Privacy policy

Privacy policy

General information
The Continentale BKK takes the protection of personal data very seriously. We want you to know when we store which data and how we use it. All the data we collect is subject to social data protection in accordance with the German Social Security Code (SGB). Data that is collected and stored for participation in offers on the website is subject to the data protection regulations of the German Telemedia Act (TMG). We collect and use your personal data exclusively within the scope of these provisions. We have taken technical and organisational measures to ensure that both we and external service providers comply with data protection regulations. With regard to the terms used, we refer to the definitions in Art. 4 the General Data Protection Regulation (GDPR).

Person responsible
Continentale company health insurance fund
Chairman of the Management Board
Sengelmannstr. 120 | 22335 Hamburg
kundenservice@continentale-bkk.de

Data Protection Officer
Continentale company health insurance fund
Data Protection Officer
Sengelmannstr. 120 | 22335 Hamburg
datenschutz@continentale-bkk.de

Types of data processed

Inventory data (e.g. names, addresses).
Contact details (e.g., e-mail, telephone numbers).
Content data (e.g., text entries, photographs, videos).
Usage data (e.g., websites visited,
Interest in content, access times).
Meta/communication data (e.g., device information, IP addresses).

Purpose of the processing

Provision of the online offer, its functions and content.
Answering contact enquiries and communicating with users.
Safety measures.
Reach measurement/marketing

Personal data
Personal data is information that can be used to find out your identity. This includes, for example, information such as your first and last name, address, postal address and telephone number.

In this privacy policy, we inform you about the type, scope and purpose for which we collect and use personal data when you visit our website.

In accordance with Art. 13 GDPR we inform you of the legal basis of our data processing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 Abs. 1 lit. a and Art. 7 GDPRThe legal basis for processing for the fulfilment of our services and implementation of contractual measures as well as responding to enquiries is Art. 6 Abs. 1 lit. b GDPRThe legal basis for processing for the fulfilment of our legal obligations is Art. 6 Abs. 1 lit. c GDPRand the legal basis for the processing for the protection of our legitimate interests is Art. 6 Abs. 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Abs. 1 lit. d GDPR as the legal basis.

Should you be under 16 If you are under the age of 18, we require the consent of your parents or legal guardians. Otherwise you may not send us any data.

Use for information
In principle, you can use our online services without disclosing your identity if you only wish to obtain information on azubi.continentale-bkk.de and do not wish to log in, register or submit other information on the website.

In this so-called "use for information", only data that your browser transmits to enable you to visit our website is collected.

This is for example

IP address,
Date and time of the request,
Content of the request (concrete page)

Right to information, deletion and revocation
You have the right to obtain confirmation as to whether or not personal data concerning you are being processed and, where that is the case, access to the personal data and further information and a copy of the data in accordance with Art. 6 para. 1 lit. f GDPR. 15 GDPR.

According to Art. 16 GDPR the right to request the completion of data concerning you or the rectification of inaccurate data concerning you.
In accordance with Art. 17 GDPR the right to demand that the relevant data be deleted immediately, or alternatively, in accordance with Art. 18 GDPR to demand a restriction on the processing of the data.
You have the right to request that the data concerning you that you have provided to us be erased in accordance with Art. 20 GDPR and to request their transmission to other controllers.
You have the right to withdraw your consent in accordance with Art. 7 Abs. 3 GDPR with effect for the future.
You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be made in particular against processing for direct marketing purposes
You also have according to Art. 77 GDPR the right to lodge a complaint with the competent supervisory authority.

Our supervisory authority for data protection is
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153 | 53117 Bonn
Phone: +49(0)228 997799-0
E-mail: poststelle@bfdi.bund.de | De-Mail: poststelle@bfdi.de-mail.de

Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) as part of our processing, transfer it to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if the data is transferred to third parties, such as payment service providers, in accordance with Art. 6 para. 1 lit. f GDPR). 6 Abs. 1 lit. b GDPR is necessary for the fulfilment of the contract), you have given your consent, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.

Processing in a third country
We do not process data in a third country.

Hosting and e-mail dispatch
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that we use for the purpose of operating this online offering.

In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR. 6 Abs. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (conclusion of order processing contract).

Collection of access data and log files
We, or our hosting provider, collect data on the basis of our legitimate interests within the meaning of Art. 6 Abs. 1 lit. f. GDPR Data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum period of 7 days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.

Social media
We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process users' data if they communicate with us within social networks and platforms, e.g. write posts on our online presences or send us messages.

Integration of services and contents of third parties
We use cookies within our online offer on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f GDPR). 6 Abs. 1 lit. f. GDPR) content or service offers from third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").

This always presupposes that the third-party providers of this content recognise the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to analyse information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visit time and other information about the use of our online offer, as well as being linked to such information from other sources.

Liability for links
Our website contains links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of any legal infringements, we will remove such links immediately.

Our website contains links to other websites. We have no influence on whether their operators comply with data protection regulations.

System security
In accordance with Art. 32 GDPR taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transfer, safeguarding of availability and its separation. We have also set up procedures to ensure that data subjects' rights are exercised, data is deleted and we respond to data threats. Furthermore, we take the protection of personal data into account as early as the development and selection of hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 6 para. 1 lit. f GDPR). 25 GDPR).

Cookies

Matomo (formerly Piwik)

Our website uses the web analysis service Matomo. Matomo is an open source solution.

Matomo uses "cookies." These are small text files that your web browser stores on your end device and that enable website usage to be analysed. Information generated by cookies about the use of our website is stored on our server. Your IP address is anonymised before it is saved.

Cookies from Matomo remain on your terminal device until you delete them.

Matomo cookies are set on the basis of Art. 6 Abs. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the anonymised analysis of user behaviour in order to optimise both our website and, where applicable, advertising.

The information stored in the Matomo cookie about the use of this website is not passed on. The setting of cookies by your web browser can be prevented. However, some functions of our website may be restricted as a result.

You can deactivate the storage and use of your data here. Your browser sets an opt-out cookie that prevents the storage of Matomo usage data. If you delete your cookies, the Matomo opt-out cookie will also be removed. If you visit our website again, the opt-out cookie must be set again to prevent the storage and use of your data.

You may choose to prevent this website from aggregating and analysing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

Google Analytics

Type and scope of processing
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4Ireland, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of visits to our website, subpages visited and the time spent by visitors.
Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.
This information is used, among other things, to compile reports on website activity.

Purpose and legal basis
The use of Google Analytics is based on your consent in accordance with Art. 6 Abs. 1 lit. a. GDPR and § 25 Abs. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USAto be transmitted. In cases where no adequacy decision of the European Commission exists (e.g. in the USA), we have agreed other suitable guarantees with the recipients of the data within the meaning of Art. 44 ff. GDPR agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with the implementing decision (EU) 2021/914 from the 4. June 2021. You can download a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX.32021D0914&from=EN view.
In addition, we will obtain your consent prior to such a transfer to a third country in accordance with Art. 49 Abs. 1 Set 1 lit. a. GDPR which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact scope and consequences of which for you we do not know, over which we have no influence and of which you may not become aware).

Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.

Google Tag Manager

Type and scope of processing
We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4Ireland. Google Tag Manager is used to manage website tags via an interface and enables us to control the precise integration of services on our website.
This allows us to flexibly integrate additional services in order to analyse user access to our website.

Purpose and legal basis
The use of Google Tag Manager is based on your consent in accordance with Art. 6 Abs. 1 lit. a. GDPR and § 25 Abs. 1 TTDSG.