Privacy policy

We are aware that the protection of your privacy is important to you when using our Internet pages. At this point we would like to inform you about our principles for processing data.

 

Please note, that only the german version of this website ist legally binding.

In the interest of both parties, we take our task of ensuring the confidentiality of your data within the framework of the applicable provisions of data protection law very seriously. We use modern techniques to conduct the dialogue with you via the Internet and to secure your data. 

For us, the Internet is an important sales, information and contact channel to our customers, business partners and, via the career site, also to our applicants. Nevertheless, many users of the Internet are still very often uncertain and distrustful about whether and which of their personal data is being processed by whom. We would like to dispel these reservations. The protection of the personal rights of our customers and business partners and the security of your personal data is of utmost importance to us. You can rely on this. Accordingly, the principle of data avoidance and data security has top priority for us.

With the help of the following guidelines, we would like to make the subject of data collection, processing, use and storage transparent to you and answer as many questions as possible about data protection in connection with our Internet presence.

If you are interested in our company as an employer and apply for a job advertisement via our applicant portal, supplementary data protection regulations apply, which are automatically made available to you during the application process.  

Should any questions remain unanswered or if you would like to find out about specific individual questions, please send us an e-mail to
datenschutz@alte-leipziger.de or datenschutz@hallesche.de.

This declaration on data protection applies to all our Internet pages. Insofar as legally binding declarations are made in the name of the ALH Group in the following, they apply equally to all companies belonging to the ALH Group. Insofar as our Internet pages contain hyperlinks or references to other Internet pages, no responsibility is assumed for the data protection principles and possible breaches of data protection that occur when visiting and using these Internet pages.

Our Internet presence may contain links to websites of other providers (external links) to which this data protection declaration does not apply. These websites are subject to the liability of the respective operators. Should you notice that links on our Internet presence refer to websites whose contents violate applicable law, please notify us by sending an e-mail to datenschutz@alte-leipziger.de or datenschutz@hallesche.de. We will then immediately remove these links from our Internet presence. The companies in the ALH Group accept no responsibility for the topicality, correctness, completeness or quality of the information provided.

The person responsible in accordance with Art. 4 section 7 DSGVO and other national data protection laws of the member states of the European Union and other data protection regulations is

 

for the Alte Leipziger companies
Alte Leipziger Lebensversicherung a.G.

Alte Leipziger-Platz 1
61440 Oberursel
tel. 06171 66-00
fax 06171 24434

service@alte-leipziger.de

     for the Hallesche
Hallesche Krankenversicherung a.G. 
Reinsburgstraße 10
70178 Stuttgart
tel. 0711 6603-0
fax 0711 6603-333

service@hallesche.de

 

 

#datenschutz-info-inner-accordion-1-inhalt
1. What are the relevant legal bases for the protection of your personal data?

 

The processing of personal data during your visit to our website is always based on data protection regulations. These include in particular the EU-Datenschutz-Grundverordnung (DSGVO) (= EU General Data Protection Regulation as well as the Bundesdatenschutzgesetz (BDSG) (= Federal Data Protection Act) and the Versicherungsvertragsgesetz (VVG) (= Insurance Contract Act). Insofar as the Internet is also used to offer products, the provider as a teleservice provider is also subject to the legal provisions of the e-Privacy-Verordnung und des Telemediengesetzes (TMG) (= e-Privacy Regulation and the Telemedia Act) within the framework of the provider-user relationship. The legal requirements of these legal provisions in the currently valid version are also taken into account within the framework of the Internet presence of the ALH Group - insofar as they are relevant
#datenschutz-info-inner-accordion-2-inhalt
2. Which personal data is collected and how is it processed?
2.1 Informational use of our Internet pages

During your visit to our website, you can navigate freely on our generally accessible web pages without disclosing any personal information. When you visit our website for purely informational purposes, only the data that your browser transmits to our servers is collected. This includes the domain name and the IP address assigned to you by your Internet provider, the operating system of your PC and your browser type. The website from which you visit us, the websites that you visit on our site and the time of access are also automatically stored for a maximum of seven days. The legal basis for the temporary storage of this data in log files is Art. 6 section 1 lit. f DSGVO and is for the purpose of maintaining IT security. This data processing is absolutely necessary for the operation of our Internet pages, and in this respect there is no possibility of objection. Conclusions about your person and the creation of user profiles are not possible. In particular, you can make use of our tariff and premium calculators without providing personal data. In order to receive an individual product offer, to make a purchase or a contract or to contact us via a contact form, we need your personal data. You provide this information voluntarily and it will only be forwarded to us with your express consent. Areas of our website where personal data is collected are secured by SSL encryption. If you use this opportunity to contact us, your details will be processed and automatically stored for the purpose of answering your inquiry in accordance with Art. 6 section 1 lit. c DSGVO. We will delete the inquiries if they are no longer necessary and no legal archiving obligations apply.

 

2.2 Special access data

When you use one of our various service offers, such as changing your address, reporting a claim or other ways of contacting us, the personal data entered in these forms is transmitted from your PC in encrypted form according to internationally recognized security standards (SSL) to protect it against misuse by third parties.

In addition, certain Internet pages that are not generally accessible require personal authorization with an individual user ID and password in order to be able to access the data relating to their respective business area.

You have the possibility to cancel your user account at any time. In this case, your data will be deleted, unless we are obliged to keep it for reasons of commercial or tax law. The legal basis for the processing of the data is Art. 6 section 1 lit. a DSGVO, if you have given your consent. If the registration serves the fulfilment of a contract to which you are a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 section 1 lit. b DSGVO.
 
#datenschutz-info-inner-accordion-3-inhalt
3..Why is your personal data collected?

 

We process the data provided by you exclusively for the intended purpose, on the basis of Art. 6 section 1 lit. f DSGVO. You decide which personal data we receive and for what purpose we may process it. The data will only be passed on to third parties within the framework of mandatory legal regulations or under the conditions mentioned under 5.

#datenschutz-info-inner-accordion-4-inhalt
4. When is your personal data collected?

 

The DSGVO always requires your consent as the basis of legitimacy for the processing of personal data, unless other admissibility requirements specified in Article 6 of the DSGVO are met. Personal data will only be collected and processed during and after your visit to the Internet with your express consent. This consent or declaration of consent can be revoked at a later date at any time with future effect without giving reasons to the ALH Group. Our contact details can be found in the impressum of our website.
#datenschutz-info-inner-accordion-5-inhalt
5. To whom are your personal data made accessible?
Our employees have access to your data when they process and manage your affairs. They are obliged to observe data secrecy. This means that they may only process personal data for the purpose of fulfilling their respective legitimate duties and that this obligation continues after the end of their employment. The obligation also extends to the observance of banking secrecy, telecommunications secrecy, business and trade secrecy and professional secrecy in accordance with § 203 StGB. Our employees have been informed in detail about data protection regulations and have been instructed about the criminal consequences of violations. Insofar as personal data is made available to other group companies on the basis of common data systems of the ALH Group or is passed on to third parties for the purpose of the proper fulfillment of contractual relationships or due to organizational processing, they are obligated to maintain data secrecy and strict compliance with data protection regulations.

Insofar as data is processed by external service providers within the scope of order processing, these are not considered third parties under data protection law. With regard to data processing, they are nevertheless obliged to comply with the provisions of Art. 28 DSGVO and are subject to our right to issue instructions. Personal data will only be passed on to intermediaries for the purpose of processing your inquiries or to support and advise you on insurance matters. Every agent is legally and contractually obliged to observe the provisions of the DSGVO and the obligations of confidentiality. Health data will only be passed on after their prior consent. You will be informed of the agent responsible for your care. If his activity for our company ends (e.g. by termination of the brokerage contract or by leaving the company), the company will reorganize your support; you will be informed accordingly. Otherwise, personal data will only be passed on to third parties in the narrow cases prescribed by law or if you have given us your express permission to do so.

In the above-mentioned cases of passing on your personal data to third parties, we naturally respect your right to object to this at any time.

We only pass on data to service providers within the EU in the context of order processing. We only allow your data to be processed in a third country if the special requirements of Art. 44 ff. DSGVO are fulfilled. The data may then only be processed on the basis of special guarantees, such as the EU Commission's officially recognized determination of a level of data protection corresponding to that of the EU or compliance with officially recognized special contractual obligations, the so-called "standard contractual clauses". We require U.S. service providers to use these standard clauses or to comply with the "privacy shield", the data protection agreement negotiated between the European Union and the United States (privacyshield.gov).
 
#datenschutz-info-inner-accordion-6-inhalt
6. What happens to your personal data after collection?

 

The legislator has standardized a wide range of obligations and periods of storage for personal data. After these periods have expired, the corresponding data is routinely deleted. If data is not affected by this, it is deleted when the purposes mentioned under No. 3 cease to apply. If data has been passed on to other bodies in a permissible manner, they will be informed of this and advised of the obligation to delete it. Insofar as deletion is contrary to legal, statutory or contractual retention periods or the deletion conflicts with the interests of the person concerned that merit protection, such data will be blocked. Data is blocked by marking stored personal data in order to restrict its further processing or use.

In this respect, the stored personal data is regularly checked to determine whether it is still necessary for the specific purpose of storage.

 
#datenschutz-info-inner-accordion-7-inhalt
7. What rights do you have with regard to your personal data?

 

7.1 Rights on information

You have the right to receive information free of charge about the data stored about you. On request, we will provide you with information about your personal data in writing - also online if you wish - to the extent permitted by law. This information includes in particular whether personal data has been stored. If this is the case, the information extends to the processing purposes, the categories of personal data processed, the data recipients, the storage period, the origin of the data and the reference to existing rights (see following sections). If an automated decision making process exists, information must be provided on the logic involved, the scope and the intended consequences of the processing for the data subject The right of access can only be exercised by the data subject himself and exclusively with regard to data collected, processed or used by him. 

7.2 Right of Rectification

If the personal data processed are incorrect or incomplete, the data subject shall have the right to rectify or complete them.

7.3 Right to erasure ("right to be forgotten")

Under the conditions stated in Article 17 DSGVO (§ 35 BDSG) you can request the deletion of personal data. Accordingly, personal data must be deleted if, among other things, the purpose of processing no longer applies, the data has been processed unlawfully or the previously granted consent is revoked. The precondition for this is, however, that the deletion is not contrary to public interests or legal obligations. If we have made public the personal data concerning you and we are obliged to delete them, we will take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you have requested them to delete all links to these personal data or copies or replications of these personal data.

7.4 Right to limit processing

If the person concerned by the processing of his personal data disputes the accuracy of the data, he has the right to request a restriction of the processing for the duration of the verification. This also applies if the processing was carried out unlawfully and the data subject refuses the deletion. A further case of application arises if the purpose of processing no longer applies, but legal claims still stand in the way of deletion. After a processing restriction has been imposed, the data subject must be informed before the restriction is lifted. If you have any further questions regarding the processing of your personal data, you can contact the contact point listed under 9.2 at any time, in particular our company data protection officer.

7.5 Right to data transferability

Every person concerned, has the right to obtain from the person, responsible for the processing of his personal data, the data relating to him, which he has previously made available to the responsible person, in a structured, standard and machine-readable format, and to have it transmitted to another responsible person. Where technically possible, direct transfer from one responsible person to another may also be obtained.

7.6 Right of objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data, which is carried out on the basis of Art. 6 paragraph 1 lit. e or f DSGVO. If we process your data for the purpose of direct advertising, you may object to the processing of your data for the purpose of such advertising at any time if reasons arise from your particular situation that speak against data processing.

7.7 Automated decisions in individual cases including profiling


You have the right, not to be subject to a decision based solely on automated processing - including profiling - which has legal effect on you or which significantly affects you in a similar way. This does not apply if the decision is necessary for the conclusion or performance of a contract between you and us, is permitted by law or is made with your express consent.

7.8 Right to appeal to a supervisory authority

You have the right to complain to a supervisory authority, in particular in the member state of your residence, your place of work or the place of the suspected violation, if you believe that the processing of personal data concerning you is in violation of the DSGVO.

 
#datenschutz-info-inner-accordion-8-inhalt
8. Which technical and organizational measures do we take to protect your personal data?
In order to be able to guarantee protection of your personal data against unauthorized or abusive knowledge and alteration in line with technological development and organizational possibilities, we use SSL encryption for data transmission via our Internet pages.

Furthermore, the data processing network of the ALH Group is protected by a firewall system according to the current state of the art from and to the outside. This ensures sufficient access, entry and access control to protect your inventory, usage and content data against manipulation, loss and destruction.

Data security is an important concern for us, which we ensure by continuous support of the systems used and by qualified personnel. In particular, we adapt our protective measures to further developed or new reliable security systems according to our possibilities. In this respect, we reserve the right to make changes and additions. In view of the many risks associated with the use of the Internet, there can be no completely unlimited security.
 
#datenschutz-info-inner-accordion-9-inhalt
9. How do we ensure compliance with data protection regulations and other relevant legislation?

9.1 Monitoring

 The ALH Group undertakes to comply with the above-mentioned principles of data protection and data security as described. We regularly monitor compliance with these data protection principles within the Group and their conformity with the requirements of data protection law. In addition, we ensure, both through our company data protection officer and our internal organization, that personal data is only used to the extent permitted by law.

However, the ALH Group reserves the right to change these data protection principles if necessary. We will indicate the status of the changes or revision at the beginning of our data protection declaration.

9.2 Data Protection Officer, Information and Complaints Office in the Group

If you have any further questions, please do not hesitate to contact the ALH Group, which will be happy to assist you with its expert team.

As contact person for data protection, you can also contact the responsible data protection officer, who is not bound by instructions in the fulfilment of his duties. His tasks include in particular monitoring compliance with the DSGVO and other regulations on data protection. You can contact our data protection officer at the e-mail address datenschutz@alte-leipziger.de or datenschutz@hallesche.de

 
#datenschutz-info-inner-accordion-10-inhalt
10. How is your data handled when using an online application?

The ALH Group also offers a range of online apps (e.g. video consultancy, software apps [apps]). The following provisions also apply to apps in addition to the general data protection regulations.

When you visit our website, information about the websites you visit is generated by the web server and sent to the web browser/app and stored there (“web cookies”). This is designed to optimise and further develop the web applications and to continuously improve our communication with you based on your usage behaviour. The data collected is data that originates from you and which you generate yourself during your communication with the relevant server. Web cookies are not hidden and can be viewed by the user. No additional data is collected. 


10.1 What is stored in cookies?

We save the data on the individual access to the pages of our online apps which your browser/app transmits when you visit the website or use the app for statistical purposes to improve the quality and security of our service. The server logs contain data including your web request/usage, your IP address, browser type, browser language, date and time of your request and one or several cookies which may be used to uniquely identify your browser, for general information, e.g. when errors occur, and information arising from security events (change of password, password recovery, change of email address, change of mobile phone number), as these are required to use our services. The IP address is saved truncated in accordance with the relevant data protection regulations.

When you visit our website, and as part of the provision of our services, the website sends one or more cookies to your computer or other device which uniquely identifies the browser. We use cookies to improve the quality of the website, including to store usage preferences and to track user trends. We may set one or several cookies in your browser when you visit the website or subpages. You can change the settings of your browser to notify you when a cookie is sent. This gives you the option to either accept or reject a cookie. The data collected and analysed by us is used to improve the services and the website, to personalise the web experience and to facilitate the login process if the login cookies are set permanently.

We use third-party service providers to assess the efficiency of our apps and services and to analyse how you use the app and/or services. We may therefore use tracking pixels (web beacons) on the pages or in the app, which the third-party providers make available to our analytics systems for this purpose. The information we collect includes, for example, the number of pages visited, browsing patterns and similar data. The data collected using statistics enables us to ascertain which services within the app are the most interesting for users and which offers users prefer to view. Although the provider logs the data originating from our website on our behalf, we control how this data can and cannot be used. 

When you visit our website, a cookie message is displayed to obtain your consent. If you consent to the use of cookies, the cookie will be set in your browser for one year and the cookie message will no longer be displayed. We use the CookieConsent service provided by Unsercentrics. The legal basis for processing personal data using cookies is Article 6, Paragraph 1, Sentence 1, Letter a) GDPR. You can also withdraw your consent at any time with effect for the future by configuring your cookies using the privacy button in the lower left corner of this page.


10.2 Avoidance/deletion of cookies

Most browsers accept cookies, but you can also configure the browser to reject all cookies. You can, however, delete cookies at any time. 
You may, of course, object to the use of our cookies and third-party cookies at any time by configuring your Internet browser such that it does not accept cookies. For more details, please refer to the help function of your Internet browser. However if you do this, please note that you may not benefit from the full functionality of the app/services. 

10.3 Use of the "visitor action pixel" of Facebook

We use the "Facebook pixel" provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") which uses visitor actions to evaluate and support online marketing measures. We use the Facebook pixel to track the actions of users after they have seen or clicked on a Facebook ad. This enables us to log the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymised, so we are unable to view the personal data of individual users. However, this data is stored and processed by Facebook, and we will inform you of the extent of such storage based on our own knowledge. Facebook may associate this data with your Facebook account and also use it for its own advertising purposes in accordance with Facebook's data usage policy (https://www.facebook.com/about/privacy). Personal data may then be transferred to servers in the USA. If you accept the corresponding cookie, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR. Please note that the United States has been classified by the European Court of Justice (ECJ) as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights. In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. The legal basis for the processing is Article 6, Paragraph 1, Sentence 1, Letter a) GDPR and Article 49, Paragraph 1, Sentence 1, Letter a GDPR. You can allow Facebook and its partners to place advertisements on and outside Facebook. A cookie may also be stored on your computer for these purposes. Please change your ads settings on Facebook if you wish to withdraw your consent (https://www.facebook.com/settings). Consent may only be granted by users aged 13 years or above. If you are under 13 years of age, please consult your legal guardian for advice. 


10.4 Use of Facebook Website Custom Audiences

We also use communication tools provided by the social network Facebook on our website, in particular the remarketing or "Custom Audience" function. We use this function to display targeted ads to visitors to our website such that personalised, interest-based ads are enabled when they visit Facebook. Facebook also uses cookies to analyse website usage. which then forms the basis for the creation of interest-based ads. Facebook therefore saves a small file with a sequence of numbers in the browsers of the visitors to our website. This number is used to log visits to the website and to generate anonymised data on website usage. Personal data may then be transferred to servers in the USA. If you accept the cookie, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR. Please note that the United States has been classified by the European Court of Justice (ECJ) as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights. In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. The legal basis for processing is Art. 6 Paragraph 1, Sentence 1, Letter a) GDPR and Art. 49 Paragraph 1, Sentence 1, Letter a) GDPR.

If you no longer wish to receive interest-based ads on Facebook, you can adjust the settings in your Facebook account. Please follow the instructions under the link: http://www.facebook.com/ads/website_custom_audiences/.

You can also withdraw your consent at any time with effect for the future by configuring your cookies using the privacy button in the lower left corner of this page. 

10.5 LinkedIn Insight Tag and conversion tracking

We use the “LinkedIn Insight Tag” on our website, a conversion tool provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
We use this tool to display targeted ads to visitors to our website such that personalised, interest-based ads are displayed when they visit the "LinkedIn” networking platform. LinkedIn uses cookies to analyse website usage, which forms the basis for the creation of interest-related ads.

The following data is logged:

  • IP address
  • Device and browser properties
  • Page events (page views)
  • Demographic data from LinkedIn (if the user is a LinkedIn member)

Personal data may then be transferred to the servers of LinkedIn Corp., 1000 W. Maude Avenue, Sunnyvale, CA 94085, located in the USA. If you accept the cookie, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR. Please note that the United States has been classified by the European Court of Justice (ECJ) as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights. In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. The legal basis for processing is Art. 6 Paragraph 1, Sentence 1, Letter a) GDPR and Art. 49 Paragraph 1, Sentence 1, Letter a) GDPR.

If you no longer wish to receive interest-based ads in LinkedIn, you can adjust the settings in your LinkedIn account. Please follow the instructions under the link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. For more information on privacy, please visit: https://www.linkedin.com/legal/privacy-policy.  


10.6 Use of Google Adwords conversion tracking

We use the online ad program "Google AdWords" and conversion tracking as part of Google AdWords. Google Conversion Tracking is an analytics service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”). If you click on an ad placed by Google, a conversion tracking cookie will be placed on your computer. Personal data may then be transferred to servers in the USA. If you accept the cookie, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR. Please note that the United States has been classified by the European Court of Justice (ECJ) as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights. In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. The legal basis for processing is Art. 6 Paragraph 1, Sentence 1, Letter a) GDPR and Art. 49 Paragraph 1, Sentence 1, Letter a) GDPR. If you visit certain Internet pages on our website and the cookie has not yet expired, we and Google can see that you clicked on the ad and were directed to this page. Every Google AdWords customer receives a different cookie, which means that cookies cannot be tracked via the websites of AdWords customers. The information obtained using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. This enables customers to view the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. If you do not wish to participate in tracking, you can set your browser software accordingly (opt out) to object to the use of such and therefore prevent the installation of cookies. You can also withdraw your consent at any time with effect for the future by configuring your cookies using the privacy button in the lower left corner of this page. You will then not be included in the conversion tracking statistics. You can find further information and the Google privacy policy at http://www.google.com/policies/technologies/ads/, http://www.google.de/policies/privacy/



10.7 Use of the remarketing or "Similar Target Groups" feature of Google Inc.

The provider uses the Remarketing or "Similar target groups" function of Google Inc. ("Google") on the website. The provider uses this function to display targeted ads to visitors to the website, such that personalised, interest-based ads are enabled when they visit other websites in the Google Display Network. Google uses cookies to analyse website usage, which forms the basis for the creation of interest-based ads. Google therefore saves a small file with a sequence of numbers in the browsers of the visitors to our website. This number is used to log visits to the website and to generate anonymised data on website usage. Personal data may then be transferred to servers in the USA. If you accept the cookie, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR. Please note that the United States has been classified by the European Court of Justice (ECJ) as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights. In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. The legal basis for processing is Art. 6 Paragraph 1, Sentence 1, Letter a) GDPR and Art. 49 Paragraph 1, Sentence 1, Letter a) GDPR.If you then visit another website in the Google Display Network, ads will be displayed that are likely to reflect the product and information areas you have accessed previously. You can follow the link below to download and install the plugin to permanently deactivate the use of cookies by Google: https://www.google.com/settings/ads/plugin. You can also withdraw your consent at any time with effect for the future by configuring your cookies using the privacy button in the lower left corner of this page. Alternatively, you can disable the use of cookies by third-party providers by accessing the opt-out page of the Network Advertising Initiative at http://www.networkadvertising.org/choices/and implement the further information on opt-out. For more information on Google Remarketing and Google's privacy policy, please visit: http://www.google.com/privacy/ads/.


10.8 Web analysis by Webtrends

We use Webtrends Analytics, a web analytics service, on our website. Webtrends Analytics is operated by Webtrends Inc., 555 SW Oak Street, Suite 300, Portland Oregon 97206, USA. Webtrends uses "cookies", text files that are stored on your computer to enable an analysis of your use of the website. The information generated by the cookie (including your IP address) regarding your use of this website is stored exclusively on servers of the ALH Group. No data is transferred to the Webtrends servers. The legal basis for processing personal data using cookies is Article 6, Paragraph 1, Sentence 1, Letter a) GDPR. You can also withdraw your consent at any time with effect for the future by configuring your cookies using the privacy button in the lower left corner of this page.


10.9 Use of Google Analytics

The website uses Google Analytics, a network analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”. These are text files that are installed on your computer and help to analyse the visitor’s use of the website. The data stored by the cookies about your use of the website is transferred to Google and stored on its servers in the United States.
If IP anonymisation is activated on this website, your IP address will be truncated in the member states of the European Union or in other contracting parties in the European Economic Area. Only in exceptional cases is the entire IP address first sent to a Google server in the USA and truncated there. IP anonymisation is active on this website. Google uses this information on behalf of the website provider to evaluate your use of the website by compiling reports on website activity for website operators and providing you with other services relating to website activity and Internet usage. The IP address your browser transmits as part of Google Analytics is not combined with other data held by Google. 

Any personal data transferred to servers in the USA will be carried out exclusively on the basis of your consent. If you accept the cookie, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR. Please note that the United States has been classified by the European Court of Justice (ECJ) as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights. In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. The legal basis for processing is Art. 6 Paragraph 1, Sentence 1, Letter a) GDPR and Art. 49 Paragraph 1, Sentence 1, Letter a) GDPR.

You can also download and install the Google Analytics opt-out browser add-on for your current web browser to disable tracking by Google Analytics for the future (click here https://tools.google.com/dlpage/gaoptout?hl=en-GB). You can also withdraw your consent at any time with effect for the future by configuring your cookies using the privacy button in the lower left corner of this page.  


10.10 Web analysis service Matomo

1. Scope of the processing of personal data
Some of our websites use Matomo (formerly Piwik), an open source software for statistical analysis of visitor access. Matomo uses cookies, which are stored on your computer and which enable an anonymized analysis of your use of the website. It is not possible to draw conclusions about a specific person, as your IP address is anonymized immediately after processing and before storage.
2 Legal basis for the processing of personal data
The legal basis for the processing of personal data using cookies is Art. 6 section 1 letter f DSGVO.
3. Purpose of data processing
Matomo is used for the purpose of improving the quality of our website and its contents. Thereby we learn how the website is used and can optimize our offer constantly.
4. duration of storage, possibility of objection and removal
The cookies used by Matomo are stored on the user's computer and transmitted by the user to our site. Therefore you as a user have full control over the use of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. On the corresponding web pages you can disagree to the storage and evaluation of this data by Matomo by clicking the indicated opt-out links. In this case a so-called opt-out cookie will be permanently stored in your browser, which causes Matomo not to collect any data for storage and evaluation. However, if you delete this cookie intentionally or unintentionally, the disagreement against the data storage and evaluation is also removed and can be renewed via the above mentioned link.
Alternatively, most modern browsers have a so-called "Do Not Track" option, by which they tell websites not to track your user activities. Matomo respects this option.

 

All data stored on Facebook can be requested. Your request will be sent to Facebook. If an request occurs, we will research the user data for our site. You must do the same from your page. We will then send the request to Facebook via the link (https://www.facebook.com/help/contact/308592359910928).

11.1 Social Bookmarks

 So-called social bookmarks (e.g. from Facebook, Google, Twitter and Xing) are integrated on our website. Social bookmarks are Internet bookmarks that allow users of such services to collect links and news items. These are only integrated on our website as links to the corresponding services. After clicking on the embedded graphic, you will be redirected to the page of the respective provider, i.e. only then will user information be transferred to the respective provider. For information on how your personal data is handled when using these websites, please refer to the respective data protection regulations of the providers.

11.2 Social plugins (Facebook, Twitter, Google+)

So-called "Social Plugins" are used on our websites. Currently these are the plugins of the services Facebook, Twitter, Google+. Via these plugins, data, including personal data, can be sent to the US service providers and used by them if necessary.


11.3 Shariff protection tool

The ALH Group itself does not collect any personal data by means of the social plugins or through their use. To prevent data from being transferred to service providers in the USA without the user's knowledge, we use the so-called Shariff solution. This solution ensures that initially no personal data is passed on to the providers of the individual social plug-ins when you visit our websites. Only when you click on one of the social plugins can data be transferred to the service provider and stored there.

 
#accordion-element-datenschutz-info-accordion-12
12. Notes on data transfer to the USA

If personal data is transferred to the USA on the basis of your consent, please be aware of the following: 
The European Court of Justice (ECJ) has declared the EU-US Privacy Shield Agreement to be ineffective, and classifies the USA as an unsafe third country for which there is no adequacy decision, no appropriate guarantees and no effective legal remedies to enforce your rights with respect to your personal data.
The USA does not offer an equivalent level of data protection compared to the EU. You therefore incur certain risks when transmitting personal data to the USA when using cookies.
In particular, there are no assurances that state (surveillance) authorities will not access and process your personal data, for which you will have no recourse to legal remedies. Most US-based companies are subject to the Foreign Surveillance Act (“FISA”). Section 702 of this law allows US intelligence agencies to access the data of foreign users, which may entail significant disadvantages. 
When you provide your consent, you expressly agree to the transfer of your personal data to the USA in accordance with Article 49, Paragraph 1, Sentence 1, Letter a) GDPR and confirm that you are aware of the associated risks. 
The above applies in particular to cookies from the following companies or tools:

  • Google Tag-Manager
  • Google Analytics
  • Google Ads (inkl. Google Ads Conversion Tracking und Google Ads Remarketing)
  • Microsoft Advertising
  • Facebook Pixel
  • LinkedIn Insight Tag
     
 

Einwilligungs- und Schweigepflichtentbindungserklärung

Erklärung Alte Leipziger mit Risikoprüfung (German)

Erklärung Alte Leipziger ohne Risikoprüfung (German)

Erklärung Alte Leipziger Sach zur Unfallversicherung (German)

Declaration Hallesche Krankenversicherung (English)

Service provider

In common terminology, the term "service provider" is used when tasks are transferred to external persons or companies. The Federal Data Protection Act distinguishes between the following two constellations:

  • Contract data processing

The service provider carries out the tasks assigned to him as far as possible without any independent decision-making scope (e.g. data media/file destruction companies, telephone customer service, printing/inserting and dispatch, IT service provider).
In these cases, the Federal Data Protection Act (BDSG) states that the service provider is only regarded as an extended arm of the insurer: From a legal point of view, the data remains with the client.

  • Transfer of functions

The tasks are carried out by the service provider to a large extent or even completely independently.
Here, data is transferred to "third parties" in accordance with the BDSG. This always takes place when it is an original insurance function that cannot be carried out by us, mostly for reasons of independence. The data transfer necessary for this purpose may be carried out if this is necessary to protect the legitimate interests of the insurance company and there is no reason to assume that an overriding interest of the insurance customer worthy of protection conflicts with this.

If health data are also affected when personal data are transferred to service providers, insurance customers give their consent to this by signing the application form (and, if applicable, in the course of processing claims or benefits). Reference is also made to the "List of service providers", which provides information on the current status of the service providers commissioned by us (the current version can be found on our Internet address under "Datenschutz").

In the "Code of Conduct" (short: CoC -- "Rules of Conduct for the Handling of Personal Data by the German Insurance Industry"), the data protection supervisory authorities of the federal states together with the German Insurance Association and the Federation of German Consumer Organisations have once again listed the data protection standards in a comprehensible and comprehensive manner. Article 21 CoC deals with the obligations for commissioned data processing and Article 22 CoC describes the transfer of functions.

In contrast to commissioned data processing, Article 22 CoC provides that the data subject may contradict the transfer of functions. In this case, the insurer must then objectively examine whether the interest of the person concerned that is worthy of protection outweighs the legitimate interest of the insurance company in implementing the insurance. However, the contradiction can also lead to the continuation of the insurance contract being impaired, or to the fact that the processing of claims or benefits cannot be accomplished.

 

Dienstleisterliste Alte Leipziger (German)

List of service providers Hallesche

Rules of conduct for the handling of personal data

The General Association of the German Insurance Industry (GDV) with its member companies was the first professional association to make use of the opportunity to draw up rules of conduct which promote the implementation of data protection regulations. This was done in close cooperation with the data protection supervisory authorities and with the involvement of the Federation of German Consumer Organisations. (vzbv).

With their accession on 1 January 2014, the insurance companies in the ALH Group have recognised the "Code of Conduct for the Handling of Personal Data by the German Insurance Industry" (Code of Conduct) as binding.

On the basis of the Code of Conduct, an industry-wide data protection standard has been established for the first time. The provisions of the Federal Data Protection Act on the establishment, implementation and termination of insurance contracts are specified in more detail. Data protection and data security concerns are taken into account beyond the legally required level.

This creates transparency for the individual and legal certainty for the insurance industry.

The full text of the Code of Conduct can be found here in German.