The english website is currently
under construction.

DE | EN
 Menu

Privacy policy

This Privacy Policy applies to HANSEKONTOR Maklergesellschaft mbH, HANSEKONTOR Nord West Maklergesellschaft mbH, HANSEKONTOR West Maklergesellschaft mbH, HANSEKONTOR Mitte Maklergesellschaft mbH and to HANSEKONTOR Süd Maklergesellschaft mbH.

The General Data Protection Regulation (hereafter GDPR) applies EU-wide. This Privacy Policy will inform you about the processing of personal data at our company in compliance with this regulation (cf. Art. 13 & 14 GDPR). If you have any questions or comments about this Privacy Policy, please do not hesitate to contact us at the email address provided in Sections 2 & 3.

Contents:

  1. Overview
    1. Applicability
    2. Controller
    3. Data Protection Officer
    4. Data Security
  2. Data Processing Details
    1. Data Processing
    2. Visiting the Website/Application
    3. Newsletter
    4. Applications
    5. Customer Support
    6. Tracking
    7. Social Media Plugins
  3. Data Subject Rights
    1. Right to Object
    2. Right to Information
    3. Right to Information
    4. Right to Rectification
    5. Right to Erasure ("Right to Be Forgotten")
    6. Right to Processing Restriction
    7. Right to Data Portability
    8. Right to Withdraw Consent
    9. Right to Lodge a Complaint
  4. Glossary

I. Overview

This section of our Privacy Policy will inform you about the applicability of this Privacy Policy and about the data processing controller, the data protection officer and data security.

  1. Applicability

    Data processing can be divided into two categories:
    All the data necessary for the execution of a contract will be processed for this purpose. If external service providers are involved in the execution of a contract, your data will be transferred to them to the necessary extent.

    When you visit our website/applications, various information will be exchanged between your device and our server. This may include personal data.

  2. Controller

    The data controller—i.e., the person who decides on the purposes and means of personal data processing —for the services is the respective managing director of the individual company (see Imprint)
  3. Data Protection Officer

    You may contact our data protection officer as follows: Contact Form

    DS EXTERN GmbH
    Dipl.-Kfm. Marc Althaus
    Bredkamp 53a
    D-22589 Hamburg
    Germany

  4. Data Security

    To implement the measures required under Art. 32 GDPR and achieve a risk-adequate level of protection, we have established an information security management system at our company.

Data processing details

This section of our Privacy Policy will inform you in detail about the processing of personal data as part of our services. For the sake of clarity, we will structure this information according to the functionalities of our services. In the normal course of using the services, different functionalities and therefore different processing operations may take effect one after the other or simultaneously.

  1. Data Processing

    Unless otherwise stated, the following applies to the processing described hereafter:

    1. No Duty to Disclose

      There is no contractual or legal duty to disclose personal data. You are not required to provide personal data.
    2. Consequences of Non-Disclosure

      For necessary data (data marked as mandatory on the entry form), non-disclosure means that the respective service cannot be performed. Non-disclosure may also prevent our services from being provided in the same form or with the same quality.
    3. Consent

      In a number of cases you have the option of granting us your consent to further processing in connection with the processing operations described below (where applicable, for part of the data). In these cases we will inform you separately, in connection with the submission of the respective declaration of consent, about all the modalities and the scope of the consent and about the purposes that we pursue with these processing operations.

    4. Transmission of Personal Data to Third Countries

      We will only transmit data to third countries, i.e., countries outside of the European Union, in compliance with the applicable legal admissibility requirements.

      The admissibility requirements are regulated in Art. 44 – 49 GDPR.

    5. Hosting by External Service Providers

      To a large extent, we process data through so-called hosting service providers who provide memory and processing capacities to us at their data centers and process personal data on our behalf and according to our directives. These service providers either process data exclusively in the EU or we will guarantee an adequate level of data protection through EU standard data protection clauses.

    6. Transmissions to Public Authorities

      We will transmit personal data to public authorities (including law enforcement authorities) if required by law (legal basis: Art. 6(1) Letter c GDPR) or for the exercise, establishment or defense of legal claims (legal basis: Art. 6(1) Letter f GDPR).

    7. Storage Duration

      We will only store your data for as long as it is necessary for the respective processing purposes. If the data is no longer necessary for the fulfillment of legal or contractual obligations, the data will be erased, unless continued temporary storage is necessary. Reasons for this may include:

      - Commercial and tax law storage obligations
      - Maintaining evidence for legal disputes within limitation periods

      Likewise, we may continue to store your data with your express consent.

    8. Data Categories

      Personal master data: Title, gender, first name, last name, date of birth

      Address data: Street, house number, address additions if applicable, ZIP code, city, country

      Contact data: Telephone number(s), fax number(s), email address(es)

      Registration data: Information about the service you have registered for; times and technical information about registration, confirmation and cancellation; data provided by you during registration.

      Applicant data: CV, reports, certificates, work samples, images

      Company figures: Revenue, balance sheet

  2. Website/Application

    This section will inform you about how we process your personal data when you are using our services. Please note that, due to the nature of information transfer on the Internet, the transmission of access data to external content providers (see Letter b below) is unavoidable.

    a. Information about processing
    Data category Intended purpose Legal basis Legitimate interest, if applicable Storage duration
    Access data Connection, display of service content, discovery of attacks on our pages through suspicious activities, troubleshooting Art. 6(1) Letter f GDPR Proper service functionality, security of data and business processes, prevention of misuse, prevention of damage caused by information systems interference 7 days
    b. Personal Data Recipients
    Recipient category Data concerned Legal basis of transmission Legitimate interest, if applicable
    External content providers who provide contents (e.g., images, videos, embedded posts from social networks, advertising banners, fonts, update information) necessary for displaying our services Access data Commissioned processing (Art. 28 GDPR) Orderly functioning of services, (accelerated) content displays
    IT security service provider Access data Commissioned processing (Art. 28 GDPR) Preventing attacks and exploitation of security gaps/vulnerabilities

     

  3. Newsletter

    This section describes what happens to your personal data when subscribing to our newsletter

    a. Information about processing
    Data category Intended purpose Legal basis Legitimate interest, if applicable Storage duration
    Email address Verification of registration (closed-loop authentication), sending the newsletter Art. 6(1) Letter b GDPR   Duration of newsletter subscription
    Personal master data Personalization of the newsletter Art. 6(1) Letter b GDPR   Duration of newsletter subscription
    Registration data Traceability of newsletter subscription/confirmation/unsubscription Art. 6(1) Letters b & f GDPR Proof of newsletter subscription/confirmation/unsubscription Duration of newsletter subscription
    Newsletter user profile data Interest aligned design of the newsletter Art. 6(1) Letter f GDPR Service improvement, advertising purposes Duration of newsletter subscription
    b. Personal Data Recipients
    Recipient category Data concerned Legal basis for transmission Legitimate interest, if applicable
    Newsletter sending service provider All data under “a” Commissioned processing (Art. 28 GDPR)  
  4. Applicants

    We will process your personal data as follows for application purposes:

    a. Information about processing
    Data category Intended purpose Legal basis Legitimate interest, if applicable Storage duration
    Address data, contact details Identification, contacting, communication for contract conclusion Art. 6(1) Letter b GDPR   6 months
    Personal master data Identification, contacting, age verification Art. 6(1) Letter b GDPR   6 months
    Applicant data Applicant selection Art. 6(1) Letter b GDPR   6 months
             
    b. Personal Data Recipients
    Recipient category Data concerned Legal basis for transmission Legitimate interest, if applicable
    Service provider/tools, if applicable      
    Job portals Identification, contacting, communication for contract conclusion Art. 6(1) Letter b GDPR  
    Martens & Prahl Versicherungskontor GmbH & Co. KG (Holding) Applicant selection, identification, contacting, communication for contract conclusion Art. 6(1) Letter b GDPR  
  5. Customer Support

    This section describes how your personal data may be processed and how you may contact our customer support:

    a. Information about processing
    Data category Intended purpose Legal basis Legitimate interest, if applicable Storage duration
    Personal master data, contact details, contents of inquiries/complaints Customer inquiry and user complaint handling Art. 6(1) Letters b & f GDPR Customer loyalty, service improvement Inquiry handling
    b. Personal Data Recipients
    Recipient category Data concerned Legal basis for transmission Legitimate interest, if applicable
    Service providers: ID Netsolution GmbH, Segeberstr. 9 -13a, 23863 Kayhude, Germany, email: servicedesk@idmx.de Q-Data Service GmbH, Sachsenstraße 7, 20097 Hamburg, Germany, email: service@qds.de      
    Company name All data under Letter a Art. 6(1) Letters b & f GDPR  
    Insurance companies All data under Letter a Art. 6(1) Letters b & f GDPR  
    Cooperating brokers All data under Letter a Art. 6(1) Letters b & f GDPR  
    Underwriting agents All data under Letter a Art. 6(1) Letters b & f GDPR  
    Reinsurance companies All data under Letter a Art. 6(1) Letters b & f GDPR  
    Broker pools All data under Letter a Art. 6(1) Letters b & f GDPR  
    Technical service providers All data under Letter a Art. 6(1) Letters b & f GDPR  
    Tip providers All data under Letter a Art. 6(1) Letters b & f GDPR  
    Social insurance carriers All data under Letter a Art. 6(1) Letters b & f GDPR  
    Insurance ombudsmen All data under Letter a Art. 6(1) Letters b & f GDPR  
    BaFin [German Federal Financial Supervisory Authority] All data under Letter a Art. 6(1) Letters b & f GDPR  
    Attorneys All data under Letter a Art. 6(1) Letters b & f GDPR  
    Tax advisors All data under Letter a Art. 6(1) Letters b & f GDPR  
    Legal successors All data under Letter a Art. 6(1) Letters b & f GDPR  
  6. Tracking

    How your personal data is processed using tracking technologies to analyze and optimize our services and for promotional purposes.

    The description of the tracking processes includes information on how to prevent or object to data processing. Please note that the so-called "opt out," i.e., processing rejection, is usually saved through cookies. If you use our services on another device or browser or if you delete the cookies saved by your browser, you must declare your rejection again.

    This data is not linked to a specific, identified natural person, i.e., the data is not combined with information about the bearer of the pseudonym.

    Tracking is used to analyze and optimize our services and their usage and to measure the success of advertising campaigns and to optimize the display of advertisements.

    Processing Purposes

    Using tracking to analyze user behavior helps us review the effectiveness of, optimize and adjust our services to the needs of our users and correct errors. It also serves to statistically determine characteristic values about the use of our services (reach, intensity of use, user surfing behavior) – on the basis of uniform standard procedures – and thereby obtain market-wide comparable values.

    The purpose of tracking to measure the success of advertising campaigns is to optimize our advertisements for the future and to enable marketers and advertisers to optimize their advertisements accordingly. The purpose of tracking to optimize the display of advertising is to show users advertising tailored to their interests, to increase the success of advertising and thereby increase advertising revenues.

    Legal basis for processing

    Services that study data subject behavior on the Internet and the creation of user profiles require informed consent in the sense of the GDPR.

  7. Social Media Plugins

    This website may feature additional programs (plugins) from social networks, e.g., Facebook, Google+, Twitter or Pinterest, operated by third parties that allow messages to be sent to the respective social network through an interface to, e.g., evaluate, recommend or share contents. This is done in pursuit of our legitimate interest in increasing recognition of our services. Our services are configured to only perform data transmissions after the respective interface is activated. In this case, the legal basis for data transmission is Art. 6(1) Letter f GDPR. The respective providers are responsible for processing transmitted data in compliance with the applicable data protection regulations.

    Description of the Services Provider Provider's privacy policy
    Facebook Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA https://www.facebook.com/policy.php
    Google+ Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA https://www.google.com/+/policy/pagesterm.html
    Twitter Twitter Inc., 539 Bryant Street, Suite 402, San Francisco, CA 94107, USA https://twitter.com/en/privacy
    Pinterest Pinterest Inc., 635 High Street, Palo Alto, CA, USA https://policy.pinterest.com/en/privacy-policy
    Instagram Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA https://help.instagram.com/519522125107875?helpref=page_content
    Vimeo Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA https://vimeo.com/privacy
    Xing XING SE, Dammtorstraße 30, 20354 Hamburg, Germany https://privacy.xing.com/en/privacy-policy

III. Data Subject Rights

  1. Right to Object

    If we process your personal data for direct marketing purposes, you have the right to object to the processing of your personal data for direct marketing purposes at any time effective for the future; this also applies to profiling if related to direct marketing.

    You also have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Art. 6(1) Letters e or f GDPR; this also applies to profiling based on these provisions.

    You may exercise your right to object free of charge.

    You may contact us at the contact details provided under I.2

IV. Glossary

Commissioned processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Browser: Computer program for accessing websites (e.g., Chrome, Firefox, Safari)

Cookies: In relation to the World Wide Web, cookies mean small text files that are saved locally on the user's computer when visiting a website. These files save data on the user's behavior. Opening one's browser and visiting the same website again will activate the cookie which will transmit information on the user's surfing behavior to the web server based on the data saved by the cookie.

In this regard, cookies are not edible, but information saved locally in a small text file on a user's computer when they visit a website. This may include the user's page settings or information on the user collected independently by the website. These locally saved text files may subsequently be read by the web server that installed them. Most browsers accept cookies automatically. You may manage cookies through your browser settings (usually under "Options" or "Settings"). This allows you to disable, limit or require your consent for the saving of cookies. You may also delete cookies at any time.

Third countries: Countries not bound to the legal requirements of the EU General Data Protection Regulation (a country outside of the EEA).

Personal data: Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Pixel: Pixels are also referred to as tracking pixels, web beacons or web bugs. These are small non-visible graphics in HTML emails or on websites. When a document is opened, this small image is loaded by a server on the Internet where the download will be registered. This allows the server operators to see whether and when an email is opened or a website is visited. This is usually achieved by activating a small program (JavaScript). This enables certain types of information on your computer system to be recognized and transmitted, e.g., the contents of cookies, the time and date of page access or a description of the page featuring the tracking pixel.

Profiling: any automated processing of personal data which involves the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects of that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or movements.

Services: Our offers subject to this Privacy Policy (see Applicability).

Tracking: Collection and assessment of data or user behavior when using our services.

Tracking technologies: Tracking may be performed through the log files saved on our web servers or through data collected from your device via pixels, cookies or similar tracking technologies.

Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.