Information about the processing of your data by SIGNAL IDUNA 

If you have concluded an insurance contract or a contract on the subject of financial services with us, have reported a loss to us or have otherwise contacted us, we hereby inform you and any other data subjects about the processing of your personal data by SIGNAL IDUNA and your rights under data protection legislation.

» Selection of privacy information

Information about the processing of your data on this website 

This privacy statement explains the nature, scope and purpose of the processing of personal data within our online offer.

Overview

Section 1. Data controller
Section 2. General information on data processing
Section 3. Provision of the website
Section 4. Use of cookies
Section 5. Rights of data subjects

---

Section 1

Data controller

The data controllers responsible for compliance with the General Data Protection Regulation (GDPR) and other national data protection laws of the EU Member States, as well as other data protection regulations, are the following SIGNAL IDUNA companies:

SIGNAL IDUNA Krankenversicherung a. G.

Joseph-Scherer-Strasse 3
44139 Dortmund

Telephone: (+49) 231 135-0
Fax: (+49) 231 135-4638
Email: info@signal-iduna.de

Management Board:
Ulrich Leitermann (Chairman), Martin Berger, Dr Karl-Josef Bierth, Dr Stefan Kutz, Johannes Rath, Daniela Rode, Torsten Uhlig, Clemens Vatter

Chairman of the Supervisory Board:
Reinhold Schulte

Registered office: Dortmund, Commercial Register B 2405 AG Dortmund
VAT No.: DE 124 906 350

SIGNAL IDUNA Lebensversicherung a.G.

Neue Rabenstrasse 15-19
20354 Hamburg

Telephone: (+49) 40 4124-0
Fax: (+49) 40 4124-2958
Email: info@signal-iduna.de

Management Board:
Ulrich Leitermann (Chairman), Martin Berger, Dr Christian Bielefeld, Dr Karl-Josef Bierth, Dr Stefan Kutz, Johannes Rath, Torsten Uhlig, Clemens Vatter

Chairman of the Supervisory Board:
Reinhold Schulte

Registered office: Hamburg, Commercial Register B 2740 AG Hamburg
VAT No.: DE 118 617 622

Contact details for the data protection officers

If you have any questions, suggestions, or complaints regarding the handling of your personal data at SIGNAL IDUNA, you can contact our corporate data protection officers, who will of course be pleased to assist you with information about or the correction, deletion and/or blocking of these data.

Data protection officer of the controller

Joseph-Scherer-Strasse 3
44139 Dortmund
Germany

Telephone: (+49) 231 135-4630
Fax: (+49) 231 135-134630
Email: datenschutz@signal-iduna.de

Website: www.signal-iduna.de

---

Section 2

General information on data processing

Scope of the processing of personal data

We only collect and utilise the personal data of our users insofar as this is necessary for the provision of an operational website and of our content and services.

Terminology used

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation, or series of operations, that is carried out with or without the help of automated procedures in connection with person-specific data. The term is comprehensive and includes virtually any handling of data.

Any natural or legal person, authority, establishment or other institution that can, alone or in conjunction with others, decide upon the purposes and means of processing of person-specific data is referred to as a “data controller”.

With regard to further terms on the subject of data protection, we refer you to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Relevant legal bases

Pursuant to Article 13 GDPR, we hereby notify you of the legal basis of our data processing operations. Insofar as the legal basis is not identified in the privacy policy, the following applies:

The legal basis for obtaining consent is Article 6 para. 1 lit. a) of the GDPR; the legal basis for the processing in order to perform our services and the execution of contractual measures as well as the answering of inquiries is Article 6 para. 1 lit. b) GDPR; the legal basis for processing data in order to fulfil our legal obligations is Article 6 para. 1 lit. c) GDPR and the legal basis for processing data in order to safeguard our legitimate interests is Article 6 para. 1 lit. f) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 para. 1 lit. d) GDPR is the legal basis.

Transfer of data to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA) or Switzerland), or if we use third-party services, or disclose or transfer data to other persons or companies, this only occurs if we are required to do so in order to fulfil (pre-)contractual obligations, on the basis of your consent, on the basis of a statutory requirement or on the basis of our legitimate interests. Subject to express consent or contractually required communications, we process or allow the data to be processed only in third countries with a recognised level of data protection or on the basis of special guarantees, such as contractual obligation through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Article 44 to 49 GDPR).

---

Section 3

Provision of the website

Collection of access data and logfiles

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer (so-called server log files) on the basis of our legitimate interests within the meaning of Article 6 para.1 lit. f) GDPR.

The access data include the name of the website accessed, the file accessed, the date and time of retrieval, the amount of data transferred, notification of successful retrieval, the browser type and version, the operating system of the user, the IP address, the requesting provider, the referring URL (previously visited website), and websites that are retrieved by the user’s system. Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. To this end, the IP address of the user must remain stored for the duration of the session.

Deletion of data

Data processed by us are deleted or restricted in their processing. Unless expressly stated otherwise in this privacy policy, data we save are erased as soon as they are no longer required for their intended purpose, insofar as their deletion does not conflict with any statutory storage requirements. If data cannot be deleted because they are required for other and legally permissible purposes, their processing shall be restricted. This means that the data will be blocked and not processed for other purposes. This applies for example to data required to be retained for purposes relating to commercial or fiscal law.

Data recorded as part of customer surveys is anonymised, i.e. “logically” deleted. While personal data (such as names or contact details) is deleted in this way, anonymous information is retained in order to enable ongoing evaluations without reference to individuals.

Contact form

When you contact us via the contact form, your details will be used to process the contact request and to process it pursuant to Article 6 para. 1 lit. f) GDPR, or in cases of inquiries aimed at the conclusion of a contract, pursuant to Article 6 para. 1 lit. b) of the GDPR. If you send a message via the contact form, SSL (Secure Socket Layer) encryption technology with a key length of 128 bits is used to transmit this information. We delete requests insofar as they are no longer necessary, taking into account legal archiving obligations.

---

Section 4

Use of cookies

Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the computer system of the user. If a user visits a website, a cookie may be stored on the operating system of the user. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again. The following categories of cookies are used on this website:

Technically necessary cookies: “Essential”

These cookies are necessary for our website to function and cannot be deactivated in our systems. As a rule, these cookies are only set in response to actions you have taken that correspond to a service request, such as setting your privacy settings, logging in or filling out forms. You can set your browser to block these cookies or to notify you about these cookies. However, some areas of the website may not work

Cookies for statistical purposes: “Statistics”

With these cookies we can count visitors and determine access sources in order to determine and improve the performance of our website. This enables us to discover errors on the website. If you allow these cookies, you will help us with troubleshooting. These cookies also help us to answer the question of which pages are most popular, which are the least used and how visitors move around the website.

Marketing cookies: “Marketing”

These cookies can be set by our advertising partners (third parties) via our website. They can be used by these companies to build a profile of your interests and show you relevant advertisements on other websites. They work through the unique identification of your browser and your device. If you do not allow these cookies, no targeted advertising can be displayed.

Legal basis for data processing

The legal basis for the processing of personal data using essential cookies is Article 6 para. 1 lit. f) GDPR.

The legal basis for the processing of personal data using cookies for analysis purposes (statistics and marketing) is provided that the user has given his/her consent to this, Article 6 para. 1 lit. a) GDPR.

Duration of storage, option to object and request removal

A list of the cookies we use, descriptions of the purposes of the cookies and further information on the respective cookies can be found here in our cookie consent solution.

Facebook pixels

The SIGNAL IDUNA Group uses Facebook pixels on its websites. This is a website analysis service feature of Facebook Inc. (represented in Europe by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Hereinafter referred to as: “Facebook”).

Facebook pixels use cookies in the form of invisible graphic files which are stored on your browser and allow an analysis of your use of this website. The information generated by the cookie on how you use our website is usually transferred to a Facebook server in the USA and stored there.

The following data are transmitted to Facebook:
Information from HTTP header fields:
Everything contained in the HTTP header. An HTTP header is a standard web protocol that is sent between every browser request and server on the internet as standard. HTTP headers contain IP addresses, information about the web browser, site location, document, referrer and user agent.

Pixel-specific data:
These include the Pixel ID and the Facebook cookie.
Optional: Data event values:
Nine standard events can be defined here (such as visiting a particular subpage), which are described here:

https://developers.facebook.com/docs/ads-for-websites/pixel-events/v3.0 

Further information about the data collected by the Facebook tracking pixel can be found here https://de-de.facebook.com/about/privacy/ or here https://business.facebook.com/pixels/tos/ and in the terms of use for Facebook Business Tools here https://www.facebook.com/legal/terms/businesstools#.

The SIGNAL IDUNA Group has no influence over the data processing operations of Facebook. Facebook uses data for the purpose of advertising, market research and optimising offers. The data protection guidelines of Facebook apply in this regard. Please note that the use of such tracking processes allows the identification of users across numerous websites. Please see the privacy statement for further information and the terms and conditions of use of Facebook.

By using Facebook pixels, you may be shown related advertising content on your Facebook social network after visiting our website. This serves the interest of the SIGNAL IDUNA Group to tailor its advertising to you.

The legal basis for the processing and transmission of data is the provision of consent pursuant to Article 6 para. 1 a) of the GDPR (see III. 2.).

If you have provided your consent to data processing in connection with participation in the aforementioned campaigns and competitions, you may revoke this consent at any time by contacting us at the details stipulated under I. and II. or using the following opt-out services:

http://www.aboutads.info/choices und http://www.youronlinechoices.eu/

---

Section 5

Your rights as a data subject

Right to information: Pursuant to Article 15 GDPR, you can request information about your personal data stored by the SIGNAL IDUNA companies.

Right to rectification: Furthermore, in accordance with Article 16 GDPR, you have the right to request the completion of the data relating to you or the correction of incorrect data relating to you.

Right to deletion and restriction of processing: In accordance with Article 17 GDPR, you have the right to demand that data relating to you be deleted immediately, or alternatively in accordance with Article 18 GDPR, to request that the processing of the data be restricted.

Right to data portability: You have the right to request that you receive data relating to you that you have provided to us in accordance with Article 20 GDPR and to request that they be transmitted to other responsible parties.

Right of cancellation: You have the right to revoke your consent pursuant to Article Article 7 para. 3 GDPR with effect for the future.

Your consent remains in effect until revoked or until the end of your contract and the following statutory retention periods.

Right to object: You can object to the processing of your personal data at any time in accordance with Article 21 GDPR. This also applies to profiling, or for automated decisions in individual cases.

Right to lodge a complaint: You can address complaints regarding data protection to the above-mentioned data protection officer. In accordance with Article 77 GDPR, you are furthermore entitled lo lodge a complaint with the competent authorities. The following data protection supervisory authorities are responsible for SIGNAL IDUNA.

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Kavalleriestrasse 2-4
40213 Düsseldorf

Email: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de/

The data protection authority in NRW is responsible for the following companies of the SIGNAL IDUNA:
SIGNAL IDUNA Krankenversicherung a. G.
SIGNAL IDUNA Lebensversicherung AG
SIGNAL IDUNA Unfallversicherung a. G.
SIGNAL IDUNA Allgemeine Versicherung AG
PVAG Polizeiversicherungs-Aktiengesellschaft
Adler Versicherung AG

The Hamburg Commissioner for Data Protection and Freedom of Information

Ludwig-Erhard-Strasse 22
20459 Hamburg
7th Floor

Email: mailbox@datenschutz.hamburg.de
Website: https://datenschutz.hamburg.de

The data protection authority in Hamburg is responsible for the following companies of the SIGNAL IDUNA:
SIGNAL IDUNA Lebensversicherung a. G.
SIGNAL IDUNA Bauspar AG
SIGNAL IDUNA Pensionskasse AG
SIGNAL IDUNA Asset Management GmbH
HANSAINVEST Hanseatische Investment-GmbH
HANSAINVEST Real Assets GmbH
DONNER & REUSCHEL Aktiengesellschaft