In order to deliver the website and its services to you, personal data is processed whenever you visit our website. Information is automatically produced on our server-side (e.g. Log-Files) as well as on your device (e.g. Cookies). An oversight of how we use this information is provided below.

1. Log files

Upon each visit of our website, your browser automatically sends information to the servers of our website, which is temporarily stored in a so-called log file. The following data is recorded without any action on your part and stored until automatic deletion:

• IP address of the computer issuing the request,
• date and time of access,
• name and URL of the file(s) accessed/retrieved,
• website which directed you to our Internet presence (referrer page),
• operating system and browser employed,
• name of your internet access provider.

Collecting and processing of this data takes place to make the use of our website possible (for establishing the connection), to ensure continuous system security and stability, to allow for technical administration of our network infrastructure and optimization of our website, as well as for internal statistics use. The IP address is only used for statistical purposes, as well as in case of an attack on our network infrastructure. This does not allow any inference to your person. It takes place under consideration and within the scope of the weighing of interests Article 6 section 1 (f) of the General Data Protection Regulation (GDPR). To the extent that further storage of log files is required for purposes of proof, these are excluded from deletion until the respective incident has been finally clarified.

2. Cookies and web analysis

We are continuously working on improving and optimizing our online services and offering you a pleasant visit of our website. Logging your access to our website into log files, as well as employing cookies and web analysis, are important for this. The legal basis for data processing using cookies – also for purposes of web analysis – is your consent according to Article 6 section 1 (a) GDPR, § 25 para 1 TTDSG and for generally required cookies our legitimate interest in the analysis, the optimization and the commercially viable operation of the website pursuant to Article 6 section 1 (f) GDPR.

2.1 Cookie information and cookie management

Cookies are automatically stored onto your computer when you visit our website. Cookies are text files which contain a pseudonymized alias and thus do not permit any form of attribution to a specific person. Only we are able to read these cookies.

The cookies that we employ may be categorized as follows: generally required cookies, function-related cookies, and service-related cookies.

Generally required cookies are used to make our website user-friendly. Certain actions you perform are stored for the duration of the respective visit to our website with the purpose of optimizing your user experience. For example, your entries to the calculator are stored so you do not have to re-enter them. These cookies are deleted when you close/exit the browser.

Function-related cookies enable us to adjust our website to the personal preferences of our users. As an example, we store the settings the user makes (e.g., country or language).

Service-related cookies help us to measure usage of our website. With these cookies, we can determine which areas of our website are visited most frequently. This information helps us to identify potentials to further improve our website.

Overview of cookies set by the website

As a user of our website, you are asked to select your own privacy settings to determine if you accept or reject cookies, or wish to be notified about receiving a new cookie. In addition, you can delete previously stored cookies. If you delete your cookies, this may result in opt-out cookies being deleted. The affected opt-outs must then be reactivated to become effective again. Deactivating cookies may lead to parts of our website not being fully functional or not being displayed correctly.

Additionally, you can adjust your settings in our Cookie Management Center.

2.2. Web analysis

We use cookies for our website that enable the analysis of your surfing behavior (service-related cookies). For this, we use the web analysis service “Piwik Pro”. This service only uses pseudonymized data with shortened IP addresses such as date and time of page view, duration of the visit, frequency of page view or pages referring you to our website. You can activate and deactivate these cookies as outlined in section 2.1.

2.3. Key third party providers

LinkedIn 
We use LinkedIn Insight Tag to measure and leverage website audiences and demographics for LinkedIn ad campaigns.

3. Communication with us

On our website, you may find various options to contact us. The communication between your browser and our servers is encrypted via SSL. You can see this in your browser by the “https://” in the address of our website.

3.1 Newsletter

If you order our Newsletter, we save your email address, surname, first name and, if applicable, your form of address. We use this information exclusively to send the Newsletter.

This data processing is always conducted based on the legal basis of your consent in accordance with Article 6 section 1 (a) GDPR. You can cancel the Newsletter at any time using a link contained in each issue. We then delete your data from our email mailing list.

Inasmuch as you have explicitly agreed to the personalised tracking, we will also analyse your user conduct. For this assessment, the emails sent contain so-called web beacons, also known as tracking pixels. Using the data thus obtained, we create a user profile in order to provide our digital services to you in a manner tailored according to your interests. Here we record when you read our emails and which links you click on in them, and draw conclusions from this information regarding your personal interests. We link this data with actions conducted by you on our website. The information thus collected is stored at Marketo on their server within the EU/EEA.

Tracking is not possible if you have deactivated the display of images as a standard measure in your email program. If you have the images shown to you manually, the tracking mentioned above will take place.

Should you have received our Newsletter without registering for it, then we have sent it to you because your interest has been assumed based on existing connections to HDI Global or its subsidiaries. In this way, the mailing takes place on the legal basis of a balancing of interests in accordance with Article 6 section 1 (f) GDPR.

Whatever the case, we record whether newsletters are repeatedly not read within a certain deadline, in order to delete Newsletter addressees from the recipient list once more. We collect this data on the legal basis of a balancing of interests in accordance with Article 6 section 1 (f) GDPR, in order to clean the data.

During the registration process for the Newsletter, the IP address and the date and time of the registration and confirmation are collected in order to be able to prove that you have consented to receive the Newsletter and to prevent any misuse of the services or the email address used. This data processing takes place on the legal basis of a balancing of interests in accordance with Article 6 section 1 (f) GDPR.

3.2 Contact form

If you wish to send us a message, you may use our contact form. Data you have entered into the contact form such as name, contact details, insurance policy number, message or company related information from career inquiries, is stored and used only for the purpose of our individual communication with you. This communication is performed by the HDI Global SE or HDI Global Specialty branch office determined by your carrier, country and/or language of choice. After completion of the communication process, your personal data will be, as a general rule, deleted. Legal basis for this processing of personal data is – if consent of the user has been given – Article 6 section 1 (a) GDPR.

3.3 Offer calculator / Online booking system

Data entered into one of our calculators or online booking systems is stored and used exclusively for the purposes of offer and policy preparation according to Article 6 section 1 (b) and (f) GDPR. We are assisted with this by external service providers which are subject to existing data protection agreements in accordance with applicable legal requirements. Data protection information for specific services or products is made available – if necessary – when using the calculators or the online booking system.

3.4 Online services

Our website offers online services which require your registration, such as the “Insurance Certificate Online” for our transportation insurance, or the “bAVnet”, with which our customers can manage their contracts for company pension plans. The data processing required for such registration is performed on the legal basis of Article 6 section 1 (b) and (f) GDPR, and is described in more detail during the registration process.

4. Storage duration

We only store the data collected during visits to the website for as long as this is necessary for the stated purposes or until the legal or contractual retention periods have expired.

5. Notice of the right to object

If we process your personal data on the legal basis of our legitimate interests pursuant to Article 6 section 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to Article 21 GDPR, provided that there are grounds related to your particular situation, or you object to the processing of your personal data for direct marketing purposes. In the latter case, we will comply with your objection regardless of grounds relating to your particular situation. Please contact our data protection team (contact details above) if you wish to exercise your right of revocation or objection.

6. Notice of the right to withdraw consent

Where processing is based on your consent you can withdraw that consent any time through contacting our data protection team (contact details above). Please be aware, that the withdrawal of consent does not affect the lawfulness of the processing based on your consent before its withdrawal. Your choices regarding the placement of cookies can be changed in the Cookie Management Center under section 2.1. Note that the behavior and functionality of certain website services and products can be affected or may no longer be available to you.

7. Conditions applicable to child’s consent

We have taken due measures to ensure that no minor may give consent to the processing of his or her data. Should we obtain knowledge that personal data of a minor has been processed, we will delete such personal data immediately.

If you would like to conclude an insurance contract with us, you are already a customer of ours or if you are making a claim against us, then we need your personal data in order to assess the risk to be insured, to advise and support you or to check an obligation to pay benefits and to settle claims.

Data protection code of conduct

Information on the withdrawal of membership as of 31.12.2021

The German insurance industry’s data protection rules of conduct set standards for data processing in the insurance industry and have been confirmed by the data protection authorities. The insurance-specific data processing procedures described in the rules of conduct are tailored to private customer business. In industrial customer business, they are only applicable to individual cases. In view of its international orientation, HDI Global SE and HDI Global Specialty SE have therefore decided to withdraw its voluntary adherence to the rules of conduct as of December 31, 2021. We will of course continue to take into account all applicable data protection requirements and responsibly continue our already established processes.

Data privacy notice

We fulfill our legal obligation to provide information by means of our data privacy notices. Since the specific data processing may differ depending on the insurance line, product or your situation as policyholder, insured person or injured party, we provide comprehensive information at this point. If you are interested in more detailed information, you can contact our data protection team using the contact details above.

You can find our data protection information below in the download area.

Declaration of consent

The regulations contained in the Insurance Contract Act, the Federal Data Protection Act, the General Data Protection Regulation and other laws do not provide a sufficient legal basis for the use of your health data. If you are required to provide your health details to enable us to process your insurance application, assess a risk or settle a claim, we therefore require a declaration of consent and confidentiality release from you. The contents of the declarations used have been agreed with the data protection regulatory authorities. They offer transparency in the way your personal data are handled.

You may find the text of our declaration of consent below in the download area.

Overview of service providers

There are certain tasks in connection with insurance contracts which we do not perform ourselves but commission a service provider to perform on our behalf. Depending on the type of assignment commissioned, it may also be necessary to pass on your health data to a service provider. We have prepared a list of service providers showing the assignments for which the respective service providers are used.

You will find the current list of service providers as well as the companies in our Group which participate in joint data processing below in the download area.

Notes and information system

We use the HIS notes and information system, a system developed by the German insurance industry and designed to comply with data protection laws, to support risk reviews and avoid insurance fraud.