DIN e. V.
Am DIN-Platz
Burggrafenstraße 6
10787 Berlin

Tel.: +49 30 2601-0
Fax: +49 30 2601-42418

Executive Board
Christoph Winterhalter (Executive Board Chairman), Daniel Schmidt

Contact our external data protection officer at: 
DIN e. V.
Udo Wenzel
Data Protection Officer
Am DIN-Platz
Burggrafenstraße 6
10787 Berlin

Tel.: +49 30 2601-2640
Fax: +49 30 2601-42640

2. Who does this privacy policy apply to?

This privacy policy applies to all visitors to this website, all stakeholders in standards work, DIN Members. visitors of our events, participants in procurement procedures and users of DIN's online services.

3. Which data do we use?

You can visit our sites without telling us who you are, except when you send us an e-mail or contact information, register for and use our online services, or apply for DIN Membership. We generally only use such data as necessary to answer your query or for providing online services. Necessary data is always indicated as required fields in online forms. Any further information we request is given by you on a voluntary basis. This optional information helps us customize our services and better suit the needs of our users.

We process your personal data in accordance with the EU's General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), as follows:

a) To fulfil contractual obligations (Art. 6  (1) point (b) GDPR)

Your personal data is processed for the performance of a contract , and to take steps at your request prior to entering into the contract. Examples:

  • Application for DIN Membership
  • Providing online services
  • Providing member services
  • Processing online contact forms
  • procurement procedures

b) To fulfil legitimate interest/balancing of interests conditions (Art. 6 (1) point (f) GDPR)

Where necessary, we process your data for reasons beyond fulfilling the contract, e.g. for the purposes of the legitimate interests pursued by us or by a third party. Examples:

  • For the purposes stated in DIN's Statutes with regard to DIN Membership
  • For the purposes of standards work
  • For marketing purposes and public opinion research
  • For recruiting new DIN Members, standards experts, authors and speakers
  • Establishing legal claims or for their defence in cases of dispute
  • Direct advertising
  • Ensuring IT security, particularly in terms of access control

c) Where you have given your consent (Art. 6 (1) point (a) GDPR)

Where you have given us your consent to process your personal data for specific purposes (e.g. signing up for a newsletter), the processing of this data based on your consent is legitimate. The consent can be revoked at any time. Please note that such revocation of consent only applies from the time of revocation onwards. Any processing that had taken place before that time is not affected.

d) Where we have a legal obligation (Art. 6 (1) point c GDPR) or the processing is in the public interest  (Art. 6 (1) point e (GDPR)

DIN is subject to various legal obligations (e.g. in accordance with the German Commerical Code, tax laws, procurement law etc.).

5. With whom do we share your data?

DIN belongs to the DIN Group which also includes DIN Software GmbH and our publisher, DIN Media. All members of the DIN Group are bound by the same data protection directives. Your data is shared with the departments within the DIN Group who need this data to fulfil our contractual and legal obligations, or to fulfil legitimate interest/balancing of interests. For example, when you submit a contact form or e-mail to the Online Standards Proposal portal or the Draft Standards portal, this information is passed on to the responsible parties within the DIN Group and the responsible DIN standardizing body for the purposes of standards work or also to the experts. We may also share your data with our service providers and agents for the purposes mentioned above as long as confidentiality is maintained and data protection provisions are met.

6. Is my data shared with a third country?

Data is not shared with countries outside the EU or EEA ("third countries"), except where this is necessary when goods and services are delivered to a recipient in a third country.

7. How long do you keep my data?

We process and store your personal data as long as is necessary to fulfil our contractual and legal obligations, or to fulfil legitimate interest/balancing of interests. When this data is no longer necessary for the above purposes, it will be regularly deleted, except where - limited - data retention periods are required by commercial and tax laws such as the German Commercial Code and the German Fiscal Code. The retention periods specified in the above-mentioned Codes is six to ten years.

7.1 Special data retention periods for DIN online services

When you register for DIN's online services (the DIN Online Standards Proposal, DIN Draft Standards or DIN-TERMinology portals), you are authorized to use these services. This authorization is initially valid for 28 days. If you do not sign on within this time period, your personal data is automatically deleted. DIN reserves the right to delete the data of users who have not logged on to the relevant service for over one year.

8. What are my rights in terms of data protection?

In accordance with the General Data Protection Regulation (GDPR) you have the right of access (Art. 15), right of rectification (Art. 16), right to erasure (Art. 17), right to restriction of processing (Art. 18), right to object (Art. 21) and the right to data portability (Art. 20). Furthermore, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR in connection with Art. 19 of the German Federal Data Protection Act (BDSG)).

The link below gives a list of supervisory authorities in Germany and elsewhere, and their contact information: 

Your consent to process personal data can be revoked at any time. Please note that such revocation of consent only applies from the time of revocation onwards. Any processing that had taken place before that time is not affected.

To exercise your rights please contact our Data Protection Officer (see above).

9. Is the provision of personal data obligatory?

If you have a business relationship with us, apply for DIN Membership, send us a query or use our online services, you must provide the personal data necessary for performing that business function or service, and for fulfilling all associated contractual obligations or where we are subject to the legal obligation to collect such data. As a rule, without this data we are obliged to reject the order or conclusion of the contract, or cannot continue to carry out an existing contract and may need to end such contract. As a participant in a procurement procedure you must provide the personal data necessary for evaluation of the tender bid.  An award cannot be made without these data and the information required, since the submitted tenders are incomplete and are consequently to be excluded.

10. Do you use any automated decision-making, including profiling?

We do not use any automated individual decision-making, including profiling, in accordance with Art. 22 of the General Data Protection Regulation (GDPR).

11. Information on your right to object in acc. with Art. 21 of the GDPR

a) Individual right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data. The prerequisite for this is that the processing is in the public interest or on the basis of legitimate interest/balancing of interests. This also applies to profiling. In the case of such an objection, we will no longer process your personal data. An exception to this is if we can demonstrate compelling legitimate grounds for the processing of this data which override your interests, rights and freedoms, or the data serve the establishment, exercise or defence of legal claims.

b) Objections to using your data for direct marketing

In individual cases or where you have given your consent, we use your personal data for direct marketing purposes. You have the right to object at any time to the processing of your data for such marketing; this also applies to profiling to the extent that it is related to direct marketing. In the case of such an objection, we will no longer process your personal data for this purpose. Objections can take any form and should be sent to the address of our Data Protection Officer given above.

12. Which data do you use for the website?

a) Information on use

When you visit one of our websites we receive data related to this use. Such data includes your screen resolution, browser version, internet access, operating system, language, plug-ins, where you are (in terms of country or region), and search engines. This data will only be used for statistical purposes. It will not be passed on to third parties and will not be analysed in relation to the user. Furthermore, we temporarily save internet connection data (IP addresses) to our website for a few days to ensure IT security.

b) Use of cookies

We use different types of cookies on our website. Technical (operational) cookies are set on the basis of Art. 6 Para. 1 lit. f GDPR (the website operator has a legitimate interest in an error-free presentation of its content). Cookies that are not required for technical operation (functional or personalized cookies) are saved with your consent on the basis of Art. 6 Para. 1 lit. a GDPR used. You can find detailed information on the use of cookies, your consent and your right of withdrawal in our cookie policy.

You can change your cookie settings at any time under the menu item "Cookie settings" at the bottom of every page.

13. How secure is my data?

To protect your personal data, we use a secure transmission process, Secure Socket Layer (SSL) transmission, in order to handle customer data and data of interested parties. All information transmitted by means of this secure method is encrypted before it is sent. Your personal data are stored and processed on computers and other data centre equipment that are protected by industry standard security technology (e.g. firewalls, password protection, access control, etc.).

14. Which plug-ins and tools does your website use?

a) YouTube

We use YouTube plug-ins to incorporate videos on our site. YouTube is a product of

YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you open a page of our website which contains a YouTube plug-in, your browser establishes a direct connection with YouTube’s servers. YouTube is thus informed that your browser has visited the corresponding page of our website. If you are logged in as a registered user of YouTube, YouTube will add this information to your personal user profile. You can prevent this information from being added to your user account by logging out of YouTube. Further information on data processing by YouTube (Google) can be found in YouTube's privacy statement at:

b) XING share button

We would like to inform you about how personal data is processed in connection with the XING share button.

The “XING share button” is in use on this website. When accessing this website, your browser connects for a short time to the XING SE (“XING”) servers which provide the “XING share button” features (including the visitor counter).  XING does not save any of your personal data when you access this website.  XING does not store IP addresses, nor does it use cookies to monitor your behavior with regard to the “XING share button”.  Please visit the following website to view the latest privacy policy for the “XING share button” and other information:

c) Facebook plug-in

Our website uses a plug-in provided by the social network, operated by Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA.

When you visit a page of our website, your browser does not automatically establish a direct connection to Facebook servers. A connection only takes place if you click the link to Facebook. In this case, Facebook will be informed that you have visited our site with your IP address.

We would like to point out that as a provider of our website, we do not receive from Facebook any knowledge of the content of the transmitted data nor its use.

For further information go to Facebook's privacy statement at:

d) X-Plugin

On our pages is a link of the service X (formerly Twitter), provider Twitter International Unlimited Company, One Cumberland Place, Fenian StreetDublin 2, D02 AX07 IRELAND. When you visit our pages, a direct connection between your browser and the X server is not automatically established. The connection is made only when you click on the link to X. X then receives the information that you have visited our site and communicates this to other users if you are logged in with your X account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data as well as its use by X. For more information on this, please refer to X's privacy policy at:

e) etracker

We use services from etracker GmbH, based in Germany, on our webpages to analyse usage data. We use cookies to enable statistical analysis of the visitors’ use of this website as well as to display usage-related content or advertising. Cookies are small text files that are stored by the web browser on the user's end-device. etracker cookies do not contain any information that enables identification of a user.

The data generated by etracker is processed and stored by etracker on our behalf exclusively in Germany and is thus subject to strict German and European data protection laws and standards. In this respect, etracker has been independently audited, certified and awarded a privacy seal.

Data processing is carried out on the legal basis of Art. 6 para .1 pt. f (legitimate interest) of the GDPR. Our legitimate interest is the optimization of our online offers and our websites. As our visitors' privacy is particularly important to us, etracker anonymizes the IP address is as early as possible and converts login or device identifiers to a unique key that is not associated with a person. etracker does not utilize the data in any other way, merge it with other data or disclose it to third parties.

You can object to the aforementioned data processing at any time, insofar as it is carried out on a person-specific basis. Your objection has no adverse consequences for you Your objection will not have any adverse consequences for you.

f) Flourish

We use Flourish for data visualization to improve the way content is presented. The visualizations are stored on Flourish’s UK-based servers. IP address information is transmitted to Flourish when graphics are retrieved. We have disabled the tracking function for this service so that tracking data is not collected, for example, by Google Analytics. You can find information on Flourish’s privacy policy here.

g) SoundCloud

We may have integrated plug-ins of the social network SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, Great Britain) into this website. You will be able to recognize such SoundCloud plug-ins by checking for the SoundCloud logo on the respective pages.

Whenever you visit this website, a direct connection between your browser and the SoundCloud server will be established immediately after the plug-in has been activated. As a result, SoundCloud will be notified that you have used your IP address to visit this website. If you click the “Like” button or the “Share” button while you are logged into your Sound Cloud user account, you can link the content of this website to your SoundCloud profile and/or share the content. Consequently, SoundCloud will be able to allocate the visit to this website to your user account. We emphasize that we as the provider of the websites do not have any knowledge of the data transferred and the use of this data by SoundCloud.

Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the highest possible visibility on social media. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Great Britain is considered a secure non-EU country as far as data protection legislation is concerned. This means that the data protection level in Great Britain is equivalent to the data protection level of the European Union.

For more information about this, please consult SoundCloud’s Data Privacy Declaration at:

If you prefer not to have your visit to this website allocated to your SoundCloud user account by SoundCloud, please log out of your SoundCloud user account before you activate content of the SoundCloud plug-in.

Current as of October 2023