Fair Processing Notice

This notice informs you about the processing of your personal data by Newline Europe Versicherung AG and the German Branches of Newline Insurance Company Limited and your rights under data protection laws and regulations.

Responsible for data processing

Newline Europe Versicherung AG
Schanzenstrasse 28a
D-51063 Köln
T +49 (0) 221 9669 4510
F +49 (0) 221 9669 4511
E info@newlinegroup.de

Newline Insurance Company Limited
German Branch
Schanzenstrasse 28a
D-51063 Köln
T +49 (0) 221 9669 4510
F +49 (0) 221 9669 4511
E info@newlinegroup.de

You can contact our Data Protection Officer by post at the above addresses (Attn. Data Protection Officer) or by email via datenschutz@newlinegroup.de.

Purposes and legal basis of data processing

We process your personal data in compliance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (“Bundesdatenschutzgesetz” or “BDSG”) and the provisions of the Insurance Contract Act (“Versicherungsvertragsgesetz” or “VVG”) relevant to data protection and all other relevant laws.

If you apply for insurance cover, we need the information you provide in order to conclude the insurance contract and to assess the risk to be assumed by us.  If the insurance contract is concluded, we process this data for the execution of the contractual relationship, e.g. for servicing and administering the insurance contract and invoicing.  For example, we need information on the loss in order to be able to check whether an insured event has occurred and how high the loss is.

The conclusion or execution of the insurance contract is not possible without the processing of your personal data.

In addition, we need your personal data to compile insurance-specific statistics, e.g. for the development of new tariffs or to comply with regulatory requirements.  We use the data of existing insurance contracts with other group companies for an examination of the entire customer relationship for example, to advise on contract adjustments, amendments or comprehensive information provision.

The legal basis for such processing of personal data for pre-contractual and contractual purposes is Article 6 paragraph 1 (b) of the GDPR.  If special categories of personal data (e.g. data concerning health when concluding an accident insurance contract) are required for this, we will obtain your consent in accordance with Article 9 paragraph 2 (a) of the GDPR in conjunction with Article 7 of the GDPR.  If we compile statistics with these data categories, this is done on the basis of Article 9 paragraph 2 (j) of the GDPR in conjunction with Article 89 (1) of the GDPR and § 27 BDSG.

We also process your data to protect the legitimate interests of us or third parties in accordance with Article 6 paragraph 1 (f) of the GDPR.  In particular, this may be necessary to:

  • ensure IT security and operation; and
  • promote our insurance and reinsurance products and other products of our group.

In addition, we process your personal data to fulfil legal and regulatory obligations, such as commercial and tax data retention obligations and our consulting obligations.  In this case, the legal basis for processing is the respective statutory provisions in conjunction with Article 6 paragraph 1 (c) of the GDPR.  If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance within the scope of the statutory provisions.

Reinsurers

Risks assumed by us are insured with special insurance companies (reinsurers).  For this purpose, it may be necessary to transfer your insurance contract and, if applicable, loss data to reinsurers so that the latter can form their own view of the risk or the insured event.  In addition, it is possible that reinsurers will support our company in the risk or performance assessment and in the evaluation of procedures on the basis of their special expertise.  We transmit your data to reinsurers only to the extent necessary for the fulfilment of our insurance contract with you or to the extent necessary to protect our legitimate interests.

Insurance Broker

If you conclude your insurance contracts through an insurance broker, your broker processes the application / proposal form, contract and loss data required for the conclusion and execution of the insurance contract.  We also transmit this data to the insurance broker, insofar as they require the information for your support and advice in your insurance and financial services matters.

Data processing in the group

Specialized companies or divisions of our group of companies perform certain data processing tasks centrally for the companies affiliated in the group.  If an insurance contract exists between you and one or more companies in our group, your data can be processed centrally by a company in the group for central administration of address data, telephone customer service, contract and service processing, collection and disbursement and for joint mail processing.

Other recipients

In addition, we may transfer your personal data to other recipients, such as public authorities, to fulfil legal notification obligations (e.g. social insurance carriers, tax authorities or law enforcement authorities).

Data transfer to a third country

If we transfer data to service providers outside the European Economic Area (EEA) after 25 May 2018, the transfer will only take place if the third country has been confirmed an appropriate level of data protection by the EU Commission or if there are other appropriate data protection guarantees (e.g. EU Standard Contractual Clauses).  You can then request them at one of the contact addresses mentioned above.

Duration of data storage

We store your data for no longer than is necessary for the purposes mentioned above.  It may happen that personal data is stored for the period during which claims can be asserted against us (e.g. statutory limitation periods of three or up to thirty years).  In addition, we store your personal data insofar as we are legally obliged to do so.  Amongst others, the German Commercial Code (“Handelsgesetzbuch”), the Fiscal Code (“Abgabenordnung”) and the Money Laundering Act (“Geldwäschegesetz”) impose corresponding duties of proof and retention.  The storage periods are then up to ten years.

Rights of the data subject

You can request information about your personal data stored at the above addresses.  You may also request that your data be corrected or deleted under certain circumstances.  In addition, you may have the right to restrict the processing of your data and to have the data you provide disclosed in a structured, common and machine-readable format.

Right to object
You have the right to object to the processing of your personal data for direct marketing purposes.  If we process your data to protect legitimate interests, you may object to such processing if your particular situation gives rise to reasons against data processing.

Want more details?

For more information about how we use personal information, please see our Privacy Statement.

Right of appeal

You may also have the right to lodge a complaint with the relevant supervisory authority which, in Germany, is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf

The GDPR and BDSG came into force on 25 May 2018.

Last updated: 29 March 2019