1. Log files
Upon each visit of our website, your browser automatically sends information to the servers of our website, which is temporarily stored in a so-called log file. The following data is recorded without any action on your part and stored until automatic deletion:
- IP address of the computer issuing the request,
- date and time of access,
- name and URL of the file(s) accessed/retrieved,
- website which directed you to our Internet presence (referrer page),
- operating system and browser employed,
- name of your internet access provider.
Collecting and processing of this data takes place to make the use of our website possible (for establishing the connection), to ensure continuous system security and stability, to allow for technical administration of our network infrastructure and optimization of our website, as well as for internal statistics use. The IP address is only used in the event of attacks on the network infrastructure as well as for statistical purposes without us drawing any conclusions with regard to your identity. It takes place under consideration and within the scope of the weighing of interests according to article 6 para 1 (f) of the General Data Protection Regulation (GDPR). To the extent that further storage of log files is required for purposes of proof, these are excluded from deletion until the respective incident has been finally clarified.
The data collected will be deleted after four weeks at the latest.
2. Cookies and web analysis
We are continuously working on improving and optimizing our online services and offering you a pleasant visit of our website. Logging your access to our website into log files, as well as employing cookies and web analysis, are important for this. The legal basis for data processing using cookies – also for purposes of web analysis – is our legitimate interest in the analysis, the optimization and the commercially viable operation of our website pursuant to article 6 para 1 (f) GDPR.
2.1 Cookie information and cookie management
Cookies are automatically stored onto your computer when you visit our website. Cookies are text files which contain a pseudonymized alias and thus do not permit any form of attribution to a specific person. Only we are able to read these cookies.
The cookies that we employ may be categorized as follows: generally required cookies, function-related cookies, and service-related cookies.
Generally required cookies are used to make our website user-friendly. Certain actions you perform are stored for the duration of the respective visit to our website with the purpose of optimizing your user experience. For example, your entries to the calculator are stored so you do not have to re-enter them. These cookies are deleted when you close/exit the browser.
Function-related cookies enable us to adjust our website to the personal preferences of our users. As an example, we store the settings the user makes (e.g., country or language).
Service-related cookies help us to measure usage of our website. With these cookies, we can determine which areas of our website are visited most frequently. This information helps us to identify potentials to further improve our website.
As a user of our website, you are asked to select your own privacy settings to determine if you accept or reject cookies, or wish to be notified about receiving a new cookie. In addition, you can delete previously stored cookies. If you delete your cookies, this may result in opt-out cookies being deleted. The affected opt-outs must then be reactivated to become effective again. Deactivating cookies may lead to parts of our website not being fully functional or not being displayed correctly.
Additionally, you can adjust your settings in our Cookie Management Center.
2.2. Web analysis
3. Communication with us
On our website, you may find various options to contact us. The communication between your browser and our servers is encrypted via SSL. You can see this in your browser by the "https://" in the address of our website.
We utilise the services provided by Marketo EMEA Limited (Cairn House South County Business Park, Leopardstown Road, Dublin 18 Ireland) for the dispatch of Newsletters.
If you order our Newsletter, we save your email address, surname, first name and, if applicable, your form of address. We use this information exclusively to send the Newsletter.
This data processing is always conducted based on the legal basis of your consent in accordance with Art. 6 Section 1 lit. a) Datenschutzgrundverordnung (General Data Protection Regulations). You can cancel the Newsletter at any time using a link contained in each issue. We then delete your data from our email mailing list.
Inasmuch as you have explicitly agreed to the personalised tracking, we will also analyse your user conduct. For this assessment, the emails sent contain so-called web beacons, also known as tracking pixels. Using the data thus obtained, we create a user profile in order to provide our digital services to you in a manner tailored according to your interests. Here we record when you read our emails and which links you click on in them, and draw conclusions from this information regarding your personal interests. We link this data with actions conducted by you on our website. The information thus collected is stored at Marketo on their server within the EU/EEA.
Tracking is not possible if you have deactivated the display of images as a standard measure in your email program. If you have the images shown to you manually, the tracking mentioned above will take place.
Should you have received our Newsletter without registering for it, then we have sent it to you because your interest has been assumed based on existing connections to HDI Global or its subsidiaries. In this way, the mailing takes place on the legal basis of a balancing of interests in accordance with Art. 6 Section 1 lit. f) Datenschutzgrundverordnung (General Data Protection Regulations).
Whatever the case, we record whether newsletters are repeatedly not read within a certain deadline, in order to delete Newsletter addressees from the recipient list once more. We collect this data on the legal basis of a balancing of interests in accordance with Art. 6 Section 1 lit. f) Datenschutzgrundverordnung (General Data Protection Regulations), in order to clean the data.
During the registration process for the Newsletter, the IP address and the date and time of the registration and confirmation are collected in order to be able to prove that you have consented to receive the Newsletter and to prevent any misuse of the services or the email address used. This data processing takes place on the legal basis of a balancing of interests in accordance with Art. 6 Section 1 lit. f) Datenschutzgrundverordnung (General Data Protection Regulations).
3.2 Contact form
If you wish to send us a message, you may use our contact form. Data you have entered into the contact form such as name, e-mail address, insurance policy number, and message submitted, is stored and used only for the purpose of our individual communication with you. This communication is performed by the HDI Global SE branch office determined by your choice of country and/or language. After completion of the communication process, your personal data will be, as a general rule, deleted. Legal basis for this processing of personal data is - if consent of the user has been given - article 6 para 1 (a) GDPR.
3.3 Offer calculator / Online booking system
Data entered into one of our calculators or online booking systems is stored and used exclusively for the purposes of offer and policy preparation according to article 6 para 1 (b) and (f) GDPR. We are assisted with this by external service providers which are subject to existing data protection agreements in accordance with applicable legal requirements. Data protection information for specific services or products is made available - if necessary - when using the calculators or the online booking system.
3.4 Online services
Our website offers online services which require your registration, such as the “Insurance Certificate Online” for our transportation insurance, or the “bAVnet”, with which our customers can manage their contracts for company pension plans. The data processing required for such registration is performed on the legal basis of article 6 para 1 (b) and (f) GDPR, and is described in more detail during the registration process.
4. Content and third-party technology
For embedding HDI videos, we use content and technology of the online video service Vimeo. This service is operated by Vimeo, LLC, with headquarters at 555 West 18th Street, New York, NY 10011, United States of America.
When retrieving pages from our website containing a Vimeo plug-in, a connection to the servers of Vimeo is established, and the plug-in displayed. This transmits information on which of our pages you have visited to the Vimeo server by transferring your IP address. If you are logged on to Vimeo as a member, Vimeo assigns this information to your personal Vimeo user account. When using the plug-in, for example by clicking the start button of a video, this information is also attributed to your account. Additional information about usage may be collected, e.g. which, when and for how long you have viewed a video. You can prevent such attribution by logging off from your Vimeo account and deleting the respective Vimeo cookies before using our website.
Vimeo accesses the tracker of Google Analytics via the iframe inside which the video is being displayed. We have no access to this tracking by Vimeo. You can prevent transmission and use of your data, which is generated by the cookie and relates to your use of the website (including your IP address), to Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Please note that we have no influence on the mode and scope of collection, use or processing of your data by Vimeo. For information on this, please consult the data protection information of Vimeo at https://vimeo.com/privacy.
5. Notice of the right to object
If we process your personal data on the legal basis of our legitimate interests pursuant to article 6 para 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to article 21 GDPR, provided that there are grounds related to your particular situation, or you object to the processing of your personal data for direct marketing purposes. In the latter case, we will comply with your objection regardless of grounds relating to your particular situation. Please contact our data protection team (contact details above) if you wish to exercise your right of revocation or objection.