Data privacy

The protection of your personal rights is of great importance for the Protektor Lebensver­siche­rungs-AG, Guarantee Scheme of the German Life Insurers. Therefore, we proceed with all data processing according to the principle of limiting data processing only to the required information and the required degree. 

By way of our Further information on data processing at Protektor, we inform you of the pur­poses for which personal data are collected, processed and used when you visit this website.

Controller
“Controller” in the terms of the General Data Protection Regulation (GDPR) is the Protektor Lebensversicherungs-AG, Wilhelmstraße 43 G, 10117 Berlin (“Protektor”).

Data collection when using our website

When you access our website, the browser on your device automatically sends information to the server of our website / application and temporarily stores it in a log file. We have no influence over this. The following information is also recorded without your intervention and stored until it is auto­matically deleted:

• the IP address of the requesting Internet-enabled device;
• the date and time of access;
• the name and URL of the retrieved file;
• the website from which access was made (referrer URL);

• the browser you are using and, if necessary, the operating system and user interface of your Internet-enabled computer as well as the name of your access provider;
• an individual process ID, status code (information about the data retrieval process, e.g. whether it was successful), the response time of the server and the amount of data trans­ferred in bytes.

The legal basis for processing the IP address is § 25(2) no. 2 TTDSG resp. Article 6(1)f GDPR. Our legitimate interest follows from the purposes of data collection listed below. We are unable to draw any direct conclusions about your identity from the data collected.

The IP address of your terminal device and the other data listed above will be used by us for the following purposes:

• to ensure a smooth connection setup;
• to ensure comfortable use of our website;
• to evaluate system safety and stability.

The server log files can also be checked subsequently, if there are concrete indications of illegal use of our website.

The data are stored for a period of 6 months and then automatically deleted.

Security

We use technical and organizational security measures to warrant that your personal data are protected against loss, falsifications and unauthorized access by third parties at all times. All safety measures are continuously adapted to technical progress. If you are requested to enter personal data within the offer, data will be transmitted over the Internet encrypted using SSL and thus protected against unauthorized access.

Contact form

When you contact us via a contact form on our website, the data you provide (e-mail address, telephone number and name) will be processed by us in accordance with Article 6(1)f GDPR in order to answer your questions. We will delete the data arising in this context after the storage is no longer necessary or restrict the processing if statutory retention obligations exist.

Your rights

If we process your data to protect legitimate interests, you may object to such processing for reasons relating to your particular situation. We will then no longer process your personal data unless we can document compelling reasons worthy of protection for the processing which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

You can request information about the data stored by us at any time. Please contact Protektor by e-mail (datenschutz@protektor-ag.de) or by post to the controller’s above address.

You may also request that your data be corrected or deleted under certain circumstances. As soon as you assert a claim for deletion or if the data are no longer necessary to fulfil the purpose for which they were stored or if the storage thereof is inadmissible for other legal reasons, we will delete the personal data you have stored. You may also have the right to restrict the processing of your data and to have the data you provide disclosed in a structured, common and machine-readable format.

You have the option to contact Protektor or a data protection supervisory authority with a complaint. The data protection supervisory authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin.

Information on data processing at Protektor Lebensversicherungs-AG

We would like to inform you below about the collection and processing of your data by Protektor Lebensversicherungs-AG (Guarantee Scheme of the German Life Insurers) and your rights in this regard.

Controller

The “controller” within the meaning of the General Data Protection Regulation (GDPR) is the Protektor Lebensversicherungs-AG, Wilhelmstraße 43 G, 10117 Berlin (“Protektor”).

Data protection officer

If you have any questions about data protection at Protektor, please do not hesitate to contact us:

• by e-mail: datenschutz@protektor-ag.de
• by post: at the above address

Purposes of data processing; legal bases

We process your personal data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and all other relevant laws. We process your data for the following purposes:

• Office communication/word processing/office:
  Processing of contact data (for example address, e-mail address, phone numbers, including those from publicly available sources) and other data pertaining to communication (such as letters, e-mails and other messages, which allow the perception of communication participants, time and scope of the communication) from contact persons in share­holder companies, member companies of the German Life Insurance Guarantee Fund (“Guarantee Fund”), member companies of the International Forum of Insurance Guarantee Schemes („IFIGS“) and other communication partners for execution of internal and external correspondence including documentation, office communication and support of evaluations. Creation, management, archiving of sent information, docu­ments, messages and business processes to document the association’s communication.

• Processing of data about shareholder companies, member companies of the Guarantee Fund, member companies of IFIGS and members of legal or statutory bodies:
  Processing of personal data to fulfil legal or statutory tasks of Protektor (e.g. invitations to annual meetings, information to shareholder companies, member companies of the Guarantee Fund and member companies of IFIGS).

• Processing of data from suppliers/service providers (e.g. providers, job processors):
  Administration of personal data from regular service providers such as suppliers, experts, etc. for the purpose of tendering bids, purchasing, contract processing and support.

• Statistical work of Protektor:
  Calculation of cross-company statistics or risk classifications in anonymous or – if necessary for the statistical purpose – pseudonymized form.
• Conducting online meetings through Webex: Processing of data about title/first and last name, position, company, phone number, e-mail address, time of submission of chat messages and, if applicable, transmitted content for the purposes of communicating during online-meetings. It cannot be ruled out that data will be transmitted to Cisco International Limited in the USA in this context.

Further information about Webex can be found in the Cisco Online Privacy Statement: https://www.cisco.com/c/en_uk/about/legal/privacy-full.html

The legal basis for the processing of personal data for pre-contractual and contractual purposes is Article 6(1)b GDPR. This applies in each case to the processing that takes place within the scope of a contract between you or your company or your employer and Protektor.

We also process your data to protect the legitimate interests of ourselves or third parties (Article 6(1)f GDPR).

This may be necessary in particular:

• to ensure IT security and operation;
• to provide and send information;
• to carry out communication procedures and exchange information;
• to answer questions (e.g. from politicians, businesspeople or consumers);
• to organize and execute online meetings;
• to carry out statistical work in compliance with Article 89 GDPR.

In addition, we process your personal data to fulfil legal obligations such as commercial and tax data retention obligations. In these cases, legal bases for processing are the respective provisions of law in conjunction with Article 6(1)c GDPR.

Should we ever obtain your consent to process your data, you can revoke this consent at any time. The withdrawal will impinge the permissibility to process your personal data after you have declared your withdrawal to us.

Recipients or categories of recipients of personal data

Within Protektor, only those persons and units (e.g. departments) will receive your personal data that need the data to fulfil their tasks with regard to the purposes mentioned before. In the course of our activities, we will also have to transfer some data to external third parties and make use of exter­nal service providers. In particular, we may transfer your personal data to the following recipients and categories of recipients:

• GDV Dienstleistungs-GmbH and other IT and hosting service providers for tasks of the individual departments of Protektor;
• telecommunication service providers;
• service providers to send information;
• service providers to support the organization and execution of online-meetings;
• participants of online-meetings;
• IFIGS member companies (e.g. to communicate with contact persons);
• state agencies.

Data transfer to a third country

If we transfer personal data to service providers outside the European Economic Area (EEA), there is a possibility that the level of data protection in one of the countries does not meet European standards. As far as possible, the data will be transferred on the basis of the EU Commission’s adequacy decisions or standard data protection clauses. When using standard data protection clauses, we endeavor to implement additional measures to protect your data if necessary.

Duration of data storage

We delete your personal data as soon as they are no longer required for the abovementioned purposes. It may occur that personal data will be stored for the period during which claims can be asserted against Protektor (statutory limitation period of three or up to thirty years). In addition, we will store your personal data, if we are legally obliged to do so. Corresponding documentation and storage obligations arise, inter alia, from the German Commercial Code and Tax Code. The storage periods in accordance therewith are up to ten years. If necessary, we will be pleased to provide you further information on the duration of data storage with respect to any specific purpose.