We are very pleased that you are interested in our company. Data protection has a particularly high priority for all companies of the wefox group (hereinafter “wefox”). It is therefore generally possible to use our website without providing personal data. However, if you want to use certain services from us, your personal data will usually have to be processed. However, this only happens on the basis of a legal basis or with your consent.
With this data protection declaration, we want to inform you about who is responsible for data processing within wefox (1.) and about the purpose, type and scope of data processing on this website (2.), our app (3.) and as part of our insurance products (4.). If you are a business partner or a third party, you will find data protection information under (5.). You can also view the list of the service providers we use (under 6.) and receive information on many other data protection issues (7. -12.). Finally, under point 13, you can read about your rights.
If you have any questions or comments about data protection at wefox, you are welcome to contact our data protection department at dataprotection@wefox.com at any time.
The terms used are not gender specific.
As of June 1, 2023
The person responsible within the meaning of the General Data Protection Regulation (hereinafter GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
wefox Insurance AG
Aeulestrasse 56
9490 Vaduz
Liechtenstein
You can contact our data protection officer directly at any time with any questions or suggestions regarding data protection. Please use our email address for this. Alternatively, you can also write to us by post:
wefox Insurance AG
Aeulestrasse 56
9490 Vaduz
Liechtenstein
Email: dataprotection@wefox.com
In the following we inform you about the processing of your personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, contact details, user behavior. In this way we would like to inform you about our processing operations and at the same time comply with the legal obligations, in particular those arising from the EU General Data Protection Regulation (GDPR).
Here you will find a brief overview of which of your data is processed for which purposes and which legal bases can be considered for this.
Data category
Categories of data subjects
Purposes
Legal bases of data processing
The storage of information in your end device or access to information already stored in your end device is only permitted if one of the following legal bases applies:
For the processing operations carried out by us, we indicate below the applicable legal basis in each case. The processing can also be based on several legal bases.
For the provision of our online offer, we use storage space, computing capacity and software that we rent from an appropriate provider (so-called "web hosting"). When accessing our website, your internet browser automatically transmits data for technical reasons, even when using or viewing our website for purely informational purposes:
Access to our online offer is logged in the form of so-called "server log files".
Processed data categories: In addition to the server log files, the address and name of the websites and files accessed, date and time of access, amounts of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and im As a rule, IP addresses and the requesting provider belong.
The user account we offer is a function that is only available to a closed group of people. The prerequisite for your registration is that you are insured with wefox Insurance AG or that an "Exclusive Advisor" has brokered a contract for you with another insurer. With the user account you can easily view and manage your contracts, damage reports, benefits and other information. If you want to conclude an insurance contract with us, only the data you have provided or the data passed on by third parties with your consent will be used. In particular, this concerns:
When contacting us (e.g. by reporting damage or requesting help using the contact form, email, telephone or via social media) and within the framework of existing user and business relationships, the details of the requesting person are processed to the extent that this is necessary to answer the contact request and any requested measures .
If you would like to settle the current premium payments for your insurance contract with us by credit card, you must enter your relevant credit card details on our website or application. The credit card data you enter will not be stored by us, but by our payment service provider in a certified infrastructure that meets the high Payment Card Industry (PCI) standards. We only manage a so-called credit card alias, which is linked to the credit card data at the payment service provider.
Our website offers a career portal on which the latest job advertisements are published and to which suitable candidates can apply.
The web analysis (also referred to as "reach measurement") serves to evaluate the flow of visitors to our online offer and can include behavior, interests or demographic information about the visitors, such as age or gender, as pseudonymous values. With the help of the range analysis, we can, for example, recognize at what time our online offer or its functions or content are used most frequently or invite you to reuse them. We can also understand which areas need optimization.
In addition to web analysis, we can also use test procedures, e.g. to test and optimize different versions of our online offer or its components.
Unless otherwise stated below, profiles, i.e. data summarized for a usage process, can be created for these purposes and information can be stored in a browser or in a terminal device and read out from it. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used and information on usage times. If users have given their consent to us or the providers of the services we use to collect their location data, location data can also be processed.
The IP addresses of the users are also saved. However, we use an IP masking process (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear user data (e.g. e-mail addresses or names) are stored in the context of web analysis, A/B testing and optimization, but pseudonyms. This means that we and the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective process.
Google Analytics
Web analysis, range measurement and measurement of user flows; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland;
GoogleAnalytics/Firebase (metrics)
We also use the "Google Firebase" service to analyze and categorize user groups and to send push notifications. Firebase is a Google subsidiary based in San Francisco (CA), USA. For more information, see Firebase's privacy policy at: https://www.firebase.com/terms/privacy-policy.html.
Google Places API
We use Google Places API to facilitate location-based searches. By using wefox, the user automatically agrees to this service. The data collected by a search powered by the Google Places API is bound by the Google Terms of Service. You can find more information about this at: https://www.google.com/policies/privacy/?hl=de.
Salesforce CMS
We use the customer management system from the provider Salesforce to be able to process user inquiries faster and more efficiently. Information on data protection is available from salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich can be found at https://www.salesforce.com/.
Intercom
Intercom offers messaging for sales, marketing and customer service on one platform and improves interaction with users via chat. Information on data protection is available from Intercom Inc., 55 2nd St, San Francisco, CA 94105, USA; https://www.intercom.com.
Twilio
We use Twilio, a cloud communications company (PaaS) that makes and receives phone calls, sends and receives text messages, and performs other communication functions through its web service APIs. Information on data protection is available from Twilio Inc., 375 Beale St #300, San Francisco, CA 94105, USA; https://www.twilio.com/legal/privacy.
Amazon S3
Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface. Amazon S3 can be used to store any type of object, enabling uses such as web application storage, backup and recovery, disaster recovery, data archives, data lakes for analytics, and hybrid cloud storage. Information on data protection is available from Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, United States; https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_English_2020-08-15.pdf.
Ixopay
In our app we use ixopay to collect your bank and payment data, e.g. when changing your preferred payment method. Information on data protection is available from Ixopay GmbH, Mariahilfer Straße 77-79, A-1060 Vienna, Austria; https://www.ixopay.com/de/legal/privacy-policy.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
The purpose of reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. reCAPTCHA evaluates various information for analysis. The data collected during the analysis is forwarded to Google. The reCAPTCHA analyzes run completely in the background. Website visitors are informed via our cookie banner and this data protection declaration that an analysis is taking place.
We use cookies on our websites. Cookies are small text files that are stored on your end device with a characteristic character string and are assigned to the browser you are using and through which certain information flows to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your computer and therefore do not cause any damage. They serve to make the Internet offer more user-friendly and effective overall, i.e. more pleasant for you.
Cookies can contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to individuals.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, a distinction is made between cookies:
You can find further details, in particular on the type, provider and storage period of the respective cookies used by us, in our cookie consent management tool. The legal basis for cookies, which are absolutely necessary to provide you with the service you have expressly requested, is Section 25 (2) No. 2 TTDSG. Any use of cookies that is not absolutely technically necessary for this represents data processing that is only permitted with your express and active consent in accordance with Section 25 (1) TTDSG in conjunction with Article 6 (1) sentence 1 lit is. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, we only pass on your personal data processed by cookies to third parties if you have given your express consent to this in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR.
In order to be able to manage your consent to the use of cookies and the associated processing and providers, we use a tool from the company Onetrust for cookie consent management. In this tool you can also declare your revocation for all cookies that are not technically or legally necessary. You can do this at any time simply by clicking the “Change cookie settings” button. You can find this button at the bottom of our website. Please note that if you reject certain cookies, you may not be able to use the full range of services on our website. Your consent and any revocations will not be requested each time you visit the website, but will be stored for legal reasons for verification purposes.
Furthermore, cookies that have already been set can be deleted at any time via your Internet browser or other software programs. This is possible in all common Internet browsers. You can use the help functions of your internet browser to find out how to deactivate and/or delete cookies. Please note that deactivating/deleting cookies can result in individual functions of our website no longer functioning fully. Cookies that are required for certain functions of our website for technical reasons can be found in our cookie banner. In addition, the deactivation/deletion of cookies only affects the Internet browser used. If you use other internet browsers or end devices, the deactivation/deletion of cookies must be repeated accordingly.
We do not use any social media plugins on our websites. If our websites contain symbols from social media providers, we only use them for passive linking to the pages of the respective providers.
No user data is transmitted from our website to the social media network. If you are already logged in to the relevant social media service when you click the button, the release dialog will recognize this so that you can release the content directly. If this is not the case, you will be asked to log into the social media network. From this point on you are on the website of the respective social media network. Below you will find information on data processing by the respective providers. Please note that we assume no liability for the content and topicality of this information.
Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland ("Facebook"). You can find more information on data protection here: http://www.facebook.com/policy.php.
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; You can find more information on data protection here: https://twitter.com/privacy.
Instagram is one of the products provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. For more information on privacy, see: https://help.instagram.com/519522125107875.
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; You can find more information on data protection here: https://www.linkedin.com/legal/privacy-policy.
Our app also processes a large amount of your data for essentially the same or similar purposes as our website. You can find the data protection declaration for our wefox app in the app and also here:
Data protection information for our wefox app
We are very pleased that you are interested in our app. Data protection has a particularly high priority for all companies of the wefox group (hereinafter “wefox”). This app was developed to support you in managing your insurance relationship with wefox. In order to achieve this, we have created a profile containing your personal data (hereinafter "data") which you can access via the app. The app can be used as an IOS, Android or web version.
With the present data protection information we would like to inform you who is responsible for the data processing within this app (3.1.) as well as about the purpose, type and scope of the data processing within the scope of this app (3.2.) and how the data processing takes place (3.3.-3.10 .). Finally, under 3.11. read what rights you have.
If you have any questions or comments about data protection at wefox, you are welcome to contact our data protection department at dataprotection@wefox.com or visit our website at any time.
The terms used are not gender specific.
As of June 1, 2023.
The person responsible within the meaning of the EU General Data Protection Regulation (hereinafter "GDPR") and other national data protection laws of the member states as well as other data protection regulations is:
wefox Insurance AG
Aeulestrasse 56
9490 Vaduz
Liechtenstein
You can contact our data protection officer directly at any time with any questions or suggestions regarding data protection. Please use our “Contact Us” function for this. Alternatively, you can also write to us by post or email:
wefox Insurance AG
Aeulestrasse 56
9490 Vaduz
Liechtenstein
Email: dataprotection@wefox.com
In the following we inform you about the processing of your personal data when using our app. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. In this way we would like to inform you about our processing operations and at the same time comply with the legal obligations, in particular those arising from the EU General Data Protection Regulation (GDPR).
Here you will find a brief overview of which of your data is processed for which purposes and which legal bases can be considered for this.
Data categorically
Categories of data subjects
purposes
Legal bases of data processing
The storage of information in your end device or access to information already stored in your end device is only permitted if one of the following legal bases applies:
For the processing operations carried out by us, we indicate below the applicable legal basis in each case. The processing can also be based on several legal bases.
If you download this app, certain necessary data will be transmitted from you to the respective app store (e.g. Apple App Store or Google Play).
When downloading, the e-mail address, the user name, the customer number of the downloading account, the individual device code and the time of the download are sent to the App Store.
We have no influence on the collection and processing of this data; it is done exclusively through the app store you have selected. Accordingly, we are not responsible for this collection and processing; the responsibility for this lies solely with the respective app store.
The user account we offer is a function that is only available to a closed group of people. The prerequisite for your registration is that you are insured with wefox Insurance AG or that an "Exclusive Advisor" has brokered a contract for you with another insurer. With the user account you can easily view and manage your contracts, damage reports, claims and other information. If you want to conclude an insurance contract with us, only the data you provide or the data passed on by third parties with your consent will be processed.
When contacting us (e.g. damage report or request for help via contact form, e-mail, telephone or via social media) and in the context of existing usage and business relationships, the details of the requester are processed to the extent necessary in each case to answer the contact request and, if necessary, .Requested measures.
If you wish to settle the ongoing premium payments for your insurance contract with us by credit card, you must enter your relevant credit card details on our website or application. The credit card data you enter will not be stored by us, but by our payment service provider in a certified infrastructure that meets the high standards of the Payment Card Industry (PCI). We only manage a so-called credit card alias, which is linked to the credit card data from the payment service provider.
Our app has the option of integrating insurance documents from other insurers into the app. This allows you to manage all your insurance contracts in one app. Your consent is required for the import of these documents.
We may be subject to a special statutory or legal obligation to make lawfully processed personal data accessible to third parties, in particular public bodies (e.g. Bafin, tax offices), Article 6 (1) sentence 1 lit. c GDPR.
We use cookies in our app. Cookies are small text files that are stored on your end device with a characteristic character string and are assigned to the browser you are using and through which certain information flows to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your computer and therefore do not cause any damage. They serve to make the Internet offer more user-friendly and effective overall, i.e. more pleasant for you.
Cookies can contain data that enable the device used to be recognized. In some cases, however, cookies only contain information about certain settings that are not personal. Cookies cannot directly identify a user.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, a distinction is made between cookies:
You can find more details, in particular on the type, provider and storage period of the cookies we use in our cookie consent management tool. The legal basis for cookies, which are absolutely necessary to provide you with the service you have expressly requested, is Section 25 (2) No. 2 TTDSG. Any use of cookies that is not absolutely necessary for this purpose represents data processing that only takes place with your express and active consent in accordance with Section 25 (1) TTDSG in conjunction with Article 6 (1) sentence 1 lit. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, we only pass on your personal data processed by cookies to third parties if you have consented to this in accordance with Article 6 (1) sentence 1 lit.
In order to be able to manage your consent to the use of cookies and the associated processing and providers, we use a tool from Usercentrics for cookie consent management. In this tool you can declare your revocation for all technically or legally unnecessary cookies. You can do this at any time by simply clicking on the "Cookie Settings" button. You can find this button in the footer of our app. Please note that if you refuse certain cookies you may not be able to use all the services of our website. Your consent and any revocations will not be requested again each time you visit the website, but will be stored for legal reasons for verification purposes.
Furthermore, cookies that have already been set can be deleted at any time via your internet browser or other software programs if you use the web version of our app. This is possible in all common Internet browsers. You can use the help functions of your internet browser to find out how to disable and/or delete cookies. Please note that deactivating/deleting cookies can result in individual functions of our app no longer working. All cookies that we use in our app can be found in our cookie banner. In addition, the deactivation/deletion of cookies only affects the Internet browser used. If you use other internet browsers or end devices, the deactivation/deletion of cookies must be repeated accordingly.
For IOS and Android versions of our app, you must go to the profile section and click on "Privacy Settings".
We use various technologies to constantly improve our app and make it more user-friendly.
Google Analytics
We use Google Analytics to analyze app usage. The data obtained in this way is used to optimize our app. Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the app usage data on our behalf and contractually undertakes to take measures to ensure the security and confidentiality of the data processed.
Firebase Crashlitics
To improve the stability and reliability of our apps, we rely on anonymous crash reports. For this we use "Firebase Crashlytics", a service of Google Ireland Ltd., Google Building Gordon House, Barrow Street, Dublin 4, Ireland. In the event of a crash, anonymous information is transmitted to Google's servers in the USA. This information does not contain any personal data.
Usercentrics
This is a consent management service. Usercentrics (Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, data protection officer of the processing company can be reached at datenschutz@usercentrics.com) is used in our app as a processor for the purpose of consent management.
Ixopay
In our app we use ixopay (Ixopay GmbH, Mariahilfer Straße 77-79, A-1060 Vienna, Austria) to manage your bank and payment details, e.g. if you change your preferred payment method.
We do not use any social media plugins in our app. If our app contains symbols from social media providers, we only use them for passive linking to the pages of the respective providers.
We delete your data as soon as they are no longer required for the purposes for which we collected or used them. We usually store your personal data for the duration of the usage or contractual relationship via the app. Your data will only be stored on our servers in Germany, subject to a possible data transfer as described under 3.6. described.
In the event of a (pending) legal dispute or other legal proceedings, however, storage may take place beyond the specified period.
Third parties used by us store your data on their systems for as long as this is necessary for us in connection with the provision of services in accordance with the respective agreement.
Statutory regulations for the storage of personal data remain unaffected (e.g. § 257 HGB or § 147 AO). When the retention period required by law expires, the personal data will be deleted, unless further storage by us is required and there is a legal basis for this.
As the person responsible for processing, wefox has implemented numerous technical and organizational measures to ensure the most complete protection possible for the processed data against loss, misuse, unauthorized access, disclosure, modification or destruction and to ensure availability. These include, for example, industry-standard firewalls and password systems. All measures are taken taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its likelihood and impact) for you. Our security measures are also continuously improved in line with technological developments. Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us in alternative ways, for example by telephone.
We offer dialog and contact forms on our website that use TSL (Transport Layer Security) encryption. This encryption protects your data from unauthorized access by third parties during transmission. For your own safety, we recommend that you always use these dialogue or contact forms. If you send us your data unencrypted, e.g. as a normal, unsecured e-mail, there is a possibility that your data will be taken note of or changed by unauthorized persons.
We will be happy to provide you with further information on this upon request. To do this, please contact dataprotection@wefox.com.
For individual functions of our app, commissioned service providers may be used. Like any larger company, we also use external domestic and foreign service providers (e.g. for the areas of IT, logistics, telecommunications, sales and marketing) to process our business. They only act according to our instructions and have been contractually obliged to comply with the data protection regulations in accordance with Art. 28 DSGVO.
The following categories of recipients, which are usually processors, may have access to your data:
Service providers for operating our app and processing the data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is Article 6 Paragraph 1 Sentence 1 Letter b or Letter f GDPR, unless it is a processor;
State bodies/authorities, insofar as this is necessary to fulfill a legal obligation. The legal basis for the transfer is Article 6 Paragraph 1 Clause 1 Letter c GDPR;
Individuals employed to conduct our business (e.g., auditors, banks, insurance companies, legal advisers, regulators, those involved in acquisitions or the formation of joint ventures). The legal basis for the transfer is Article 6 Paragraph 1 Clause 1 Letter b or Letter f GDPR.
In addition, we only pass on your data to third parties if you have given us your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR.
If we pass on data from you to companies in the wefox group or receive data from companies in the wefox group, this is due to existing processing relationships, which are usually based on a contract for order processing.
As part of our business relationships, your personal data may be passed on or disclosed to companies outside the wefox group. These can also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively to fulfill contractual and business obligations and to maintain your business relationship with us (legal basis is Art. 6 Para. 1 S. 1 lit. b or lit. f GDPR in conjunction with Art. 44 et seq. GDPR).
The European Commission certifies some third countries with a data protection level comparable to the EEA standard by means of so-called adequacy decisions. A list of these countries and a copy of the adequacy decisions can be found here:
In other third countries to which your data may be transmitted, there may not be a consistently high level of data protection due to a lack of legal regulations. If this is the case, we ensure that data protection is adequately guaranteed. This is possible via Binding Corporate Rules, standard contractual clauses of the European Commission for the protection of personal data in accordance with Article 46 (1) and (2) lit. c GDPR, certificates or recognized codes of conduct. You can find more information on this on the website of the EU Commission:
Your insurance-relevant data is summarized in an insurance profile created for you so that you can quickly organize and find all relevant data. This enables us to support you quickly and competently in the implementation and processing of the insurance relationship. Your insurance profile is constantly monitored by us in order to maintain your insurance cover and, if necessary, to inform you about new products.
Our app does not have any automated decision-making function. However, automated decision-making can take place when applying for insurance or during the insurance relationship. If you want to learn more about this, visit our website on data protection.
The wefox app serves as an interface between you and us and should give you a quick and easy overview of your contracts, damage and benefit data and communication with us. In addition, the app is not used for advertising purposes, not even by third parties. If you would like to know how wefox generally deals with advertising communication outside of this app, then visit our website. You can find more information on this in the data protection section.
We send push notifications for submitted claims to let you know when the processing status changes. To do this, you must explicitly allow the receipt of push notifications in the settings of your device. Otherwise you will not receive any push notifications. We use Firebase Cloud Messaging, a service provided by Google Inc., to deliver our push notifications. The legal basis for data processing is Article 6 (1) (1) (a) GDPR. Categories of processed data are IP data.
The GDPR grants you the following rights, which you are welcome to assert against us via our contact form. Of course, you can also use the postal service:
In accordance with Art. 15 GDPR, you have the right to request information about your data processed by us. In particular, you can obtain information about the processing purposes, the category of data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal , the origin of your data, if they were not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details.
In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect data or the completion of your data stored by us.
In accordance with Art. 17 GDPR, you can request the deletion of your data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required.
In accordance with Art. 18 GDPR, you can request the restriction of the processing of your data if you dispute the accuracy of the data or the processing is unlawful.
In accordance with Art. 20 GDPR, you have the right to receive your data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible ("data portability").
In accordance with Article 21 GDPR, you have the right to object to the processing if the processing is based on Article 6 Paragraph 1 S. 1 lit. e or lit. f GDPR. This is particularly the case if the processing is not necessary to fulfill a contract with you. Unless it is an objection to direct advertising, we ask that you explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and will either stop or adjust the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
In accordance with Art. 7 Para. 3 GDPR, you have the right to revoke the consent you have given us at any time, if you have given it. As a result, we are no longer allowed to continue the data processing based on this consent for the future.
In accordance with Art. 77 GDPR, you can complain to a data protection supervisory authority about the processing of your personal data in our company. The supervisory authority responsible for wefox is:
Data Protection Office Principality of Liechtenstein
Städtle 38
Postfach 684
9490 Vaduz
Liechtenstein
T +423 236 60 90
Email: info.dss@llv.li
Your personal data will only be processed for purposes other than those described in this data protection declaration if this is permitted by law or if you have consented to the changed purpose of data processing.
In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes before further processing and provide you with all other relevant information.
So that we can continue to offer you an innovative app, we have to adapt our data processing processes from time to time. This also requires an adjustment of this data protection declaration. If your cooperation (e.g. your consent) is required for the changed data processing, we will inform you of this. So that you are always up to date with regard to the processing of your data, you should inform yourself about updates regularly. Simply visit this data protection declaration in your wefox app. Here you will always find the current version of our data protection declaration.
In order for you to be able to read how we process your data as part of our insurance products, we have listed all data protection information for the insurances we offer below. If you are a customer of ours, you have already received this information together with your insurance application.
Link pdf data protection information Jobrad
In addition, we use service providers who process your personal data independently and are closely related to the insurance product(s) you have taken out. You can find their data protection information below. Please note that this information is only made available by us in an effort to ensure the greatest possible transparency, but we assume no liability for its content and topicality.
PDF link Arvato
Link pdf HIS I
Link pdf HIS II
Finally, Wefox uses declarations of consent and release from confidentiality for certain insurance products. The content of these declarations has been agreed between the General Association of the German Insurance Industry (GDV) and the data protection supervisory authorities. This offers you even more security when handling your personal data.
Link pdf declaration of consent and release from confidentiality
We keep a list of all service providers that wefox Insurance AG may commission for you as part of your insurance contract. We do this for reasons of transparency so that you know who is processing your personal data. The obligation to maintain this list results from the declaration of release from confidentiality and consent as well as the rules of conduct (Code of Conduct data protection), which were agreed between the German Insurance Association (GDV) and the data protection supervisory authorities. The list contains the service providers who, as agreed, collect, process or use health data and/or other personal data on behalf of wefox Insurance AG. The service providers are named specifically if their main task is the collection, processing and use of personal data. Service providers whose main task is not the processing of personal data, such as disposal companies for paper waste or electronic data carriers, are only mentioned in service categories. The same applies to service providers who only occasionally work for wefox.
List of service providers
As the person responsible for processing, Wefox has implemented numerous technical and organizational measures to ensure the most complete possible protection of the processed personal data against loss, misuse, unauthorized access, disclosure, modification or destruction and to guarantee availability. These include, for example, industry-standard firewalls and password systems. All measures are taken for you taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and effects). Our security measures are also continuously improved in line with technological developments. Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us in alternative ways, for example by telephone.
We offer dialog and contact forms on our website that use TSL (Transport Layer Security) encryption. This encryption protects your data during transmission from unauthorized access by third parties. For your own safety, we recommend that you always use these dialogue or contact forms. If you send us your data unencrypted, e.g. B. as a normal, unsecured e-mail, there is a possibility that your data could be taken note of or changed by unauthorized persons.
We take data security very seriously at wefox. If you discover something or want to tell us about security concerns, you can reach us at this email address: infosecurity@wefox.com.
Unless an express storage period is specified, your personal data will be deleted as soon as the purpose or legal basis for storage no longer applies. If deletion is not possible for legal reasons, your data will be blocked. Your data will be blocked, for example, if your data has to be stored for commercial or tax reasons or if its storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person. In the event of a block, your data will only be used for the purposes permitted by law and will not be processed for other purposes (such as advertising).
Our data protection information may contain further information on the storage and deletion of data, which apply primarily to the respective processing.
As part of our business relationships, your personal data may be passed on or disclosed to companies outside the wefox group. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively to fulfill the contractual and business obligations and to maintain your business relationship with us (the legal basis is Art. 6 Para. 1 lit. b or lit. f respectively in conjunction with Art. 44 et seq. GDPR).
In some third countries, the European Commission certifies data protection that is comparable to the EEA standard by means of so-called adequacy decisions. You can find a list of these countries and a copy of the adequacy decisions here:
In other third countries, to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we make sure that data protection is adequately guaranteed. This is possible via binding company regulations, standard contractual clauses of the European Commission for the protection of personal data in accordance with Article 46 (1), (2) (c) GDPR, certificates or recognized codes of conduct.
You can find further information on this on the website of the EU Commission:
Your insurance-relevant data will be combined in an insurance profile created for you so that all relevant data can be organized and found quickly. This allows us to be at your disposal quickly and competently in the implementation and processing of the insurance relationship. Your insurance profile is constantly monitored by us in order to maintain your insurance cover and to inform you about product innovations if necessary.
We also use programs for automated decision-making. In particular, after entering your insurance-related data, the application is automatically accepted based on your information (profiling). Incorrect or incomplete information can result in the insurance contract not being accepted or being terminated if the information in question is relevant to the insurance for the conclusion of a contract or a specific claim.
In some cases, we process your contact data for the purposes of advertising communication (direct marketing), which can take place via various channels, such as e-mail, telephone, post or fax, in accordance with legal requirements. The legal basis for this can be your consent (Art. 6 Para. 1 S. 1 lit. a) GDPR) or our legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
You have the right to revoke the consent you have given at any time.
Furthermore, you have the right to object to the processing of your personal data for direct advertising purposes at any time, even without giving reasons. The objection can be sent by post, using the contact form or by email to kundenservice@wefox.com.
After revocation or objection, we store the data required to prove the previous authorization for contacting or sending up to three years after the end of the year of the revocation or objection on the basis of our legitimate interests. The processing of this data is limited to the purpose of a possible defense against claims. On the basis of the legitimate interest in permanently observing the revocation or objection of the user, we also store the data required to avoid being contacted again (e.g. depending on the communication channel, the e-mail address, telephone number, name).
You can subscribe to our newsletter, with which we will inform you about our current interesting offers, by giving your consent. Our newsletters generally contain information about our services and us.
We use the so-called double opt-in procedure to register for our newsletter. This means that after you have registered, we will send you an e-mail to the e-mail address provided, in which we ask you to confirm that you are the owner of the e-mail address provided and that you wish to receive notifications. If you do not confirm your registration within the period specified in the confirmation email, your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses you use and the times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to be able to clarify any possible misuse of your personal data.
The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending the newsletter. The legal basis is Article 6 Paragraph 1 Clause 1 Letter a GDPR.
You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail, or by sending an e-mail to kundenservice@wefox.com or by sending a message to the contact details given in the imprint.
In addition, you can also give your consent for us to evaluate your user behavior when sending the newsletter.
The GDPR grants you the following rights, which you are welcome to assert against us via our contact form. Of course, you can also use the postal service:
In accordance with Art. 15 GDPR, you have the right to request information about your data processed by us. In particular, you can obtain information about the processing purposes, the category of data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal , the origin of your data, if they were not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details.
In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect data or the completion of your data stored by us.
In accordance with Art. 17 GDPR, you can request the deletion of your data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required.
In accordance with Art. 18 GDPR, you can request the restriction of the processing of your data if you dispute the accuracy of the data or the processing is unlawful.
In accordance with Art. 20 GDPR, you have the right to receive your data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible ("data portability").
In accordance with Article 21 GDPR, you have the right to object to the processing if the processing is based on Article 6 Paragraph 1 S. 1 lit. e or lit. f GDPR. This is particularly the case if the processing is not necessary to fulfill a contract with you. Unless it is an objection to direct advertising, we ask that you explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and will either stop or adjust the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
In accordance with Art. 7 Para. 3 GDPR, you have the right to revoke the consent you have given us at any time, if you have given it. As a result, we are no longer allowed to continue the data processing based on this consent for the future.
In accordance with Art. 77 GDPR, you can complain to a data protection supervisory authority about the processing of your personal data in our company. The supervisory authority responsible for wefox is:
Data Protection Office Principality of Liechtenstein
Städtle 38
Postfach 684
9490 Vaduz
Liechtenstein
T +423 236 60 90
Email: info.dss@llv.li
So that we can continue to offer you innovative insurance products, we have to adapt our data processing processes from time to time. As a result, this also requires an adjustment of this data protection declaration. If your cooperation (e.g. your consent) is required for the changed data processing, we will notify you. So that you are always up to date with regard to the processing of your data, you should inform yourself regularly at this website.