In the interest of both parties, we take our task of ensuring the confidentiality of your data within the framework of the applicable provisions of data protection law very seriously. We use modern techniques to conduct the dialogue with you via the Internet and to secure your data.
For us, the Internet is an important sales, information and contact channel to our customers, business partners and, via the career site, also to our applicants. Nevertheless, many users of the Internet are still very often uncertain and distrustful about whether and which of their personal data is being processed by whom. We would like to dispel these reservations. The protection of the personal rights of our customers and business partners and the security of your personal data is of utmost importance to us. You can rely on this. Accordingly, the principle of data avoidance and data security has top priority for us.
With the help of the following guidelines, we would like to make the subject of data collection, processing, use and storage transparent to you and answer as many questions as possible about data protection in connection with our Internet presence.
If you are interested in our company as an employer and apply for a job advertisement via our applicant portal, supplementary data protection regulations apply, which are automatically made available to you during the application process.
Should any questions remain unanswered or if you would like to find out about specific individual questions, please send us an e-mail to
email@example.com or firstname.lastname@example.org.
This declaration on data protection applies to all our Internet pages. Insofar as legally binding declarations are made in the name of the ALTE LEIPZIGER - HALLESCHE Group in the following, they apply equally to all companies belonging to the ALTE LEIPZIGER - HALLESCHE Group. Insofar as our Internet pages contain hyperlinks or references to other Internet pages, no responsibility is assumed for the data protection principles and possible breaches of data protection that occur when visiting and using these Internet pages.
Our Internet presence may contain links to websites of other providers (external links) to which this data protection declaration does not apply. These websites are subject to the liability of the respective operators. Should you notice that links on our Internet presence refer to websites whose contents violate applicable law, please notify us by sending an e-mail to email@example.com or firstname.lastname@example.org. We will then immediately remove these links from our Internet presence. The companies in the ALTE LEIPZIGER - HALLESCHE Group accept no responsibility for the topicality, correctness, completeness or quality of the information provided.
The person responsible in accordance with Art. 4 section 7 DSGVO and other national data protection laws of the member states of the European Union and other data protection regulations is
for the ALTE LEIPZIGER companies
tel. 06171 66-00
fax 06171 24434
for the HALLESCHE
HALLESCHE Krankenversicherung a.G.
tel. 0711 6603-0
fax 0711 6603-333
The processing of personal data during your visit to our website is always based on data protection regulations. These include in particular the EU-Datenschutz-Grundverordnung (DSGVO) (= EU General Data Protection Regulation as well as the Bundesdatenschutzgesetz (BDSG) (= Federal Data Protection Act) and the Versicherungsvertragsgesetz (VVG) (= Insurance Contract Act). Insofar as the Internet is also used to offer products, the provider as a teleservice provider is also subject to the legal provisions of the e-Privacy-Verordnung und des Telemediengesetzes (TMG) (= e-Privacy Regulation and the Telemedia Act) within the framework of the provider-user relationship. The legal requirements of these legal provisions in the currently valid version are also taken into account within the framework of the Internet presence of the ALTE LEIPZIGER - HALLESCHE Group - insofar as they are relevant
During your visit to our website, you can navigate freely on our generally accessible web pages without disclosing any personal information. When you visit our website for purely informational purposes, only the data that your browser transmits to our servers is collected. This includes the domain name and the IP address assigned to you by your Internet provider, the operating system of your PC and your browser type. The website from which you visit us, the websites that you visit on our site and the time of access are also automatically stored for a maximum of seven days. The legal basis for the temporary storage of this data in log files is Art. 6 section 1 lit. f DSGVO and is for the purpose of maintaining IT security. This data processing is absolutely necessary for the operation of our Internet pages, and in this respect there is no possibility of objection. Conclusions about your person and the creation of user profiles are not possible. In particular, you can make use of our tariff and premium calculators without providing personal data. In order to receive an individual product offer, to make a purchase or a contract or to contact us via a contact form, we need your personal data. You provide this information voluntarily and it will only be forwarded to us with your express consent. Areas of our website where personal data is collected are secured by SSL encryption. If you use this opportunity to contact us, your details will be processed and automatically stored for the purpose of answering your inquiry in accordance with Art. 6 section 1 lit. c DSGVO. We will delete the inquiries if they are no longer necessary and no legal archiving obligations apply.
2.2 Special access data
When you use one of our various service offers, such as changing your address, reporting a claim or other ways of contacting us, the personal data entered in these forms is transmitted from your PC in encrypted form according to internationally recognized security standards (SSL) to protect it against misuse by third parties.
In addition, certain Internet pages that are not generally accessible require personal authorization with an individual user ID and password in order to be able to access the data relating to their respective business area.
You have the possibility to cancel your user account at any time. In this case, your data will be deleted, unless we are obliged to keep it for reasons of commercial or tax law. The legal basis for the processing of the data is Art. 6 section 1 lit. a DSGVO, if you have given your consent. If the registration serves the fulfilment of a contract to which you are a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 section 1 lit. b DSGVO.
We process the data provided by you exclusively for the intended purpose, on the basis of Art. 6 section 1 lit. f DSGVO. You decide which personal data we receive and for what purpose we may process it. The data will only be passed on to third parties within the framework of mandatory legal regulations or under the conditions mentioned under 5.
The DSGVO always requires your consent as the basis of legitimacy for the processing of personal data, unless other admissibility requirements specified in Article 6 of the DSGVO are met. Personal data will only be collected and processed during and after your visit to the Internet with your express consent. This consent or declaration of consent can be revoked at a later date at any time with future effect without giving reasons to the ALTE LEIPZIGER - HALLESCHE Group. Our contact details can be found in the impressum of our website.
Insofar as data is processed by external service providers within the scope of order processing, these are not considered third parties under data protection law. With regard to data processing, they are nevertheless obliged to comply with the provisions of Art. 28 DSGVO and are subject to our right to issue instructions. Personal data will only be passed on to intermediaries for the purpose of processing your inquiries or to support and advise you on insurance matters. Every agent is legally and contractually obliged to observe the provisions of the DSGVO and the obligations of confidentiality. Health data will only be passed on after their prior consent. You will be informed of the agent responsible for your care. If his activity for our company ends (e.g. by termination of the brokerage contract or by leaving the company), the company will reorganize your support; you will be informed accordingly. Otherwise, personal data will only be passed on to third parties in the narrow cases prescribed by law or if you have given us your express permission to do so.
In the above-mentioned cases of passing on your personal data to third parties, we naturally respect your right to object to this at any time.
We only pass on data to service providers within the EU in the context of order processing. We only allow your data to be processed in a third country if the special requirements of Art. 44 ff. DSGVO are fulfilled. The data may then only be processed on the basis of special guarantees, such as the EU Commission's officially recognized determination of a level of data protection corresponding to that of the EU or compliance with officially recognized special contractual obligations, the so-called "standard contractual clauses". We require U.S. service providers to use these standard clauses or to comply with the "privacy shield", the data protection agreement negotiated between the European Union and the United States (privacyshield.gov).
The legislator has standardized a wide range of obligations and periods of storage for personal data. After these periods have expired, the corresponding data is routinely deleted. If data is not affected by this, it is deleted when the purposes mentioned under No. 3 cease to apply. If data has been passed on to other bodies in a permissible manner, they will be informed of this and advised of the obligation to delete it. Insofar as deletion is contrary to legal, statutory or contractual retention periods or the deletion conflicts with the interests of the person concerned that merit protection, such data will be blocked. Data is blocked by marking stored personal data in order to restrict its further processing or use.
In this respect, the stored personal data is regularly checked to determine whether it is still necessary for the specific purpose of storage.
7.1 Rights on information
You have the right to receive information free of charge about the data stored about you. On request, we will provide you with information about your personal data in writing - also online if you wish - to the extent permitted by law. This information includes in particular whether personal data has been stored. If this is the case, the information extends to the processing purposes, the categories of personal data processed, the data recipients, the storage period, the origin of the data and the reference to existing rights (see following sections). If an automated decision making process exists, information must be provided on the logic involved, the scope and the intended consequences of the processing for the data subject The right of access can only be exercised by the data subject himself and exclusively with regard to data collected, processed or used by him.
7.2 Right of Rectification
If the personal data processed are incorrect or incomplete, the data subject shall have the right to rectify or complete them.
7.3 Right to erasure ("right to be forgotten")
Under the conditions stated in Article 17 DSGVO (§ 35 BDSG) you can request the deletion of personal data. Accordingly, personal data must be deleted if, among other things, the purpose of processing no longer applies, the data has been processed unlawfully or the previously granted consent is revoked. The precondition for this is, however, that the deletion is not contrary to public interests or legal obligations. If we have made public the personal data concerning you and we are obliged to delete them, we will take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you have requested them to delete all links to these personal data or copies or replications of these personal data.
7.4 Right to limit processing
If the person concerned by the processing of his personal data disputes the accuracy of the data, he has the right to request a restriction of the processing for the duration of the verification. This also applies if the processing was carried out unlawfully and the data subject refuses the deletion. A further case of application arises if the purpose of processing no longer applies, but legal claims still stand in the way of deletion. After a processing restriction has been imposed, the data subject must be informed before the restriction is lifted. If you have any further questions regarding the processing of your personal data, you can contact the contact point listed under 9.2 at any time, in particular our company data protection officer.
7.5 Right to data transferability
Every person concerned, has the right to obtain from the person, responsible for the processing of his personal data, the data relating to him, which he has previously made available to the responsible person, in a structured, standard and machine-readable format, and to have it transmitted to another responsible person. Where technically possible, direct transfer from one responsible person to another may also be obtained.
7.6 Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data, which is carried out on the basis of Art. 6 paragraph 1 lit. e or f DSGVO. If we process your data for the purpose of direct advertising, you may object to the processing of your data for the purpose of such advertising at any time if reasons arise from your particular situation that speak against data processing.
7.7 Automated decisions in individual cases including profiling
You have the right, not to be subject to a decision based solely on automated processing - including profiling - which has legal effect on you or which significantly affects you in a similar way. This does not apply if the decision is necessary for the conclusion or performance of a contract between you and us, is permitted by law or is made with your express consent.
7.8 Right to appeal to a supervisory authority
You have the right to complain to a supervisory authority, in particular in the member state of your residence, your place of work or the place of the suspected violation, if you believe that the processing of personal data concerning you is in violation of the DSGVO.
Furthermore, the data processing network of the ALTE LEIPZIGER - HALLESCHE Group is protected by a firewall system according to the current state of the art from and to the outside. This ensures sufficient access, entry and access control to protect your inventory, usage and content data against manipulation, loss and destruction.
Data security is an important concern for us, which we ensure by continuous support of the systems used and by qualified personnel. In particular, we adapt our protective measures to further developed or new reliable security systems according to our possibilities. In this respect, we reserve the right to make changes and additions. In view of the many risks associated with the use of the Internet, there can be no completely unlimited security.
The ALTE LEIPZIGER - HALLESCHE Group undertakes to comply with the above-mentioned principles of data protection and data security as described. We regularly monitor compliance with these data protection principles within the Group and their conformity with the requirements of data protection law. In addition, we ensure, both through our company data protection officer and our internal organization, that personal data is only used to the extent permitted by law.
However, the ALTE LEIPZIGER - HALLESCHE Group reserves the right to change these data protection principles if necessary. We will indicate the status of the changes or revision at the beginning of our data protection declaration.
9.2 Data Protection Officer, Information and Complaints Office in the Group
If you have any further questions, please do not hesitate to contact the ALTE LEIPZIGER - HALLESCHE Group, which will be happy to assist you with its expert team.
As contact person for data protection, you can also contact the responsible data protection officer, who is not bound by instructions in the fulfilment of his duties. His tasks include in particular monitoring compliance with the DSGVO and other regulations on data protection. You can contact our data protection officer at the e-mail address email@example.com or firstname.lastname@example.org
The ALTE LEIPZIGER - HALLESCHE Group also offers various applications for you online (e.g. video consulting, software application [Apps]). In addition to the general data protection provisions, the following provisions apply to these applications.
When you visit our websites, data about the websites you visit are generated by the web server and sent to the web browser/app and stored (so-called web cookies). This is done in order to optimize and further develop the web applications and to constantly improve our communication with you according to your usage behavior. Only data that originates from you and that you generate yourself during your communication with the respective server is collected. Web cookies are not hidden and can be viewed by the user. Other data is not spied out. Personal data is not stored. Your privacy remains protected.
10.1 What is stored in cookies?
In order to improve the quality and security of our service, we store for statistical purposes the data about each access to the pages of our online applications that your browser/app transmits whenever you visit the website/app. These server logs include information such as your web request/usage request, your IP address, browser type, browser language, date and time of your request and one or more cookies that can uniquely identify your browser, general information such as when errors occur, and information from security events (change password, password recovery, change email address, change cell phone number) as required for use. The IP address is stored in a shortened form in accordance with data protection regulations.
We use the services of third parties to evaluate the effectiveness of our Apps and the Services and to determine how you use the App and/or the Services. For this purpose, we may use web beacons on the App pages that third parties provide to our analysis systems for this purpose. The information we collect includes, for example, the number of pages visited, navigation patterns and similar data. This statistically collected data enables us to find out which services within the app are most interesting to users and which offers users prefer to view. Although the provider logs the data coming from our website on our behalf, we have control over how this data may or may not be used. The cookie itself contains no personal data. Even if you provide personal data (such as your user ID) when you visit the website and do not delete the cookie from your browser after providing this data, the provider only collects the non-personal data stored in the cookie (such as the number of visits) and stores it anonymously.
When you visit our websites, a cookie notice is displayed to inform users that cookies are being set. If you confirm this message, the cookie will be set in your browser for one year and you will no longer see the cookie message. To be able to assign the geographical origin of the visitor, the IP address is checked. Neither the IP address nor any other personal data is stored in this step. We use CookieConsent from Silktide Insites for this service. The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f DSGVO.
10.2 Avoidance/deletion of cookies
Most browsers accept cookies, but it is possible to set the browser to refuse all cookies. However, you can delete cookies at any time.
Of course you can object to the use of our cookies and also the cookies of third parties at any time by setting your Internet browser so that it does not accept cookies. Please refer to the help function of your Internet browser for details. We would like to point out, however, that in this case it may not be possible for the app/services to function properly.
10.3 Use of the "visitor action pixel" of Facebook
To evaluate and support online marketing activities, we use the "visitor action pixel" of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). Facebook is certified under the Privacy Shield Agreement and thus offers a sufficient guarantee to comply with European data protection law. The Facebook pixel enables us to track users' actions after they have seen or clicked on a Facebook advertisement. This allows us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, which means we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which we will inform you about according to our state of knowledge. Facebook may link this data to your Facebook account and also use it for its own advertising purposes, in accordance with Facebook's Data Usage Policy (https://www.facebook.com/about/privacy). You can enable Facebook and its partners to place advertisements on and outside of Facebook. A cookie may also be stored on your computer for these purposes. Please change your ad settings on Facebook if you wish to withdraw your consent (https://www.facebook.com/settings). This consent may only be given by users who are older than 13 years. If you are younger, please ask your legal guardian for advice.
10.4 Use of Facebook Website Custom Audiences
On our website we also use communication tools of the social network Facebook, especially the remarketing or "custom audience" function. This feature allows us to target visitors to our website with targeted advertising by displaying personalized, interest-based ads to visitors to our website when they visit Facebook. Facebook uses so-called cookies to perform the analysis of website usage, which forms the basis for the creation of interest-based advertisements. For this purpose, Facebook stores a small file with a sequence of numbers in the browsers of visitors to our website. This number is used to record visits to the website as well as anonymized data on the use of the website. No personal data of website visitors is stored.
If you no longer wish to receive interest-based advertising within Facebook, you can change your settings in your Facebook account. To do so, please follow the instructions under the link http://www.facebook.com/ads/website_custom_audiences/.
We use the data processing described under 10.3 and 10.4 because of our legitimate interest in the analysis, optimization and economic operation of our website in accordance with Art. 6 para. 1 lit f DSGVO.
10.5 Use of Google Adwords conversion tracking
We use the online advertising program "Google AdWords" and within Google AdWords the conversion tracking. Google Conversion Tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). When you click on an ad placed by Google, a conversion tracking cookie is placed on your computer. These cookies expire after 30 days and are not used for personal identification.
10.6 Use of the remarketing or "Similar Target Groups" feature of Google Inc.
The data processing described under 10.5 and 10.6 takes place for users of a Google account exclusively on the basis of the consent given to Google, which you can also revoke at Google. The legal basis results from Art. 6 Para. 1 lit. a DSGVO. In the case of data collection processes that are not merged in your Google Account (e.g. because you do not have a Google Account or have objected to the merging), the collection of data is based on Art. 6 para. 1 lit. f DSGVO. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.
10.7 Web analysis by Webtrends
10.8 Use of Google Analytics
The website uses Google Analytics, a network analysis service provided by Google, Inc. ("Google"). Google Analytics uses "cookies". These are text files that are installed on your computer and contribute to the analysis of the website with regard to its use by the user. The data stored by the cookies about your use of the website is transferred to Google and stored on its servers in the United States.
You can also opt-out of Google Analytics tracking for the future by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser (click here https://tools.google.com/dlpage/gaoptout?hl=en-GB.)
10.9 Web analysis service Matomo
1. Scope of the processing of personal data
2 Legal basis for the processing of personal data
The legal basis for the processing of personal data using cookies is Art. 6 section 1 letter f DSGVO.
3. Purpose of data processing
Matomo is used for the purpose of improving the quality of our website and its contents. Thereby we learn how the website is used and can optimize our offer constantly.
4. duration of storage, possibility of objection and removal
Alternatively, most modern browsers have a so-called "Do Not Track" option, by which they tell websites not to track your user activities. Matomo respects this option.
All data stored on Facebook can be requested. Your request will be sent to Facebook. If an request occurs, we will research the user data for our site. You must do the same from your page. We will then send the request to Facebook via the link (https://www.facebook.com/help/contact/308592359910928).
11.1 Social Bookmarks
So-called social bookmarks (e.g. from Facebook, Google, Twitter and Xing) are integrated on our website. Social bookmarks are Internet bookmarks that allow users of such services to collect links and news items. These are only integrated on our website as links to the corresponding services. After clicking on the embedded graphic, you will be redirected to the page of the respective provider, i.e. only then will user information be transferred to the respective provider. For information on how your personal data is handled when using these websites, please refer to the respective data protection regulations of the providers.
11.2 Social plugins (Facebook, Twitter, Google+)
So-called "Social Plugins" are used on our websites. Currently these are the plugins of the services Facebook, Twitter, Google+. Via these plugins, data, including personal data, can be sent to the US service providers and used by them if necessary.
11.3 Shariff protection tool
The ALTE LEIPZIGER - HALLESCHE Group itself does not collect any personal data by means of the social plugins or through their use. To prevent data from being transferred to service providers in the USA without the user's knowledge, we use the so-called Shariff solution. This solution ensures that initially no personal data is passed on to the providers of the individual social plug-ins when you visit our websites. Only when you click on one of the social plugins can data be transferred to the service provider and stored there.