Privacy policy

Data privacy

 

The protection of your privacy and the security of your personal data are important to us. We guarantee that your data will be treated with strict confidentiality, and moreover that it will not, under any circumstances, be passed on to third parties for advertising purposes. Our conduct and our programs comply with the provisions of the European General Data Protection Regulation (hereinafter GDPR), the Federal Data Protection Act (BDSG) and other area-specific data protection regulations on the Internet. Learn more about the measures we have taken to protect your privacy and personal data.

 

The requirements of the GDPR apply throughout Europe. We would like to inform you about the processing of personal data carried out by our company in accordance with this regulation (see Art. 13 and 14 GDPR). If you have any questions or comments about this data privacy statement, you can send them at any time to the email address indicated under I. No. 2 or 3.

 

Table of contents:

 

  1. Overview

 

  1. Scope
  2. Responsible party (controller)
  3. Data protection officer
  4. Data security

 

  1. The data processing in detail

 

  1. General information concerning data processing
  2. Accessing the website/application
  3. Contacting possibilities via email, fax, post or personally
  4. Cookies
  5. Tracking

 

III. Rights of those affected (data subjects)

 

  1. Right to object
  2. Right to information
  3. Right of rectification
  4. Right to erasure (“right to be forgotten”)
  5. Right to restriction of processing
  6. Right to data portability
  7. Right to withdraw consent
  8. Right to complain

 

  1. Glossary

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  1. Overview

 

In this section of the data privacy statement you will find information on the scope, the responsible party (controller) for data processing, his data protection officer, and data security.

 

 

  1. Scope

 

Data processing by Klemmer International Versicherungsmakler GmbH can essentially be divided into two categories:

 

For the purposes of contract processing, all data required for the execution of a contract will be processed. If external service providers are also involved in the processing of the contract, your data will be passed on to them to the extent required.

When you access the website/application, various information is exchanged between your device and our server. This may also include personal data. The information collected in this manner is used, among other things, to optimize our website or to display advertising in the browser of your end device.

 

This data privacy statement applies to the following offerings:

 

our online offering available at www.klemmer-international.com

always, if elsewhere from one of our offerings (e.g. websites, subdomains, mobile applications, web services, integration in third party sites or other forms/contracts) reference is made to this data privacy statement, regardless of how you access or use it.

 

All these offerings are also collectively referred to as “Services”.

This data privacy statement is aimed in particular at: Employees, customers and interested parties, insurers, service providers, sub-brokers, referrers, and applicants.

 

The following principles apply:

 

Protection of personal rights

Limitations on use of personal data

Transparency

Data avoidance and data economy

Factual accuracy/topicality of the data

Confidentiality in data processing

Security in data processing

Erasure (deletion) and restriction of the processing of data on request

 

 

  1. Responsible party (controller)

The party responsible for data processing – i.e. the party that decides on the purposes and means of processing personal data – in conjunction with the services is

 

  1. Data protection officer

 

You can contact our data protection officer as follows:

 

 

 

 

 

 

 

 

 

 

  1. Data security

 

In order to develop the measures required in Art. 32 GDPR and thus achieve a level of protection commensurate with the risk, we have established the information security standard in accordance with VdS 3473 in our company.

The guidelines of VdS 3473 – Cyber Security for Small and Medium-Sized Enterprises (SME) – issued by VdS Schadenverhütung GmbH contain guidelines and support for the implementation of an information security management system, as well as specific measures for the organizational and technical security of IT infrastructures. They are designed to ensure an appropriate level of protection.

 

  1. The data processing in detail

 

In this section of the data privacy statement we inform you in detail concerning the processing of personal data within the framework of our services. For better clarity, we structure this information according to certain functionalities of our services. In the normal use of the services, different functionalities, and thus also different processes, can come into effect successively or simultaneously.

 

 

  1. General information concerning data processing

 

Unless otherwise stated, the following applies to all processing operations described below:

 

  1. a) No obligation to provide

 

There is no contractual or legal obligation to provide personal data. You are not obligated to provide data.

 

  1. b) Consequences of non-provision

 

Failure to provide the required data (data marked as mandatory during entry) means that the service in question cannot be provided. Otherwise, non-provision can result in the situation that our services cannot be provided in the same form and quality.

 

  1. c) Consent

 

In various cases, you also have the option of giving us your consent (possibly for part of the data) to further processing in conjunction with the processing operations described below. In this case, we will inform you separately in conjunction with the submission of the respective declaration of consent of all modalities and the scope of the consent and of the purposes that we pursue with these processing operations.

 

  1. d) Transmission of personal data to third parties

 

Your personal data will not be transmitted to third parties for purposes other than those cited below.

We will only pass on your personal data to third parties if:

 

You have given your express consent pursuant to sentence 1 of Art. 6(1)(a) GDPR

The disclosure pursuant to sentence 1 of Art. 6(1)(b) GDPR is necessary for the fulfillment of a contract with you or for execution of pre-contractual measures that occur on your request

This is necessary pursuant to sentence 1 of Art. 6(1)(c) GDPR for the fulfillment of a legal obligation to which the person responsible is subject

This is necessary for asserting, exercising or defending legal claims pursuant to sentence 1 of Art. 6(1)(f) GDPR and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data

 

 

 

  1. e) Transfer of personal data to third countries

 

If we transfer data to third countries, i.e. countries outside the European Union, then the transfer takes place exclusively in compliance with the legally regulated conditions governing admissibility.

The conditions governing admissibility are regulated by Art. 44-49 GDPR.

 

  1. f) Hosting with external service providers

 

Our data processing takes place to a large extent with the involvement of so-called hosting service providers, who provide us with storage space and processing capacities in their data centers and also process personal data on our behalf in accordance with our instructions. These service providers process data either exclusively in the EU or we have guaranteed an adequate level of data protection with the aid of the EU standard data protection clauses.

 

  1. g) Transmission to government authorities

 

We transfer personal data to government authorities (including law enforcement agencies) if this is necessary to fulfill a legal obligation to which we are subject (legal basis: sentence 1 of Art. 6(1)(c) GDPR) or if it is necessary for asserting, exercising or defending legal claims (legal basis: sentence 1 of Art. 6(1)(f) GDPR).

 

  1. h) Duration of storage

 

We do not store your data longer than we need it for the respective processing purposes. If the data is no longer required for fulfillment of contractual or legal obligations, it will be regularly deleted, unless its temporary storage is still necessary. Reasons for this could be, for example, the following:

 

Fulfillment of commercial law and tax law retention obligations

Obtaining evidence for legal disputes within the framework of the statutory statute of limitations

 

Likewise it is also possible for us to continue to store your data in our facilities if you have given your express consent.

 

  1. i) Categories of data

 

Person master data: Title, form of address/gender, first name, last name, date of birth

Address data: Street, house number, address extensions (if applicable), postcode, city, country

Contact data: Telephone number(s), fax number(s), email address(es)

Registration data: Information about the service through which you have registered; times and technical information concerning registration, confirmation and cancellation; data provided by you when you registered

Account data: Login/user identification and password

Ordering data: Ordered products, prices, payment information

Payment data: Bank details

Access data: Date and time of the visit to our service; the page from which the accessing system came to our site; pages accessed during use; session ID data; also the following information about the accessing computer system: Internet protocol address used (IP address), browser type and version, device type, operating system, and similar technical information.

Application data: Curriculum vitae, references, supporting documents, work samples, certificates, photos

Data according to Art. 9 GDPR: Data revealing racial and ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data uniquely identifying a natural person, health data or data relating to a natural person’s sex life or sexual orientation.

 

 

  1. Accessing the website/application

 

This section describes how we process your personal data when you access our services. We would particularly like to point out that the transmission of access data to external content providers is unavoidable due to the technical functionality of information transmission on the Internet.

 

  1. a) When visiting the website

 

When you visit our website www.klemmer-international.com, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

 

IP address of the requesting computer

Date and time of access

Name and URL of the accessed file

Website from which access is made (referrer URL)

the browser used and, if applicable, the operating system of your computer

 

The data cited above will be processed by us for the following purposes:

 

Ensuring a smooth establishment of the connection with the website,

Ensuring convenient use of our website,

Evaluation of system security and stability as well as

for other administrative purposes.

 

The legal basis for data processing is sentence 1 of Art. 6(1)(f) GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

In addition, we use cookies and analysis services when you visit our website. You will find more detailed explanations under sections 4 and 5 of this data privacy statement.

 

The recipients of the data are

 

External content providers that provide content (such as images, videos, social network embedded postings, banners, fonts, update information) required to display the service

Hosting service providers

 

The legal basis of the transmission results from the processing of order data (Art. 28 GDPR)

 

  1. b) When using our contact form

 

If you have any questions, we offer you the opportunity to contact us using the form provided on the website. In order to answer your inquiry, a valid email address is required, so that we know from whom the inquiry originates, as well as the contact reason (free text). Further information, such as your name, may be provided voluntarily.

 

The legal basis for data processing results from sentence 1 of Art. 6(1)(a) GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

 

 

 

 

 

 

The recipients of the data are

 

Hosting service providers

Mail archiving service providers

Companies affected by the request

 

The legal basis of the transmission results from the contract data processing Art. 28 GDPR and sentence 1 of Art. 6(1)(a) GDPR.

 

 

 

  1. Contacting possibilities via email, fax, post or personally

 

If you contact us by email, fax, post or personally, the following data will be stored:

 

Person master data

Contact details

Content of the mail, faxes, documents

Order details

 

Data processing occurs for the purpose of processing inquiries and providing services.

 

The legal basis for data processing is sentence 1 of Art. 6(1)(b),(f) GDPR.

 

Our legitimate interest follows from the purposes listed above for data collection.

 

The recipients of the data are

 

Email service providers

Mail archiving service providers

Companies affected by the request

 

The legal basis of the transmission results from the contract data processing Art. 28 GDPR and sentence 1 of Art. 6(1)(a) GDPR.

 

  1. Cookies

 

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do no damage to your end device; they do not contain viruses, Trojans or other malware.

Information is stored in the cookie that results in each case in conjunction with the specifically used end device. However, this does not mean that we immediately become aware of your identity.

Use of cookies serves on one hand to make use of our offering more convenient for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These will be deleted automatically after leaving our site.

In addition, we also use temporary cookies that are stored on your end device for a specified period of time to optimize user-friendliness. If you visit our site again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offering for you (see number 5). These cookies enable us to automatically recognize, at a subsequent visit to our site, that you have already been with us. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to sentence 1 of Art. 6(1)(f) GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer, or so that a notification always appears before a new cookie is created. However, complete deactivation of cookies can result in the fact that you cannot use all functions of our website.

 

  1. Tracking

 

Below we describe how your personal data is processed using tracking technologies for analysis, for the purpose of optimizing our services for you and for advertising purposes. The tracking measures listed below and used by us are carried out on the basis of sentence 1 of Art. 6(1)(f) GDPR. The respective data processing purposes and data categories are provided in the descriptions of the appropriate tracking tools.

The description of the tracking procedures also includes information on how you can prevent or object to data processing. Please note that the so-called “Opt-out”, i.e. the refusal of processing, is usually stored via cookies. If you use our services via a new end device or in another browser or if you have deleted the cookies set by your browser, you must declare your rejection again.

The tracking procedures shown process personal data only in pseudonymous form. A connection to a specific, identified natural person, i.e. a combination of the data with information about the bearer of the pseudonym, does not take place.

Tracking to analyze and optimize our services and their use, to measure the success of advertising campaigns, and to optimize the display of advertising.

 

  1. a) Purposes of processing

 

The analysis of user behavior via tracking helps us to verify the effectiveness of our services, to optimize and adapt them to the needs of the users, and to correct errors. Furthermore, it serves to statistically determine characteristic values about the use of our services (reach, intensity of use, surfing behavior of users) – on the basis of uniform standard procedures – and thus to obtain market-wide comparable values.

Tracking to measure the success of advertising campaigns serves to optimize our ads for the future and to enable marketers and advertisers to optimize their ads accordingly. The purpose of tracking to optimize the display of advertising is to show users advertising tailored to their interests, to increase the success of advertising, and thus also to increase advertising revenues.

 

  1. b) The legal basis of the processing

 

In the case of services that make the behavior of affected persons (data subjects) on the Internet comprehensible and in the creation of user profiles, informed consent is required

as defined in the GDPR.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  1. c) The tracking procedures used in detail

 

Google Analytics

We use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”) for the purpose of demand-oriented design and continuous optimization of our pages. In this context, pseudonymized user profiles are created and cookies (see point 4) are used. The information generated by the cookie about your use of this website such as

– Browser type/version,

– Operating system used,

– Referrer URL (the previously visited page),

– Host name of the accessing computer (IP address),

– Time of the server request,

is transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activities and to provide further services associated with use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be linked with other data from Google. The IP addresses are anonymized so that a person cannot be personally identified from that data (IP masking).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and it is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

In this context, we have entered into an contract data processing agreement with Google to ensure data protection-compliant processing for you.

For more information about privacy in conjunction with Google Analytics, please visit the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).

 

 

Google AdWords Conversion Tracking

We also use Google Conversion Tracking to statistically record and evaluate the use of our website for the purpose of optimizing it for you. Google Adwords will set a cookie (see number 4) on your computer if you have accessed our website via a Google ad.

These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the AdWords customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user has clicked on the ad and has been redirected to this page.

Each AdWords customer receives a different cookie. Thus cookies cannot be traced via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive any information that personally identifies users.

If you do not wish to participate in the tracking process, you can also reject the setting of a cookie required for this – for example by using a browser setting that deactivates the automatic setting of any and all cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the”www.googleadservices.com” domain. Google’s privacy policy for conversion tracking can be found here (https://services.google.com/sitestats/de.html).

 

III. Rights of those affected (data subjects)

 

  1. Right to object

 

If we process your personal data for direct marketing purposes, you have the right to object at any time, with future effect, to the processing of personal data concerning yourself for the purpose of such advertising.

 

You also have the right to object at any time, for reasons arising from your particular situation, with future effect, to the processing of personal data concerning yourself, which is carried out in accordance with sentence 1 of Art. 6(1)(e) or (f) GDPR. You can exercise your right to object free of charge. You can contact us via the contact details listed under I., 2.

 

  1. Right to information

 

You have the right to know whether we process personal data concerning yourself, what personal data this may be, and further information in accordance with Art. 15 GDPR.

 

  1. Right of rectification

 

You have the right to request us to correct any incorrect personal data concerning yourself without delay (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to request completion of incomplete personal data – also by means of a supplementary declaration.

 

  1. Right to erasure (“Right to be forgotten”)

 

You have the right to request us to delete personal data relating to yourself without delay, provided that one of the reasons stated in Art. 17(1) GDPR applies and provided that the processing is not necessary for one of the purposes regulated in Art. 17(3) GDPR.

 

  1. Right to restriction of the processing

 

You are entitled to demand a restriction in the processing of your personal data if one of the conditions regulated in sentence 1 of Art. 18(1)(a) to (d) GDPR is fulfilled.

 

  1. Right to data portability

 

You have the right to receive the personal data concerning yourself that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transmit this data to another responsible party (controller) without any hindrance by us or to arrange for direct transmission by us, if this is technically possible. This should always apply if the basis of the data processing is consent or a contract and the data is processed automatically. This does not apply to data stored in paper form only.

 

  1. Right to withdraw consent

 

If the processing is based on your consent, you have the right to withdraw the consent at any time. This does not affect the legality of the processing carried out on the basis of the consent until consent is withdrawn.

 

  1. Right to complain

 

You have a right to complain to a supervisory authority.

 

  1. Glossary

 

Processor: A natural or legal person, authority, institution or other body processing personal data on behalf of the data controller.

Browser: Computer program for displaying websites (e.g. Chrome, Firefox, Safari)

Cookies: The term “cookie” actually comes from the English vocabulary and can be translated into German as “Keks” in its original meaning. In connection with the World Wide Web, however, a cookie describes a small text file that is stored locally on the user’s computer when visiting a website. This file stores data about the user’s behavior. If the browser is called up and the corresponding website is visited repeatedly, the cookie is used and gives the web server information about the user’s surfing behavior using the stored data.

In this context, cookies are not edible baked goods, but rather information that a website stores locally on the visitor’s computer in a small text file. This can be settings already made by the user on a page, but also information that the website has collected completely independently from the user. Later, these locally stored text files can be read out again by the same web server from which they were created. Most browsers automatically accept cookies. You can manage cookies using the browser functions (usually under “Options” or “Settings”). As a result, the storage of cookies can be deactivated, made dependent on your consent in individual cases or otherwise restricted. You can also delete cookies at any time.

Third countries: A third country is country which is not bound to the legal requirements of the EU Data Protection Directive (country outside the EEA)

Personal data: All information relating to an identified or identifiable natural person. A natural person is considered identifiable, if he/she can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

Pixel: Pixels are also called tracking pixels, web beacons or web bugs. These are small, invisible graphics in HTML e-mails or on web pages. When a document is opened, this small image is loaded from a server on the Internet, where the downloading is recorded. This allows the server operator to see if and when an email has been opened or a website visited. This function is usually implemented by calling a small program (Javascript). This allows certain types of information on your computer system to be recognized and passed on, such as the content of cookies, the time and date of page accesses, and a description of the page on which the pixel-code is located.

Services: Our offerings to which this data privacy statement applies (see scope).

Tracking: The collection of data and its evaluation with regard to the behavior of visitors to our services.

Tracking technologies: Tracking can be done via the activity logs (log files) stored on our web servers, as well as data collection from your end device via pixels, cookies, and similar tracking technologies.

Processing: Any operation or series of operations executed with or without the aid of automated procedures in conjunction with personal data, such as the collection, recording, organization, sorting, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.