Your trust is important to us, as is data protection. For these reasons we would like to inform you in the following about the processing of your personal data by us. Personal data is all data that refers to you personally, e.g. name, address, e-mail address, IP address or user behaviour.

Responsible for the data processing on this website is:

dib Deutsche Insurance Broker GmbH

For more information on how to contact us, please visit the “Imprint“.

As controller for these websites, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this Privacy Policy. We use the best technical and organisational measures to protect the integrity of your data. These measures include the use of security software, a WAF (Web Application Firewall), as well as page-wide secure TLS encryption on all websites of our online presence.

Our data processing activities

If you contact us by e-mail, post, telephone or via the contact form on our website, the data you provide (your e-mail address, if applicable your name and telephone number, address, other data that you provide) to us will be processed by us in order to answer your question or to process your request. This data processing is carried out in accordance with Art. 6 para. 1 lit. f) General Data Protection Regulation (“GDPR”) on the basis of our and your legitimate interests in the processing of the contact inquiry. We do this in your interest – you have asked us – and in our interest to ensure the satisfaction of all inquirers. This data processing is oriented to the purpose specified by you through your contact request, whereby the data will not be processed for other purposes.

When using our contact form, your data will be encrypted according to the current state of the art technology. You give us your data voluntarily, whereby only as much data as necessary is requested (mandatory data) to enable us to contact you. All other information is optional. If you use other communication channels for a request (for example, by e-mail), we will respond to your request through these channels.

You can object to data processing on the basis of legitimate interests at any time by informing us of this. In principle, we do not transfer your personal data to third parties. If we determine that we are unable to process your request satisfactorily and need the support of an external company, we will inform you and, if necessary, obtain your consent to the transfer of your personal data.

We will delete your personal data if the storage is no longer necessary, if the purpose of the request has been completed, if you have objected to the processing or if we were able to solve your request satisfactorily, unless there is a duty to store your data. We review a possible deletion at regular intervals every three years.

For the purpose of providing contractual services and customer care we process in accordance with Art. 6 Para. 1 lit b) and f) GDPR:

Contract data (including names, addresses and telephone numbers)
Usage data (e.g. the visited websites of our online presence)
Content data (e.g. entries in the contact form) and
Payment data (including bank details and payment history)

of our customers, business partners and their employees.

The data will be deleted upon expiry of statutory warranty and storage obligations; the necessity of data storage will be reviewed every three years; in the case of statutory storage obligations, the data will be deleted after their expiry.

Hosting and other services

We use contracted service providers in Germany for hosting services for the purpose of operating our online presence. These have been carefully selected and commissioned by us, they are bound by our instructions and are regularly checked. Upon request, we will provide information about our contracted service providers.

In order to ensure the security of the website and its functionality, a US-based service provider belonging to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework) is also commissioned to operate a firewall plug-in, whereby the IP addresses of website visitors are collected and processed as personal data. These are only stored for as long as necessary and then deleted immediately.

The IP address is processed by us or our service providers on our behalf during your visit to our website. This is done on the basis of our legitimate interests in the efficient and secure provision of our online presence, to protect against misuse and other unauthorised use in accordance with Art. 6 Para. 1 lit. f) GDPR in conjunction with Art. 28 GDPR.

All other data used purely for the use of the website will be made anonymous before further processing. Only your IP address can be considered as personal data, so that you can visit this website after anonymization without hesitation.

Information we may process may include:

Your anonymised IP address
Your approximate position (only the country, not the city)
Your operating system and browser type and version
Your referrer (the website you came from)
The server keeps an anonymous logbook of every access made. This log contains:
Your anonymised IP address
Date and time of access
Server/file address of the access
Size of access (download volume)
Access time
Access result (200 OK, 404 Not Found, 500 Server Error, etc.)
Screen resolution

A passing on of the above-mentioned data to third parties does not take place in principle, unless it is necessary to pursue our claims, to fulfil the intended purpose or there is a legal obligation in accordance with Art. 6 para. 1 lit. c) GDPR.

Analytics and automated decision making

Throughout this website, we use a self-hosted and fully private analytics tool that resides solely on our own servers. Any data collected by this tool is fully anonymized before processing so there’s no actual implication to the privacy of any individual. It’s technically impossible for us to determine the identity of a visitor. We only use this data to build site usage statistics. We don’t use tracking cookies to enhance our visitors privacy significantly. None of this data is ever shared with an outside party. If you wish to opt-out of anonymous tracking, you may do so by enabling the DNT (DoNotTrack) in your web browser’s respective settings. Our analytics tool will ignore all visits with this setting enabled. You may also disable the use of all cookies (we only use session cookies, which do not track you) for this website but note this may result in a significantly diminished browsing experience with no privacy benefit. All tracking information gathered from the collected data specified above will be automatically deleted after 30 days. All that’s left behind after that time is a general statistic with no usage profiles at all. There is no way to remove anyone’s visits from the statistics as we don’t track any personal data to begin with and even all of the non-personal data combined (referred to as fingerprinting) is insufficient to make a determination towards a visitor’s identity.

We do not use any data for automated decision making.

Newsletters

We use Mailchimp as a partner to deliver our e-mail marketing and news to our audience. Any such subscription requires a process called “double opt-in” to be completed, meaning each and every request must be verified by the owner of the email address by means of clicking on a verification link. Without such verification, your data will be deleted according to Mailchimp’s deletion schedules. This consent is given freely and you may revoke it at any time. There are no sign-up forms from Mailchimp embedded directly on our pages to avoid usage tracking of our own visitors by their servers. Only upon entering and submitting an email address into the sign-up form, you’re starting the process of submitting your data to us and Mailchimp. None of this data is stored on our own server, it’ll be transmitted to Mailchimp directly, where it will reside for the duration of your subscription and then be deleted automatically if you decide to unsubscribe, which you may do at any time using the unsubscribe link present in all of our e-mails. We may use metrics and analytics provided by Mailchimp to enhance our own statistics, however we will anonymize any such data entirely to avoid personal rights to be touched in any way. Mailchimp’s privacy policy will inform you of automated deletion schedules on their part. You can find out all about Mailchimp’s privacy practices and their terms on their own legal page (https://mailchimp.com/legal/).

Cookies

In addition to the above mentioned data, cookies are stored on your device when you use our website. Cookies are small text files that are assigned and stored on your hard disk to the browser you use and through which certain information flows to the site that sets the cookie. Cookies cannot run programs or transmit viruses to your device. They serve to make the Internet offering as a whole more user-friendly and effective, which is in both your and our interest. When you visit our website, only cookies are used whose sole purpose is to carry out or facilitate the transmission of information via the Internet and which are essential for visiting our website. They are therefore indispensable for the technical storage or access to our online presence and will be deleted as soon as their storage is no longer necessary.

The following cookies are used:
Session cookies: These cookies are automatically deleted after closing the browser. These store a so-called session ID, with which different requests of your browser can be assigned to the common session. This will allow your device to be recognized when you return to our website. The session cookies are deleted when you close your browser.
Persistent cookies: These cookies are automatically deleted after a specified period, which may vary depending on the cookie.

You may delete these cookies at any time in the security settings of your browser. You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third party cookies (these are cookies from third parties) or all cookies. We would like to point out that in such cases you may not be able to use all functions of our online presence. We recommend that you regularly delete your cookies and your browser history manually.

Your rights

You are entitled to the following rights with regard to your personal data:

Right of access
Right to rectification or erasure
Right to restriction of processing
Right to object
Right to data portability

You also have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.
We will comply with your request for erasure, unless it conflicts with a legal obligation to retain your data or we need the data for the establishment, exercise or defence of our legal claims.

You have the right to withdraw any given consent to the processing of your data at any time. Such withdrawal of consent shall not affect the lawfulness of the processing based on consent before its withdrawal.

If we base the processing of your personal data on our legitimate interests after weighing up with your interests, you can object to such processing. In such a case we will check your objection and will either stop or adapt the data processing or point out to you our compelling reasons worthy of protection why we would like to continue the processing.

You can object to the processing of your data for data analysis purposes at any time. In the event of such objection, we will no longer process your data for these purposes.
You are not legally or contractually obliged to make available your personal data through our online presence. However, it is possible that certain functions of our websites depend on the availability of personal data. If you do not make available personal data in these cases, this may result in functions not being available or only being available to a limited extent.

If you have any questions on the subject of data protection, you can contact us at any time using the contact details given in the “Imprint”.

Privacy Officer

The deugro group has appointed a Data Protection Officer (DPO). The DPO assists in safeguarding the rights of the data subjects and monitors compliance with the GDPR and other applicable legal requirements, including the provisions of this and other company policies on data protection. All requests, questions or comments regarding our handling of personal data should be addressed to: DPO@deugro-group.com

External links to other providers

These web pages can refer to external web pages of other providers with the help of hyperlinks. This Privacy Policy does not extend to the websites of these other providers. When using these websites, the privacy policies of these providers must be observed as far as the processing of your data by these external providers is concerned. Nevertheless, we check these websites at regular intervals in order to remove the link immediately in the event of possible infringements. Should you have indications of possible legal infringements on the pages linked by us, we may ask you to inform us so that we can prevent a possible linking.

If you click on such links, personal data may reach providers in countries outside the European Economic Area that, from the point of view of the European Union (“EU”), may not guarantee an “adequate level of protection” for the processing of personal data in accordance with EU standards. Please remember this fact before clicking on a link and thereby triggering a transfer of your data.

Online presence in social media

In addition to this online presence, we also have a company presence on Facebook and LinkedIn to communicate with active users and to inform them about our services. When accessing the respective networks and platforms, their terms of use and privacy policies apply. In the context of this Privacy Policy, we process the data of such users when they communicate with us via Facebook and LinkedIn, e.g. write contributions to our company website or send us inquiries.

Changes to this Privacy Policy

This Privacy Policy is subject to constant review and may be amended as necessary. For this reason, we ask you to read this Privacy Policy at regular intervals to find out about possible changes.

May 2018