Privacy Statement

We are pleased that you are visiting our website www.neodigital.de and are interested in our company and our products.

Protecting your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this data privacy policy is to inform you about the processing of the personal data that we collect from you when you visit the site. Our data protection practices are in line with the legal provisions of the EU’s General Data Protection Regulation (GDPR) and the German Data Protection Act (BDSG). The following data privacy policy serves to fulfil the information obligations arising from the GDPR. These can be found, for example, in Article 13 and Article 14 ff. GDPR.

Controller

Within the meaning of Article 4(7) GDPR, the controller is the one who alone or jointly with others decides on the purposes and means of processing personal data.

With regard to our website, the controller is:

Neodigital Versicherung AG
Untere Bliesstr. 13–15
66538 Neunkirchen
Germany
E-mail: info@neodigital.de
Tel.: +49 (0)6821 4022 000

Contact details of the data protection officer

We have appointed a data protection officer in accordance with Article 37 GDPR. You can reach our data protection officer using the contact details below:

Mona Pirouz, Ernst & Young Law GmbH
Untere Bliesstr. 13-15
66538 Neunkirchen
Deutschland
E-Mail: mona.pirouz@neodigital.de / datenschutz@neodigital.de

Provision of the website and creation of log files

Each time you visit our website, our system automatically collects data and information from the device used (e.g. computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the type of browser and the version used;
(2) The operating system of the device used for access;
(3) Host name of the computer used for access;
(4) The IP address of the device used for access;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Message as to whether the access was successful;
(9) Volume of data transferred

This data is stored in the log files of our system. This data is not stored together with personal data of a specific user, thus preventing individual site visitors from being identified.

Legal basis for processing of personal data

Article 6 (1) f) GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.

Purpose of data processing

The temporary (automated) storage of data is necessary for executing a website visit in order to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the computer used for access in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. Furthermore, the data helps us to optimise the website and to ensure the security of our information technology systems in general.

Duration of storage

The erasure of the aforementioned technical data takes place as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Option to object and erase

You may object to the processing at any time in accordance with Article 21 GDPR and request the erasure of data in accordance with Article 17 GDPR. You can find out what rights you have and how to exercise them at the bottom of this data privacy policy.

 

Special functions of the website

 

Our site offers you various functions, the use of which involves the collection, processing and storage of personal data by us. Below we explain what happens with this data:

Contact form(s)

  • What personal data is collected and to what extent is it processed?

We will process the data you have entered in the input mask of our contact forms to fulfill the purpose stated below.

  • Legal basis for processing of personal data

Article 6 (1) a) GDPR (consent through clear confirming action or behaviour)

  • Purpose of data processing

We will only use the data recorded via our contact form or contact forms for processing the specific contact enquiry received through the contact form. Please note that in order to fulfil your contact request, we may also send e-mails to you at the address provided. This is so that you can receive confirmation from us that your request has been correctly forwarded to us. However, sending this confirmation e-mail is not obligatory for us and is only for your information.

  • Duration of storage

After processing your request, the collected data will be erased immediately, unless there are legal retention periods.

  • Option to revoke and erase

The revocation and erasure options are based on the general regulations on the right of revocation and erasure under data protection law described below in this data privacy policy.

  • Need for disclosure of personal data

Using the contact forms is voluntary and is neither contractually nor legally required. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our site. If you would like to use our contact form, you must fill in the fields marked as mandatory information. If you do not fill in the necessary information on the contact form, you will either not be able to send the enquiry or we will unfortunately not be able to process your enquiry.

Login area/registration

  • Scope of the processing of personal data and personal data collected

We will process the registration and login data you enter with us to fulfill the purpose stated below.

  • Legal basis for processing of personal data

Article 6 (1) b) GDPR (implementation of (pre)contractual measures)

  • Purpose of data processing

You have the option of using a separate login area on our website. In order for us to check your authorisation to use the protected area or the protected documents, you must enter your login data (e-mail or user name and password) in the corresponding form. If required and on request, we can send you your login details or the option to reset your password by e-mail.

  • Duration of storage

The data collected will be stored for as long as you maintain a user account with us.

  • Option to object and erase

You may request the erasure of data in accordance with Article 17 GDPR. You can find out what rights you have and how to exercise them at the bottom of this data privacy policy.

  • Need for disclosure of personal data

Using the login area on our site is contractually required for using the protected area. Using the content protected by the login area is not possible without entering the personal data. If you would like to use our login area, you must fill in the fields marked as mandatory information (user name and password). Entering data requires the existence of a user account. Logging in is not possible if the data you have entered is incorrect. If you enter the data incorrectly or not at all, the protected area cannot be used. However, the rest of the site can still be used without logging in.

Statistical analysis of visits to this website – web trackers

We collect, process and store the following data when you access this website or individual files on the website: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and report on successful access (so-called web log). We use this access data exclusively in a non-personalised form for the continuous improvement of our website and for statistical purposes. We also use the following web trackers to analyse visits to this website:

Google Tag Manager

  • Extent of processing of personal data

On our site we use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter: Google Tag Manager). Google Tag Manager provides a technical platform to run and bundle other web services and web tracking programs using so-called tags. In this context, Google Tag Manager saves cookies on your computer and, as far as web tracking tools are run using Google Tag Manager, analyzes your surfing behavior (so-called “tracking”). The data sent by individual tags embedded in Google Tag Manager is collected, stored, and processed by Google Tag Manager under a user interface. All incorporated “tags” will be listed separately in this privacy policy. For more information on the privacy of the tools incorporated into Google Tag Manager, please go to the corresponding section of this privacy policy. When you use our website with Google Tag Manager tags enabled, data such as your IP address and user activity will be transmitted to servers of Google Ireland Limited and used outside the European Union, e.g. processed and stored in the US. The EU Commission has determined that an adequate level of data protection is possible in the US if the data processing company has submitted to the US-EU Privacy Shield Agreement which is the case with Google Ireland Limited. The web services included with Google Tag Manager are subjected to the terms in the corresponding section of this Privacy Policy. The tracking tools used in Google Tag Manager ensure that the IP address of Google Tag Manager is anonymized before transmission, by anonymizing the source code IP. Therefore Google Tag Manager can only collect anonymous IP-addresses (IP masking). Legal basis for the processing of personal data
The Legal basis is Art. 49 (1) S. 1 lit. a GDPR. (Consent), either when registering with Google (by opening a Google Account and accepting the privacy notices) or, if you have not registered with Google, by explicitly agreeing to open our page. Purpose of data processing
Google will use this information on our behalf to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Tag Manager from your browser will not be merged with other data from Google Ireland Limited. Duration of storage
Google will store the data as long as necessary to fulfill this web service. The data collection and storage is done anonymously. If any non-anonymized personal data is collected, it will be deleted immediately, as far as they are not subject to legal storage obligations. In any case, the deletion takes place after expiry of the storage obligation. Option to object and erase your data
By installing a script code blocker (e.g. www.noscript.net or www.ghostery.com) or disabling the “Do Not Track” option in your browser you can prevent Google from collecting (including the IP address), transferring and processing of personal data. In addition, you may prevent the collection of data generated by Google’s Cookie, related to your website usage history (including your IP address) as well its processing by installing the plugin found at http://tools.google.com/dlpage/gaoptout?hl=en. Google’s security and privacy policies can be found at https://policies.google.com/privacy?hl=en.

Google Analytics

  • Extent of processing of personal data

On our site we use the web tracking service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter: Google Analytics). Google Analytics uses the web tracking cookies stored on your computer to analyze the website and your surfing behavior. We use Google Analytics tracking service in order to constantly optimize our internet presence. By accessing our website, data, including your IP address and website usage, is transferred to Google Ireland Limited and also stored outside the European Union, e.g. processed and stored in the US. The EU Commission has determined that an adequate level of data protection is possible in the US if the data processing company has submitted to the US-EU Privacy Shield Agreement which is the case with Google Ireland Limited. By activating IP anonymization in the Google Analytics tracking code of this website, your IP address will be anonymized by Google Analytics before transmission. This website uses a Google Analytics tracking code that includes gat._anonymizeIp (). This allows for a solely anonymized IP-address collection.

  • Legal basis for the processing of personal data

The Legal basis is Art. 49 (1) S. 1 lit. a GDPR. (Consent), either when registering with Google (by opening a Google Account and accepting the privacy notices) or, if you have not registered with Google, by explicitly agreeing to open our page

  • Purpose of data processing

Google will use this information on our behalf to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Tag Manager from your browser will not be merged with other data from Google Ireland Limited.

  • Duration of storage

Google will store the data relevant to the provision of the web tracking as long as necessary to fulfill the posted web service. The data collection and storage is done anonymously. As far as personal reference should exist, the data will be deleted immediately, as far as they are not subject to legal storage obligations. In any case, the deletion takes place after expiry of the storage obligation.

  • Option to object and erase your data

By installing a script code blocker (e.g. www.noscript.net or www.ghostery.com) or disabling the “Do Not Track” option in your browser you can prevent Google from collecting (including the IP address), transferring and processing personal data. In addition, you may prevent the collection of data generated by Google’s Cookie, related to your website usage history (including your IP address) as well its processing by installing the plugin found at http://tools.google.com/dlpage/gaoptout?hl=en. Google’s security and privacy policies can be found at https://policies.google.com/privacy?hl=en.

External web services integration and data processing outside the EU

On our website, we use active content from external providers, so-called web services. When you visit our website, these external providers may receive personal information about your visit to our website. This may involve processing data outside the EU. You can prevent this by installing an appropriate browser plugin or deactivating the execution of scripts in your browser. This may lead to functional restrictions on websites that you visit.

We use the following external web services:

Browser-Update.org

On our website, we use the service Browser-Update.org of the company Team23 GmbH & Co. KG, Provinostraße 52 / Gebäude A2, 86153 Augsburg, Germany. The transmission and processing of personal data takes place exclusively on servers in the European Union.

The legal basis for the transmission of personal data is your consent pursuant to Art. 6 (1) lit. a GDPR, which you have given on our website.

Browser-update.org is included on our website to notify site visitors that they should update their browsers to take advantage of the latest security features and functionality on our website.

You may revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://browser-update.org/contact.html.

 

CookiePro

We use on our site the service CookiePro of the company OneTrust LLC, 1200 Abernathy Rd NE, Building 600, GA 30328 Atlanta, United States, e-mail: DPO@onetrust.com. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection of the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

The legal basis for the transmission of personal data is your consent pursuant to Art. 49 (1) S. 1 lit. a GDPR, which you have given on our website.

By integrating CookiePro, we fulfill our legal obligation regarding the consent management required for cookies.

You can revoke your consent at any time. You can find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://www.onetrust.com/privacy-notice/.

 

Doubleclick

We use on our site the service Doubleclick of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail: support-de@google.com, website: http://www.google.com/. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

The legal basis for the transmission of personal data is your consent pursuant to Art. 49 (1) S. 1 lit. a GDPR, which you have given on our website.

DoubleClick is a service of Google, through which digital advertising is offered and delivered on the Internet. It is used to enable us to display individual advertising to our site visitors.

You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

 

Ekomi Customer Review

We use on our site the service Ekomi customer reviews of the company eKomi, Ltd, Markgrafenstraße 11, 10969 Berlin, Germany. The transmission and processing of personal data takes place exclusively on servers in the European Union.

The legal basis for the transmission of personal data is our legitimate interest in the processing pursuant to Art. 6 (1) lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.

Via Ekomi, reviews from other buyers or the Ekomi seal are displayed on our site.

With regard to the processing, you have the right of objection listed in Art. 21 GDPR. You can find more information at the end of this privacy policy.

For more information on the handling of transferred data, please refer to the provider’s privacy policy at http://www.ekomi.de/de/datenschutz/.

Google 

We use on our site the service Google of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail: support-de@google.com, website: http://www.google.com/. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

 

The legal basis for the transmission of personal data is your consent pursuant to Art. 49 (1) S. 1 lit. a GDPR, which you have given on our website.

 

We use Google in order to be able to reload further services from Google on the website.

 

You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

 

For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

Gstatic

On our website, we usethe service Gstatic of the company Google LLC, 1600 Amphitheatre Parkway , 94043 Mointain View, United States, e-mail: support-de@google.com, website: http://www.google.com/. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.

 

The legal basis for the transmission of personal data is your consent pursuant to Art. 49 (1) S. 1 lit. a GDPR, which you have given on our website.

Gstatic is a service used by Google to retrieve static content in order to reduce bandwidth usage and to preload required catalog files.

 

You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.

 

For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

Information about the use of cookies

What personal data is collected and to what extent is it processed?
On various pages, we integrate and use cookies to enable certain functions of our website and to integrate external web services. The so-called “cookies” are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as “setting a cookie”. Cookies can be set here both by the website itself and by external web services. Cookies are set by our website or external web services in order to maintain the full functionality of our website, to improve the user experience or to pursue the purpose stated with your consent. Cookie technology also allows us to recognize individual visitors by pseudonyms, such as a unique or random IDs, so that we can provide more customized services. Details are listed in the following table.

Legal basis for processing of personal data

Insofar as the cookies are processed on the basis of consent pursuant to Art. 6 para. 1 lit. a DSGVO, this consent shall also be deemed to be consent within the meaning of Section 25 para. 1 TTDSG for the setting of the cookie on the user’s terminal device. Insofar as another legal basis is mentioned according to the DSGVO (e.g. for the fulfillment of a contract or for the fulfillment of legal obligations), the storage or setting takes place on the basis of an exception according to Section 25 (2) TTDSG. This exists “if the sole purpose of storing information in the end user’s terminal equipment or the sole purpose of accessing information already stored in the end user’s terminal equipment is to carry out the transmission of a message via a public telecommunications network” or “if the storage of information in the end user’s terminal equipment or the access to information already stored in the end user’s terminal equipment is absolutely necessary in order for the provider of a telemedia service to provide a telemedia service expressly requested by the user”. Which legal basis is relevant can be seen from the cookie table listed later in this item.

Purpose of data processing

The cookies are set by our website or the external web services to maintain the full functionality of our website, to improve usability or to serve the purpose stated when you consented. Cookie technology also allows us to recognise individual visitors by pseudonyms, e.g. a unique or random ID, so that we can offer more personalised services. Details are given in the following table.

Duration of storage

The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are given in the following table.

Possibility of objection and removal

You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or accept cookies in principle. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to store recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent until the revocation is not affected.

 

Duration of storage

The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are given in the following table:

Cookie-Name OptanonAlertBoxClosed
Server neodigital.de/en
Vendor CookiePro
Purpose This cookie is set by websites that use CookiePro’s cookie compliance solution. It is set after visitors have seen and interacted with a cookie information notice. It allows the website not to display the message more than once to a user. The cookie has a lifetime of one year and does not contain any personal information.
Legal basis Art. 49 (1) S. 1 lit. a GDPR (consent)
Duration of storage approx. 12 months
Type Marketing

 

Cookie-Name pll language
Server neodigital.de/en
Vendor Website Owner
Purpose Polylang plug-in for WordPress websites linked. It stores a language preference for the visitor to support multilingual websites.
Legal basis Art. 6 (1) lit. f GDPR (Legitimate interest)
Duration of storage approx. 12 months
Type Technically necessary

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organisational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or delivery by mail for information requiring a high level of confidentiality.

Automatic e-mail archiving

  • Scope of processing of personal data

We expressly point out that our mail system has an automated archiving procedure. All incoming and outgoing e-mails are digitally archived in a tamper-proof manner.

  • Legal basis for processing of personal data

Article 6 (1) c) GDPR (legal obligation). The legal obligation is to comply with the provisions of tax and commercial law (e.g. sections 146, 147 of the German Fiscal Code (AO), sections 238, 257 of the German Commercial Code (HGB)).

  • Purpose of data processing

The purpose of archiving is to comply with the provision of tax law (e.g. sections 146, 147 AO – obligation to retain e-mails containing pertinent tax information) and commercial law (e.g. sections 238, 257 HGB – obligation to archive business correspondence).

  • Duration of storage

Our mail communication is stored until the expiry of retention obligations under tax and commercial law. The retention period may last up to 10 years.

  • Option to object and erase

You may object to the processing at any time in accordance with Article 21 GDPR and request the erasure of data in accordance with Article 17 GDPR. You can find out what rights you have and how to exercise them at the bottom of this data privacy policy.

Right to information and correction requests – erasure & restriction of data – revocation of consent – right to object

Right to information

You have the right to request confirmation as to whether we are processing personal data about you. If this is the case, you have a right of access to the information stated in Article 15 (1) GDPR, insofar as the rights and freedoms of other persons are not affected (cf. Article 15 (4) GDPR). We will also be happy to provide you with a copy of the data.

Right of rectification

In accordance with Article 16 GDPR, you have the right to have any incorrect personal data (e.g. address, name, etc.) stored with us corrected at any time. You can also request the data stored with us to be completed at any time. A corresponding adjustment shall be made without delay.

Right to erasure

Pursuant to Article 17 (1) GDPR, you have the right to have us erase the personal data we have collected about you if

  • the data is either no longer needed;
  • due to the revocation of your consent, the legal basis of the processing has ceased to exist without replacement;
  • you have objected to the processing and there are no legitimate grounds for the processing;
  • your data is being processed unlawfully;
  • a legal obligation requires this or the data has been collected pursuant to Article 8 (1) GDPR.

Pursuant to Article 17 (3) GDPR, this right does not exist if

  • the processing is necessary for exercising the right of freedom of expression and information;
  • your data has been collected on the basis of a legal obligation;
  • the processing is necessary for reasons of public interest;
  • the data is necessary for the establishment, exercise or defence of legal claims.

Right to restriction of processing

Pursuant to Article 18 (1) GDPR, you have the right, in individual cases, to demand that we restrict the processing of your personal data.

This is the case when

  • the accuracy of the personal data is disputed by you;
  • the processing is unlawful and you do not consent to erasure;
  • the data is no longer needed for the purpose of processing, but the data collected is used for the establishment, exercise or defence of legal claims;
  • an objection to the processing has been lodged pursuant to Article 21 (1) GDPR and it is still unclear which interests are overriding.

Right of revocation

If you have given us express consent to process your personal data (Article 6 (1) a) GDPR), you can revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until revocation is not affected by this.

Right to object

In accordance with Article 21 GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) lit. f GDPR (in the context of a legitimate interest). You only have this right if there are special circumstances that speak against the storage and processing.

Right to data portability

Pursuant to Article 20 GDPR, you have the right to transfer personal data concerning you. We will provide the data in a structured, common and machine-readable format. The data can be sent either to you or to a controller named by you.

We will provide you with the following data upon request pursuant to Article 20 (1) GDPR:

  • data collected on the basis of explicit consent pursuant to Article 6 (1) lit. a GDPR;
  • data that we have received from you pursuant to Article 6 (1) lit. b GDPR within the framework of existing contracts;
  • data that has been processed within the framework of an automated procedure.

We will transfer the personal data directly to a controller of your choice as far as this is technically feasible. Please note that we are not permitted to transfer data that interferes with the freedoms and rights of other persons pursuant to Article 20 (4) GDPR.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact details below:

Neodigital Versicherung AG
Untere Bliesstr. 13–15
66538 Neunkirchen
Germany
E-mail: info@neodigital.de
Tel.: +49 (0)6821 4022 000

supervisory authority pursuant to Article 77 (1) GDPR

If you suspect that your data is being processed illegally on our site, you can of course have the courts rule on the issue at any time. In addition, every other legal option is open to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Article 77 (1) GDPR. You have the right of appeal pursuant to Article 77 GDPR in the EU Member State of your place of residence, place of work and/or place of the alleged infringement, i.e. you can choose the supervisory authority you contact from the places mentioned above. The supervisory authority where the complaint is lodged will then inform you about the status and outcome of your submission, including the right to an effective judicial remedy pursuant to Article 78 GDPR.

 

Top-Innovator 2022
Siegel 2022 für Nachhaltigkeit
TÜV Saarland - Geprüfte Kundenzufriedenheit 2021
TÜV Saarland - Geprüfte Kundenzufriedenheit 2021
Kundenauszeichnung eKomi