Data privacy statement
Your trust is very important to us and we take the protcetion of your personal data very seriously. Personal data is only collected and used when you agree to it and if it is neccessary to do our job or comply with the law.
This data privacy statement includes the details of data collection and usage as well as further information regarding your data rights.
1. Name and address
Responsible with regard to the General Data Protection Regulation, other data protection regulation in EU contries as well as other data protection related regulation is:
Versicherungsbüro I. Weiss GmbH
Tel.: +49 30 — 40 36 31 95
2. General information regarding the usage of personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter the “data subject”). A natural person is considered as identifiable, which can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, the expression of the physical , physiological, genetic, mental, economic, cultural or social identity of this natural person.
The Versicherungsbüro Weiss GmbH processes personal data in principle only if the user gives his consent or the data processing is permitted by law. The legal basis is Article 6 (1) of the EU General Data Protection Regulation (GDPR). According to this provision, processing of personal data is only permitted if the data subject agrees (Article 6 (1) (a) GDPR) or if processing is required for one of the following purposes:
To fulfill a contract with the data subject or to carry out pre-contractual measures at the request of the data subject (Art. 6 (1) (b) GDPR).
To fulfill a legal obligation of our company (Art. 6 (1) © GDPR).
For the protection of vital interests of the data subject or of another natural person (Article 6 (1) (d) GDPR).
To perform a task that is in the public interest or that has been entrusted to our company by the public administration (Article 6 (1) (e) GDPR).
To safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the data subject to protect personal data predominate (Article 6 (1) (f) GDPR).
3. Duration of data storage and data deletion
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage is deleted. In addition, storage may be provided if so provided by law. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract. Prescribed storage periods in this sense are e.g. tax or commercial retention periods.
4. Collection of access time (logfiles)
The website of Versicherungsbüro Weiss GmbH collects automatically with each call general data and information from the computer system of the calling computer, which are stored in the log files of the server. The following data and information are collected:
Browser type including version used
Operating system of the calling computer
Date and time of the call
IP address of the user
Internet service provider of the user
Website from which our website is accessed
Websites and sub-web pages that are accessed from our website
Other similar data and information used to guard against threats to our system
The data is stored anonymously in the log files of our system. There is no link with other personal data of the user, the insurance office Weiss GmbH does not draw any conclusions about the person concerned.
The legal basis for data processing is Art. 6 (1) lit. f GDPR. The storage is necessary to ensure the functionality of our website and the correct presentation of the contents. Furthermore, the data of our statistics and the constant optimization of our content. Finally, it is stored in order to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.
There is no disclosure of data to third parties, unless there is a statutory disclosure obligation.
Since the collection and storage of the data in the log files for a trouble-free operation of the website is absolutely necessary, there is no possibility for the user to object.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. As far as the survey for the function-free provision of the website was made, this is the case with termination of the Internet session.
Cookies help us to make it easier for you to use the website. By recognizing the browser and storing previously entered data, the offers and contents of our website can be optimized individually, so that you do not have to re-enter data entered by you (eg access data, search terms) each time you visit the website. The legal basis for this is Art. 6 (1) lit. f GDPR.
6. Contact form and e‑mail contact
The website of Versicherungsbüro Weiss GmbH has a contact form ready, which can be used for the electronic contact to our company. The data entered by the user in the input mask are transmitted to us and stored. In addition, the IP address of the user as well as the date and time of the transmission are additionally stored. For the processing of the data, the consent of the user is obtained as part of the sending process. The legal basis for processing is therefore Art. 6 (1) lit. a GDPR. As far as the storage of the IP address is concerned, the legal basis is also Art. 6 (1) lit. f GDPR.
Alternatively it is possible to contact us via the e‑mail address provided on our website. In this case, in addition to the e‑mail address, the personal data provided by the user in the e‑mail will be transmitted. The legal basis in this respect is Art. 6 (1) lit. f GDPR.
The processing of the data transmitted via the contact form or by e‑mail is solely for carrying out the desired contact. Other data is stored in order to prevent or detect misuse of the website and to ensure the security of our system. There is no disclosure of data to third parties, unless there is a statutory disclosure obligation.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. As far as the data transmitted by the user in the contact form or in the e‑mail is concerned, this is the case if the relevant communication is terminated, unless the communication content is still of legal significance.
The data subject at any time has the option to revoke consent to data processing or to object to the use of the data. In this case, the intended contact with the user is no longer possible or an already started communication can not be continued.
On the website of Versicherungsbüro Weiss GmbH you have the opportunity to subscribe to the newsletter of our company. What personal data is transmitted to us when ordering the newsletter and stored by us, results from the input mask used for this purpose. In addition, the IP address of the user as well as the date and time of the transmission are also stored. For the processing of the data the consent of the user is obtained during the registration process. The legal basis for processing is therefore Art. 6 (1) lit. a GDPR. As far as the storage of the IP address is concerned, the legal basis is also Art. 6 (1) lit. f GDPR. There is no disclosure of data to third parties, unless there is a statutory disclosure obligation.
The processing of the data submitted by the user by entering the registration form is required to send the newsletter. Any further use will not take place. The storage of the IP address is necessary to prevent or detect misuse (in particular the e‑mail address) and to ensure the security of our system.
Subscription to the newsletter may be canceled at any time by the data subject and the consent to the shipment may be revoked. For this purpose, a corresponding link is kept in each sent newsletter e‑mail. In this case — as well as in any other possible opposition to the use of data — the personal data that have been stored by us in the newsletter subscription, deleted. The data is therefore stored as long as the subscription to the newsletter is active.
8. Your rights as am affected person
If personal data is processed by you, you are the person affected in the sense of GDPR and you have the following rights towards us as responsible
a) Right to confirmation and information
You can request confirmation from us at any time as to whether personal data concerning you is processed by us. If this is the case, you have a request for information to be informed by us about the following circumstances:
the categories of personal data that are processed;
the recipients or categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
the existence of a right of appeal to a supervisory authority;
all available information on the source of the data if the personal data are not collected from the data subject;
the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.
In addition, you have a right to information about whether personal data is transferred to a non-EU state (so-called third country) or to an international organization. In this connection, you can request the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transfer.
b) Right to rectification
You have the right to demand immediate correction of any inaccurate personal data concerning you. You also have the right to request that we complete incomplete personal data, including by means of a supplementary statement, taking into account the purposes of processing.
c) Right to cancellation (right to be forgotten)
You may request that the personal data concerning you be deleted immediately if any of the following occur:
Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
You revoke your consent to the processing in accordance with Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. GDPR and there is no other legal basis for processing.
You request objection in accordance with. Art. 21 para. 1 GDPR to the processing and there are no prior justifiable reasons for the processing, or you lay in accordance with Art. 21 para. 2 GDPR Opposition to processing.
Your personal data has been processed unlawfully.
The deletion of personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
Your personal data relating to the services offered have been provided to the
Information Society pursuant to Art. 8 para. 1 GDPR.
If the personal data concerned has been made public by Versicherungsbüro Weiss GmbH and if we are obliged to delete the personal data according to the above principles, it is also our duty to inform other data controllers that you as the data subject delete all links have requested such personal data or copies or replications of such personal data.
In this regard, taking into account the available technology and the implementation costs, we take appropriate measures, including technical, to comply with these obligations, at least insofar as processing is no longer required, ie legal requirements prescribe this or preclude legitimate interests of the deletion.
d) Right to restriction of processing
You may be limiting the processing of you under the following conditions personal data concerned:
The accuracy of your personal information is contested, for a period of time that enables the person responsible to verify the accuracy of your personal information.
The processing is unlawful and you require instead of deletion the restriction of Use of personal data.
We no longer need your personal information for processing purposes, but we do need your information to assert, exercise or defend your rights.
You have objection to the processing in accordance with Art. 21 para. 1 GDPR and it stands
Still not sure if the legitimate reasons of the Versicherungsbüro Weiss against your reasons
If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest Union or a Member State. In that case, you will also be notified by us before the restriction is lifted.
e) Right to information
Have you asserted the right to rectification, erasure or restriction of processing, We are obliged to disclose to all recipients the personal data concerning you were to communicate this rectification or deletion of the data or restriction of processing Unless this proves impossible or involves disproportionate effort.
In that regard, you may require us to be informed about these recipients.
f) Data transferability (“data portability”)
You have the right to receive personally identifiable information you provide us in a structured, common and machine-readable format. Furthermore, you have the right to transmit this data to another person in charge without hindrance by the person responsible for providing the personal data, provided that the processing is based on the consent pursuant to Art. 6 para. 1 letter a of the GDPR or Art. 9 para. 2 (a) GDPR or on a contract pursuant to Article 6 (1) (b) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a public-interest or public-authority task which has been assigned to the person responsible.
Furthermore, in exercising your right to data portability under Article 20 (1) of the GDPR, you may request that your personal data be transmitted directly from one person to another, insofar as this is technically feasible and provided that none of the rights and freedoms of other persons are thereby infringed be affected.
g) Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you pursuant to Article 6 (1) (e) or (f) of the GDPR. This also applies to profiling based on these provisions.
The Versicherungsbüro Weiss GmbH does not process the personal data in case of opposition
more, unless we can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.
h) Right to revoke a data protection consent
If you have granted a data protection consent, you have the right to this consent revoke at any time with effect for the future.
i) Automated decisions in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing — including profiling — that has a legal effect or similarly appreciably affects it, unless the decision is taken to conclude or execute a contract between you and the Versicherungsbüro Weiss GmbH is required
is permitted under Union or Member State legislation to which the controller is subject, and where such legislation contains appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject
with the express consent of the data subject.
However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR applies and reasonable measures have been taken to protect the rights and freedoms as well as your legitimate interests.
If the decision to conclude or execute a contract between the data subject and the controller is required or is made with the express consent of the data subject, Versicherungsbüro Weiss will take appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject which includes at least the right to obtain the intervention of a person on the part of the person responsible, to express one’s own position and to contest the decision.
j) Right to complain to the supervisory authority
Notwithstanding the rights we have in relation to you, you also have the right to lodge a complaint with a regulatory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR.
The supervisory authority to which the complaint has been submitted will inform you about the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.