Data protection statement

(Last updated: 05/2018)

Below, we have provided you with information about how we collect personal data when you use our website. Personal data is all data which concerns you personally, such as your name, address, email addresses and user behaviour. We have taken extensive technical and operational protective measures to protect your data from accidental or deliberate manipulation, loss, destruction or access by unauthorised individuals. Our security procedures are regularly reviewed and adjusted in line with technological progress.

 

1 Controller for data processing


The controller according to Art. 4, Para. 7 of the EU General Data Protection Regulation (GDPR) is

Funk Gruppe GmbH
International Insurance Brokers and Risk Consultants
Valentinskamp 20
20354 Hamburg
Tel. +49 40 35914-0
Fax +49 40 35914-407

Email: welcome[at]funk-gruppe.de


How to contact the data protection officer

You can contact our data protection officer on datenschutz[at]example.com or by using our postal address with the add-on “FAO Data Protection Officer”.

 

3 Subject of data protection

The subject of data protection is personal data under the terms of Art. 4, Para. 1 of the GDPR. This is all information which relates to an identified or identifiable natural person. It generally includes all information which could be used to identify a natural person (indirectly at least). This could be, for example, a person’s name or contact details (e.g. telephone number, postal address and email address). The IP address can also represent personal data in this sense.

 

4 Collection, processing and use of personal data


Funk only collects, processes and uses your personal data insofar as this is permitted or required by the GDPR, the German Federal Data Protection Act or another piece of legislation or insofar as you, as a user of our website, have consented to such collection, processing and use.

 

5 Your rights

You have the following rights vis-à-vis us with regard to the personal data concerning you:

 

5.1 General rights

You have a right of access, correction, deletion, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this consent you gave us with effect for the future.

 

5.2 Rights with regard to data processing according to a legitimate interest

According to Art. 21, Para. 1 of the GDPR, you have the right, on grounds relating to your particular situation, to object at any time to processing of the personal data concerning you based on Art. 6, Para. 1 e) of the GDPR (data processing in the public interest) or based on Art. 6, Para. 1 f) of the GDPR (data processing to protect a legitimate interest); this also applies to profiling based on this regulation. If you object, we shall no longer process your personal data unless we can demonstrate compelling and legitimate grounds for processing which outweigh your interests, rights and freedoms, or if processing serves to establish, exercise or defend legal claims.

 

5.3 Rights with regard to direct advertising

Insofar as we process your personal data for the purpose of carrying out direct advertising, you have, at any time, the right according to Art. 21, Para. 2 of the GDPR to object to processing of the personal data concerning you for the purposes of such advertising; this also applies to profiling if it is in conjunction with such direct advertising.

If you object to processing for the purposes of direct advertising, we shall no longer use your personal data for these purposes.

 

5.4 Right to lodge complaints with a supervisory authority

You also have the right to lodge complaints regarding our processing of your personal data with a responsible data protection supervisory authority.

 

6 Collection of personal data when you visit our website

When you are merely using the website for information purposes, i.e. if you do not register or otherwise transfer information to us, we only collect the personal data which your browser transfers to our server. When you visit our website, we collect the following data, which is technically necessary for us to enable you to view the website and to guarantee stability and security. The legal basis for this is Art. 6, Para. 1 f) of the GDPR:

IP address, date and time of the request, time zone difference from Greenwich Mean Time (GMT), content of the request (specific page), access status / HTTP status code, and the amount of data transferred.

 

7 Contact by email or using the contact form

If you contact us by email or using the contact form, the data you share (your email address and possibly your name and telephone number) shall be stored by us for the purpose of answering your questions. If we request that you use our contact form to input information which is not necessary for contact, we have always marked this as being optional. We use this information to substantiate your enquiry and to improve handling of your request. This information is communicated exclusively on a voluntary basis and with your consent as per Art. 6, Para.1 a) of the GDPR. If this information relates to communication channels (e.g. your email address or telephone number), you are also consenting to the fact that we may, if necessary, contact you using these communication channels to respond to your request. You may naturally revoke this consent at any time with effect for the future.

We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.

 

8 Publications

You can request publications (information brochures, studies, magazines or press releases) on our website. For these functions and services, we require certain personal information from you. The voluntary provision of additional data allows us to improve our website and provide you, on request, with targeted offers specifically tailored to meet your needs. You can enter this data in the designated places on the website. We process your data for the purpose of responding to your enquiry and providing you with the requested publication. If data is exceptionally processed for other purposes, this only takes place if you have given your consent to this effect.

If you request publications (e.g. studies or information brochures) by email, you need to provide your first name, surname and email address. If you request publications by post, you need to provide your first name, surname and postal address. We may also collect and process additional voluntary data from you in both cases (to send you publications by post and by email).

When requesting publications, you can provide the following data:

Title
First name
Surname
Company
Email address

The legal basis for processing your data is Art. 6, Paras. 1 a) and b) of the GDPR. We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.

 

9 Consent-based sending of invitations relating to selectable seminar and webinar topics

If you would like to receive email invitations from us to seminars or webinars on topics which you are free to select, you need to provide your first name, surname and email address. You can opt to provide additional data (e.g. title and company). We process your data for the purpose of sending you invitations relating to your selected seminar or webinar topics. The legal basis for processing your data is Art. 6, Para. 1 a) of the GDPR. You can revoke your consent to receiving invitations and unsubscribe from the invitation service at any time. You can revoke your consent by clicking on the link provided in each invitation email or by sending a contact request to the data protection officer mentioned above.

 

10 Consent-based processing and use of your data for customer service purposes

If you have provided us with your consent to this effect, we use the data collected for the purposes described under 9, 10, 11 and 12 for customer service purposes too. This means that we store your data for information purposes and use the same to be able to respond to your enquiries in the event that repeated contact is made or a business relationship is initiated.

The legal basis for processing your data is Art. 6, Para. 1 a) of the GDPR. We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.

 

11 Applications

You can apply to our company electronically, particularly by email. We will naturally only use your information for the purpose of processing your application and will not disclose the same to third parties. Please note that unencrypted emails are not transferred in an access-protected manner. 

If you have applied for a specific post and it has already been filled, or if we believe that another position is also suitable for or even better suited to you, we would be more than happy to forward your application within the company. Please let us know if you do not agree to your email being forwarded. 

Your personal data is deleted immediately once the application process is closed, or at most after six months, unless you have given us your express consent to store your data for longer or a contract has been concluded. The legal basis is Art. 6, Paras. 1 a), b) and f) of the GDPR and Section 26 of the German Federal Data Protection Act.

 

12 Twitter

We use the button of the service Twitter on our website. This button is provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Using this button allows you to follow our company on Twitter or share our posts, among other things. 

When you access our website as a user, your browser establishes a direct connection with Twitter’s servers. Twitter transmits the content of this button directly to your browser. We have no influence over the amount of data that Twitter collects using this plugin. We would like to inform you of this wherever it is possible for us to do so. As far as we are aware, only your IP address and the web page URL are transmitted when the button is clicked, but the data is not used for any purposes other than displaying the button. You will find further information at: http://twitter.com/privacy

 

13 Use of cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are saved on your hard drive, are assigned to the browser you use and through which the party that sets the cookie receives certain information. Cookies cannot run any programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective on the whole.

This website uses the following types of cookies, the scope and functions of which are explained below:

 

13.1 Transient cookies 

These cookies are automatically deleted when you close the browser. They particularly include session cookies. These save a ‘session ID’ which can be used to assign various requests from your browser to the same session. Your computer can therefore be recognised if you return to our website. The session cookies are deleted if you log out or close the browser.

 

13.2 Persistent cookies 

These cookies are automatically deleted after a specified period of time, which can vary depending on the cookie in question. You can delete the cookies at any time in your browser’s security settings.

 

13.3 Flash cookies

The flash cookies used are not recorded by your browser, but rather by your Flash plugin. We also use HTML5 storage objects, which are stored on your terminal device. These objects store the data required regardless of the browser you use and do not have an automatic expiry date. If you do not want the flash cookies to be processed, you must install a corresponding add-on, such as ‘Better Privacy’ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using your browser in Private mode. We also recommend manually deleting your cookies and browser history on a regular basis.

 

13.4 Preventing cookies

You can configure your browser settings in line with your requirements and refuse to accept third-party cookies or all cookies, for example. Please note that if you do so, you may not be able to use all the functions of this website.

 

13.5 Legal bases and duration of storage

The legal bases for potential processing of personal data and the data storage durations vary, and are described in the sections below.

 

14 Website analysis

We use various services, which are described below, for the purposes of analysing and optimising our website. We can therefore analyse, for example, how many users visit our site, what information is the most sought-after, or how users find the website. We also collect data on the website from which a data subject has accessed our website (‘referrer’), which of the website sub-pages were accessed, or how often and how long for a sub-page was viewed. This helps us to make our website user-friendly and also to improve it. The data collected in this way is not used to personally identify individual users. Anonymous or, at most, pseudonymous data is collected. The legal basis for this is Art. 6, Para. 1 f) of the GDPR. 

 

14.1 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Use of the same includes use of the Universal Analytics operating mode. It is thus possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and therefore analyse a user’s activities across such multiple devices.

Google Analytics uses cookies, which enable analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to and stored on a Google server in the United States. If IP anonymisation is activated on this website, Google will, however, truncate your IP address beforehand within Member States of the European Union or other states which are parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser in the context of Google Analytics is not associated with any other data held by Google. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of this website, compiling reports on website activities and providing the website operator with other services relating to website and Internet use. In these purposes, we also have a legitimate interest in data processing. The legal basis for the use of Google Analytics is Section 15, Para. 3 of the German Telemedia Act (TMG) and Art. 6, Para. 1 f) of the GDPR. The data sent by us and linked with cookies, user identifiers (e.g. user ID) or advertising IDs is automatically deleted after 14 months. Data whose storage period has ended is automatically deleted once per month. You will find further information about terms of use and data protection at www.google.com/analytics/terms/de.html and policies.google.com;


You can prevent the storage of cookies by changing the relevant setting in your browser software; however, please note that if you do so, you may not be able to use all the functions of this website in full. Furthermore, you can prevent Google’s collection and processing of the data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=de. Opt-out cookies prevent your data from being collected on future visits to this website. To prevent collection across various devices by Universal Analytics, you must opt out on all the systems you use. The opt-out cookie is set if you click here:

Deactivate Google Analytics

 

15 Advertising

We use cookies for marketing purposes to address our users with interest-based advertising. We also use cookies to restrict the likelihood of ad playback and to measure the effectiveness of our advertising measures. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6, Paras. 1 a) and f) of the GDPR. We have a legitimate interest in direct marketing for the purposes pursued with data processing. You have the right, at any time, to object to processing of your data for the purposes of such advertising. To this end, we provide you with the respective services’ opt-out options below. Alternatively, you can prevent the setting of cookies in your browser settings.

 

15.1 Google DoubleClick

We use DoubleClick, a service provided by Google Inc. DoubleClick uses cookies to place user-based adverts. The cookies recognise which ads have already been placed in your browser and whether you have called up a website via a placed ad. In doing this, the cookies do not collect any personal information and also cannot be linked with the same.

If you do not want to receive any user-based advertising, you can deactivate the placement of ads using Google’s ad setting.

Please refer to Google’s privacy policy for further information on how Google uses cookies.

 

16 Data transfer

Funk discloses personal data within the Group’s companies (as listed on the website in the company profiles found under the section ‘Legal information’) within permissible limits, if such data is required for the purposes listed under Sections 8 to 13. Your personal data is processed on behalf of Funk in these cases as per Art. 28 of the GDPR.

To the extent required, we also disclose personal data to companies outside of the Funk Group in exceptional circumstances if we use these companies to process your data. In these cases, however, the amount of data transferred is restricted to the minimum required. Insofar as recipients outside of the Funk Group come into contact with your personal data, we ensure in the context of processing as per Art. 28 of the GDPR that these parties comply with the regulations set down in data protection legislation in the same way. Please also note the providers’ respective privacy policies. The respective service provider is responsible for the contents of external services, whereby we check, within reasonable limits, that the services comply with the legal requirements.

Insofar as no deviating regulations result from this privacy policy, in principle your data is not transferred to third parties unless we are obligated to this effect by law, or if the data needs to be disclosed to implement the contractual relationship, or you have previously given your express consent to your data being disclosed.

We never transfer any personal data which we collect on this website to countries outside the European Union or the European Economic Area – unless such transmission is expressly stated.

 

17 Data security

We have taken extensive technical and operational protective measures to protect your data from accidental or deliberate manipulation, loss, destruction or access by unauthorised individuals. Our security procedures are regularly reviewed and adjusted in line with technological progress.