.css-1fjpkse{width:100%;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;position:relative;overflow:hidden;background:var(--alert-bg);-webkit-padding-start:var(--chakra-space-4);padding-inline-start:var(--chakra-space-4);-webkit-padding-end:var(--chakra-space-4);padding-inline-end:var(--chakra-space-4);padding-top:var(--chakra-space-3);padding-bottom:var(--chakra-space-3);border-radius:var(--chakra-radii-md);--alert-fg:var(--chakra-colors-red-600);--alert-bg:var(--chakra-colors-red-100);z-index:var(--chakra-zIndices-overlay);}.chakra-ui-dark .css-1fjpkse:not([data-theme]),[data-theme=dark] .css-1fjpkse:not([data-theme]),.css-1fjpkse[data-theme=dark]{--alert-fg:var(--chakra-colors-red-200);--alert-bg:rgba(254, 178, 178, 0.16);}

JavaScript is not active

Without JavaScript, the functionality of this offering may be severely limited. Please turn it on in your browser or use a different one.

Privacy Policy of Funk EXPERTS

Privacy Policy

The Funk Group attaches great importance to the protection of personal data and respects your desire for privacy. In the following, we inform you about the collection of personal data when using our website. If you have any questions about the handling of your personal data, please contact our Data Protection Officer.

Data Controller

The responsible body within the meaning of the General Data Protection Regulation (GDPR) is:

Funk Group GmbH

International Insurance Broker and Risk Consultants

Valentinskamp 20

20354 Hamburg

Telephone +49 40 35914-0

Fax +49 40 35914-407

Email contact: welcome@funk-gruppe.de

Contact Option for the Data Protection Officer

You can reach our Data Protection Officer at datenschutz@funk-gruppe.de or at our postal address with the addition "Data Protection Officer".

Data Processing When Accessing the Website

As a result of your access to our website, the following technical information (log file data) is collected by us:

Operating system of the device with which you visit our website
Browser (type, version & language settings)
The amount of data retrieved
The current IP address of the device with which you visit our website
Date and time of access
The URL of the previously visited website (referrer)
The URL of the page (or sub-page) that you access on the website
The Internet service provider of the accessing system

The collection of this data is technically necessary to display our website to you and to ensure stability and security. We (and our hosting service provider) usually do not know who is behind an IP address. We do not combine the data listed above with other data. However, we reserve the right to check the log files subsequently if we become aware of concrete indications of illegal use.

The legal basis for the processing of data is Art. 6 (1) (f) GDPR. Our legitimate interest follows from the above-mentioned purposes of data processing.

General Information

You can subscribe to a newsletter on this website. The legal basis for sending the newsletter is your consent in accordance with Art. 6 (1) (a) GDPR.

To subscribe to our newsletter, we use the "double opt-in" procedure. This means that after your registration we will send you an email to the email address provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will not be stored.

The only information we need to send the newsletter is your email address. After your confirmation, we will save your email address for the purpose of sending you the newsletter and until consent is revoked. We also store your current IP address at the time of registration, the time of registration and the confirmation for up to three years after registration (limitation period). The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to clarify any misuse of your personal data. The legal basis for logging the registration is our legitimate interest in accordance with Art. 6 (1) (f) GDPR on proof of previously given consent, see also Art. 7 (1) GDPR.

You can revoke your consent to receiving the newsletter and unsubscribe from the newsletter at any time. You can declare your revocation by clicking on the link provided in each newsletter email or by sending an email to welcome@funk-experts.de.

Newsletter Tracking

We would like to point out that we evaluate your user behaviour when sending the newsletter to determine whether and when the newsletter was opened. For this analysis, the emails sent contain "web beacons" or tracking pixels, which are stored on our server and loaded when the newsletter is opened. Technical information such as browser type, time of opening and IP address are transmitted. For evaluation purposes, we link the above data and web beacons to your email address and an individual ID. Links received in the newsletter also contain this ID and allow us to analyse your click behaviour.

The data is processed pseudonymously, so the IDs are not linked directly to your other personal data. The legal basis for this data processing is your consent, Art. 6 (1) (a) GDPR.

You may revoke your consent with future effect at any time. In this case, the revocation includes the entire newsletter, since a separate revocation of the tracking is unfortunately not technically possible. To do this, simply click on the unsubscribe link provided in each email.

Such tracking is also not possible if you have deactivated the display of images in your email settings by default. In this case, the newsletter will not be shown correctly and you may not be able to use all functions. The above-mentioned tracking will occur when you display the images manually.

The information from the tracking is stored for as long as you have subscribed to the newsletter. After logging out, the data is anonymised and used for purely statistical purposes.

The data provided when registering for the newsletter will be used to distribute the newsletter until such time as you cancel your subscription, when said data will be deleted.

As a processor, we use the European provider Brevo (formerly: sendinblue) to send our newsletter. Brevo has its server location in Germany.

Use of Cookies

Cookies are data that are stored on your computer by a website you visit and allow your browser to be identified. Cookies transmit information to the body that uses the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or the entries you made there. This prevents you from having to re-enter the required form data each time you use it, for example. The information stored in cookies can also be used to identify preferences and to align content according to areas of interest.

There are different types of cookies: session cookies are data sets that are only temporarily stored in the working memory and are deleted when you close your browser. Persistent cookies are automatically deleted after a specified duration, which may differ depending on the cookie. With this type of cookie, the information can also be stored in text files on your computer. However, you can also delete these cookies at any time via the settings of your browser.

First-party cookies are set by the website you are currently visiting. Only this website may read information from these cookies. Third-party cookies are set by organisations that are not operators of the website you are visiting. These cookies are used, for example, by marketing companies.

The legal basis for possible processing of personal data using cookies and their storage duration may vary. If you have given us your consent, the legal basis is Art. 6 (1) (1) (a) GDPR. Insofar as the data processing takes place on the basis of our overriding legitimate interests, the legal basis is Art. 6 (1) (f) GDPR. The stated purpose then corresponds to our legitimate interest.

We use cookies to ensure the proper operation of the website, to provide basic functionalities, to measure reach and – with your consent – to tailor our services to preferred areas of interest.

You can always find details of the cookies and similar technologies used on our consent management platform.

You can delete cookies already stored on your device at any time. If you want to prevent the storage of cookies, you can do this via the settings in your Internet browser. You can find instructions for common browsers here: Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge browser, Safari, Safari mobile. Alternatively, you can also install "ad blockers". Please note that some of our website features may not work if you have disabled the use of cookies.

When visiting our website, all users of our website will also be informed by an information banner about our use of cookies and referred to this Privacy Policy. As a user, you will also be asked for your consent to the use of certain cookies. You may revoke your consent with future effect at any time by calling up our consent management platform (the round icon with the fingerprint at the bottom left of our website) and removing the tick behind the processing to which you have consented.

Google Analytics

If you have given your consent, this website uses Google Analytics, a web analysis service provided by Google LLC. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Extent of Processing

Google Analytics uses cookies which enable your use of our website to be analysed. The information about your use of this website, which is automatically collected using cookies, is generally transmitted to and stored in a Google server in the USA.

We use the user ID function. Through user ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyse user behaviour across devices.

In Google Analytics 4, the anonymisation of IP addresses is enabled by default. Due to IP anonymisation, your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will full IP addresses be transferred to a Google server in the USA and truncated there. The IP address provided by your browser in the framework of Google Analytics will not be combined with other data from Google.

During your website visit, your user behaviour is recorded in the form of "events". Examples of events:

Page views
First visit to the website
Start of the session
Your "click path", interaction with the website
Scrolls (whenever a user scrolls to the end of the page (90%))
Clicks on external links
Internal searches
Interaction with videos
Viewed/clicked ads

In addition, the following is recorded:

Your approximate location (region)
Your IP address (truncated)
Technical information about your browser and the devices you use (e.g., language setting, screen resolution)
Your Internet provider
The referrer URL (through which website/promotional medium you arrived at this website)

Purposes of Processing

On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyse the performance of our website and the success of our marketing campaigns.

Recipient

Recipients of the data are/can be:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR)

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Alphabet Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Data Processing Outside the EU/EEA

Google Ireland's parent company, Google LLC, is based in California, USA. Transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out.

In the event that data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an adequate level of data protection.

In addition, data transfers to the USA have been considered harmless since the European Commission's adequacy decision of 10 July 2023 if the recipient has been certified according to the Data Privacy Framework (DPF). This is the case with Google LLC.

Storage Period

The data sent by us and linked to cookies will be automatically deleted after 14 months. When data reaches the end of the retention period, it is erased automatically once a month.

Legal Basis

The legal basis for this data processing is your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG (Germany's Telecommunications Digital Services Data Protection Act). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

Revocation

You can revoke your consent at any time with effect for the future by accessing our consent management platform via the round button at the bottom left of each page and changing your selection there. The lawfulness of the data processing which took place between consent and revocation of consent will remain unchanged.

Alternatively, you can prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser so that all cookies are rejected, functionality on this and other websites may be restricted. Furthermore, you can also prevent the entering of data generated by the cookie about the use of the website (including your IP address) to Google as well as the processing of these data by Google, by

a. Not giving your consent to the setting of the cookie or

b. Downloading and installing the browser add-on for deactivating Google Analytics HERE.

Further information on Google Analytics terms of use and data protection at Google can be found at https://marketingplatform.google.com/about/analytics/terms/gb/

and at https://policies.google.com/?hl=en.

Google Tag Manager

We use the "Google Tag Manager" of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google") on our website.

The Google Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that can be used, among other things, to measure traffic and visitor behaviour, to record the impact of online advertising and social channels, to set up remarketing and targeting, and to test and optimise websites. The Google Tag Manager itself does not collect any personal data with the exception of your IP address. This can also be transmitted to Google's parent company in the USA. Such data processing in the USA as a "third country" has been considered harmless since the European Commission's adequacy decision of 10 July 2023, as Google LLC has been certified in accordance with the Data Privacy Framework (DPF).

The legal basis for the processing of data is the protection of legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in the fast and uncomplicated integration and management of various tools on our website.

Further information on Google Tag Manager can be found at: https://www.google.com/intl/de/tagmanager/use-policy.html.

Google Ads

We use the Google Ads service, an online advertising program of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google").

This means that we place advertisements within the framework of the Google search engine and (via the Google AdSense network or Google Ad Manager) on third-party websites that enable this if users use certain keywords specified by us in their search. In addition, we can also display our advertisements on the basis of interest via information available from Google about website visitors (user profiles).

For interest-based advertising, an analysis of online user behaviour is necessary. Google uses cookies to perform this analysis. When you click on an ad or visit our website, Google sets a cookie on your computer. These cookies have a duration of 90 days. The information collected by means of the respective cookie is used to be able to specifically address the visitor in a later search. Further information on the cookie technology used can also be found in Google's notes on website statistics and in the data protection policy. With the help of this technology, Google and we as customers receive information that a user has clicked on an ad and has been redirected to our websites. The information obtained in this way is used exclusively for statistical evaluation for ad optimisation. We do not receive any information that personally identifies visitors. Your IP address will be transmitted to Google. Since we use Google's IP masking on this website as part of the use of Google Analytics, your IP address will be anonymised. The statistics provided to us by Google include the total number of users who have clicked on one of our ads and, if applicable, whether they have been redirected to a page on our website with a conversion tag. Based on these statistics, we can trace the search terms for which our advertisement was clicked particularly often and which advertisements lead to contact by the user via the contact form.

Further information on data protection in the framework of Google Ads can be found at: https://policies.google.com/technologies/ads?hl=en.

If you do not want the processing, you can prevent the storage of the cookie required for these technologies, for example, via your browser's settings. In this case, your visit is not included in the user statistics.

You also have the option of selecting the types of Google ads via the ad setting (https://adssettings.google.com/authenticated?hl=en) or deactivating interest-based ads on Google.

Further information on data protection in the framework of Google Ads can be found at: https://policies.google.com/technologies/ads?hl=en

Google Ads Remarketing

We use the Google Ads Remarketing of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google") on our website.

Through these functions, we have the possibility, in particular, to place advertisements for previous visitors to our website, in which, for example, products are advertised that the visitors have previously viewed on our website. We can therefore display interest-based advertising to users of our website on other websites within the Google advertising network (as a "Google Ad" in the context of Google search or on other websites). This is done by using cookies and other technologies (e.g., fingerprinting), on the basis of which Google forms pseudonymous user profiles. This can also lead to a cross-device linking of information, and interest-based advertising can be played out to you on another device (e.g., tablet), for example, depending on your usage behaviour on one device (such as your mobile phone).

However, we, as the operator of the website, do not receive any information that could personally identify you as a visitor to our website.

Further information on data protection in the framework of Google Ads Remarketing can be found at: https://policies.google.com/technologies/ads?hl=en

Google Conversion Tracking

We use the Google conversion tracking of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google") on our website.

With the help of this technology, Google and we as customers receive information that a user has carried out certain actions on our website, e.g., has viewed certain content after clicking on one of our ads on our website or has taken out an insurance policy. The information obtained in this way is used exclusively for statistical evaluation for ad optimisation. We do not receive any information that personally identifies visitors. Google uses cookies or similar recognition technologies for identification.

Further information on data protection in the framework of Google conversion tracking can be found at: https://policies.google.com/technologies/ads?hl=en

Facebook Pixel and Facebook Conversions API

We use the "Facebook pixel" of the social network Facebook (a service of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: "Facebook")), as well as its Facebook Conversions API. Despite the company's registered office in Ireland, personal data is also transferred by Facebook to the USA (in particular to the parent company Meta Platforms, Inc., 1601 S. California Avenue, Palo Alto, CA 94304) and to other third countries.

The Facebook pixel measures certain actions of Facebook users ("events") after they have clicked on one of our Facebook ads. This enables us to measure the effectiveness of our Facebook advertisements and to draw conclusions that we can use to optimise our promotions. However, the data we receive from Facebook in this context is anonymous to us, i.e., we cannot draw any conclusions about the identity of the visitors to our website.

The Facebook Conversions API supplements the above-described tracking with "server-side tracking", in which very similar information on the effectiveness of our Facebook advertisements can be determined even without the use of cookies. For this purpose, the Facebook interface automatically reads information such as the time of access, the website accessed, your IP address and possibly other specific data (e.g., conclusion of an insurance contract) from the server log of our website and transmits it to Facebook.

Facebook will also process the data collected for its own purposes. If you are a member of Facebook and Facebook has allowed this via the privacy settings of your account, Facebook will also link the information collected about your visit to us to your member account. Facebook will use the data collected in particular for the targeted display of Facebook advertisements on Facebook and outside of Facebook. We as the site operator have no control over this use of your data. Further information on data processing by Facebook can be found in the Facebook data policy at www.facebook.com/about/privacy.

The legal basis for our above-described processing of your personal data is your previously given consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG (Germany's Telecommunications Digital Services Data Protection Act). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

Insofar as data processing in the USA as a "third country" takes place as part of the service, such data processing has been considered harmless since the European Commission's adequacy decision of 10 July 2023, as Meta Platforms, Inc. has been certified in accordance with the Data Privacy Framework (DPF). Facebook provides further details on the transfer of "European data" in its "Data Transfer Addendum"(https://www.facebook.com/legal/EU_data_transfer_addendum) and in its "Disclosure of Meta's Data Protection Agreement" (https://www.facebook.com/privacy/policies/data_privacy_framework).

Insofar as data is collected by us and forwarded to Facebook as part of the aforementioned data processing operations, we are jointly responsible for this data processing with Facebook within the meaning of Art. 26 GDPR. We have therefore concluded an agreement with Facebook that describes this responsibility in more detail (available at https://www.facebook.com/legal/terms/page_controller_addendum). The joint responsibility is limited to the collection of the data and its forwarding to Facebook. The processing by Facebook after forwarding is not part of the joint responsibility.

In fulfilment of our obligations under the aforementioned agreement, we would like to point out that information on the name, contact details and data protection officer of Facebook as the (jointly) responsible party can be found at www.facebook.com/about/privacy, as well as further information on how Facebook processes personal data, including the legal basis on which Facebook relies and the options for exercising your rights as a data subject vis-à-vis Facebook.

We have agreed with Facebook that Facebook is internally responsible for enabling the rights of data subjects in accordance with Art. 15–20 of the GDPR with regard to the personal data stored by Facebook after the joint processing. However, you can contact both us and Facebook directly to process enquiries regarding your rights as a data subject.

LinkedIn Insight Tag / LinkedIn Ads Conversion Tracking

If you have given your consent, we use the LinkedIn Insight Tag and the LinkedIn Ads Conversion Tracking on our website, tracking tools from the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, with the parent company LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA 94085, USA.

Both tools enable the collection of data on the visits to our website for analysis and marketing purposes.

In particular, the following data is collected via a cookie set by the respective tool and processed by the provider.

IP address,
Referrer URL
Devices and browser properties
Timestamp,
Site operations,
Demographic data from LinkedIn, if the user is an active LinkedIn member.

The IP addresses are shortened after collection or (if they are used to reach LinkedIn members across devices) hashed (pseudonymised). As the operator of the website, we cannot assign the data we receive from LinkedIn as a result of using the tool to any individual. Instead, we only receive anonymous information from LinkedIn on the performance of advertisements and website interactions ("conversion measurement"). In addition, LinkedIn provides us with demographic and professional key data of active LinkedIn members who visit our website. This data is also anonymous to us. The LinkedIn Insight Tag also allows us to display targeted advertising to website visitors outside our website ("retargeting") without identifying website visitors.

The LinkedIn Insight Tag establishes a connection to the LinkedIn server when our website is accessed. If you visit our website and are logged into your LinkedIn account in parallel, LinkedIn can – unlike us – identify you. If you want to prevent this, you must log out of LinkedIn before accessing the website. If you are logged in to LinkedIn, you can deactivate data collection at any time at the following link:

https://www.linkedin.com/psettings/enhanced-advertising.

For LinkedIn Ads Conversion Tracking, we can use LinkedIn to define target groups of users based on certain characteristics to whom adverts are subsequently displayed within the LinkedIn network. Users are selected by LinkedIn on the basis of the profile information they provide, as well as other data provided when using LinkedIn. If a user clicks on an advert and subsequently reaches our website, LinkedIn receives the information that the user has clicked on the advertising banner via the conversion tag integrated on our website, but without the user becoming identifiable to us as a result.

The legal basis for the above-described data processing is your consent, Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG (Germany's Telecommunications Digital Services Data Protection Act). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

To prevent LinkedIn from collecting data for advertising purposes, you can also use this link to set a cookie: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. In addition, you can make further data protection adjustments via this link: https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences?lang=en.

The data collected by LinkedIn will be deleted by LinkedIn within 90 days, with the exception of identifiers of LinkedIn members, which will be deleted by LinkedIn after seven days. We have no influence on the exact extent of the processing of your personal data by LinkedIn. You can find further information on the scope, nature, purpose of data processing, retention periods, as well as your rights and privacy settings in the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com. Further information on the cookies used by LinkedIn can be found at: https://www.linkedin.com/legal/cookie-policy.

The data transmitted to LinkedIn is also potentially processed on servers of the parent company LinkedIn Corporation (1000 W Maude Ave, Sunnyvale, CA 94085) in the USA. However, such data processing in the USA as a "third country" may be considered harmless since the European Commission's adequacy decision of 10 July 2023, as LinkedIn Corporation has been certified in accordance with the Data Privacy Framework (DPF).

Hotjar

We use the Hotjar web analysis service of Hotjar Ltd. (St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta).

We use Hotjar to better understand the needs of our users and to optimise the offer and the experience on this website. With the help of Hotjar's technology, which also includes the setting of cookies on your devices, we get a better understanding of our users' experiences (e.g., how much time users spend on which pages, which links they click, what they like and what they don't like, etc.). This in turn helps us to align our offer with the feedback of our users.

For these purposes, the user behaviour (mouse movements, clicks, scroll height, etc.) on our website is measured, recorded and evaluated using Hotjar, sometimes also via the collection of direct feedback from users, and played back to us in the form of "heat maps", conversion funnels and other representations. In addition, information is collected about previously visited websites, your home country, devices used including screen size, operating systems and browsers. The IP address of the end device is only collected and stored in an anonymous manner. The data collected is transmitted via an encrypted connection to servers located in Ireland (EU) and stored there in the form of pseudonymised user profiles.

Most data (recording, heat map data, etc.) is kept for 365 days from the date of creation. The responses recorded by the feedback tools will be deleted immediately after the purpose has ceased to apply.

Further information on the cookies used can be found at: https://help.hotjar.com/hc/en/articles/6952777582999-Vom-Hotjar-Tracking-Code-gesetzte-Cookies.

Further information on Hotjar's compliance with data protection can be found at: https://www.hotjar.com/legal/policies/privacy/.

The legal basis for this data processing is your consent, Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG (Germany's Telecommunications Digital Services Data Protection Act). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

Social Plugins

This website uses "social plugins" from the providers

Facebook (provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland) and
LinkedIn (provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland)

If you have given your consent, when you visit a page on which these plugins are integrated, a connection to the servers of the respective provider is established and your IP address is transmitted. However, these plugins are deactivated by default. Only with your consent to the use of the plugins will they be activated and your data can be transferred to the respective provider.

The legal basis for this data transmission by the plugins is therefore Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG (Germany's Telecommunications Digital Services Data Protection Act). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

If you have given your consent and are logged in to the social network during your visit to our website, your data and information about the visit to this website may also be linked to your profile on the social network. The respective plug-in provider stores the data collected about you as a user profile (even if you were not logged in at the same time) and uses it for the purposes of advertising, market research and/or customising its website. However, we as the owner of this website have no influence on the further data processing by the respective provider.

For more information about the scope, type and purpose of data processing and about rights and setting options for the protection of your privacy, please refer to the data protection information of the respective provider of the social network. This can be found at the following addresses:

Facebook: https://www.facebook.com/policy.php

LinkedIn: https://www.linkedin.com/legal/privacy-policy

Since the parent companies of the providers are located in the USA, transfer of the aforementioned data to a "third country" cannot be ruled out. With regard to the guarantees given in this regard for the processing of your personal data, please refer to the above statements on Facebook or LinkedIn.

Cloudflare

To increase the transmission speed, we use a content delivery network (CDN) from CloudFlare Inc., 101 Townsend St, San Francisco, CA 94107 USA ("Cloudflare") for our website.

When you visit our website, Cloudflare collects the following data: name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. This data is collected automatically in order to be able to display the content of the website to you.

The legal basis for the processing of data is the protection of our legitimate interests in accordance with Art. 6 (1) (f) GDPR. These legitimate interests lie in increasing the performance of our website and thereby increasing user satisfaction.

In the context of this service, personal data may be transferred to the United States, which is to be regarded as a "third country" within the meaning of the GDPR. However, such data processing in the USA has been considered harmless since the European Commission's adequacy decision of 10 July 2023, as CloudFlare Inc. has been certified in accordance with the Data Privacy Framework (DPF).

You can find further information in the provider's privacy policy at https://www.cloudflare.com/security-policy/.

Fastly

To increase the transmission speed, we use a content delivery network (CDN) from Fastly Inc., General Counsel, 475 Brannan St., Suite 300 San Francisco, CA 94107, USA ("Fastly").

When you visit our website, Fastly collects the following data: name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. This data is collected automatically in order to be able to display the content of the website to you.

In the context of this service, personal data may be transferred to the United States, which is to be regarded as a "third country" within the meaning of the GDPR. However, such data processing in the USA has been considered harmless since the European Commission's adequacy decision of 10 July 2023, as Fastly Inc. has been certified in accordance with the Data Privacy Framework (DPF).

You can find further information in the provider's privacy policy at

https://www.fastly.com/de/privacy/.

Usercentrics (consent management platform)

Usercentrics is a consent management platform that enables websites to protect the privacy of users and to comply with data protection requirements when it comes to cookies and tracking. "Usercentrics" is an offer from the provider Usercentrics GmbH, Rosental 4, 80331 Munich, hereinafter referred to as "Usercentrics".

Through "Usercentrics", we inform our website visitors about the use of cookies and similar technologies on our website and enable them to make a decision about their use at any time.

If the visitor gives their consent to the use of the cookies or other technologies they have selected, the following data is automatically logged:

Opt-in and opt-out data
Date and time of consent
User agent of the end user's browser
The provider's URL
The consent ID
Consent type
Template version
Banner language

The corresponding information is stored in the local storage on the user's device in order to automatically restore the corresponding cookie status (consented or not consented to use) on future page views. The consent data (consent and revocation of consent) is stored for three years. The data will then be deleted immediately.

The legal basis for temporary storage of data is Art. 6 (1) (c) in conjunction with Section 25 (1) TDDDG and Art. 7 (1) GDPR.

Further information on Usercentrics can be found at:

https://usercentrics.com/privacy-policy/

Mediation of Insurance Contracts

By entering the relevant information into our rate calculator on our website, you can not only obtain quotes for various insurance policies, but also take out these policies directly online through us. When you submit an application, your data will be passed on to the respective insurer for the purpose of accepting the contract. The processing of your personal data is carried out on the basis of Art. 6 (1) (b) GDPR. In the event that voluntary information is provided, the legal basis of Art. 6 (1) (a) GDPR.

Payment Service Provider Stripe

We use the services of the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland ("Stripe"). Insofar as personal data is required for the purpose of payment processing, this will be collected directly by Stripe. In this respect, Stripe is independently responsible for data processing.

For more information about Stripe's privacy policy, please visit

https://stripe.com/gb/privacy.

Function for saving your entries

As long as you have not yet entered any personal data as part of the preparation of the offer, you can have a link to the previous status of your entries sent to you via the floppy disk symbol on our website. For this, we need a valid email address from you. After sending the link, your email address will be automatically deleted. The link to the previous information will lose its validity after two weeks.

Customer Portal and Property Portal

In the customer portal and the property portal, you have the option of accessing the contracts you have concluded at any time, adjusting or terminating these contracts.

When an insurance contract is concluded via our website, a customer account is automatically created for you and you can access the customer portal. You can access the portal via the access data provided by you during the conclusion of the contract (consisting of your email address and a sufficiently complex password). For data security reasons, two-factor authentication is also carried out for each access to the customer portal, i.e., you will receive a code by SMS via the mobile number you have provided, which you must enter on our website in order to be able to access your customer account.

In addition to managing your contracts, you also have the option of changing your personal master data (address, etc.) or the payment method you prefer in the customer portal and the property portal.

The access to the property portal is carried out by entering access data, which is sent to you by our department to the email address you have provided. In the property portal, you have the option of applying for insurance and changing your cover.

Your customer account and your account for the property portal will automatically remain in existence until your last contract concluded via Funk EXPERTS ends. After termination of this last contract, you can continue to use the customer portal or property portal for eighteen months, and therefore download your documents stored there, access your previously concluded insurance and, if necessary, take out new insurance via the customer portal or property portal. After the expiry of the eighteen months, your customer account or your account for the property portal with all personal data stored therein will be deleted, unless it is still required to assert, exercise or defend legal claims. Insofar as statutory retention periods prevent deletion, data will still be archived by us until its expiry (often for up to 10 years).

The legal basis for the above-described processing of data is Art. 6 (1) (b) GDPR or (for data processing after termination of the last contract) the protection of legitimate interests, Art. 6 (1) (f) GDPR. Our legitimate interest lies in enabling convenient user access to recently relevant documents and the simplification of new contracts.

In addition, we process some technical data as part of the customer portal and property portal, which is automatically generated when using our customer portal and property portal. This includes, in particular, your IP address, the browser used and the usage times. This data is processed for the purpose of ensuring the security and functionality of our customer portal and property portal and for the purpose of improving the user-friendliness of the customer portal and property portal. The data collected for these purposes will be anonymised immediately after collection. The legal basis for the processing of your personal data is the protection of legitimate interests, Art. 6 (1) (f) GDPR. Our legitimate interest lies in the provision of a functioning, user-friendly customer portal and property portal.

Damage Reports via the Portal

In the property portal, you also have the option of reporting damage via a form. In this context, the following data is processed: Name and contact details of the reporting person, name and contact details of the local contact person, information on the damage and payment information of the authorised person. We process this data in order to be able to process your claim in accordance with our contractual obligations. For this purpose, the data will be passed on to the insurer. The legal basis for this data processing is, on the one hand, Art. 6 (1) (b) GDPR, in the case of the processing of third-party data Art. 6 (1) (f) GDPR.

Getting in Contact

You have the option of contacting one of our customer service representatives by phone or email at any time. You can also use a corresponding contact form to contact us via our website. When you contact us, the data you provide (e.g., your email address, your request, your name and your telephone number) will be stored by us in order to answer your questions. The legal basis in this respect is Art. 6 (1) (f) GDPR. Our legitimate interest lies in enabling your requests to be processed as effective and customer-oriented as possible.

If we use our contact form to request information that is not required to establish contact, it will always be marked as optional. These details help us answer your inquiry and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, Art. 6 (1) (1) (a) GDPR. If this includes information on additional communication channels (e.g., email address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your request. You can, of course, revoke this consent at any time with effect for the future.

In addition, we will contact you by email to provide you with necessary insurance-relevant information and to ask questions. We are obliged to do so under insurance law. We process your data on the basis of the legitimate interest within the meaning of Art. 6 (1) (f) GDPR. For this purpose, your data will be transmitted to the service provider Sendinblue. The servers are located in Germany.

Your data, which we have received as part of your requests, will be deleted as soon as it is no longer needed to achieve the purpose of its collection, your request is completely processed and no further communication with you is required or desired by you.

As the body responsible for data protection, we have implemented numerous technical and organisational measures to ensure the most complete protection of the personal data processed via our website. Nevertheless, Internet-based data transmissions can always have security gaps. Absolute protection cannot be guaranteed; in any case, the sending of unencrypted emails is not secure. We therefore ask you not to send sensitive data by unencrypted email, but to use either encrypted communication channels (such as our contact form) or the postal service.

Storage Period

If we have not already informed you specifically about the storage period with regard to individual data processing, the following applies: We only store your personal data for as long as necessary for the respective processing purposes and then delete it immediately, insofar as there are no legal retention obligations to delete it.

Data Security

We have extensive technical and operational safeguards in place, such as the use of two-factor authentication, to protect your data from accidental or intentional manipulation, loss, destruction, or access by unauthorised persons. Our safety procedures are regularly checked and adapted with the latest technological advancements.

In particular, our website uses SSL or TLS encryption to ensure the security of data processing. You can recognise an encrypted connection by the fact that the address line of the browser contains an "https://" instead of an "http://", as well as the lock symbol in your browser line.

Data Transfer

We generally process your data for contractual purposes. In this context, the recipients of your data may be:

the companies of the Funk Group, insurers (with whom your contract is concluded), experts (in particular for the assessment of claims and service cases) and IT service providers (e.g., hosting service providers, maintenance service providers).

Your Rights

You have the following rights towards us regarding your personal data:

General Rights

You have a right to access, rectification, cancellation, restriction of processing, objection to processing and data transferability. If processing is based on your consent, you have the right to withdraw this consent with effect for the future.

Rights in data processing according to the legitimate interest

In accordance with Art. 21 (1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 (1) (e) GDPR (data processing in the public interest) or on Art. 6 (1) (f) GDPR (data processing to protect a legitimate interest); this also applies to profiling based on this provision. If you object, we will no longer process your personal data unless compelling legitimate grounds for the processing override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

Rights Related to Direct Advertising

If we process your personal data in order to carry out direct advertising, you have the right pursuant to Art. 21 (2) GDPR to object at any time to the processing of personal data concerning you for the purpose of such advertising, including profiling in so far as it is related to such direct marketing.

In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

Right to File a Legal Complaint with a Supervisory Authority

You also have the right to lodge a complaint to a data protection supervisory authority concerning our processing of your personal data.

The supervisory authority responsible for us:

The Hamburg Commissioner for Data Protection and Freedom of Information of the Free and Hanseatic City of Hamburg – Corporation under public law, Ludwig-Erhard-Str 22, 7. OG, 20459 Hamburg