Privacy Policy
General
Compliance with data protection laws is not only a legal obligation for us, but also an important factor of trust. With the following
data protection regulations, we would therefore like to inform you transparently about the type, scope and purpose of the personal data collected from you and processed within this website, as well as your rights.
Responsibility for data processing
WIN Versicherungen Versicherungsmakler, Kronstadter Str. 4, 81677 München, Telephone 089-244133290 (hereinafter: “We”) are, as operators of the website www.win-versicherungen.de Responsible according to Art. 4 para. no. 7 of the EU General Data Protection Regulation (DSGVO). For questions you can contact service@win-versicherungen.de wenden.
Data Protection Officer
According to Art. 37 DSGVO in conjunction with. §38 BDSG, we are not obliged to appoint a data protection officer. If you have any questions regarding data protection and
However, if you have any questions about data protection or wish to exercise your rights as set out below, you can of course contact us at any time using the contact details provided above.
contact us.
Your rights as a data subject
As a data subject, you have the following rights with respect to us regarding your personal data. You have:
– A right to information about, among other things, the categories of data processed, the processing purposes, the storage period and any recipients, in accordance with Art.
15 DSGVO and §34 BDSG.
– A right to correction or deletion of incorrect or incomplete data, pursuant to Art. 16 and 17 DSGVO and §35 BDSG. A right to restriction of processing under the conditions of Art. 18 DSGVO or §35 para. 1 p. 2 BDSG.
– A right to object to processing pursuant to Art. 21 (1) DSGVO, insofar as the data processing was based on a legitimate interest.
– A right to revoke a given consent with effect for the future pursuant to Art. 7 (3) DSGVO.
– A right to data portability in a common format in accordance with Art. 20 DSGVO.
You also have the right to lodge a complaint about the processing of your personal data by us with a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, in accordance with Art. 77 DSGVO. A list of data protection authorities with further information and contact details can be found at https://ec.europa.eu/info/law/law-topic/dataprotection/data-protection-eu_de#dataprotectionauthorities.
If you assert your rights under the DSGVO and the BDSG against us, we will process the data you have transmitted to us in the process in order to grant you your rights. Subsequently, we will store the data transmitted by you to us and the data transmitted by us to you in return for the purpose of documentation until the expiry of the statute of limitations under regulatory law (3 years). The legal basis for the storage of the data is Art.
6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing).
The legitimate interest arises from the need to be able to exonerate ourselves in possible fine proceedings by proving that we have properly complied with your request.
You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DSGVO. To do so, please use the contact details provided in the imprint. However, we would like to point out that the processing of your data to prove compliance with the data subject rights is mandatory within the meaning of Art. 21 (1) DSGVO, as other means of proof do not exist or are not equally suitable.
Modalities of data processing
Sources and categories of personal data We process your personal data insofar as they are necessary for the establishment, content or amendment of a contractual relationship between us and you (inventory data). Inventory data can be in particular: Name, title, contact data (postal address, telephone, e-mail address), date of birth
etc. Furthermore, we process your usage data. Usage data is data that is generated by your behavior when using our web offer and our services, in particular your IP address, the beginning and end of your visit to our website and information about what content you have accessed on our website.
We collect the aforementioned data either directly from you (e.g., by visiting the website) or, to the extent permitted by data protection laws, from third parties or from publicly available sources (e.g., trade and association registers, press, media, Internet).
Data transfer to third countries outside the EU
Sources and categories of personal data We process your personal data insofar as they are necessary for the establishment, content or amendment of a contractual relationship between us and you (inventory data). Inventory data can be in particular: Name, title, contact data (postal address, telephone, e-mail address), date of birth, etc.
Furthermore, we process your usage data. Usage data is data that is generated by your behavior when using our web offer and our services, in particular your IP address, the beginning and end of your visit to our website and information about what content you have accessed on our website.
We collect the aforementioned data either directly from you (e.g., by visiting the website) or, to the extent permitted by data protection laws, from third parties or from publicly available sources (e.g., trade and association registers, press, media, Internet).
Data transfer to third countries outside the EU
Alle Informationen, die wir von Ihnen oder über Sie erhalten, werden grundsätzlich auf Servern innerhalb der Europäischen Union verarbeitet. Eine Übermittlung Ihrer Daten an oder eine Verarbeitung Ihrer Daten in Drittstaaten erfolgt ohne Ihre ausdrückliche Einwilligung lediglich, sofern dies gesetzlich vorgesehen ist und in dem Drittstaat ein hierfür angemessenes Datenschutzniveau sichergestellt ist.
Weitergabe von Daten, Auftragsverarbeitung
We never disclose your personal data to third parties without authorization. However, we may disclose your data to third parties in particular if you have consented to the disclosure of data, if the disclosure is necessary to comply with our legal obligations or if we are entitled or obliged to disclose data due to legal provisions or official or court orders. In particular, this may involve the disclosure of information for law enforcement purposes, to avert danger or to enforce intellectual property rights.
We may also transfer your data to external service providers who process data on our behalf and according to our instructions (processors) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Article 28 of the GDPR.
This means, in particular, that the processor must provide sufficient guarantees that suitable technical and organizational measures will be implemented by it in such a way that the processing will be carried out in accordance with the requirements of the GDPR and that the protection of your rights as a data subject is guaranteed. Despite the commissioning of processors, we remain the controller for the processing of your personal data within the meaning of the data protection laws.
Purpose of data processing
As a matter of principle, we use the data only for the purpose for which the data was collected from you. We may further process the data for another purpose, unless this other purpose is incompatible with the original purpose (Art. 5 para. 1 lit. c) DSGVO).
Storage duration
Unless otherwise specified in detail, we store data collected from you only for as long as is necessary for the respective purpose, unless there are legal obligations to retain data that prevent deletion, e.g. under commercial law or tax law.
Individual processing activities
Server log files
Each time you access our website, the following general information is automatically transmitted from your browser to our server (so-called server log files): Your IP address, product and version information about the browser used and the operating system, the website from which your access took place (so-called referer), date and time of the request and possibly your Internet service provider. In addition, the status and the amount of data transferred in the course of this request are recorded.
The IP address of your computer is only stored for the time of your use of the website and then immediately deleted or made partially unrecognizable by shortening. The remaining data is stored for a limited period of time (maximum 7 days).
The legal basis for the use of the server log files is Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing).
The legitimate interest arises from the necessity for the operation of our website, in particular to detect and eliminate website errors, to determine the utilization of the website and to make adjustments or improvements and to ensure the security of the system. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DSGVO. To do so, please use the contact details provided in the imprint. However, we would like to point out in advance that the processing of your data in server log files is mandatory in the sense of Art. 21 (1) DSGVO, otherwise the website cannot be operated at all.
Contact
Our website offers ways to contact us directly. By contacting us, you agree to the processing and storage of your transmitted data (in particular your e-mail address) for the processing of your request. You can object to this processing at any time with effect for the future. For this purpose, please use our contact details in the imprint. Please note, however, that we will then no longer process your request.
We process the data you send us exclusively until the purpose of your contact has been achieved, but for a maximum of 7 days after the purpose has been achieved, unless there are legal retention periods to the contrary. If the purpose of your contact is the assertion of data subject rights, what has been said in the section “Your rights as a data subject” applies. The legal basis for the use of the data you provide to us by contacting us is Art. 6 para. 1 sentence 1 letter a) DSGVO (consent of the data subject). You can revoke your consent at any time with effect for the future. For this purpose, please use the contact details provided in the imprint.
Free comparison & quote request
Within the scope of our service, you have the opportunity to receive a free and non-binding rate comparison for an insurance product. In order to contact you and arrange an appointment, data is collected for this contact via a corresponding request form. Data will only be passed on to third parties, for commercial or non-commercial purposes, with your express consent.
We collect and store the following data for contacting you and making an appointment:
– Salutation
– First name
– Surname
– telephone number
– e-mail address
– Address details
For the request of a tariff comparison for the categories of occupational disability insurance, dread disease, serious illness insurance, private pension insurance, Riester pension, term life insurance, Rürup pension, private health insurance, private supplementary nursing care insurance;
Private pension insurance, Riester pension, term life insurance, Rürup pension, private health insurance, private supplementary nursing care insurance, we collect and store the following data:
– Salutation
– First name
– Surname
– Your telephone number
– e-mail address
– Address
Cookies
We use so-called “cookies” to improve the user-friendliness on our website.
What are cookies
In very simplified terms, a cookie is a small text file that stores data about visited web pages. Cookies store a kind of “user profile”, i.e. things like your preferred language and other page settings that are required by our website to provide you with certain services. This file is
stored on your terminal device and also helps to recognize you when you return to our website. Cookies may also allow us to obtain information about your preferred activities on our website and thus tailor our website to your individual interests or even increase the speed of navigation on our website.
How to avoid cookies
You can manually delete the cookies in the security settings of your browser at any time. However, you can also prevent the storage of cookies from the outset by setting your browser accordingly. Please note, however, that you may then not be able to use all the functions of our website in full or that there may be errors in the presentation and use of the website.
Third party cookies
It is possible that third-party providers with the help of which we design and operate our site, in particular through so-called plugins (see below in the section “Third-party services”), independently store their own cookies on your terminal device. If you only wish to accept our own cookies, but not cookies from these third parties, you can prevent the storage of these cookies by selecting the appropriate browser setting “Block third-party cookies”.
What cookies are used
In detail, our website sets the following cookies:
Session cookies (in German: Sitzungs-Cookies): These contain an identification number with which various requests from your browser can be assigned to a session. This allows your computer to be recognized when you return to our website. Session cookies are automatically deleted when you close the browser. We use this type of cookie to provide elementary functions of this website, such as protection against sending spam via request forms. We also use session cookies to recognize how many sub-pages of the homepage you call up and how long you stay on the pages. An assignment to you as a person or the creation of a usage profile over a longer period than a browser session is not possible. The legal basis for this is Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest results from our need to be able to offer you a user-friendly website, as well as our need for an anonymous evaluation of user behavior on our website for the user-oriented improvement of the design of our online offering.
Read confirmation of initial information: Before presenting certain insurance-related information, we are required by law to inform you of our status as an intermediary. This takes the form of our initial information, the download of which you must confirm by checking a box. In doing so, we store in a cookie that the confirmation has been made by you and that the initial information does not have to be downloaded again by you. Information banner on cookie use: In order to inform you transparently about our use of cookies, an information banner is displayed at the bottom of the browser window. If you hide this banner by clicking on it, we store this in a cookie. This means that the banner will remain hidden the next time you visit our homepage. This cookie is automatically deleted after one year.
Needs analysis: It is possible that a tool for analyzing your needs for insurance products is integrated on one of the subpages of this homepage. This provides you with a quick overview of which insurance products are important in your life situation based on a few questions. To ensure the technical function of this tool, your answers are temporarily stored in cookie files. These cookies are automatically deleted after one day. Sweepstakes, betting games, etc: It is possible that one of the sub-pages of this homepage contains a module for participating in a competition, betting game, or similar. If you register to participate, we store an identification number in a cookie so that you are automatically logged in again the next time you visit this module and do not have to enter your data again. This cookie is automatically deleted after one year. The legal basis for the use of cookies is generally Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest results from our need to offer you a user-friendly website. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 DSGVO. To do so, please use the contact details provided in the imprint. However, we would like to point out that the processing of your data in certain cookies is mandatory in the sense of Art. 21 (1) DSGVO, as otherwise the website cannot be operated at all and we do not have the technical possibility to prevent the setting of cookies on certain individual end devices. However, you can do this yourself (see “How to avoid cookies” above).
Newsletter
We offer to keep you updated regularly through our newsletter and inform you about special offers. To sign up for the newsletter, you can enter your email address in our distribution list. You will then have to confirm the registration again (double opt-in procedure). We use the data you send us only in the context of sending the newsletter and do not pass it on to third parties for other purposes. Further information on data transfer can be found below in the section “Newsletter service”. Further information on data processing when receiving our newsletter can be found below in the section “Newsletter analysis”.
The legal basis for the use of your email address is Art. 6 para. 1 p. 1 letter a) DSGVO (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the link in each newsletter email or contact us using the contact details provided in the imprint.
Third party services
We use third-party services on or for our website, for example plugins or APIs (Application Programming Interface), in order to offer our website or to extend its functionality. In doing so, data may be transmitted to the provider of these services. For this purpose, we have contractually obligated the providers of the services, if necessary, in accordance with Art. 28 DSGVO. In detail, we use the following services:
Our website uses the following services of the company Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Irland. More information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.
Google Maps
Our website uses the external map service “Google Maps” from Google. Google Maps is used to provide an interactive map on our website that shows you how to find and reach us. This service enables us to present our website in an appealing way by loading map material from an external server. The required data is usually requested from a Google server. Through this request, the following information is usually transmitted to a Google server and stored there for several months: The one of our Internet pages that you have visited and the IP address of your terminal device. The legal basis for the processing of your data in relation to the “Google Maps” service is Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest arises from our need for an appealing presentation of our online offer and the easy location of the places indicated on our homepage.
Youtube
Our website uses YouTube videos, which are available on https://www.youtube.com are stored and can be played directly from our website. These are all integrated in “extended data protection mode”, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned below is transferred. We have no influence on this data transmission. By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google,
your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this. The legal basis for the processing of your data in relation to the “YouTube” service is Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest results from our need for an appealing presentation of our online offer. Other third-party providers Proven Expert
Other third party
Proven Expert rating seal
Our website uses a rating seal of Expert Systems AG, Quedlinburger Straße 1, 10589 Berlin, Germany “Proven Expert”. With this seal, the currently available ratings of our customers are displayed and in the form of a star rating. For this purpose, your IP address, the page you accessed as well as the time of access and your browser configuration are transmitted to Proven Expert. Further information can be found in the privacy policy of Proven Expert. The legal basis for the processing of your data in relation to the service “Proven Expert” is Art. 6 para. 1 p. 1 letter f) DSGVO (Legitimate Interest in Data Processing). The legitimate interest results from our need for an appealing presentation and improvement of our online offer.