Privacy Statement
We are pleased that you are visiting our website www.neodigital.de and are interested in our company and our products.
Protecting your personal data, such as date of birth, name, telephone number, address, etc., is important to us.
The purpose of this data privacy policy is to inform you about the processing of the personal data that we collect from you when you visit the site. Our data protection practices are in line with the legal provisions of the EU’s General Data Protection Regulation (GDPR) and the German Data Protection Act (BDSG). The following data privacy policy serves to fulfil the information obligations arising from the GDPR. These can be found, for example, in Article 13 and Article 14 ff. GDPR.
Controller
Within the meaning of Article 4(7) GDPR, the controller is the one who alone or jointly with others decides on the purposes and means of processing personal data.
With regard to our website, the controller is:
Neodigital Versicherung AG
Untere Bliesstr. 13–15
66538 Neunkirchen
Germany
E-mail: info@neodigital.de
Tel.: +49 (0)6821 4022 000
Contact details of the data protection officer
We have appointed a data protection officer in accordance with Article 37 GDPR. You can reach our data protection officer using the contact details below:
Data Protection Officer c/o Neodigital Versicherung AG
Untere Bliesstr. 13-15
66538 Neunkirchen
Germany
E-mail: datenschutz@neodigital.de
Provision of the website and creation of log files
Each time you visit our website, our system automatically collects data and information from the device used (e.g. computer, mobile phone, tablet, etc.).
What personal data is collected and to what extent is it processed?
(1) Information about the type of browser and the version used;
(2) The operating system of the device used for access;
(3) Host name of the computer used for access;
(4) The IP address of the device used for access;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) that were accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Message as to whether the access was successful;
(9) Volume of data transferred
This data is stored in the log files of our system. This data is not stored together with personal data of a specific user, thus preventing individual site visitors from being identified.
Legal basis for processing of personal data
Article 6 (1) f) GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.
Purpose of data processing
The temporary (automated) storage of data is necessary for executing a website visit in order to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the computer used for access in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. Furthermore, the data helps us to optimise the website and to ensure the security of our information technology systems in general.
Duration of storage
The erasure of the aforementioned technical data takes place as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.
Option to object and erase
You may object to the processing at any time in accordance with Article 21 GDPR and request the erasure of data in accordance with Article 17 GDPR. You can find out what rights you have and how to exercise them at the bottom of this data privacy policy.
Special functions of the website
Our site offers you various functions, the use of which involves the collection, processing and storage of personal data by us. Below we explain what happens with this data:
Contact form(s)
-
What personal data is collected and to what extent is it processed?
We will process the data you have entered in the input mask of our contact forms to fulfill the purpose stated below.
-
Legal basis for processing of personal data
Article 6 (1) a) GDPR (consent through clear confirming action or behaviour)
-
Purpose of data processing
We will only use the data recorded via our contact form or contact forms for processing the specific contact enquiry received through the contact form. Please note that in order to fulfil your contact request, we may also send e-mails to you at the address provided. This is so that you can receive confirmation from us that your request has been correctly forwarded to us. However, sending this confirmation e-mail is not obligatory for us and is only for your information.
-
Duration of storage
After processing your request, the collected data will be erased immediately, unless there are legal retention periods.
-
Option to revoke and erase
The revocation and erasure options are based on the general regulations on the right of revocation and erasure under data protection law described below in this data privacy policy.
-
Need for disclosure of personal data
Using the contact forms is voluntary and is neither contractually nor legally required. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our site. If you would like to use our contact form, you must fill in the fields marked as mandatory information. If you do not fill in the necessary information on the contact form, you will either not be able to send the enquiry or we will unfortunately not be able to process your enquiry.
Login area/registration
-
Scope of the processing of personal data and personal data collected
We will process the registration and login data you enter with us to fulfill the purpose stated below.
-
Legal basis for processing of personal data
Article 6 (1) b) GDPR (implementation of (pre)contractual measures)
-
Purpose of data processing
You have the option of using a separate login area on our website. In order for us to check your authorisation to use the protected area or the protected documents, you must enter your login data (e-mail or user name and password) in the corresponding form. If required and on request, we can send you your login details or the option to reset your password by e-mail.
-
Duration of storage
The data collected will be stored for as long as you maintain a user account with us.
-
Option to object and erase
You may request the erasure of data in accordance with Article 17 GDPR. You can find out what rights you have and how to exercise them at the bottom of this data privacy policy.
-
Need for disclosure of personal data
Using the login area on our site is contractually required for using the protected area. Using the content protected by the login area is not possible without entering the personal data. If you would like to use our login area, you must fill in the fields marked as mandatory information (user name and password). Entering data requires the existence of a user account. Logging in is not possible if the data you have entered is incorrect. If you enter the data incorrectly or not at all, the protected area cannot be used. However, the rest of the site can still be used without logging in.
Statistical analysis of visits to this website – web trackers
We collect, process and store the following data when you access this website or individual files on the website: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and report on successful access (so-called web log). We use this access data exclusively in a non-personalised form for the continuous improvement of our website and for statistical purposes. We also use the following web trackers to analyse visits to this website:
Custom Audiences
On our webpage we use the service provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, email: impressum-support@support.facebook.com, website: http://facebook.com/.
Facebook Custom Audience is a Facebook advertising tool with which targeted advertising campaigns can be carried out on visitors.
Processing is also undertaken in a third state for which there is no adequacy decision from the Commission. The level of protection that is typical of the GPDR cannot therefore be guaranteed since it cannot be ruled out that authorities in the third state are able to access the collected data.
The legal basis for the transfer of personal information is your consent pursuant to Art. 6(1) a) of the GDPR, which you have given on our website.
You can find further information on the handling of the transferred data in the service provider’s data protection policy at: https://www.facebook.com/about/privacy.
The service provider also provides an opt-out option at https://www.facebook.com/about/privacy.
Facebook Connect
On our webpage we use the service provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, 2 Dublin, Ireland, email: impressum-support@support.facebook.com, website: http://facebook.com/.
With Facebook Connect users can use their Facebook profile to log in to other online services more simply.
Processing is also undertaken in a third state for which there is no adequacy decision from the Commission. The level of protection that is typical of the GPDR cannot therefore be guaranteed since it cannot be ruled out that authorities in the third state are able to access the collected data.
The legal basis for the transfer of personal information is your consent pursuant to Art. 6(1) a) of the GDPR, which you have given on our website.
You can withdraw your consent at any time. You can find further information on withdrawing your consent either together with the consent or at the end of this data protection policy.
You can find further information on the handling of the transferred data in the service provider’s data protection policy at https://www.facebook.com/about/privacy.
The service provider also provides an opt-out option at https://www.facebook.com/about/privacy.
Google Tag Manager
-
Extent of processing of personal data
On our site we use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter: Google Tag Manager). Google Tag Manager provides a technical platform to run and bundle other web services and web tracking programs using so-called tags. In this context, Google Tag Manager saves cookies on your computer and, as far as web tracking tools are run using Google Tag Manager, analyzes your surfing behavior (so-called “tracking”). The data sent by individual tags embedded in Google Tag Manager is collected, stored, and processed by Google Tag Manager under a user interface. All incorporated “tags” will be listed separately in this privacy policy. For more information on the privacy of the tools incorporated into Google Tag Manager, please go to the corresponding section of this privacy policy. When you use our website with Google Tag Manager tags enabled, data such as your IP address and user activity will be transmitted to servers of Google Ireland Limited and used outside the European Union, e.g. processed and stored in the US. The EU Commission has determined that an adequate level of data protection is possible in the US if the data processing company has submitted to the US-EU Privacy Shield Agreement which is the case with Google Ireland Limited. The web services included with Google Tag Manager are subjected to the terms in the corresponding section of this Privacy Policy. The tracking tools used in Google Tag Manager ensure that the IP address of Google Tag Manager is anonymized before transmission, by anonymizing the source code IP. Therefore Google Tag Manager can only collect anonymous IP-addresses (IP masking).
-
Legal basis for the processing of personal data
The Legal basis is Art. 49 (1) S. 1 lit. a GDPR. (Consent), either when registering with Google (by opening a Google Account and accepting the privacy notices) or, if you have not registered with Google, by explicitly agreeing to open our page. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
-
Purpose of data processing
Google will use this information on our behalf to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Tag Manager from your browser will not be merged with other data from Google Ireland Limited.
-
Duration of storage
Google will store the data as long as necessary to fulfill this web service. The data collection and storage is done anonymously. If any non-anonymized personal data is collected, it will be deleted immediately, as far as they are not subject to legal storage obligations. In any case, the deletion takes place after expiry of the storage obligation.
-
Option to object and erase your data
By installing a script code blocker (e.g. www.noscript.net or www.ghostery.com) or disabling the “Do Not Track” option in your browser you can prevent Google from collecting (including the IP address), transferring and processing of personal data. In addition, you may prevent the collection of data generated by Google’s Cookie, related to your website usage history (including your IP address) as well its processing by installing the plugin found at http://tools.google.com/dlpage/gaoptout?hl=en. Google’s security and privacy policies can be found at https://policies.google.com/privacy?hl=en.
Google Analytics
-
Extent of processing of personal data
On our site we use the web tracking service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter: Google Analytics). Google Analytics uses the web tracking cookies stored on your computer to analyze the website and your surfing behavior. We use Google Analytics tracking service in order to constantly optimize our internet presence. By accessing our website, data, including your IP address and website usage, is transferred to Google Ireland Limited and also stored outside the European Union, e.g. processed and stored in the US. The EU Commission has determined that an adequate level of data protection is possible in the US if the data processing company has submitted to the US-EU Privacy Shield Agreement which is the case with Google Ireland Limited. By activating IP anonymization in the Google Analytics tracking code of this website, your IP address will be anonymized by Google Analytics before transmission. This website uses a Google Analytics tracking code that includes gat._anonymizeIp (). This allows for a solely anonymized IP-address collection.
-
Legal basis for the processing of personal data
The Legal basis is Art. 49 (1) S. 1 lit. a GDPR. (Consent), either when registering with Google (by opening a Google Account and accepting the privacy notices) or, if you have not registered with Google, by explicitly agreeing to open our page. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data. (see above)
-
Purpose of data processing
Google will use this information on our behalf to evaluate your visit to this website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address provided by Google Tag Manager from your browser will not be merged with other data from Google Ireland Limited.
-
Duration of storage
Google will store the data relevant to the provision of the web tracking as long as necessary to fulfill the posted web service. The data collection and storage is done anonymously. As far as personal reference should exist, the data will be deleted immediately, as far as they are not subject to legal storage obligations. In any case, the deletion takes place after expiry of the storage obligation.
-
Option to object and erase your data
By installing a script code blocker (e.g. www.noscript.net or www.ghostery.com) or disabling the “Do Not Track” option in your browser you can prevent Google from collecting (including the IP address), transferring and processing personal data. In addition, you may prevent the collection of data generated by Google’s Cookie, related to your website usage history (including your IP address) as well its processing by installing the plugin found at http://tools.google.com/dlpage/gaoptout?hl=en. Google’s security and privacy policies can be found at https://policies.google.com/privacy?hl=en.
OneTrust
On our website we use the OneTrust service of the company OneTrust, LLC., 1200 Abernathy Road, 30328 Atlanta, United States, e-mail info@onetrust.com, website https://www.onetrust.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. If data is transferred to an unsafe third country, your consent pursuant to Art. 49 (1) sentence 1 a) GDPR shall also be obtained for this data transfer.
By integrating OneTrust, we fulfil our legal obligation with regard to the consent management required for cookies.
You can find out what rights you have with regard to processing at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://www.onetrust.com/privacy-notice/.
External web services integration and data processing outside the EU
On our website, we use active content from external providers, so-called web services. When you visit our website, these external providers may receive personal information about your visit to our website. This may involve processing data outside the EU. You can prevent this by installing an appropriate browser plugin or deactivating the execution of scripts in your browser. This may lead to functional restrictions on websites that you visit.
We use the following external web services:
Bootstrap CDN
We use the Bootstrap CDN service of the company Prospect One, Ul. on our website. Królewska 65a-1, 30-081 Kraków.
The legal basis for the transmission of personal data is our legitimate interest in the processing pursuant to Art. 6(1) sentence 1 f) GDPR. Our legitimate interest is the achievement of the purpose described below.
Bootstrap CDN is a content delivery network that mirrors our content across multiple servers to ensure optimal accessibility worldwide.
With regard to the processing, you have the right of objection as set out in Art. 21. You can find more information at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://www.bootstrapcdn.com/privacy-policy/.
Browser-Update.org
On our website, we use the service Browser-Update.org of the company Team23 GmbH & Co. KG, Provinostraße 52 / Gebäude A2, 86153 Augsburg, Germany. The transmission and processing of personal data takes place exclusively on servers in the European Union.
The legal basis for the transmission of personal data is your consent pursuant to Art. 6 (1) lit. a GDPR, which you have given on our website.
Browser-update.org is included on our website to notify site visitors that they should update their browsers to take advantage of the latest security features and functionality on our website.
You may revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.
For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://browser-update.org/contact.html.
CookiePro
We use on our site the service CookiePro of the company OneTrust LLC, 1200 Abernathy Rd NE, Building 600, GA 30328 Atlanta, United States, e-mail: DPO@onetrust.com. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection of the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.
The legal basis for the transmission of personal data is your consent pursuant to Art. 6 (1) S. 1 lit. a GDPR, which you have given on our website. If data is transferred to an unsafe third country, your consent pursuant to Art. 49 (1) sentence 1 a) GDPR shall also be obtained for this data transfer.
By integrating CookiePro, we fulfill our legal obligation regarding the consent management required for cookies.
You can revoke your consent at any time. You can find more information on revoking your consent either with the consent itself or at the end of this privacy policy.
For more information on the handling of transferred data, please refer to the provider’s privacy policy at https://www.onetrust.com/privacy-notice/.
Doubleclick
On our website we use the Doubleclick service of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail support-de@google.com, website http://www.google.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
DoubleClick is a Google service through which digital advertising is offered and delivered on the internet. It is used so that we can display individual advertising to our website visitors.
You can revoke your consent at any time. You can find more information about withdrawing your consent either with the consent itself or at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://policies.google.com/privacy.
Ekomi Customer Review
We use on our site the service Ekomi customer reviews of the company eKomi, Ltd, Markgrafenstraße 11, 10969 Berlin, Germany. The transmission and processing of personal data takes place exclusively on servers in the European Union.
The legal basis for the transmission of personal data is our legitimate interest in the processing pursuant to Art. 6 (1) lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.
Via Ekomi, reviews from other buyers or the Ekomi seal are displayed on our site.
With regard to the processing, you have the right of objection listed in Art. 21 GDPR. You can find more information at the end of this privacy policy.
For more information on the handling of transferred data, please refer to the provider’s privacy policy at http://www.ekomi.de/de/datenschutz/.
On our website we use the Google service of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail support-de@google.com, website http://www.google.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
We use Google in order to be able to load additional Google services on the website.
You can revoke your consent at any time. You can find more information about withdrawing your consent either with the consent itself or at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://policies.google.com/privacy.
Google APIs
We use the Google APIs service of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail support-de@google.com, website http://www.google.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
We use Google APIs in order to be able to load additional Google services on the website. Google APIs is a collection of interfaces for communication between the various Google services used on the website.
For the processing itself, the service or we collect the following data: IP address
You can revoke your consent at any time. You can find more information about withdrawing your consent either with the consent itself or at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://policies.google.com/privacy.
Google Fonts
On our website we use the Google Fonts service of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail support-de@google.com, website http://www.google.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
The Google Fonts service is used to reload fonts on our site in order to be able to show you a visually better version of the site.
You can revoke your consent at any time. You can find more information about withdrawing your consent either with the consent itself or at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://policies.google.com/privacy.
Gstatic
On our website we use the Gstatic service of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, United States, e-mail support-de@google.com, website http://www.google.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
Gstatic is a service used by Google to retrieve static content to reduce bandwidth usage and preload required catalogue files.
You can revoke your consent at any time. You can find more information about withdrawing your consent either with the consent itself or at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://policies.google.com/privacy.
Vimeo
On our website we use the Vimeo service of the company Vimeo, Inc., 555 West 18th Street, 10011 New York, United States, e-mail: Privacy@vimeo.com, website: http://www.vimeo.com/. The processing also takes place in a third country for which there is no adequacy decision of the Commission. Therefore, the usual level of protection under the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, government agencies, for instance, can access the collected data.
The legal basis for the transmission of personal data is your consent you provided on our website pursuant to Art. 6(1) sentence 1 a) GDPR. As data transfer to a country without an adequate level of protection cannot be ruled out, the standard contractual clauses of the European Commission have been concluded to protect your personal data.
Videos from the Vimeo platform are integrated into our website via the Vimeo service.
You can revoke your consent at any time. You can find more information about withdrawing your consent either with the consent itself or at the end of this privacy policy.
You can find further information on the handling of transferred data in the privacy policy of the provider at https://vimeo.com/privacy.
The provider also offers an opt-out option at https://vimeo.com/privacy.
Information about the use of cookies
What personal data is collected and to what extent is it processed?
On various pages, we integrate and use cookies to enable certain functions of our website and to integrate external web services. The so-called “cookies” are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as “setting a cookie”. Cookies can be set here both by the website itself and by external web services. Cookies are set by our website or external web services in order to maintain the full functionality of our website, to improve the user experience or to pursue the purpose stated with your consent. Cookie technology also allows us to recognize individual visitors by pseudonyms, such as a unique or random IDs, so that we can provide more customized services. Details are listed in the following table.
Legal basis for processing of personal data
Insofar as the cookies are processed on the basis of consent pursuant to Art. 6 para. 1 lit. a DSGVO, this consent shall also be deemed to be consent within the meaning of Section 25 para. 1 TTDSG for the setting of the cookie on the user’s terminal device. Insofar as another legal basis is mentioned according to the DSGVO (e.g. for the fulfillment of a contract or for the fulfillment of legal obligations), the storage or setting takes place on the basis of an exception according to Section 25 (2) TTDSG. This exists “if the sole purpose of storing information in the end user’s terminal equipment or the sole purpose of accessing information already stored in the end user’s terminal equipment is to carry out the transmission of a message via a public telecommunications network” or “if the storage of information in the end user’s terminal equipment or the access to information already stored in the end user’s terminal equipment is absolutely necessary in order for the provider of a telemedia service to provide a telemedia service expressly requested by the user”. Which legal basis is relevant can be seen from the cookie table listed later in this item.
Purpose of data processing
The cookies are set by our website or the external web services to maintain the full functionality of our website, to improve usability or to serve the purpose stated when you consented. Cookie technology also allows us to recognise individual visitors by pseudonyms, e.g. a unique or random ID, so that we can offer more personalised services. Details are given in the following table.
Duration of storage
The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are given in the following table.
Possibility of objection and removal
You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or accept cookies in principle. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to store recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent until the revocation is not affected.
Duration of storage
The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session has expired. Details are given in the following table:
| Cookie-Name | OptanonAlertBoxClosed |
| Server | neodigital.de/en |
| Vendor | CookiePro |
| Purpose | This cookie is set by websites that use CookiePro’s cookie compliance solution. It is set after visitors have seen and interacted with a cookie information notice. It allows the website not to display the message more than once to a user. The cookie has a lifetime of one year and does not contain any personal information. |
| Legal basis | Art. 49 (1) S. 1 lit. a GDPR (consent) |
| Duration of storage | approx. 12 months |
| Type | Technically necessary |
| Cookie-Name | pll language |
| Server | neodigital.de/en |
| Vendor | Website Owner |
| Purpose | Polylang plug-in for WordPress websites linked. It stores a language preference for the visitor to support multilingual websites. |
| Legal basis | Art. 6 (1) lit. f GDPR (Legitimate interest) |
| Duration of storage | approx. 12 months |
| Type | Technically necessary |
Data security and data protection, communication by e-mail
Your personal data is protected by technical and organisational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or delivery by mail for information requiring a high level of confidentiality.
Automatic e-mail archiving
-
Scope of processing of personal data
We expressly point out that our mail system has an automated archiving procedure. All incoming and outgoing e-mails are digitally archived in a tamper-proof manner.
-
Legal basis for processing of personal data
Article 6 (1) c) GDPR (legal obligation). The legal obligation is to comply with the provisions of tax and commercial law (e.g. sections 146, 147 of the German Fiscal Code (AO), sections 238, 257 of the German Commercial Code (HGB)).
-
Purpose of data processing
The purpose of archiving is to comply with the provision of tax law (e.g. sections 146, 147 AO – obligation to retain e-mails containing pertinent tax information) and commercial law (e.g. sections 238, 257 HGB – obligation to archive business correspondence).
-
Duration of storage
Our mail communication is stored until the expiry of retention obligations under tax and commercial law. The retention period may last up to 10 years.
-
Option to object and erase
You may object to the processing at any time in accordance with Article 21 GDPR and request the erasure of data in accordance with Article 17 GDPR. You can find out what rights you have and how to exercise them at the bottom of this data privacy policy.
Right to information and correction requests – erasure & restriction of data – revocation of consent – right to object
Right to information
You have the right to request confirmation as to whether we are processing personal data about you. If this is the case, you have a right of access to the information stated in Article 15 (1) GDPR, insofar as the rights and freedoms of other persons are not affected (cf. Article 15 (4) GDPR). We will also be happy to provide you with a copy of the data.
Right of rectification
In accordance with Article 16 GDPR, you have the right to have any incorrect personal data (e.g. address, name, etc.) stored with us corrected at any time. You can also request the data stored with us to be completed at any time. A corresponding adjustment shall be made without delay.
Right to erasure
Pursuant to Article 17 (1) GDPR, you have the right to have us erase the personal data we have collected about you if
- the data is either no longer needed;
- due to the revocation of your consent, the legal basis of the processing has ceased to exist without replacement;
- you have objected to the processing and there are no legitimate grounds for the processing;
- your data is being processed unlawfully;
- a legal obligation requires this or the data has been collected pursuant to Article 8 (1) GDPR.
Pursuant to Article 17 (3) GDPR, this right does not exist if
- the processing is necessary for exercising the right of freedom of expression and information;
- your data has been collected on the basis of a legal obligation;
- the processing is necessary for reasons of public interest;
- the data is necessary for the establishment, exercise or defence of legal claims.
Right to restriction of processing
Pursuant to Article 18 (1) GDPR, you have the right, in individual cases, to demand that we restrict the processing of your personal data.
This is the case when
- the accuracy of the personal data is disputed by you;
- the processing is unlawful and you do not consent to erasure;
- the data is no longer needed for the purpose of processing, but the data collected is used for the establishment, exercise or defence of legal claims;
- an objection to the processing has been lodged pursuant to Article 21 (1) GDPR and it is still unclear which interests are overriding.
Right of revocation
If you have given us express consent to process your personal data (Article 6 (1) a) GDPR), you can revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until revocation is not affected by this.
Right to object
In accordance with Article 21 GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 (1) lit. f GDPR (in the context of a legitimate interest). You only have this right if there are special circumstances that speak against the storage and processing.
Right to data portability
Pursuant to Article 20 GDPR, you have the right to transfer personal data concerning you. We will provide the data in a structured, common and machine-readable format. The data can be sent either to you or to a controller named by you.
We will provide you with the following data upon request pursuant to Article 20 (1) GDPR:
- data collected on the basis of explicit consent pursuant to Article 6 (1) lit. a GDPR;
- data that we have received from you pursuant to Article 6 (1) lit. b GDPR within the framework of existing contracts;
- data that has been processed within the framework of an automated procedure.
We will transfer the personal data directly to a controller of your choice as far as this is technically feasible. Please note that we are not permitted to transfer data that interferes with the freedoms and rights of other persons pursuant to Article 20 (4) GDPR.
How do you exercise your rights?
You can exercise your rights at any time by contacting us using the contact details below:
Neodigital Versicherung AG
Untere Bliesstr. 13–15
66538 Neunkirchen
Germany
E-mail: info@neodigital.de
Tel.: +49 (0)6821 4022 000
supervisory authority pursuant to Article 77 (1) GDPR
If you suspect that your data is being processed illegally on our site, you can of course have the courts rule on the issue at any time. In addition, every other legal option is open to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Article 77 (1) GDPR. You have the right of appeal pursuant to Article 77 GDPR in the EU Member State of your place of residence, place of work and/or place of the alleged infringement, i.e. you can choose the supervisory authority you contact from the places mentioned above. The supervisory authority where the complaint is lodged will then inform you about the status and outcome of your submission, including the right to an effective judicial remedy pursuant to Article 78 GDPR.
