.css-1fjpkse{width:100%;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;position:relative;overflow:hidden;background:var(--alert-bg);-webkit-padding-start:var(--chakra-space-4);padding-inline-start:var(--chakra-space-4);-webkit-padding-end:var(--chakra-space-4);padding-inline-end:var(--chakra-space-4);padding-top:var(--chakra-space-3);padding-bottom:var(--chakra-space-3);border-radius:var(--chakra-radii-md);--alert-fg:var(--chakra-colors-red-600);--alert-bg:var(--chakra-colors-red-100);z-index:var(--chakra-zIndices-overlay);}.chakra-ui-dark .css-1fjpkse:not([data-theme]),[data-theme=dark] .css-1fjpkse:not([data-theme]),.css-1fjpkse[data-theme=dark]{--alert-fg:var(--chakra-colors-red-200);--alert-bg:rgba(254, 178, 178, 0.16);}

JavaScript is not active

Without JavaScript, the functionality of this offering may be severely limited. Please turn it on in your browser or use a different one.

Privacy Policy of Funk EXPERTS

Privacy Policy

The Funk Group places great importance on protecting your personal data and respects your desire for privacy. Below, we provide information on the collection of personal data when using our website. Should you have any further questions regarding the handling of your personal data, please contact our data protection officer.

Data controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Funk Gruppe GmbH

International Insurance Broker and Risk Consultants

Valentinskamp 20

20354 Hamburg

Phone +49 40 35914-0

Fax +49 40 35914-407

Email contact: welcome@funk-gruppe.de

Contact option for the data protection officer

You can contact our data protection officer at datenschutz@funk-gruppe.de or our postal address with the addition "Data protection officer".

Data processing when visiting the website

Visiting our website will result in us collecting the following technical information (log file data):

operating system of the device you use to visit our website
browser (type, version and language settings)
the amount of data requested
the current IP address of the device you use to visit our website
date and time of access
the URL of the website visited previously (referrer)
the URL of the (sub-)page which you accessed on the website
the Internet service provider of the accessing system

Collecting data is necessary for technical reasons to display our website and ensure stability and security. In general, neither we nor our hosting service provider are aware of who the person hidden behind an IP address is. We do not combine the data listed above with other data. However, we reserve the right to subsequently check the log files if we become aware of specific indications of unlawful use.

The legal basis for the processing of data is Article 6 (1)(f) GDPR. Our legitimate interest follows from the above-mentioned purpose of data processing.

General information

You can subscribe to a newsletter on this website. The legal basis for sending the newsletter is your consent in accordance with Article 6 (1)(a) GDPR.

For subscriptions to our newsletter, we use the "double opt-in" procedure. This means that after you have registered, we will send you an email to the email address you have provided asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will not be stored.

The only information we need to send the newsletter is your email address. Once you have confirmed this, we will store your email address for the purpose of sending the newsletter until revocation. When you register, we will also store the current IP address, the time of registration and the confirmation for up to three years after registration (limitation period). The purpose of this process is to verify your registration in the event of doubt and, if necessary, resolve any misuse of your data. The legal basis for logging the registration is our legitimate interest in accordance with Article 6 (1)(f) GDPR regarding proof of previously given consent, see also Article 7 (1) GDPR.

You can revoke your consent to receiving the newsletter and unsubscribe from it at any time. You can declare your revocation by clicking on the link provided in each newsletter email or by sending an email to welcome@funk-experts.de.

Newsletter tracking

We point out that when sending the newsletter, we evaluate your user behaviour in order to determine if and when the newsletter was opened. To evaluate this, the emails sent contain web beacons, or tracking pixels, which are stored on our server and loaded when the newsletter is opened. Technical information such as browser type, time of opening and IP address is transmitted. For evaluation purposes, we link the above data and web beacons to your email address and an individual ID. Links received in the newsletter also contain this ID and enable us to analyse your clicking behaviour.

The data is processed pseudonymously, which means the IDs are not directly linked to your other personal data. The legal basis for this data processing is your consent, Article 6 (1)(a) GDPR.

You may revoke your consent with effect for the future at any time. In this case, the revocation will include the entire newsletter, since it is unfortunately not technically possible to revoke tracking separately. To do this, simply click on the unsubscribe link provided in each email.

This tracking is also not possible if you have disabled images from being displayed by default in your email settings. In this case, the newsletter will, however, not be shown correctly and you may not be able to use all functions. The above-mentioned tracking will occur when you display the images manually.

The information from the tracking will be stored for the period that you are subscribed to the newsletter. After unsubscribing, the data will be anonymised and used for purely statistical purposes.

The data provided when registering for the newsletter will be used to distribute the newsletter until such time as you cancel your subscription, when said data will be deleted.

To distribute our newsletter, we use the European provider Sendinblue as a contract processor. Sendinblue's server is located in Germany.

Use of cookies

Cookies are data stored on your computer by a website that you visit and enable your browser to be reassigned. Cookies allow information to be transmitted to the site using the cookie. Cookies can store various pieces of information, such as your language setting, the duration of your visit to our website or what you input there. This saves you from having to re-enter the required form data each time you use it, for example. The information stored in cookies can also be used to identify preferences and align content according to areas of interest.

There are different types of cookies: session cookies constitute data quantities which are only temporarily stored in memory and deleted when you close your browser. Persistent cookies are automatically deleted after a specified period. This period may differ depending on the particular cookie. With this type of cookie, the information can also be stored in text files on your computer. You can, however, also delete these cookies at any time via your browser settings.

First-party cookies are set by the website you are currently visiting. Only this website may read information from these cookies. Third-party cookies are set by organisations which are not the operator of the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for possible processing of personal data using cookies and their storage period may vary. If you have given us your consent, the legal basis is Article 6(1)(1)(a) GDPR. Insofar as data is processed based on our overriding legitimate interests, the legal basis is Article 6 (1)(f) GDPR. The stated purpose then corresponds to our legitimate interest.

We use cookies to ensure the website functions properly, provide basic functionalities, measure reach and, with your consent, tailor our services to preferred areas of interest.

Details of cookies and similar technologies can be found at any time on our consent management platform.

You can delete cookies already stored on your device at any time. Should you wish to prevent cookies from being stored, you can do so via the settings in your web browser. You can find instructions for common browsers here: Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge Browser, Safari, Safari mobile. Alternatively, you can also install ad blockers. Please note that some of our website's features may not work if you have disabled the use of cookies.

Upon accessing our website, we also inform all website users about the use of cookies with an info banner and refer them to this Privacy Policy. As a user, you will be asked to provide your consent for the use of certain cookies. You can revoke your consent at any time with effect for the future by accessing our consent management platform (the round icon with the fingerprint in the bottom left of our website) and removing the check mark after the processing to which you have consented.

Google Analytics

If you have given your consent, Google Analytics, a web analysis service of Google LLC, is used on this website. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

Extent of processing

Google Analytics uses cookies which enable your use of our website to be analysed. The information about your use of this website, which is automatically collected using cookies, is generally transmitted to and stored in a Google server in the USA.

We use a user ID function. Through user ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyse user behaviour across devices.

With Google Analytics 4, IP address anonymization is enabled by default. Due to IP anonymization, your IP address will be truncated by Google within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. The IP address provided by your browser as part of Google Analytics will not be combined with other data from Google.

While visiting the website, your user behaviour will be recorded in the form of "events". Events can be:

page views
initial visit to the website
session start
your "click path", interaction with the website
scrolls (whenever a user scrolls to the bottom of the page (90%))
clicks on external links
internal searches
interaction with videos
ads viewed / clicked

The following are also recorded:

your approximate location (region)
your IP address (truncated)
technical information about your browser and the end devices you are using (e.g., language setting, screen resolution)
your Internet provider
the referrer URL (through which website / ad you arrived at this website)

Purposes of processing

Google will use this information on behalf of the website's operator to evaluate the way in which you use the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyse the performance of our website and the success of our marketing campaigns.

Recipients

Data recipients are/can be:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Article 28 GDPR)

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Alphabet Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

It cannot be ruled out that US authorities will access the data stored by Google.

Transfer to a third country

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider in order to establish an adequate level of data protection. Google Ireland's parent company, Google LLC, is based in California, USA. Transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The US is currently considered a third country from a data protection point of view. They do not have the same rights there as within the EU/EEA. You may not have any legal recourse against access by authorities.

Storage period

The data sent by us and linked to cookies is automatically deleted after 14 months. When data reaches the end of the retention period, it is erased automatically once a month.

Legal basis

The legal basis for this data processing is your consent in accordance with Article 6 (1)(a) GDPR and Section 25 (1) Telecommunications-Telemedia Data Protection Act (TTDSG). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

Revocation

You can revoke your consent at any time with effect for the future by accessing our consent management platform via the round button provided on the bottom left of each page and changing your selection there. The lawfulness of the data processing which took place between you providing your consent and revoking it will remain unchanged.

Alternatively, you can prevent the storage of cookies from the outset by configuring your browser software accordingly. Configuring your browser to reject all cookies may restrict functionality on this and other websites. Furthermore, you can also prevent the data generated by the cookie about the use of the website (including your IP address) from being collected by Google, and prevent Google from processing this data by

a. Not giving your consent to setting cookies or

b. Downloading and installing the browser add-on for deactivating Google Analytics HERE.

For more information about Google Analytics Terms of Service and data protection at Google, please visit https://marketingplatform.google.com/about/analytics/terms/gb/

and https://policies.google.com/?hl=en.

Google Tag Manager

On our website, we use Google Tag Manager from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google").

Google Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements which, among other things, can be used to measure traffic and visitor behaviour to determine the impact of online advertising and social channels, for remarketing, to provide orientation toward target groups, and for testing and optimising the website. Google Tag Manager itself does not collect any personal data except for your IP address. This can also be transmitted to Google's parent company in the USA.

The legal basis for this data processing is protecting legitimate interests in accordance with Article 6 (1)(f) GDPR. Our legitimate interest lies in quickly integrating and managing various tools on our website in an uncomplicated manner.

For more information about Google Tag Manager, visit: https://www.google.com/intl/de/tagmanager/use-policy.html.

Google Ads

We use the Google Ads service, an online advertising program from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google").

This means that we place ads within the framework of the Google search engine and on third-party websites which have been enabled for this when users use certain keywords specified by us in their search. We are also able to display our ads via information available on Google about website visitors (user profiles) based on their interests. We can statistically evaluate, among other things, which ads have produced how many clicks.

For more information about data protection in the context of Google Ads, please visit: https://policies.google.com/technologies/ads?hl=en

Insofar as data is processed outside the EEA, where there is no level of data protection corresponding to the European standard, the transfer of the data to a third country occurs based on the standard contractual clauses of the EU Commission (available at https://business.safety.google/adscontrollerterms/sccs/).

Google Ads remarketing

On our website, we use Google Ads remarketing from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google").

These functions enable us in particular to place ads for previous visitors to our website which advertise, for example, products that visitors have previously viewed on our website. This allows us to display interest-based advertising to users of our website on other websites within the Google advertising network (referred to as a "Google Ad" in the context of a search on Google or other websites). This is done by using cookies and other technologies (e.g., fingerprinting), based on which Google creates pseudonymous user profiles. This can result in information being linked across devices whereby, for example, depending on your usage behaviour on one end device (such as your mobile phone), interest-based advertising can be displayed to you on another end device (such as a tablet).

However, as the website operator, we never receive any information that could personally identify you as a visitor to our website.

For more information about data protection in the context of Google Ads remarketing, please visit: https://policies.google.com/technologies/ads?hl=en

Google conversion tracking

On our website, we use Google conversion tracking from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google").

With the help of this technology, Google and we as a customer are informed that a user has carried out certain actions on our website, e.g., after clicking on one of our ads on our website, viewing certain content or concluding an insurance policy. The information obtained in this way is used exclusively for statistical evaluation to optimise ads. We do not receive any information that personally identifies visitors. Google uses cookies or comparable recognition technologies for identification purposes.

For more information about data protection in the context of Google conversion tracking, please visit: https://policies.google.com/technologies/ads?hl=en

Google DoubleClick

On our website, we use DoubleClick from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google").

This tool allows us to display interest-based ads to visitors of our website through the Google advertising network (e.g., in Google search results or in advertising banners used by the DoubleClick network), and to prevent undesired duplication of ads which the user has already seen. To this end, DoubleClick uses cookies or comparable recognition technologies (e.g., device fingerprinting) and creates pseudonymous user profiles.

However, as the website operator, we never receive any information that could personally identify you as a visitor to our website.

For more information about data protection in the context of DoubleClick, please visit: https://policies.google.com/technologies/ads?hl=en

Facebook Pixel and Facebook Conversion API

On our website, we use "Facebook Pixel" from the social network Facebook (a service from Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: "Facebook")) as well as its Facebook Conversion API. Despite having its registered office in Ireland, Facebook also transfers personal data to the USA and other third countries.

The Facebook Pixel measures certain actions of Facebook users (referred to as events) after they have clicked on one of our Facebook ads. This allows us to measure the effectiveness of our Facebook ads and draw conclusions which we can use to optimise our promotions. However, the data we receive from Facebook in this context is anonymous to us, i.e., we cannot draw any conclusions about the identity of visitors to our website.

The Facebook Conversion API supplements the aforementioned tracking with so-called server-side tracking, whereby very similar information about the effectiveness of our Facebook ads can be determined without the use of cookies. To do this, information such as the time of access, the website accessed, your IP address and, if applicable, other more specific data (e.g., conclusion of an insurance contract) are automatically read from the server log of our website by the Facebook interface and transmitted to Facebook.

Facebook also processes the collected data for its own purposes. If you are a Facebook member and have permitted Facebook to do so via the privacy settings of your account, Facebook will also link the information collected about your visit to us with your member account. Facebook will use the data obtained in particular to place targeted Facebook ads on Facebook pages as well as those outside Facebook. As the operator of the site, we have no control over how this data is used. Further information on data processing by Facebook can be found in the Facebook Privacy Policy at www.facebook.com/about/privacy.

The legal basis for our processing of your personal data described above is your previously given consent in accordance with Article 6 (1)(a) GDPR and Section 25 (1) Telecommunications-Telemedia Data Protection Act (TTDSG). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

If personal data is also transferred to the Facebook servers in the USA, we would like to point out that Facebook bases this data transfer on EU standard contractual clauses in accordance with Article 46 GDPR in order to ensure compliance with the European level of data protection. Facebook provides further details at the following links: https://www.facebook.com/legal/EU_data_transfer_addendum and

https://en-gb.facebook.com/help/566994660333381.

Insofar as data is collected by us and forwarded to Facebook within the framework of the aforementioned data processing operations, we are joint controllers within the meaning of Article 26 GDPR for these data processing operations together with Facebook. We have therefore reached an agreement with Facebook that describes this responsibility in more detail (available at https://www.facebook.com/legal/terms/page_controller_addendum). The joint responsibility is limited to the collection of the data and its forwarding to Facebook. Any processing by Facebook after the data is forwarded is not part of the joint responsibility.

In compliance with our obligations under the aforementioned agreement, we would like to point out that information on names, contact details and the data protection officer of Facebook as a (joint) controller can also be found at www.facebook.com/about/privacy, as can further information on how Facebook processes personal data, including the legal basis upon which Facebook relies, and the possibilities for exercising your rights as a data subject vis-à-vis Facebook.

We have agreed with Facebook that Facebook is internally responsible for ensuring the rights of data subjects according to Articles 15-20 of the GDPR with regard to the personal data stored by Facebook after the joint processing. You can, however, contact us and Facebook directly to have queries regarding your rights as a data subject processed.

LinkedIn Insight Tag

If you have given your consent, we use the LinkedIn Insight Tag, a tracking tool from the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, on our website. The LinkedIn Insight Tag allows us to collect data about visits to our website for analysis and marketing purposes.

In particular, the following data is collected via a cookie set by the tool and processed by the provider:

IP address,
referrer URL,
devices and browser characteristics,
timestamp,
page activities,
demographic data from LinkedIn if the user is an active LinkedIn member.

We cannot assign the data we receive from using LinkedIn's tool to any individual. Instead, LinkedIn provides us with anonymized information about the performance of ads and website interactions (referred to as conversion measurement). LinkedIn also provides us with demographic and professional data of active LinkedIn members who visit our website. This data is also anonymous to us. The LinkedIn Insight Tag also allows us to use this data to display targeted advertising outside our website (referred to as retargeting) to website visitors without the respective LinkedIn member being identified.

The legal basis for this data processing is your consent, Article 6 (1)(a) GDPR and Section 25 (1) Telecommunications-Telemedia Data Protection Act (TTDSG). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

LinkedIn will delete the data it collects within 90 days. We have no control over the exact extent to which LinkedIn processes your data. For more information about the extent, nature and purpose of data processing, retention periods, and your rights and privacy settings, please refer to the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com. Further information about the cookies used by LinkedIn can be found at: https://www.linkedin.com/legal/cookie-policy.

The data transmitted to LinkedIn may potentially be processed on servers in the USA as well. Transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Full details can be found at:

https://www.linkedin.com/legal/l/eu-sccs.

To prevent LinkedIn from collecting data for advertising purposes, you can also set a cookie via this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. You can also make further data protection adjustments via this link: https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences?lang=en.

Hotjar

We use the web analysis service Hotjar from Hotjar Ltd. (St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta).

We use Hotjar to better understand the needs of our users and to optimise the offering and the experience on this website. With the help of Hotjar's technology, which also includes the setting of cookies on your end device, we get a better understanding of our users' experiences (e.g., how much time users spend on which pages, which links they click on, what they like and what they don't like, etc.). This, in turn, helps us to align our offering to our users' feedback.

For these purposes, we use Hotjar to measure, potentially record and evaluate the user behaviour (mouse movements, clicks, scrolling height, etc.) on our websites, and, in some cases, to also have this reflected back to us by obtaining direct feedback from users and in the form of so-called heat maps, conversion funnels and other representations. In addition, information is collected about previously visited websites, your home country, and devices used, including screen size, operating systems and browsers. The IP address of the end device is only recorded and stored anonymously. The data collected is transmitted via an encrypted connection to servers located in Ireland (EU) and stored there in the form of pseudonymised user profiles.

Most data (recording, heatmap data, etc.) is kept for 365 days from the date of creation. The answers recorded by the feedback tools will be deleted immediately once their purpose has ceased to apply.

Further information on the cookies used can be found at: https://help.hotjar.com/hc/de/articles/6952777582999-Vom-Hotjar-Tracking-Code-gesetzte-Cookies.

Further information on Hotjar's compliance with data protection regulations can be found at: https://www.hotjar.com/legal/policies/privacy/.

The legal basis for this data processing is your consent in accordance with Art. 6 (1) (a) GDPR and § 25 para. 1 of the Telecommunications and Telemedia Data Protection Act (TTDSG). You can revoke your consent at any time with effect for the future by accessing our Consent Management Platform and changing your selection there.

Social plugins

This website uses social plugins from the following providers:

Facebook (provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland) and
LinkedIn (provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland)

If you have given your consent, a connection to the servers of the respective provider will be established when a page into which these plugins are integrated is accessed and your IP address is transmitted. However, these plugins are disabled by default. They will only be activated if you give your consent to the use of the plugins, thereby allowing your data to be transferred to the respective provider.

The legal basis for this data transfer through plugins is thus Article 6 (1)(a) GDPR and Section 25 (1) Telecommunications-Telemedia Data Protection Act (TTDSG). You can revoke your consent at any time with effect for the future by accessing our consent management platform and changing your selection there.

If you have given your consent and are logged in to a social network while visiting our website, your data and information about your visit to this website may also be linked to your profile on the social network. The respective plugin provider stores the data collected about you (even if you were not logged in at the same time) in the form of user profiles and uses it for the purposes of advertising, market research and/or designing its website in a needs-based manner. However, we as the owner of this website have no control over further data processing conducted by the respective provider.

For more information about the scope, type and purpose of data processing and about rights and setting options to protect your privacy, please refer to the data protection information of the respective social network provider. This can be found at the following addresses:

Facebook: https://www.facebook.com/policy.php

LinkedIn: https://www.linkedin.com/legal/privacy-policy

As the parent companies of the providers are located in the USA, it cannot be ruled out that the aforementioned data will be transferred to a third country. In this case, the providers rely on standard contractual clauses, which are intended to ensure a sufficient level of data protection with regard to the processing of this data in the third country. Details on this may be found at:

Facebook: https://en-gb.facebook.com/help/566994660333381/?helpref=uf_share

LinkedIn: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-derschweiz?lang=de

Cloudflare

To increase transmission speed, we use a content delivery network (CDN) from Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107 USA ("Cloudflare"), for our website.

When you visit our website, Cloudflare collects the following data: name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. This data is collected automatically in order to be able to display the content of the website to you.

The legal basis for data processing is the protection of our legitimate interests in accordance with Article 6 (1)(f) GDPR. These legitimate interests lie in increasing the performance of our website and thus increasing user satisfaction.

The use of Cloudflare may result in personal data being transferred to the United States, which is currently to be regarded as a so-called unsecure third country within the meaning of the GDPR. Nevertheless, in order to ensure compliance with an adequate level of data protection, standard contractual clauses have been agreed with the provider.

Further information can be found in the provider's privacy policy at https://www.cloudflare.com/security-policy/.

Fastly

To increase transmission speed, we use a content delivery network (CDN) from Fastly Inc., General Counsel, 475 Brannan St., Suite 300 San Francisco, CA 94107, USA ("Fastly"), for our website.

When you visit our website, Fastly collects the following data: name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. This data is collected automatically in order to be able to display the content of the website to you.

The use of Fastly may result in personal data being transferred to the United States, which is currently to be regarded as a so-called unsecure third country within the meaning of the GDPR. Nevertheless, in order to ensure compliance with an adequate level of data protection, standard contractual clauses have been agreed with the provider.

Further information can be found in the provider's privacy policy at https://www.fastly.com/de/privacy/.

Usercentrics (consent management platform)

Usercentrics is a consent management platform that allows websites to protect users' privacy and comply with privacy requirements with regard to cookies and tracking. "Usercentrics" is offered by the provider Usercentrics GmbH, Rosental 4, 80331 Munich, hereinafter referred to as "Usercentrics".

"Usercentrics" allows us to inform visitors to our website about the use of cookies and similar technologies on our website and enable them to make a decision about their use at any time.

If the visitor consents to the use of the cookies or other technologies selected by them, the following data will be automatically logged:

opt-in and opt-out data
date and time at which you provide your consent
user agent of the end user's browser
the provider's URL
the consent ID
consent type
template version
banner language

The corresponding information is stored locally on the user's end device in order to automatically restore the corresponding cookie status (consent to their use given or not given) when viewing the page in future. The consent data (consent and revocation of consent) is stored for three years. The data will then be deleted immediately.

The legal basis for storing the data is Article 6 (1)(c) in conjunction with Section 25 (1) Telecommunications-Telemedia Data Protection Act (TTDSG) and Article 7 (1) GDPR.

Further information on Usercentrics can be found at:

https://usercentrics.com/privacy-policy/

Brokerage of insurance contracts

On our pages, you can not only receive offers for various insurance policies by entering appropriate information into our tariff calculators, but also conclude them online through us directly. If you submit an application, your data will be passed on to the respective insurer for the purposes of accepting the contract. Your personal data will be processed based on Article 6 (1)(b) GDPR. If voluntary information is provided, the legal basis is Article 6 (1)(a) GDPR.

Payment service provider Stripe

To process your payments, we use the services of the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland ("Stripe"). Insofar as personal data is required to process payments, this is collected by Stripe directly. In this respect, Stripe is independently responsible for data processing.

Further information on Stripe's Privacy Policy can be found at https://stripe.com/gb/privacy.

Function for saving your entries

If you have not yet entered any personal data while your offer is being prepared, you can have a link to the previous status of your entries sent to you via the floppy disk icon on our page. To do this, we need a valid email address from you. Once the link has been sent, your email address will be automatically deleted. The link to the previous information will cease to be valid after two weeks.

Customer Portal and Real Estate Portal

In the customer portal and real estate portal, you have the option of accessing, adapting or terminating the contracts you have concluded at any time.

When an insurance contract is concluded via our website, a customer account is automatically created for you, and you gain access to the customer portal. You can access the portal using the access credentials you provided yourself during the course of concluding the contract (consisting of your email address and a sufficiently complex password). For reasons of data security, two-factor authentication is additionally carried out for each instance of access to the Customer Portal, i.e., you will receive a code via SMS to the mobile phone number you provided, which you must enter on our website in order to access your customer account.

In addition to managing your contracts in the customer portal, you also have the option there of changing your personal master data (address, etc.) or the payment method you prefer, as well as reporting claims. In the latter case, you can provide the information required in the specific case directly in the customer portal, and simply submit your damage report to your insurer via the portal.

Access to the real estate portal takes place by entering access credentials, which will be sent to you, to the email address you provided, by our department. In the real estate portal, you have the possibility of applying for insurance and changing your coverage. In addition, you can access various functionalities, such as downloading your insurance documents.

Your customer account and your account for the real estate portal will automatically remain active until your last contract concluded via Funk EXPERTS ends. Once this last contract has ended, you can continue to use the customer portal or real estate portal for eighteen months to download your documents stored there, access your previously concluded insurance policies and, if necessary, conclude them again with ease via the customer portal or real estate portal. Once the eighteen-month period has expired, your customer account or your account for the real estate portal will be deleted alongside all personal data stored on it unless this is still required to assert, exercise or defend legal claims. Insofar as statutory retention periods prevent deletion, the data will continue to be archived by us until its expiry (often up to 10 years).

The legal basis for the data processing described above is Article 6 (1)(b) GDPR or (for data processing after termination of the last contract) the protection of legitimate interests, Article 6 (1)(f) GDPR. Our legitimate interest lies in enabling convenient user access to recently relevant documents and simplifying the procedure for concluding new contracts.

Furthermore, in the customer portal and the real estate portal, we process some technical data which is automatically generated when using our customer portal and real estate portal. This includes in particular your IP address, the browser used and the times of use. This data is processed for the purpose of ensuring the security and functionality of our customer portal and real estate portal and to improve its user-friendliness. The data collected for these purposes is anonymized immediately after collection. The legal basis for the processing of your personal data is the protection of legitimate interests, Article 6 (1)(f) GDPR. Our legitimate interest lies in providing a functioning, user-friendly customer portal and real estate portal.

Contact

You are able to contact one of our account managers by phone or email at any time. A corresponding contact form is also available for you to contact us via our website. When you contact us, we will store the data you provide (e.g., your email address, your query and, if applicable, your name and telephone number) in order to answer your questions. In this respect, the legal basis is Article 6 (1)(f) GDPR. Our legitimate interest lies in enabling us to process your queries as quickly and easily as possible.

If we use our contact form to request information that is not required to establish contact, it will always be marked as optional. These details help us answer your query and improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, Article 6 (1)(1)(a) GDPR. If this also includes information on communication channels (e.g., email address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your query. You may, of course, withdraw your consent at any time with effect for the future.

We will also contact you by email to provide you with the necessary insurance-related information and to make queries. We are obliged to do this under insurance law. We process your data on the basis of legitimate interest within the meaning of Article 6 (1)(f) GDPR. For this purpose, your data will be transmitted to the service provider Sendinblue. The servers are located in Germany.

Your data which we have received in the context of your queries will be deleted as soon as it is no longer required for the purpose for which it was collected, your request has been fully processed, and you neither require nor desire further communication.

As the data controller, we have implemented numerous technical and organisational measures to ensure personal data processed through our website is protected in the most comprehensive manner possible. Nevertheless, Internet-based data transmissions can in principle have security gaps. Absolute protection cannot be guaranteed, and the sending of unencrypted emails is in any case not secure. We therefore ask you not to send sensitive data via unencrypted email, but rather to use either encrypted communication channels (such as our contact form) or post.

Storage period

Unless we have already provided specific information about the storage period with regard to individual data processing above, we will only store your personal data for as long as necessary for the respective processing purposes and will delete it immediately thereafter, provided that no statutory retention obligations prevent its deletion.

Data security

We have implemented extensive technical and operational safeguards, such as the use of two-factor authentication, to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our safety procedures are regularly checked and adapted to suit the latest technological advancements.

Our website in particular uses SSL or TLS encryption to ensure data is processed in a secure manner. You can recognise an encrypted connection by the fact that the search bar of the browser contains "https://" instead of "http://", and by the lock symbol in your browser search bar.

Data transfer

In principle, we process your data for contractual purposes. In this context, recipients of your data may be:

companies of the Funk Group, insurers (with whom your contract is concluded), experts (in particular for assessing claims) and IT service providers (e.g., hosting service providers and maintenance service providers).

Your rights

You have the following rights towards us regarding your personal data:

General rights

You have a right to access, rectification, erasure, restriction of processing, objection to processing and data portability. If processing is based on your consent, you have the right to revoke this consent with effect for the future.

Rights in the case of data processing based on legitimate interest

Pursuant to Article 21(1) GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data carried out on the basis of Article 6 (1)(e) GDPR (data processing in the public interest) or on the basis of Article 6 (1)(f) GDPR (data processing to safeguard a legitimate interest), with this also applying to profiling based on this provision. Should you object, we will no longer process your personal data unless compelling legitimate reasons for the processing outweigh your interests, rights and freedoms or the processing is carried out to assert, exercise or defend legal claims.

Rights in the case of direct advertising

If we process your personal data in order to carry out direct advertising, you have the right in accordance with Article 21 (2) GDPR to object at any time to the processing of your personal data. This is also applying to profiling insofar as it relates to this direct advertising.

If you object to processing for direct advertising purposes, we will no longer process your personal data for these purposes.

Right to file a complaint with a supervisory authority

You also have the right to file a complaint concerning our processing of your personal data with a data protection supervisory authority.

The supervisory authority responsible for us is:

The Hamburg Commissioner for Data Protection and Freedom of Information of the Free and Hanseatic City of Hamburg – Corporation under Public Law, Ludwig-Erhard-Str 22, 7th floor, 20459 Hamburg