The protection of your personal data is our core concern.

Therefore, we process your personal data (in short “data”) only on basis of legal regulations. With the data privacy statement we want to inform you about the process of your data in our company and the rights and requirements you are legally entitled in accordance of Art. 13 of the Basic Data Protection Regulation (EU DS-GVO/GDPR)

 

1. Who is responsible for data process and whom can you apply to?

 

Responsable:

CONZEPTA’S Assekuranzmakler GmbH
Baierbrunner Str. 23
81379 München
Tel.: +49 89 78746-0
E-Mail: info@conzeptas.eu

 

Data protection officer of the company is:

Gerald Lill
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-Mail: gl@projekt29.de
Tel.: 0941-2986930

 

2. Which data will be stored and from which source it originates?

We process data, which we received in the frame of initial phase of the contract respectively according to agreements or in the scale of your appliance to our company respectively in the scale of being employed with our company.

To personal data belong:

Your basic-/contact data; in the case of clients i.e. we store first name and surname, address, contact data (e-mail address, phone number, fax), banking details and pictures.

In case of applicants or employees, we store i.e. first- and surname, address, contact data (e-mail address, phone number, and fax), date of birth, data from your C.V. and job references, banking details and religious denomination and pictures.

In case of business partners: indication of their legal representatives, company, commercial register´s number, VAT number, number of company, address, data of contact person (e-mail address, phone number, fax), banking details.

In case of visitors to our company, we store name and signature.

Furthermore, we also process following personal data:

 

3. For which purpose and due to which legal basis are this information processed?

We process your data in accordance with the regulations of general Data Protection Regulation (GDPR) and German Data Protection Act 2018 each in the valid version:

 

 

4. Process of personal data for the purpose of advertising

The process of your data for the purpose of advertising you can object at any time to some or all measures, without resulting in other than transmission costs according to standard rates.

According to legal requirement of § 7 par 3 UWG we are entitled to use your e-mail address initially given to us for direct advertising of own or similar products or services. You will receive these recommendations of products irrespectively, whether or not you have subscribed a newsletter.

If you do not wish to receive such recommendations per e-mail in future, you can object to the use of your address for this purpose at any time, without resulting in other than transmission costs according to standard rates. A message in writing is sufficient for this. Of course, every e-mail will contain a link for signing off.

 

5. Who will receive my data?

If we appoint a service provider in the sense of processing an assignment, we remain responsible for the protection of your data. All service provider are contractually obliged to treat your data confidentially and to process them only in the frame of his order management. The order processors charged by us will receive your data, provided they need your data for the respective service. These are for example IT-service provider, needed by us for operating and securing our IT-system as well as for advertising and address publishing companies for our own advertising campaigns.

Your data will be processed in our clients’ data file. The clients’ data file supports the improvement of data quality of existing client data (cleaning-up of doublets, moved/ deceased- number plates, corrections of address) and enables enriching with data from public sources.

These data will be disposed to group companies provides it is necessary for setting up the contract. The storage of date will be effected according to the needs of the respective companies and separated whereas our mother company acts on behalf for the participating companies.

On presentation of a legal requirement as well as in the frame of asserting legal right legal authorities and courts as well as external auditors may be recipients of your data. Furthermore, insurance companies, banks, information offices and service providers may also receive your data for the purpose of prospective clients and fulfilment of contracts.

 

6. How long will be my data stored?

We process your data until the business relation has been terminated or until expiring of the current retention period (i.e. commercial code, regulation of charges, social law concerning hospitalisation or working schedules) in addition until termination of all legal disputes when using the data as evidence.

 

7. Will be personal data transmitted to third countries?

Generally, we will transmit no data to third countries. A transmission will be only effected due to an appropriate resolution concerning adequacy by European commission, standard contract clauses, appropriate guarantees or your explicit agreement.

 

8. Which rights of data protect do I have?

At any time, you have the right of information, correction, deletion or reduction of your data process, right of objection against the process as well as right of data process and of complaint according to requirements of data privacy laws.

Right of information:

You can demand information by us, whether or to which extent we process your data

Right of correction:

In case of our processing your data, which are incomplete or incorrect, you can demand their correction respectively completion at any time.

Right of deletion:

You can demand deletion of your data, provided we process them unlawfully or if the process affects your justified interest in protection in a disproportionate way. Please note, that there might be reasons objecting an immediate deletion, i.e. in case of compulsory safekeeping legally regulated.

Irrespective of exercising your right of deletion, we immediately and completely will delete your data, provided there are no objections to contractual or compulsory/legitimate record retention

Right of reduction of processing:

You can demand reduction of processing your data, if:

Right of data transferability:

You can demand us to provide you with your data, you supplied us with, in a structured, established and machine-readable format and that you can provide this data to another responsible person without impediment from our side,

If technically feasible, you can request your data to be transferred by us directly to the other responsible person.

Right of objection

If we process your data due to legitimate interest, you can file an objection against this data process at any time. This would also apply to profiling based on these regulations. In this case we do not continue processing your data, unless we can prove urgent requiring protection, which predominate your interest, rights and liberties or the process will suits the enforcement, exercise or defence of legal claims. At any time, you can object to the process of your data for purpose of direct mail without stating a reason.

Right to complain

You are of the opinion that we violate German or European Data privacy law when processing your data, we kindly ask you to contact us, in order to be able to clarify questions. Of course, you also have the right to apply to your appropriate authorities, or the respective regional authorities.

Provided you want to assert one of the named rights to us, please refer to our authorized representative for privacy protection.

In doubt, we can obtain additional information for confirming your identity.

 

9. Am I obliged to provide data?

The process of your data is necessary in order to conclude or fulfil the contract closed with us. If you do not provide us with the data, we usually must decline to conclude the contract or we cannot effect an existing contract and in conclusion, we have to terminate it. However, you are not obliged to agree to the process of your data in respect of non- relevant respectively legally not required data.