1. Preliminary remark

As of 25.05.2018, the General Data Protection Regulation (GDPR) and the revised Federal Data Protection Act (BDSG-neu) apply. These regulate the processing of personal data and provide in particular for extended information obligations for the processing of data. These information obligations also apply to the processing of personal data of intermediaries by insurance companies. The data of legal entities are not subject to these provisions. In order to simplify the implementation as well as to improve transparency, the companies of the Newline Group provide their intermediaries with the necessary information on data processing with this information sheet, regardless of whether the respective intermediary operates as a legal entity, partnership or natural person.

The following information is without prejudice to the intermediaries’ own duties to provide information. Under the GDPR, intermediaries are themselves obliged to ensure the proper processing of data by their companies.

2. Person responsible for data processing

Newline Europe Versicherung AG
Schanzenstr. 28a
DE-51063 Cologne
info@newlinegroup.de

(hereinafter referred to as “we”), is the data controller within the meaning of the EU Data Protection Regulation (“GDPR”).

You can reach our data protection officer by mail at the above address with the addition – data protection officer – or by e-mail at: datenschutz@newlinegroup.de.

3. Purpose of data processing and legal basis

The processing of personal broker data serves to conclude and fulfill the brokerage agreement. This includes, among other things, commission settlements, reliability checks, production statistics and production control. The legal basis for data processing is Article 6 para 1 lit. a and lit. b GDPR.

If a brokerage agreement does not yet exist or is not concluded, the processing of personal data for pre-contractual and contractual purposes is based on Article 6 para 1 lit. b and, if applicable, also on para 1 a) GDPR.

4. Categories of data processed and recipients of the data

We process the following categories of data:

  • Master data (name/company, address)
  • Bank details
  • communication data
  • IHK registration
  • Tax number
  • Commission data
  • AVAD information

Recipients of this data are companies of the Newline Group and the Odyssey Group (including Newline Insurance Company Limited, Newline Underwriting Management Limited, Odyssey Reinsurance Company) and service companies/service providers as well as authorities within the scope of existing notification and reporting obligations. If we transfer data to intra-group companies outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate data protection guarantees (e. g. EU standard contractual clauses) are in place. You can then request these at one of the above-mentioned contact addresses.

5. Creditworthiness information

Furthermore, we request information from the Verband der Vereine Creditreform Boniversum e. V., Hellersbergstraße 12, DE-41460 Neuss, to assess the solvency or general payment behavior of the agents. For this purpose, we provide Creditreform with the name and address of the respective intermediary. We then receive from Creditreform, as a rule, information on bank details, shareholdings, turnover and employee figures, an assessment of the business relationship and a creditworthiness index. If a declaration in lieu of an oath has been applied for or submitted, or if insolvency proceedings have been applied for or opened, we are also informed of this. The creditworthiness index is formed on the basis of the Basel II criteria. The index ranges from 100 to 600 points. 500 and 600 points are considered a default, an index up to 250 points means a good credit rating. The creditworthiness information is provided on the basis of written consent, which can be revoked at any time. Refusal or revocation of consent may result in a brokerage/brokerage agreement not being concluded or having to be terminated. Further details can be found in the instructions in the declaration of consent.

With regard to the rights of intermediaries, point 7 below applies accordingly, whereby the contact person in this respect is also the data protection officer of the Verband der Vereine Creditreform e. V. at the above address.

6. Storage period

We delete your personal data as soon as they are no longer required for the above-mentioned purposes. In this context, personal data may be stored for the period during which claims can be asserted against our company (statutory limitation period of three or, for example, in the case of titled claims, up to thirty years). We also store your personal data for as long as we are legally obliged to do so. This regularly results from legal obligations to provide evidence and to retain data, which are regulated, among other things, in the German Commercial Code, the German Fiscal Code or the German Money Laundering Act. The storage periods are then up to ten years.

7. Your rights

You can request information about the data stored about you. In addition, under certain conditions, you can demand the correction or deletion of your data. Furthermore, you may have the right to restrict the processing of your data and the right to receive the data you have provided in a structured, common and machine-readable format. To assert these rights and in the event of a complaint, please contact the offices listed above under 2.

8. Supervisory authority

You can contact our data protection supervisory authority, Landesbeauftragte für den Datenschutz in NRW, Kavalleriestr. 2-4, DE-40213 Düsseldorf.

9. Provision of data

The provision of your data is mandatory. Without the provision of your data, a brokerage agreement cannot be concluded and fulfilled.

22 September 2021