Data protection statement for the use of our websites

(Last updated: 05/2018)

Below, we have provided you with information about how we collect personal data when you use our website. Personal data is all data which concerns you personally, such as your name, address, email addresses and user behaviour. We have taken extensive technical and operational protective measures to protect your data from accidental or deliberate manipulation, loss, destruction or access by unauthorised individuals. Our security procedures are regularly reviewed and adjusted in line with technological progress.

 

1 Controller for data processing


The controller according to Art. 4, Para. 7 of the EU General Data Protection Regulation (GDPR) is

Funk Gruppe GmbH
International Insurance Brokers and Risk Consultants
Valentinskamp 20
20354 Hamburg
Tel. +49 40 35914-0
Fax +49 40 35914-407

Email: welcome[at]funk-gruppe.de


How to contact the data protection officer

You can contact our data protection officer on datenschutz[at]example.com or by using our postal address with the add-on “FAO Data Protection Officer”.

 

3 Subject of data protection

The subject of data protection is personal data under the terms of Art. 4, Para. 1 of the GDPR. This is all information which relates to an identified or identifiable natural person. It generally includes all information which could be used to identify a natural person (indirectly at least). This could be, for example, a person’s name or contact details (e.g. telephone number, postal address and email address). The IP address can also represent personal data in this sense.

 

4 Collection, processing and use of personal data


Funk only collects, processes and uses your personal data insofar as this is permitted or required by the GDPR, the German Federal Data Protection Act or another piece of legislation or insofar as you, as a user of our website, have consented to such collection, processing and use.

 

5 Your rights

You have the following rights vis-à-vis us with regard to the personal data concerning you:

 

5.1 General rights

You have a right of access, correction, deletion, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this consent you gave us with effect for the future.

 

5.2 Rights with regard to data processing according to a legitimate interest

According to Art. 21, Para. 1 of the GDPR, you have the right, on grounds relating to your particular situation, to object at any time to processing of the personal data concerning you based on Art. 6, Para. 1 e) of the GDPR (data processing in the public interest) or based on Art. 6, Para. 1 f) of the GDPR (data processing to protect a legitimate interest); this also applies to profiling based on this regulation. If you object, we shall no longer process your personal data unless we can demonstrate compelling and legitimate grounds for processing which outweigh your interests, rights and freedoms, or if processing serves to establish, exercise or defend legal claims.

 

5.3 Rights with regard to direct advertising

Insofar as we process your personal data for the purpose of carrying out direct advertising, you have, at any time, the right according to Art. 21, Para. 2 of the GDPR to object to processing of the personal data concerning you for the purposes of such advertising; this also applies to profiling if it is in conjunction with such direct advertising.

If you object to processing for the purposes of direct advertising, we shall no longer use your personal data for these purposes.

 

5.4 Right to lodge complaints with a supervisory authority

You also have the right to lodge complaints regarding our processing of your personal data with a responsible data protection supervisory authority.

 

6 Collection of personal data when you visit our website

When you are merely using the website for information purposes, i.e. if you do not register or otherwise transfer information to us, we only collect the personal data which your browser transfers to our server. When you visit our website, we collect the following data, which is technically necessary for us to enable you to view the website and to guarantee stability and security. The legal basis for this is Art. 6, Para. 1 f) of the GDPR:

IP address, date and time of the request, time zone difference from Greenwich Mean Time (GMT), content of the request (specific page), access status / HTTP status code, and the amount of data transferred.

 

7 Contact by email or using the contact form

If you contact us by email or using the contact form, the data you share (your email address and possibly your name and telephone number) shall be stored by us for the purpose of answering your questions. If we request that you use our contact form to input information which is not necessary for contact, we have always marked this as being optional. We use this information to substantiate your enquiry and to improve handling of your request. This information is communicated exclusively on a voluntary basis and with your consent as per Art. 6, Para.1 a) of the GDPR. If this information relates to communication channels (e.g. your email address or telephone number), you are also consenting to the fact that we may, if necessary, contact you using these communication channels to respond to your request. You may naturally revoke this consent at any time with effect for the future.

We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.

 

8 Publications

You can request publications (information brochures, studies, magazines or press releases) on our website. For these functions and services, we require certain personal information from you. The voluntary provision of additional data allows us to improve our website and provide you, on request, with targeted offers specifically tailored to meet your needs. You can enter this data in the designated places on the website. We process your data for the purpose of responding to your enquiry and providing you with the requested publication. If data is exceptionally processed for other purposes, this only takes place if you have given your consent to this effect.

If you request publications (e.g. studies or information brochures) by email, you need to provide your first name, surname and email address. If you request publications by post, you need to provide your first name, surname and postal address. We may also collect and process additional voluntary data from you in both cases (to send you publications by post and by email).

When requesting publications, you can provide the following data:

Title
First name
Surname
Company
Email address

The legal basis for processing your data is Art. 6, Paras. 1 a) and b) of the GDPR. We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.

 

9 Consent-based sending of invitations relating to selectable seminar and webinar topics

If you would like to receive email invitations from us to seminars or webinars on topics which you are free to select, you need to provide your first name, surname and email address. You can opt to provide additional data (e.g. title and company). We process your data for the purpose of sending you invitations relating to your selected seminar or webinar topics. The legal basis for processing your data is Art. 6, Para. 1 a) of the GDPR. You can revoke your consent to receiving invitations and unsubscribe from the invitation service at any time. You can revoke your consent by clicking on the link provided in each invitation email or by sending a contact request to the data protection officer mentioned above.

 

10 Consent-based processing and use of your data for customer service purposes

If you have provided us with your consent to this effect, we use the data collected for the purposes described under 9, 10, 11 and 12 for customer service purposes too. This means that we store your data for information purposes and use the same to be able to respond to your enquiries in the event that repeated contact is made or a business relationship is initiated.

The legal basis for processing your data is Art. 6, Para. 1 a) of the GDPR. We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.

 

11 Applications

You can apply to our company electronically, particularly by email. We will naturally only use your information for the purpose of processing your application and will not disclose the same to third parties. Please note that unencrypted emails are not transferred in an access-protected manner. 

If you have applied for a specific post and it has already been filled, or if we believe that another position is also suitable for or even better suited to you, we would be more than happy to forward your application within the company. Please let us know if you do not agree to your email being forwarded. 

Your personal data is deleted immediately once the application process is closed, or at most after six months, unless you have given us your express consent to store your data for longer or a contract has been concluded. The legal basis is Art. 6, Paras. 1 a), b) and f) of the GDPR and Section 26 of the German Federal Data Protection Act.

 

12 Twitter

We use the button of the service Twitter on our website. This button is provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Using this button allows you to follow our company on Twitter or share our posts, among other things. 

When you access our website as a user, your browser establishes a direct connection with Twitter’s servers. Twitter transmits the content of this button directly to your browser. We have no influence over the amount of data that Twitter collects using this plugin. We would like to inform you of this wherever it is possible for us to do so. As far as we are aware, only your IP address and the web page URL are transmitted when the button is clicked, but the data is not used for any purposes other than displaying the button. You will find further information at: http://twitter.com/privacy

 

13 Use of cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are saved on your hard drive, are assigned to the browser you use and through which the party that sets the cookie receives certain information. Cookies cannot run any programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective on the whole.

This website uses the following types of cookies, the scope and functions of which are explained below:

 

13.1 Transient cookies 

These cookies are automatically deleted when you close the browser. They particularly include session cookies. These save a ‘session ID’ which can be used to assign various requests from your browser to the same session. Your computer can therefore be recognised if you return to our website. The session cookies are deleted if you log out or close the browser.

 

13.2 Persistent cookies 

These cookies are automatically deleted after a specified period of time, which can vary depending on the cookie in question. You can delete the cookies at any time in your browser’s security settings.

 

13.3 Flash cookies

The flash cookies used are not recorded by your browser, but rather by your Flash plugin. We also use HTML5 storage objects, which are stored on your terminal device. These objects store the data required regardless of the browser you use and do not have an automatic expiry date. If you do not want the flash cookies to be processed, you must install a corresponding add-on, such as ‘Better Privacy’ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using your browser in Private mode. We also recommend manually deleting your cookies and browser history on a regular basis.

 

13.4 Preventing cookies

You can configure your browser settings in line with your requirements and refuse to accept third-party cookies or all cookies, for example. Please note that if you do so, you may not be able to use all the functions of this website.

 

13.5 Legal bases and duration of storage

The legal bases for potential processing of personal data and the data storage durations vary, and are described in the sections below.

 

14 Website analysis

We use various services, which are described below, for the purposes of analysing and optimising our website. We can therefore analyse, for example, how many users visit our site, what information is the most sought-after, or how users find the website. We also collect data on the website from which a data subject has accessed our website (‘referrer’), which of the website sub-pages were accessed, or how often and how long for a sub-page was viewed. This helps us to make our website user-friendly and also to improve it. The data collected in this way is not used to personally identify individual users. Anonymous or, at most, pseudonymous data is collected. The legal basis for this is Art. 6, Para. 1 f) of the GDPR. 

 

14.1 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Use of the same includes use of the Universal Analytics operating mode. It is thus possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and therefore analyse a user’s activities across such multiple devices.

Google Analytics uses cookies, which enable analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to and stored on a Google server in the United States. If IP anonymisation is activated on this website, Google will, however, truncate your IP address beforehand within Member States of the European Union or other states which are parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser in the context of Google Analytics is not associated with any other data held by Google. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of this website, compiling reports on website activities and providing the website operator with other services relating to website and Internet use. In these purposes, we also have a legitimate interest in data processing. The legal basis for the use of Google Analytics is Section 15, Para. 3 of the German Telemedia Act (TMG) and Art. 6, Para. 1 f) of the GDPR. The data sent by us and linked with cookies, user identifiers (e.g. user ID) or advertising IDs is automatically deleted after 14 months. Data whose storage period has ended is automatically deleted once per month. You will find further information about terms of use and data protection at www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de 


You can prevent the storage of cookies by changing the relevant setting in your browser software; however, please note that if you do so, you may not be able to use all the functions of this website in full. Furthermore, you can prevent Google’s collection and processing of the data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=de. Opt-out cookies prevent your data from being collected on future visits to this website. To prevent collection across various devices by Universal Analytics, you must opt out on all the systems you use. The opt-out cookie is set if you click here:

Deactivate Google Analytics

 

15 Advertising

We use cookies for marketing purposes to address our users with interest-based advertising. We also use cookies to restrict the likelihood of ad playback and to measure the effectiveness of our advertising measures. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6, Paras. 1 a) and f) of the GDPR. We have a legitimate interest in direct marketing for the purposes pursued with data processing. You have the right, at any time, to object to processing of your data for the purposes of such advertising. To this end, we provide you with the respective services’ opt-out options below. Alternatively, you can prevent the setting of cookies in your browser settings.

 

15.1 Google DoubleClick

We use DoubleClick, a service provided by Google Inc. DoubleClick uses cookies to place user-based adverts. The cookies recognise which ads have already been placed in your browser and whether you have called up a website via a placed ad. In doing this, the cookies do not collect any personal information and also cannot be linked with the same.

If you do not want to receive any user-based advertising, you can deactivate the placement of ads using Google’s ad setting.

Please refer to Google’s privacy policy for further information on how Google uses cookies.

 

16 Social media buttons

We provide social media buttons so that the content of our website can be shared on social networks. We use data-secure ‘Shariff’ buttons on our website. ‘Shariff’ was developed by specialists from the computer magazine c’t to enhance online privacy and prevent the unwanted transfer of data to social network operators. More information on the Shariff project can be found here.

The buttons offered directly by the operators of social networks generally transfer personal data such as IP addresses to the social network in question even just when a website with these integrated buttons is loaded. As a result, social network operators automatically receive precise information about your internet surfing. You do not have to be logged in to the network in question for this to occur; you do not even need to be a member of said network. By contrast, a Shariff button only establishes direct contact between a social network and the website visitor when the visitor actively clicks on the share button. Shariff thus prevents you from leaving a digital trace on every page you visit and enhances data protection. By using Shariff, we are protecting your personal data while also integrating buttons on our website for sharing our content on social media.

 

17 Data transfer

Funk discloses personal data within the Group’s companies (as listed on the website in the company profiles found under the section ‘Legal information’) within permissible limits, if such data is required for the purposes listed under Sections 8 to 13. Your personal data is processed on behalf of Funk in these cases as per Art. 28 of the GDPR.

To the extent required, we also disclose personal data to companies outside of the Funk Group in exceptional circumstances if we use these companies to process your data. In these cases, however, the amount of data transferred is restricted to the minimum required. Insofar as recipients outside of the Funk Group come into contact with your personal data, we ensure in the context of processing as per Art. 28 of the GDPR that these parties comply with the regulations set down in data protection legislation in the same way. Please also note the providers’ respective privacy policies. The respective service provider is responsible for the contents of external services, whereby we check, within reasonable limits, that the services comply with the legal requirements.

Insofar as no deviating regulations result from this privacy policy, in principle your data is not transferred to third parties unless we are obligated to this effect by law, or if the data needs to be disclosed to implement the contractual relationship, or you have previously given your express consent to your data being disclosed.

We never transfer any personal data which we collect on this website to countries outside the European Union or the European Economic Area – unless such transmission is expressly stated.

 

18 Data security

We have taken extensive technical and operational protective measures to protect your data from accidental or deliberate manipulation, loss, destruction or access by unauthorised individuals. Our security procedures are regularly reviewed and adjusted in line with technological progress.

Information about the collection and processing of your personal data

Conscientiousness and transparency are the foundations for trust-based collaboration with our clients. For this reason, we would like to inform you of how we process your data and how you can exercise the rights afforded to you under the General Data Protection Regulation. The personal data we process and the purposes for this depend on the specific contractual relationship in each case.

1 Who is responsible for data processing?
The controller for data processing is:
Funk Gruppe GmbH 
Valentinskamp 20
20354 Hamburg, Germany
Tel. +49 (0)40 359 140
Fax +49 (0)40 3591 4407
Email: welcome[at]funk-gruppe.de

 

2 How can you get in touch with the Data Protection Officer?

You can contact our Data Protection Officer at datenschutz[at]funk-gruppe.de or by using our postal address with the add-on ‘FAO Data Protection Officer’.

 

3 What personal data do we use?

We process your personal data if you have sent us a query, asked us for a quote or concluded a contract with us. 

Among other reasons, we also process your personal data in order to fulfil legal requirements, to protect a legitimate interest or because you have given us your consent to do so. 

Depending on the legal basis for data processing, the following categories of personal data are processed:

 

3.1 Personal data

  • First name, last name
  • Address
  • Communication data (e.g. telephone, email)
  • Date and place of birth, nationality
  • Gender, marital status, other family data
  • Employer, occupation and job history, certificates and references
  • Relationship to policy holder, insured party, beneficiary or claimant 

 

3.2 Identification data

  • Social security number
  • Passport number
  • Personal identification number
  • Tax identification number
  • Tax class
  • Driving licence data
  • Health insurance number
  • Vehicle identification number
  • Vehicle registration number

 

3.3 Information about insurance offers and contracts 

  • Contract master data, specifically the contract number, contractual term, termination notice period, type of contract
  • Information about the insured risk

 

3.4 Financial data

  • Bank details/account information
  • Payment data 
  • Invoice data
  • Income 
  • Company figures (e.g. turnover figures, annual financial statements)
  • Vehicle and property ownership, land register entries
  • Information on creditworthiness
  • Other financial data

 

3.5 Health data

  • Information about current or prior physical or mental illnesses
  • Health status, injuries or disabilities, type and duration of medical treatments, relevant personal habits (e.g. smoking or consuming alcohol)
  • Information about prescribed medications, previous illnesses (medical history)

 

3.6 Information about current and prior insurance claims

  • This includes the aforementioned categories of personal data and may also include the aforementioned health data.

 

3.7 Information about court rulings

 

3.8 Information about rental contracts

  • Content of the rental contract (lessor, lessee, rent amount)
  • Lease duration

 

3.9 Data on criminal convictions

 

3.10 Account information, especially registration and logins

 

3.11 Videos or images

 

4 Where does the data come from?

We process personal data that we received from our (prospective) clients.

In individual cases, we also receive personal data from:

  • Insurers and reinsurers 
  • Cooperating insurance brokers and other intermediaries (including partners in the ‘Funk Alliance’ broker network, insurance representatives, insurance agents, ‘underwriting agents’ and ‘referrers’)
  • Family members of a (prospective) client 
  • Employers (especially in the case of workplace pensions or group accident insurance) 
  • Support and pension funds (for workplace pensions)
  • Claimants and other third parties such as witnesses, experts (including medical experts) and lawyers 
  • Financial/credit agencies
  • Databases for the purposes of observing sanctions and combating fraud 
  • Authorities such as vehicle registration bodies and tax authorities 
  • Publicly accessible sources, such as commercial or association registers, debtor lists, last registers, websites
  • Other companies of the Funk Group (you can find these at this link).

 

5 For what purposes do we process your data and on what legal basis?

We process your personal data especially in accordance with the General Data Protection Regulation (GDPR) and the German Data Protection Act (BDSG) as well as all other applicable laws.

 

5.1 Due to consent provided by you (Art. 6 Para. 1 a) GDPR, Art. 9 Para. 2 a) GDPR)

If you have given us your voluntary consent to collect, process and/or transfer certain personal data, this consent constitutes the legal basis for processing this data. 

We process your personal data on the basis of your consent in the following cases:

  • To process special categories of personal data (e.g. health data in the course of brokering insurance contracts and processing payouts or other insurance claims) 
  • To send an email newsletter
  • Personalised newsletter tracking
  • Market research (e.g. customer satisfaction surveys)
  • Marketing and advertising
  • To create customer profiles
  • To publish a client testimonial (name and picture) or use a client reference in tendering processes

 

5.2 For the performance of a contract (Art. 6 Para. 1 b) GDPR)

We use your personal data to perform our contractual obligations as an insurance broker and/or consultant. 

As part of this contractual relationship, we process your data especially to perform the following tasks:

  • Set up a client relationship
  • Provide ongoing support and communicate with our clients 
  • Assess risks to be insured 
  • Obtain insurance offers 
  • Manage contracts
  • Make contact in relation to a contract
  • Carry out ongoing risk checks
  • Fulfil reporting obligations in relation to an insurance contract (e.g. to assess risk and calculate premiums)
  • Record and pass on claims reports
  • Add clients to the Funk client portal (overview of individual insurance programme) 
  • Process insurance claims, especially compensation and payouts (including pension and other benefit claims) 
  • Collect premiums
  • Reimburse insurance premiums 
  • Make insurance payouts
  • Defend or pursue legal claims 

More information on the purposes of data processing can be found in the relevant contract documents, insurance terms and General Terms and Conditions.

 

5.3 To fulfil legal obligations (Art. 6 Para. 1 c) GDPR) or for the public interest (Art. 6 Para. 1 e) GDPR)

As an insurance broker and/or consultant we have different legal obligations. To fulfil these obligations, it may be necessary to process personal data. 

  • Checks and reporting to insurance, data protection and other authorities as well as external auditors
  • Credit, age and identification checks
  • Prevention/interception of criminal acts
  • Data reconciliation to combat money laundering and/or terrorist financing (e.g. due to EU sanctions)

 

5.4 For the purposes of a legitimate interest (Art. 6 Para. 1 f) GDPR)

In certain cases we process your data to protect our legitimate interest or that of a third party.  

  • Central client data administration within the Funk Group 
  • Assurance of IT security and IT operations
  • Direct advertising or market and opinion research
  • Measures for building and asset security
  • Video surveillance to protect our domestic authority
  • Consultation and data exchange with information agencies

 

5.5 For the exercise or defence of legal claims (Art. 9 Para. 2 f) GDPR)

In certain cases we process your health data to exercise or defend legal claims.

  • To process insurance claims, especially liability insurance compensation and payouts

 

6 To whom is your data passed on?

To fulfil our contractual and legal obligations your personal data is disclosed to different internal and external offices and service providers as well as public agencies.

  • Companies within the Funk Group

The Funk Group maintains a central client database to which the employees of all affiliated companies have access, in order to offer our clients the entire spectrum of the services we provide from a single source. The companies of the Funk Group can be found at this link. 

  • Insurers and reinsurers
    Information on data processing at insurers and reinsurers can be found on their websites
  • Cooperating insurance brokers and other intermediaries (including partners in the ‘Funk Alliance’ broker network, insurance representatives, insurance agents, ‘underwriting agents’ and ‘referrers’)
  • Employers (especially in the case of workplace pensions or group accident insurance) 
  • Support and pension funds (for workplace pensions)
  • Courts (especially family courts in the case of a maintenance adjustment)
  • External service providers
    We also work with selected external service providers to fulfil our contractual and legal obligations:

    • Experts (especially in the assessment of claims and payouts)
    • IT service providers (e.g. maintenance service providers, hosting providers)
    • Service providers for file and data destruction
    • Service providers for telecommunications
    • Banks and other payment service providers
    • Service providers for advice and consultancy
    • Service providers for public relations, marketing or sales
    • Financial/credit agencies
    • Service providers for telephone support (call centres)
    • Printing service providers, letter shops
    • Tax advisers and accountants

  • Public bodies
    We may also be required to transfer your personal data to other recipients, such as authorities, for the purposes of fulfilling legal reporting obligations:
  • Supervisory and approval authorities (e.g. the German Federal Financial Supervisory Authority)
    • Insurance ombudsmen
    • Financial authorities
    • Customs authorities
    • Social security providers 
    • Databases for the purposes of observing sanctions and combating fraud 
    • Vehicle registration bodies 

If you have any questions about the individual recipients, contact us at datenschutz[at]funk-gruppe.de or by using our postal address with the add-on ‘FAO Data Protection Officer’.

 

7 Is your data transferred to countries outside of the European Union (‘third countries’)?

Countries outside of the European Union (and the European Economic Area ‘EEA’) handle the protection of personal data differently than countries within the European Union. To process your data we may employ service providers located in third countries outside of the European Union. There is currently no ruling by the EU Commission that these third countries offer an adequate level of protection in general. 

For this reason we have employed special measures to ensure that your data is processed as securely in third countries as it is within the European Union. We conclude agreements containing the standard data protection clauses provided by the European Union Commission with service providers in third countries. These clauses stipulate suitable guarantees for the protection of your data when handled by service providers in third countries.

 

8 How long is your data stored?

We store your personal data as long as it is required in order to fulfil our legal and contractual obligations.

If the data is no longer necessary in order to fulfil legal or contractual obligations, your data is deleted, unless further processing is necessary for the following purposes:

  • To fulfil retention obligations set out in commercial and tax law, such as the retention periods stipulated in the German Commercial Code (HGB) or German Revenue Code (AO), which call for retention periods up to ten years.
  • To retain evidence under legal regulations governing limitation periods. According to the limitation regulations set out in the German Civil Code (BGB), these limitation periods can run up to 30 years in some cases, but the regular limitation period is three years.

 

9 What are your rights concerning the processing of your data?

According to the GDPR, every data subject has the right of access (Art. 15), the right of rectification (Art. 16), the right of erasure (Art. 17), the right to restrict processing (Art. 18), the right of objection (Art. 21) and the right of data portability (Art. 20). The restrictions set out in Sections 34 and 35 of the BDSG apply to the right of access and right of erasure.

 

9.1 Right of objection

You can object to the use of your data for advertising purposes without incurring any charges, with the exception of the transmission fees under the basic tariff.

  • What are your rights concerning data processing due to your legitimate or the public interest?
    According to Art. 21, Para. 1 of the GDPR, you have the right, on grounds relating to your particular situation, to object at any time to processing of the personal data concerning you based on Art. 6, Para. 1 e) of the GDPR (data processing in the public interest) or based on Art. 6, Para. 1 f) of the GDPR (data processing to protect a legitimate interest); this also applies to profiling based on this regulation.
    If you object, we shall no longer process your personal data unless we can demonstrate compelling and legitimate grounds for processing which outweigh your interests, rights and freedoms, or if processing serves to establish, exercise or defend legal claims.
  • What are your rights concerning data processing for the purposes of direct advertising?
    Insofar as we process your personal data for the purpose of carrying out direct advertising, you have, at any time, the right according to Art. 21, Para. 2 of the GDPR to object to processing of the personal data concerning you for the purposes of such advertising; this also applies to profiling if it is in conjunction with such direct advertising.
    If you object to processing for the purposes of direct advertising, we shall no longer use your personal data for these purposes.

 

9.2 Withdrawal of consent

You can withdraw your consent for us to process your personal data at any time. Please note that this withdrawal of consent only affects future processing. 

 

9.3 Right of access

You can demand information from us as to whether we have stored your personal data. Upon your request, we will inform you of what type of data we have, the purposes for which the data is being processed, the parties to which this data has been disclosed, how long the data has been and will be stored and what further rights you have in relation to this data. 

 

9.4 Other rights

You also have the right to rectify incorrect data or erase your data. If there is no reason to continue storing your data, we will delete it. Otherwise we will restrict its processing. You can also request that we provide all of the personal data you have given us in a structured, conventional, machine-readable format either to you or to a person or company of your choice.

Furthermore, you have the right to lodge a complaint with the responsible data protection supervisory authority (Art. 77 GDPR in connection with Section 19 BDSG).

 

9.5 Exercising your rights

You can contact the data controller or the Data Protection Officer using the aforementioned contact details in order to exercise your rights. We will process your query immediately and in accordance with legal requirements.

 

10 Do you have to provide your personal data?

In order for use to fulfil our obligations as an insurance broker and/or consultant, especially when obtaining insurance offers and assessing risks to be insured, you must provide us with the personal data we require for the performance of the contract or that we are compelled to collect for legal reasons (e.g. due to stipulations of the German Money Laundering Act). If you do not provide us with this data, we will not be able to execute and process the contract.

 

11 Is there an automated decision-making process or does profiling take place?

We do not use any automated decision-making processes and no profiling takes place.

12 Changes to this information

If the purpose for or the manner and method of processing your personal data substantially change, we will update this information and inform you of the changes in due course.

Last updated September 2018