Privacy statement

Below, we would like to inform you about the processing of personal data by our company. With our privacy policy, we would like to provide you with information in accordance with the applicable EU General Data Protection Regulation (GDPR). You can read the GDPR here.

How you can best use our privacy policy

We have compiled comprehensive data protection information for you. In order to make it easier for you to use, we have prefixed an outline. If you are looking for specific information, you can conveniently click on the relevant bullet point and access it immediately. If you would like more in-depth information on the topic you are interested in, please click on the “More information” link at the end of the respective text.

Structure

      1. Scope
      2. General information on responsibility and the data protection officer
      3. Definitions of terms
      4. Web hosting and log data when using our website
      5. Processing in the context of brokerage
      6. Customer portal
      7. Request newsletter
      8. Registration for events and webinars
      9. Contact by e-mail
      10. Contact by telephone
      11. Job applications
      12. Data processing in the group of companies
      13. External data processors and service providers
      14. General information about cookies
      15. Cookies used
      16. Google Maps
      17. Google reCAPTCHA
      18. Google Fonts
      19. Google Static
      20. Social networks:
        1. Facebook
        2. XING
        3. Twitter
        4. Google+
        5. LinkedIn
      21. Rights of the data subjects
      22. Data security
      23. Amendments to and updating of our privacy policy

 

1. Scope

Our privacy policy contains information on the processing of personal data in connection with

  • the use of our website “suedvers.de”;
  • our brokerage activities and
  • contacting us by e-mail and telephone.

2. General information on responsibility and the data protection officer

The data controller responsible for the contents of the website within the meaning of data protection law is:

SÜDVERS GMBH Assekuranzmakler
Am Altberg 1-3
79280 Au bei Freiburg
Tel.: +49 (0) 761 4582-0
E-mail: datenschutz@suedvers.de

Contact details of our data protection officers:

Your point of contact for data protection matters will be happy to assist you at the following address.

SÜDVERS GMBH Assekuranzmakler
Nina Hartmann
Am Altberg 1-3
79280 Au bei Freiburg
Tel.: +49 (0) 761 4582-0
E-Mail: datenschutz@suedvers.de

3. Definitions of terms

This section provides you with an overview of the terms used in this privacy policy. Many of the terms are taken from the law and are defined, above all, in Art. 4 GDPR. The legal definitions are binding. The following explanations, on the other hand, are primarily intended to aid understanding. The terms are sorted alphabetically.

More information

Personal data

“Personal data” (also referred to as “data” for short in this privacy policy) means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified – directly or indirectly – in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data controller

“Data controller” denotes the natural or legal person, public authority, agency or other body which alone (or jointly with others) determines the purposes and means of the processing of personal data.

Processing

“Processing” means any operation or set of operations which are performed upon personal data, whether or not by automatic means. The term is wide-ranging and encompasses practically every form of data handling, be it collection, evaluation, storage, transmission or deletion.

4. Web hosting and log data when using our website

Web hosting

In order to be able to provide our online offer securely and efficiently, we use the services of a web hosting provider (Continum AG), from whose server our online offer can be accessed.

When you use our website, all data is, therefore, stored with our external web hosting service provider. This may include all information that arises in the context of use and communication, such as data during registration, log-in, contract overviews, etc.

You can find details on this in the other sections and in the following point on our log files.

Log files when you visit our website

When you access our website, the browser used on your end device automatically sends information to our website server and records it in a so-called log file.

Matomo

This website uses the open source web analytics service Matomo. Matomo uses technologies that enable the recognition of the user across pages for the analysis of user behaviour (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage. With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This enables us to find out, among other things, when which page views were made and from which region they come. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.). The use of this analysis tool is based on Art. 6 (1) lit. f GDPR. The 6 / 8 website operator has a legitimate interest in the anonymised analysis of user behaviour, in order to optimise both his website and his advertising. If corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR; said consent can be revoked at any time.

IP anonymisation

We use IP anonymisation for the analysis with Matomo. Your IP address is shortened before analysis so that it can no longer be clearly assigned to you.

Hosting

We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.

Objection to data collection

You can prevent Matomo from collecting your data under Privacy settings > Statistics Privacy settings

Further information on Matomo’s terms of use and data protection regulations can be found at https://matomo.org/privacy/

More information

Data categories

The following information is collected without your intervention:

  • Browser type and version
  • Operating system used
  • Referrer URL (address of the website from which the visitor came to the current page)
  • Host name of the accessing computer
  • Time of the server request
  • Purpose(s)

The above data will be processed by us for the following purposes:

  • Ensuring a smooth connection of the website,
  • Evaluating system security and stability, and
  • for statistical purposes.

Recipient

As a matter of principle, the data will not be passed on to third parties. In the event of unlawful use of our website, we reserve the right to disclose the data to law enforcement agencies, lawyers and courts.

Our web host is the company Continum AG, Bismarckallee 7b-d, 79098 Freiburg Germany; website: https://www.continum.net; privacy policy: https://www.continum.net/datenschutz.

Our web hoster processes all data exclusively within the scope of our instructions as an order processor within the meaning of Art. 28 GDPR.

Legal basis

The legal basis for data processing is Art. 6 (1) Sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. As a matter of principle, we do not use the data collected for the purpose of drawing conclusions about your person. However, we reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

Storage period

The storage period of the log data is: 180 days.

5. Processing in the context of brokerage

In connection with the issuing of a brokerage order, the following processing normally occurs. The extent of the processing depends on the individual case in question, in particular, on the requested or existing insurance product or the respective claim. We always process your personal data only to the extent necessary for the contractual purposes.

Data categories

  • Personal data: name, address, other contact details (e.g. e-mail address and telephone number), gender, family details, marital status, date and place of birth, relationship to policyholder, insured person, beneficiary or claimant, employer, job title and professional history, if applicable,
  • Identification data: identification numbers issued by public authorities or government agencies (e.g. (travel) passport number, identity card number, tax identification number, national insurance number, driving licence number)
  • Financial data: card number (EC [debit] card, credit card, etc.) and bank details, income and other financial data
  • Insured risk: information about the insured risk that may contain personal data, provided that it is relevant to the risk to be insured:
    • Health data: health status, previous illnesses (medical history), information about current or previous physical or mental illnesses, injuries or disabilities, medical treatments, relevant personal habits (e.g. smoking or alcohol consumption), information about prescribed medicines
    • Data on previous convictions: criminal convictions, including traffic offences
    • Other special categories of personal data: in rare exceptional cases, data on religious affiliation (e.g. job applications), trade union membership (e.g. company pension scheme) or sexual orientation (e.g. benefits in life insurance policies) are brought to our attention.
  • Policy data: information on insurance offers and policies
  • Credit and anti-fraud data: creditworthiness or credit history and credit score, information on fraud convictions, criminal allegations and details of penalties or sanctions from various anti-fraud and sanctions databases or regulatory or law enforcement agencies
  • Current insurance cases/claims: information about current insurance cases/claims, which may include health data, criminal record data and other special categories of personal data (as described above under the definition for “Insured risk”)
  • Previous insurance cases/claims: information about previous insurance cases/claims, which may include health data, criminal record data and other special categories of personal data (as described above under the definition for “Insured risk”)
  • Marketing data: the fact whether the person has consented to receive marketing communications from SÜDVERS. Contact persons and contacts of potential customers.

Purpose(s)

The processing of data is carried out for the mediation or administration of insurance contract relationships, as well as the monitoring of claims.

In addition, we process your data in order to inform you on an infrequent basis by post about developments of interest to you regarding various insurance products and our group of companies. We do not use health data and other special categories of data, as well as your telephone number and e-mail address, for marketing purposes without your express consent.

Origin and recipient

As a matter of principle, we collect your data directly from our customers as insured persons or companies. However, due to our brokerage mandate, we are also entitled to receive data from the insurers to the extent necessary for the contractual purposes.

It is indispensable to forward data to insurers, reinsurers, underwriters, experts, etc. for the purpose of obtaining quotations, for example. Otherwise, your data is only accessible internally by the departments responsible at our company.

As a matter of principle, there is no transfer to third countries. If a matter involves a third country, you will be informed of this separately. In international insurance matters or claims, data may be exchanged with our international partners as necessary in individual cases. We use our secure WBN – Worldwide Broker Network – for this purpose. For more details, please see the Customer portal.

The data controller is:

SÜDVERS GMBH Assekuranzmakler
Am Altberg 1-3
79280 Au bei Freiburg
Tel: +49 (0) 761 4582-0
E-mail datenschutz@suedvers.de

Legal basis

Processing for contractual purposes is carried out on the legal basis of Art. 6 (1) Sentence 1 lit. b GDPR.

We carry out the processing for marketing purposes on the legal basis of the balancing of interests according to Art. 6 (1) Sentence 1 lit. f GDPR.

If you have consented to individual processing, this is carried out within the framework of the consent given (see Art. 6 [1] Sentence 1 lit. a GDPR).

Storage period

Your data will be deleted as soon as it is no longer required to achieve the respective purpose of its collection or you revoke your consent. If there are legal retention periods, we will only delete your data after these periods have expired. Data that we retain for contractual purposes is typically subject to a statutory retention period of six (business correspondence) to ten years (in particular, accounting-relevant data and documents). In addition, personal data may be retained for the period during which claims may be made against our company (up to 30 years).

6. Customer portal

Our website contains a link to our customer portal. There you have the option of logging into the respective customer portal (insurance handbook, WBNet, my.suedvers.de) by entering your name and password.

WBNet

By logging on to WBNet – Worldwide Broker Network – you move to another web platform. The data controller responsible for the operation of the platform is:

The technical service provider for hosting the platform is Origami Risk LLC, 222 North LaSalle Street Suite 2100 Chicago, IL 60601 United States. For more details, please see https://www.origamirisk.com and on the issue of data protection https://www.origamirisk.com/origami-risk-privacy-policy.

Insurance handbook

Our “Insurance handbook” is linked to the website https://www.versicherungshandbuch.de/login.html.

This portal is operated by

SÜDVERS GMBH Assekuranzmakler
Am Altberg 1-3
79280 Au bei Freiburg
Tel: +49 (0) 761 4582-0
E-Mail: datenschutz@suedvers.de

More information

Data categories

The following data is collected as part of the registration/application process:

  • Mandatory master data fields: users cannot register themselves via the web. He or she must be a customer of SÜDVERS. Then, all the necessary data is already available.
  • At the time of registration, the user ID and the current time are also stored next to the visible form fields.
  • No account can be opened without this mandatory data.
  • Registration is done using your name and a password set by you. The password is stored in encrypted form, and cannot be viewed by us. There is no logging of registrations.

We keep the following data available for our customers in the customer portal:

Insurance documents, contracts, agreements, claims procedures and documentation of counselling interviews.

Purpose(s)

We process your registration and login data solely for the purpose of ensuring secure authentication and thus the confidentiality of the data stored in your account, and to be able to contact you promptly in the event of errors.

We process the data in the customer portal exclusively for contractual purposes, in particular, to provide customers with up-to-date information on insurance contracts and claims.

Recipient

Registration and login data will not be passed on to third parties, apart from our web host. Only in the event of misuse will a disclosure to the competent law enforcement and supervisory authorities and law firms be considered.

Incidentally, only customers have access to the customer portal.

Legal basis

We process the registration and login data on the basis of our legitimate interests described above (Art. 6 [1] Sentence 1 lit. f GDPR).

We process the contractual data on the legal basis of Art. 6 (1) Sentence 1 lit. GDPR or your given consent (Art. 6 [1] Sentence 1 lit. a GDPR).

Storage period
If you no longer wish to use your account, it will be deleted at your request. The data is also immediately deleted from the portal with the deletion of the account. The deletion of the customer also results in the immediate deletion of the data in the portal. Your data will be deleted from our data backup within seven days.

7. Request newsletter

On our website, there is the possibility to subscribe to free newsletters. When registering for the newsletter, the e-mail address is transmitted to us. In addition, the following data is collected during registration and used within the scope of sending the newsletter:

  • WebId, unique user ID
  • Application source
  • Registration date
  • Optional salutation
  • Optional first and last name

We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you a newsletter by e-mail if you have previously expressly confirmed that you want us to activate the newsletter service. To do this, you will first receive a notification e-mail asking you to confirm that you would like to receive our newsletter by clicking on a link contained in this e-mail.

We use this data exclusively for sending the requested information and do not pass it on to third parties.

You can revoke your consent to receive the newsletter at any time, for example, via the “unsubscribe here” link in the newsletter, or on our website below the registration mask.

If you unsubscribe from the newsletter, we store the following information:

  • WebId, unique user ID
  • E-mail ID
  • Time data for unsubscribing

Legal basis

The processing of your data for the purpose of receiving the newsletter is based exclusively on your consent.

8. Registration for events and webinars

Registration for events

You have the possibility to register for events on our website. Certain personal details are required for the registration and implementation of the event.

Data categories

Depending on the respective event, there are different options for registration. Registration can be done by e-mail or via a registration form. Depending on the event, the following information may be required for registration:

Company, position, first name, last name, address, postcode, city, telephone, fax, e-mail address

Following your registration, you will generally receive an e-mail from us confirming your registration, as well as an e-mail immediately before the event as a reminder.

Purpose(s)

We process your data for the purpose of registration and organisational implementation of the respective event only.

Legal basis

The processing of your data is based on Art. 6 (1) Sentence 1 lit. b GDPR (contractual purposes).

Storage period

We delete the data accruing in this context after the event has taken place, or after the statutory retention obligations of six to ten years have expired.

Webinar registration

You also have the option of registering for webinars on our website. For this purpose, we provide you with a link to the login page of our technical service provider.

We require a few personal details from you, in order to register and conduct webinars.

Data categories

For your registration, we require the following data from you:

First name, last name, e-mail address (mandatory fields), optional: company/organisation

Following registration, you will generally receive an e-mail from us confirming your registration, as well as an e-mail immediately before the webinar that serves as a reminder.

Purpose(s)

We process your data for the purpose of registration and organisational implementation of the respective event only.

Recipient / technical service provider

The system’s technical provider is:

LogMeIn Ireland Unlimited Company
Attn.: Contracts Department
The Reflector
10 Hanover Quay
Dublin 2,
D02R573
Ireland

Apart from our technical service provider, we do not pass on your registration data to third parties. The technical service provider processes your data exclusively in accordance with our instructions and within the framework of an existing contract for commissioned processing pursuant to Art. 28 GDPR.

The implementation of the webinar with the web-based video conferencing tool is associated with further processing of personal data. You will receive more information on this as part of the invitation to the webinar.

For more details, please see https://www.gotomeeting.com/de-de on data protection Privacy Policy (logmein.com).

Legal basis

The processing of your data is based on Art. 6 (1) Sentence 1 lit. b GDPR (contractual purposes).

Storage period

We delete the data accruing in connection with the registration after the event has taken place, or after expiry of the statutory retention obligations of six to ten years, respectively.

9. Contact by e-mail

If you provide us with your e-mail address or contact us by e-mail, the personal data transmitted with the e-mail – such as e-mail addresses, technical header information, date and time, as well as the content of the e-mail – will be stored. Data will only be passed on to third parties if this is necessary to respond to your request.

Purpose

The data is processed for the purpose of answering the e-mail/fax requests.

Legal basis

The legal basis for the processing of the data in this respect is Art. 6 (1) Sentence 1 lit. f GDPR (balancing of interests). If the contact is aimed at the conclusion, implementation or termination of a contract, the additional legal basis for the processing is Art. 6 (1) Sentence 1 lit. b GDPR.

E-mail addresses will only be used for advertising purposes if you have expressly consented to this (Art. 6 [1] Sentence 1 lit. a GDPR).

Storage period

The data will be processed until no further correspondence is expected. If the e-mail correspondence arises within a contractual context, the data is generally stored as business correspondence for six years in accordance with mandatory regulations under commercial and tax law, or ten years in the case of accounting-relevant content. The processing of data for promotional purposes will continue until such time as the underlying consent is revoked.

10. Contact by telephone

In the context of contact by telephone, we generally process the following personal data:

Telephone number, time and duration of the telephone call.

In the absence of the party receiving the call or when outside of business hours, you can use an answering machine function; in addition to the previously mentioned data, digital recordings (voice files) are generated.

As a rule, the contents of the conversation are also recorded electronically in conversation notes. Data is generally not passed on to third parties.

Purpose

The data is processed for the purpose of making the calls – from both a technical and content-related standpoint – possible, or to enable necessary callbacks in the event of missed calls. Conversational notes are used to document and provide evidence of any conversations held.

Legal basis

The legal basis for the processing of the data in this respect is Art. 6 (1) Sentence 1 lit. f GDPR (balancing of interests). If the telephone contact pursues the conclusion, implementation or termination of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b GDPR.

Storage period

The data is processed until no further telephone contacts are expected. Itemised bills for outgoing calls may be relevant for accounting purposes under commercial and tax law, and are kept for ten years in this case. The same applies to conversation notes. Voice files are only stored for a short time until the missed call has been dealt with.

11. Job applications

Responsibility and scope of data processing:

In our careers portal, we offer applicants the opportunity to submit applications to us by providing personal data. The data is entered into an input mask and transmitted to the Group’s Central HR Department at SÜDVERS Service und Management GmbH, and stored there.

The data controllers in this respect are the HR Management function of SÜDVERS Service und Management GmbH and the respective employer company in accordance with the job advertisement.

The following data is collected as part of the application portal:

Mandatory fields: salutation, first name, last name, street, postcode, city, country, phone no., e-mail address, attachment uploads for cover letter or complete documents

The following data is also stored at the time an application is submitted:

  • The IP address of the user
  • Date and time of registration

Before submitting the application documents via the form, confirmation of the career data protection statement is obtained from the applicant for the processing of this data.

If you send us your application documents in writing outside the scope of our website presence, we will scan your documents and enter the data into our applicant management system. We will also store the information you provide in free text outside the standardised data fields with your attachments and, if necessary, transfer it to free text data fields.

For e-mail applications, we will also transfer your documents to our applicant management system.

Unsolicited application

If you send us an unsolicited application and there is a general interest in joining us, your information will be stored in a database, just as it is when you apply for a job advertisement. HR staff involved in candidate selection and recruitment processes can search this database to fill vacant positions with suitable candidates.

Data security

Through the technical and organisational measures we implement, we ensure that your data is protected against accidental or intentional manipulation and unauthorised access. Your data is transferred using a special TLS connection, ensuring compliance with the highest level of state-of-the-art data security.

Purpose

All personal data, as well as attachments to your application, will only be collected and used for the purpose of evaluation, analysis and allocation in connection with the application procedure.

Recipient

The data you provide can only be accessed by responsible employees from the HR department, who are connected with the selection of applicants, as well as the recruitment process. In the event of an application for a specific advertised position, your data will be passed on to the responsible HR Managers in the relevant specialist departments, branches and employer companies. The respective employer companies can be found in the job advertisement. Any further disclosure to third parties is excluded.

Legal basis

The legal basis for the processing of data in the event of the initiation of a contractual relationship and the implementation of pre-contractual measures is Section 26 (1) Sentence 1 German Federal Data Protection Act (BDSG).

Storage period

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In other words, when we have decided to fill the position elsewhere or not to pursue a speculative application.

In the event that you apply for a specific vacancy, your data will be taken into account for the duration of the selection process. Six months after a possible rejection, we will anonymise your data. All attachments and communication will be deleted. The anonymised data records are stored so that we can create reports in the portal statistics. Once your data has been anonymised, it will no longer be taken into account when searching for suitable candidates within the database.

If, following a specific application, you would like your data to be considered further for future personnel developments, please send us a separate speculative application.

We will hold unsolicited applications for a period of one year. After this time, we will proceed with these applications as described above during the process of anonymisation.

If we decide to offer you a contract and you accept it, your documents will be transferred and incorporated into our usual HR administration processes. They will then be used further within the framework of the relevant legal regulations.

As an applicant, you have the option of correcting or withdrawing your application and having the data deleted at any time.

Please use the following way: e-mail to jutta.kraft@suedvers.de

12. Data processing in the group of companies

Some data processing tasks are bundled within the SÜDVERS GROUP. This concerns, for example, IT, personnel administration, personnel development, controlling, finance, the telephone switchboard and mail processing, as well as supporting the units by way of supra-regional staff units and department heads.

In addition, our customers are served by a single point of contact across different lines of business and companies. In such cases, we transfer personal data within the Group-affiliated companies listed on the website under the “Legal Notice” (in German: “Impressum”) on company business cards. This is done within the permissible scope if this is necessary to fulfil the listed purposes.

13. External data processors and service providers

SÜDVERS partly uses external contractors to fulfil its contractual and legal obligations. This concerns, for example, document destruction or IT support services. SÜDVERS has listed all contractors internally and concluded corresponding order processing contracts. In its main contract activity as an insurance broker, SÜDVERS only works with external service providers in exceptional cases. Where this is the case, it is openly communicated to clients in advance. Our agents and service providers are contractually obligated to maintain the confidentiality of personal data, may only use the data for approved purposes and must comply with minimum standards defined by us.

14. General information about cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, and do not contain viruses, Trojans or other forms of malware. The term cookies also includes technologies that fulfil the same functions as cookies, in particular, the “local storage” and “session storage” areas in browsers.

Information from visited websites or domains is stored in a cookie. Some cookies are only stored temporarily for a few minutes, or until the browser is closed, for example, while other cookies are retained beyond this time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer, or that they are all automatically deleted when you close the browser. However, the complete deactivation of cookies in the browser may mean that you cannot use all the functions of our website, or that they do not work as expected.

Currently, we only use cookies of the following category on our website:

  • Functionally necessary cookies

Detailed information on cookies and the legal basis for processing can be found in the section “Cookies used”.

We only ever store cookies in the category “Individualisation and marketing” with your prior consent (“opt-in”), which we ask for when you access the page. In our cookie settings, you can change or revoke your consent at any time with effect for the future.

We process the cookies in the other categories on the basis of our legitimate interests in ensuring the proper functionality of our website, and improving the website for our visitors.

15. Cookies used

Cookie overview

Name Type      Storage period (days)               Domain Source / Recipient    Purpose

_GRECAPTCHA  3rd-Party

(permanent)    180       Google.com     Google Functional (necessary)

16. Google Maps

This website uses the Google Maps product from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) to visually display geographical information. By using this website, you consent to the collection, processing and use of automatically collected data by Google Inc, its agents and third parties.

The terms of use of Google Maps can be found at Privacy Policy – Privacy Policy & Terms of Use – Google.

17. Google reCAPTCHA

In order to ensure sufficient data security when submitting forms, we use the reCAPTCHA service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) in certain cases. This primarily serves to distinguish whether the input is made by a person, or maliciously by way of a machine and automated processing. The query includes the sending of the IP address and, if applicable, further data required by Google for the reCAPTCHA service to Google. The deviating data protection regulations of Google Inc. apply here. You can find further information on the data protection guidelines of Google Inc. at https://www.google.com/intl/de/policies/privacy.

18. Google Fonts

We integrate the fonts (“Google Fonts”) of the provider Google.

Data categories and recipients

When you visit our website, a connection to the Google server is established, and your IP address is transmitted to Google, along with other technical information about the browser you are using.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website https://fonts.google.com/; privacy policy https://policies.google.com/privacy.

Purposes

The data is used exclusively for the purpose of displaying the fonts in the user’s browser.

The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, as well as the uniform presentation of our online offer on different end devices.

Legal basis

The processing is carried out on the basis of Art. 6 (1) Sentence 1 lit. f GDPR (balancing of interests).

Storage period

With regard to the storage period, we refer to the data protection regulations at Google.

19. Google Static

A web service of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google Gstatic) is reloaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Gstatic.

The legal basis for data processing is Art. 6 (1) Sentence 1 lit. f GDPR. Our legitimate interest is rooted in the error-free functioning of the website.

The data is deleted as soon as the purpose of its collection has been fulfilled. For more information on the handling of transmitted data, please refer to Gstatic’s privacy policy https://policies.google.com/privacy

You can prevent the collection, as well as the processing, of your data by Gstatic by disabling the execution of script code in your browser, or by installing a script blocker in your browser.

20. Social networks

Facebook

This website offers a link to Facebook. When you click on this link, your browser establishes a connection to the Facebook servers.

We do not use so-called plug-ins that transmit data in the background.

If you are logged into Facebook, this means that Facebook can recognise that you have moved from our site and link this information to your user account. If you do not wish to do this, you must log out of Facebook.

You can find information on Facebook’s privacy policy at https://www.facebook.com/privacy/explanation.

XING

This website offers a link to XING. When you click on this link, your browser establishes a connection to the XING servers.

We do not use so-called plug-ins that transmit data in the background.

If you are logged in to XING, XING can recognise that you have moved from our site and link this information to your user account. If you do not wish to do this, you must log out of XING.

Information on XING’s privacy policy can be found at https://privacy.xing.com/de/datenschutzerklaerung.

Twitter

This website offers a link to Twitter. When you click on this link, your browser establishes a connection to the Twitter servers.

We do not use so-called plug-ins that transmit data in the background.

If you are logged in to Twitter, Twitter can recognise that you have moved from our site and link this information to your user account. If you do not wish to do this, you must log out of Twitter.

Information on Twitter’s privacy policy can be found at https://twitter.com/de/privacy#update.

Google+

This website offers a link to Google+. When you click on this link, your browser establishes a connection to the Google+ servers.

We do not use so-called plug-ins that transmit data in the background.

If you are logged into Google+, Google+ can recognise that you have moved from our site and link this information to your user account. If you do not want this, you must log out of Google+.

You can find information on the Google+ privacy policy at https://policies.google.com/privacy?hl=de.

LinkedIn

This website offers a link to LinkedIn. When you click on this link, your browser establishes a connection to the LinkedIn servers.

We do not use so-called plug-ins that transmit data in the background.

If you are logged in to LinkedIn, LinkedIn can recognise that you have moved from our site and link this information to your user account. If you do not wish to do this, you must log out of LinkedIn.

Information on LinkedIn’s privacy policy can be found at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

21. Rights of the data subjects

As a data subject, you have various rights under the GDPR, which arise in particular from Art. 15 to 18, 20 and 21 GDPR:

  • Right to object: you have the right to object at any time, on grounds relating to your particular situation, to the processing of data relating to you which is carried out on the basis of Article 6 (1) Sentence 1 lit. e) or f) GDPR. If the data relating to you is processed for the purposes of direct marketing, you have the right to object at any time to the processing of the data relating to you for the purposes of such marketing; this also applies to profiling insofar as it is associated with such direct marketing.
  • Right of revocation regarding your prior consent: you have the right to revoke any consent you have given at any time. If necessary, please address your revocation to the following contact details of our data protection officer.
  • Right of disclosure regarding information held about you: you have the right to request confirmation as to whether data regarding you is being processed, and to be informed about this data, and to receive further information and a copy of the data in accordance with the legal requirements.
  • Right to rectification: in accordance with the law, you have the right to request that data concerning you be completed, or that inaccurate data concerning you be rectified.
  • Right to erasure and restriction of processing: you have the right, in accordance with the law, to request that data relating to you be erased immediately or, alternatively, to request restriction of the processing of the data in accordance with the law.
  • Right to data portability: you have the right to receive data relating to you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements, or to request that it be transferred to another data controller.
  • Right to lodge a complaint with the competent supervisory authority: you also have the right, in accordance with the law, to lodge a complaint with a supervisory authority, in particular, in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of data concerning you infringes the GDPR.

Competent supervisory authority:

Addresses of the competent supervisory authorities can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information (BfDI):

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html;jsessionid=C9CDF76892DAF050304F2556EB01355D.1_cid506

22. Data security

In order to protect your data transmitted via our online offer, we use TLS encryption. You can recognise such encrypted connections by the prefix https:// in the address bar of your browser.

Please use only the latest browsers and remember to update regularly.

Our employees are bound to the principles of data secrecy. Data processing (and our technical security precautions) are constantly being adapted to the prevailing circumstances and requirements.

23. Amendment and update of the privacy policy

We ask you to regularly update your understanding of the content of our privacy policy. We adapt our privacy policy as soon as changes in data processing carried out by us render this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent), or other form of individual notification.

Stand: 06/2021