This notice explains how your data will be collected and dealt with, and your rights concerning that data. In this notice, ‘we’, ‘us’ or ‘our’ refers to HDI Global Specialty SE and its agents, co-insurers and reinsurers. ‘You’ or ‘your’ refers to the individual whose personal data we are processing.
HDI Global Specialty SE
Podbielskistraße 396
30659 Hannover
Germany
Tel. +49 511 5604-2909
HDI Global Specialty SE is a Data Controller as defined under the EU General Data Protection Regulation (‘GDPR’).
You can reach our Data Protection Officer by post at the aforementioned address (please include the additional address line "Data Protection Officer") or by e-mail via our data privacy group mailbox:
E-mail: privacy-hgs@hdi-specialty.com
2.1. Log files
Upon each visit of our website, your browser automatically sends information to the servers of our website, which is temporarily stored in a so-called log file. The following data is recorded without any action on your part and stored until automatic deletion:
Collecting and processing of this data takes place to make the use of our website possible (for establishing the connection), to ensure continuous system security and stability, to allow for technical administration of our network infrastructure and optimization of our website, as well as for internal statistics use. The IP address is only used in the event of attacks on the network infrastructure as well as for statistical purposes without us drawing any conclusions with regard to your identity. It takes place under consideration and within the scope of the weighing of interests according to article 6 para 1 (f) of the General Data Protection Regulation (GDPR). To the extent that further storage of log files is required for purposes of proof, these are excluded from deletion until the respective incident has been finally clarified.
The data collected will be deleted after four weeks at the latest.
2.2. Cookies and web analysis
We are continuously working on improving and optimizing our online services and offering you a pleasant visit of our website. Logging your access to our website into log files, as well as employing cookies and web analysis, are important for this. The legal basis for data processing using cookies – also for purposes of web analysis – is our legitimate interest in the analysis, the optimization and the commercially viable operation of our website pursuant to article 6 para 1 (f) GDPR.
2.3. Cookie information and cookie management
Cookies are automatically stored onto your computer when you visit our website. Cookies are text files which contain a pseudonymized alias and thus do not permit any form of attribution to a specific person. Only we are able to read these cookies.
The cookies that we employ may be categorized as follows: generally required cookies, function-related cookies, and service-related cookies.
Generally required cookies are used to make our website user-friendly. Certain actions you perform are stored for the duration of the respective visit to our website with the purpose of optimizing your user experience. These cookies are deleted when you close/exit the browser.
Function-related cookies enable us to adjust our website to the personal preferences of our users.
Service-related cookies help us to measure usage of our website. With these cookies, we can determine which areas of our website are visited most frequently. This information helps us to identify potentials to further improve our website.
As a user of our website, you are asked to select your own privacy settings to determine if you accept or reject cookies, or wish to be notified about receiving a new cookie. In addition, you can delete previously stored cookies. If you delete your cookies, this may result in opt-out cookies being deleted. The affected opt-outs must then be reactivated to become effective again. Deactivating cookies may lead to parts of our website not being fully functional or not being displayed correctly.
Additionally, you can adjust your settings in our Cookie Management Center.
2.4. Web analysis
We use cookies for our website that enable the analysis of your surfing behavior (service-related cookies). For this, we use the web analysis service “Piwik Pro”. This service only uses data with shortened IP addresses such as date and time of page view, duration of the visit, frequency of page view or pages referring you to our website. You can activate and deactivate these cookies as outlined in section Cookie information and cookie management.
2.5. Notice of the right to object
If we process your personal data on the legal basis of our legitimate interests pursuant to article 6 para 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to article 21 GDPR, provided that there are grounds related to your particular situation, or you object to the processing of your personal data for direct marketing purposes. In the latter case, we will comply with your objection regardless of grounds relating to your particular situation. Please contact our data protection team (contact details above) if you wish to exercise your right of revocation or objection.
We may collect your personal data from various sources:
The operation of the insurance market means that personal data may be shared between insurance brokers, insurers, reinsurers and other market participants. You can find out the identity of the controller or controllers of your personal data in the following ways:
Your personal data may be processed for the following purposes:
Quotation/inception:
Policy administration:
Claims processing:
Renewals:
Other purposes including:
We may also disclose personal data to the following non-exhaustive list of entities:
reinsurers, financial institutions, service providers, contractors, agents, tax authorities, law enforcement and other regulators and group companies in connection with the above purposes. You will find the current list of service providers and our companies who participate in data-processing operations here on our website or by emailing privacy-hgs@hdi-specialty.com.
We process your data on one of the following legal grounds:
To provide insurance and deal with insurance claims in certain circumstances we may need to process special categories of your personal data (see 1.8 above), such as medical or criminal records. Your consent to this processing may be necessary to achieve one or more of the purposes set out above.
Where this is the case, you may withdraw your consent to such processing at any time by notifying privacy-hgs@hdi-specialty.com. If you do withdraw your consent, however, this may mean we cannot provide insurance or pay claims.
When calculating insurance premiums, we may compare your personal data against other data such as industry averages or fraud patterns. Your personal data may also be used to create such other data to ensure, among other things, that premiums align to risk.
We may make decisions based on profiling and without staff intervention (known as automatic decision making).
Data is held by us on servers and in printed form, as well as on our behalf in off-site storage facilities. We will keep your personal data only for so long as is necessary and for the purpose for which it was originally collected. In particular, so long as there is any possibility that either you or we may bring or face legal claims in connection with the insurance contract(s), or if there are legal or regulatory reasons to retain your data, we must do so.
We may need to transfer your data to third parties outside the European Economic Area. These transfers will be made in compliance with the GDPR.
If you would like further details of how your personal data would be protected if transferred outside the EEA, please contact privacy-hgs@hdi-specialty.com
We may amend this Privacy Notice from time to time. We will let you know if we make any significant changes.
If you have any questions about our use of your personal data, please contact the relevant data protection contact as explained above. In certain circumstances you may have the right to require us to:
In certain circumstances we may need to restrict the above rights to safeguard the public interest (e.g. prevention or detection of crime) or our interests (e.g. legal or litigation privilege).
If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights, or if you think we have breached the GDPR, you have the right to complain to the relevant national authority, detailed below.
Germany (lead supervisory authority)
Die Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover
Phone: +49 (0511) 120 45 00
Fax: +49 (0511) 120 45 99
E-mail: poststelle@lfd.niedersachsen.de
Website: www.lfd.niedersachsen.de
Sweden
Integritetsskyddsmyndigheten
Drottninggatan 29
5th Floor
Box 8114
104 20 Stockholm
Tel. +46 8 657 6100
Fax +46 8 652 8652
e-mail: imy@imy.se
Website: www.imy.se
Italy
Garante per la protezione dei dati personali
Piazza di Monte Citorio, 121
00186 Roma
Tel. +39 06 69677 1
Fax +39 06 69677 785
e-mail: garante@garanteprivacy.it
Website: http://www.garanteprivacy.it
UK
England
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Website: casework@ico.org.uk
Scotland
Information Commissioner’s Office
45 Melville Street
Edinburgh
EH3 7HL
Tel: 0131 244 9001
Website: scotland@ico.org.uk
Wales
Information Commissioner’s Office
2nd Floor
Churchill House
Churchill Way
Cardiff CF10 2HH
Tel: 029 2067 8400
Website: wales@ico.org.uk
Northern Ireland
Information Commissioner’s Office
3rd Floor
14 Cromac Place
Belfast
BT7 2JB
Tel: 0303 123 1114 (local rate) or 028 9027 8757 (national rate)
ni@ico.org.uk
Head Office:
Data Protection Officer
Podbielskistraße 396
30659 Hannover
Germany
Tel. +49 511 5604-2909
UK Branch:
Legal & Compliance
10 Fenchurch Street
London
EC3M 3BE
Tel. +44 (20) 7015 4000
Scandinavian Branch:
Legal & Compliance
Hantverkargatan 25
P.O Box 22085
SE-104 22 Stockholm
Tel. +46 8 617-5485
Italian Branch:
Data Protection Officer
Podbielskistraße 396
30659 Hannover
Germany
Tel. +49 511 5604-2909
We comply with the Privacy Act 1988 (the Privacy Act) and, where applicable, State or Territory legislation in relation to health information. The Privacy Act sets out the requirements for Companies with regard to their handling of your personal information.
The HDI Global Specialty SE - Australian Branch has established a Data Breach Notification Scheme, to ensure that affected individuals are notified about serious data breaches.
A breach occurs where there has been unauthorised access to, or unauthorised disclosure of, personal information about one or more individuals AND this event is likely to result in serious harm to an individual:
What happens after a breach?
If a breach occurs we must, within 30 days of any breach or data loss, notify all affected customers and the Government Privacy Commissioner and disclose the information involved. We must also advise the affected customers what they should do to protect themselves.
If you wish to contact us about the handling of your personal information, accessing or correcting your information or to make a complaint, please contact:
Privacy Officer
HDI Global Specialty SE - Australian Branch
Tower 1, 100 Barangaroo Avenue
Level 40, Suite 40.3
Sydney NSW 2000
Australia
Tel +62 2 8646 8320
E-mail address: PrivacyAustralianBranch@hdi-specialty.com
We comply with the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and, where applicable, with provincial privacy legislation in Alberta, British Columbia and Quebec (collectively: “Canadian Privacy Laws”), in addition to the EU General Data Protection Regulation (“GDPR”).
These Canadian Privacy Laws and the GDPR set out the requirements for HDI Global Specialty SE Canadian Branch (“HSCB”) with regard to the handling of your personal information.
If you wish to contact us about the handling of your personal information, accessing or correcting your information or to make a complaint, please contact:
Privacy Officer
HDI Global Specialty SE - Canadian Branch
Suite 400, 220 Bay Street,
Toronto, ON M5J 2W4
Canada
Tel +1 416-867-9712
E-mail address: PrivacyCanadaBranch@hdi-specialty.com
HDI Global Specialty SE – New Zealand Branch is serious about protecting the privacy of your personal information . We are bound by the New Zealand Privacy Act, which guides us in the our responsible handing of your personal information.