We at HanseMerkur take the protection and security of your data very seriously. Find out about your rights and the measures we have taken to protect you: The data controller within the meaning of the General Data Protection Regulation (EU-GDPR) and other national data protection laws of the member states as well as other data protection provisions is:
HanseMerkur Reiseversicherung AG
Tel.: +49 40 4119-1919
Fax: +49 40 4119-3040
The data protection officer of the data controller is:
Mr Thomas Prigge
To contact the data protection officer, please use the above address or send an email to: firstname.lastname@example.org.
Thank you for visiting our website. We are committed to protecting and respecting your privacy and we want you to feel secure. We collect, process or use your personal data in compliance with applicable laws and regulations. This privacy statement applies only to this website. It does not apply to websites linked or referred to from this website. You can find information about your rights here.
Every time you visit our website, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:
The log files contain IP addresses or other data that can be traced back to the user. This could be the case, for example, if the link to the website from which the user accesses the website or the link used to switch to another website contains personal data. The data is also stored in the log files of our system. This data is not stored together with other personal data of the user. HanseMerkur cannot use this data to trace it back to you without involving your provider. For example, you can use the premium calculator "anonymously".
The legal basis for the temporary storage of data and log files is Art. 6 (1) lit. f of the General Data Protection Regulation (GDPR).
Purpose of data processing: The temporary storage of the IP address by the system is necessary to display the website on the user’s computer. To do this, it is necessary to store the user’s IP address for the duration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
The data will be deleted when they are no longer necessary for the purposes for which they were collected. Where the data is collected for the purpose of providing the website, the data will be deleted at the end of the respective session.
If the data is stored in log files, they will be deleted after seven days at the latest. Data may be stored for other purposes. In this case, the IP addresses of the users are deleted or anonymised to prevent them from being traced to the calling client.
Collecting data for the purpose of providing the website and storing the data in log files is essential for the operation of the website. Users, therefore, do not have the option to object in this case.
The data given by you within the framework of the conclusion of an insurance contract will be processed for handling processes within the booking process and for any subsequent insurance pay-out process. Only data will be collected, saved and used that are absolutely necessary for the handling processes.
The following customer data will be collected and saved by us:
The legal basis for the data processing is Art. 6(1)(b) of the GDPR. The processing is necessary for the conclusion and the fulfilment of the contract.
The data given by you during a claim within the framework of the online reporting of a claim on our website will be processed to handle the insured event. Only data will be collected, saved and used that are absolutely necessary for the handling processes.
The legal basis for the data processing is Art. 6(1)(b) of the GDPR. The processing is necessary to handle the insured event.
If special categories of personal data e.g. health data are collected, we will obtain your consent pursuant to Art. 9 (2) (a) in conjunction with Art. 7 of the GDPR.
When you visit some websites, so-called cookies are stored on your computer. Cookies are small text files used by website operators to store relevant data to make the browsing experience more efficient and enjoyable. Cookies cannot be read by a website other than the one which set it. HanseMerkur does not store any of your personal data in cookies. The maximum lifetime of cookies is 90 days. At the end of this period they are deleted automatically. Every time you visit a website, a new cookie is set. If there is an existing cookie, the information is updated. This is equivalent to deleting and setting a new cookie.
The analysis cookies are used to improve the quality of our website and its content. The analysis cookies tell us how the website is used and enable us to constantly improve the content of our website.
Advertising cookies are used to provide you with personalised ads.
How can I manage cookies?
As an Internet user, you can decide whether you want to accept cookies or reject them altogether. However, if you disable cookies, we can no longer guarantee the proper display of the website or the availability of all functions and features.
What types of cookies do we use?
We use four types of cookies: Essential cookies, functionality cookies, performance cookies and advertising cookies.
We use essential cookies (session cookies) to facilitate the general use of our website. To do this, we record certain actions performed by the user. These cookies are necessary for functional navigation on the website and for the use of certain website functions. This makes it easier for the user to visit our website, as it makes it more convenient to use the various areas on our website.
Functionality cookies (session cookies) allow us to tailor our website to the personal preferences of our users by recording the inputs and choices made, such as the name, location or language settings. These preferences are valid only for our website and cannot be used by other websites.
Performance cookies (persistent cookies) help us measure the traffic and functionality of our website. The information supplied by these cookies helps us understand what parts of our website users visit most frequently and whether any error messages appear on these pages. This helps us to provide visitors with a better user experience.
We use advertising cookies (persistent cookies) to show users tailored adverts. We also use these cookies to understand how frequently a user sees certain ads.
Information about session cookies and persistent cookies
Session cookies store information that is used during the current browsing session. These cookies are automatically deleted when you close the browser. Persistent cookies store information between subsequent visits to the website to identify you as a returning user.
Basic information about cookies
You can prevent the setting of cookies – and thus your browser from storing and collecting data – by disabling the storage of cookies in your browser.
The data generated as a result are processed and saved solely in Germany by etracker on our behalf and are thus subject to strict German and European data privacy laws and standards. etracker was independently audited and certified in this regard and was awarded the data privacy quality seal ePrivacy.
Data are processed as per the legal provisions of Art. 6 Para. 1 (f) (legitimate interest) of the EU General Data Protection Regulation (EU GDPR). Our concern in the sense of the EU GDPR (legitimate interest) is the optimisation of our online offering and our website. Since the private sphere of our visitors is important to us, data that may allow conclusions to be made about any specific person, such as IP addresses and login or device IDs, are anonymised or pseudonymised as soon as possible. The data are not used for other purposes, etracker does not merge them with its own or other data, and they are not passed on to third parties.
You can object to the data processing described above at any time, insofar as it is done in a person-related manner.
For more information on privacy at etracker please click here.
This website uses Google Analytics, which is a web analysis service from Google Inc (‘Google’). Google Analytics uses ‘cookies’. These are text files that are saved on your computer that allow website use to be analysed. The information generated by the cookie about your use of this website is generally sent to a Google server in the USA and saved there. However, if IP anonymisation is enabled on this website, your IP address is truncated by Google within the European Union Member States or in other signatory states to the Agreement on the European Economic Area before it is sent. A full IP address is only sent to a Google server in the USA and truncated there in exceptional cases. By order of the operator of this website, Google will use this information to evaluate the use of this website, to prepare reports about website activities and to provide other services to the website operator that relate to website and internet use. The IP address sent from your browser as part of Google Analytics will not be merged with other Google data. You can prevent cookies from being saved by changing your browser settings. However, please note that in this case, you may be unable to use all of this website’s functions properly. You can also prevent the data generated by the cookie relating to your use of the website (including your IP address) from being captured and processed by Google by downloading and installing this browser version. You can prevent Google Analytics from collecting your data by clicking on the following link. This will save an opt-out cookie that will prevent your data from being collected when you visit this website in future: disable Google Analytics
Our website uses Google AdWords and Google Tag Manager to provide personalised, interest and location-related online advertising.
This website also uses the ‘DoubleClick’ cookie as part of the Google Analytics application (see below), which allows your browser to be recognised when you visit other websites. This serves to safeguard our overriding legitimate interests in optimally marketing our goods and services pursuant to Article 6 (1) (f) of the GDPR. The information automatically generated by the cookie about your visit to this website is sent to a Google server in the USA and saved there. Due to the activation of IP anonymisation on this website, your IP address is truncated by Google within the European Union Member States or in other signatory states to the Agreement on the European Economic Area before it is sent. A full IP address is only sent to a Google server in the USA and truncated there in exceptional cases. The anonymised IP address sent from your browser as part of Google Analytics is not merged with other Google data.
Google will use this information to compile reports on website activity and to provide other services associated with website use. This serves to safeguard our overriding legitimate interests in optimally marketing our website. Google will also send this information to third parties if this is legally permissible or if third parties process this data by order of Google. Once the purpose no longer applies and we stop using Google DoubleClick, the data collected in this regard will be erased.
Google Double Click is an offering from Google LLC (www.google.de).
Google LLC has its head office in the USA and is certified under the EU-US Privacy Shield. A current certificate can be found here. On the basis of this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
You can disable the DoubleClick cookie by clicking on this link. You can also contact the Digital Advertising Alliance with respect to cookies being saved and you can change the settings for this. Finally, you can change your browser settings so that you are notified about cookies being saved on your machine and you can decide whether to accept them, or you can change your settings so that you reject cookies from being accepted in certain cases or generally. If you do not accept cookies, this may restrict the functionality of this website.
We use remarketing technology from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; ‘Google’). This technology allows users who have already visited our websites and online services and are interested in the offering to be addressed again through targeted advertising on Google Partner network sites. Ads are displayed by using cookies. These are small text files that are saved on the user’s computer. The text files can be used to analyse user behaviour when users visit the website and then used for targeted product recommendations and interest-based advertising.
HanseMerkur Krankenversicherung AG has a legitimate interest in saving remarketing cookies (targeted and interest-based advertising) within the meaning of Article 6 (1) (f) of the EU General Data Protection Regulation.
Cookies are deleted once the respective time limits specified in the cookies expire. The maximum storage period is 18 months.
This website uses the web analytics service with bid management provided by intelliAd Media GmbH, Sendlinger Str. 7, 80331 Munich, Germany. To customise and optimise this website, anonymised user data will be recorded, aggregated and stored and used to create user profiles. When intelliAd tracking is used, cookies are stored locally. The anonymised user data and profiles can be used by the website operator as well as by other customers of intelliAd to identify user interests, but it cannot be used to identify you as the website visitor. You have the right to object to the storage of your (anonymously collected) user data also with effect for the future. To do this, use the intelliAd Opt-Out.
In some cases, Awin may have a restricted profile that refers to you. However, this does not reveal your identity, online behaviour or other personal characteristics. The sole purpose of this profile is to determine whether a forwarding process was started on one device and completed on another device.
In some cases, Awin and the referrer of the potential customer may receive and process your personal data to carry out the affiliate marketing campaign with us.
We also receive personal information relating to potential customers from Awin and referrers, which can be split into the following categories: cookie data, data relating to the website, app or technology that referred a potential customer to us and technical information about the device you are using.
We will send you our free sales partner newsletter only with your express consent. Subscription to our newsletter may be terminated by the data subject at any time. You can unsubscribe by clicking on the unsubscribe link provided in every newsletter.
When you subscribe to our newsletter, the data is entered into an input mask and transmitted to us. In addition, we collect the following information: IP address of the calling computer and date and time of subscription. The collection of other personal data during the subscription process serves to prevent misuse of the service or the email address used. The legal basis for processing the data following the user's subscription to the newsletter is Art. 6 (1) lit. a GDPR. The data will be deleted when they are no longer necessary for the purposes for which they were collected. Accordingly, the email address of the user will be stored only as long as the subscription to the newsletter remains active.
We use the services of die direkten GmbH and kajomi GmbH for newsletter mailing.
We have integrated company and product reviews on our website to give our customers the opportunity to post review insurance. At the same time, we want to improve our internal quality management. When you click on the customer review link after completing your online booking or online application, you will be redirected to a questionnaire at eKomi. To prevent multiple reviews, we forward an anonymised ID to eKomi. eKomi also stores your IP address. eKomi is committed to handling your transmitted data in compliance with data protection regulations and takes all organisational and technical measures to protect your data. The data is processed in accordance with Art. 6 (1) lit. a GDPR. Your feedback will help us to improve this process and products for all customers on a continual basis.
HanseMerkur has an online presence in social networks and platforms. This makes it possible for us to communicate actively with our existing and prospective customers and to inform them about our services. We point out that when visiting the respective networks and platforms the terms and conditions of business and data processing guidelines of the respective operators apply.
Facebook On this website, we link to our presence on “Facebook” of Facebook Inc. (1601 S California Ave, Palo Alto, CA 94304 USA. If you click on our link and are logged into Facebook at the same time, this information will be assigned to your Facebook account. The same applies of course if you submit comments. The data privacy statement can be found here.
On our website, we provide a contact form and an online application, which can be used to send us a message or to take out an insurance policy directly via our website. If you use this option, the data you enter into the input mask will be transmitted to us and stored. The personal data that we collect through service functions and forms based on your consent to the collection, processing and use of your personal data are transmitted in encrypted form over a secure Internet connection to our computer, where they are stored and secured. The encryption process used complies with the latest technology standards (TLS or SSL). The other personal data processed during the sending is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
When you transmit your personal data – e.g. by submitting a claim notification, by using the HanseMerkur RechnungsApp (invoicing app), by making an online application, by requesting a quotation or advice and by confirming this privacy notice – you declare that you consent to the storage and processing of the data that you have submitted for the purpose of processing and responding to queries (where required) within the required scope. Depending on the matter in hand, it may be necessary to forward this data to authorised third parties, or to process it using an automated system.
Where we obtain the consent of the user to processing the data, the legal basis for data processing is Art. 6 (1) lit. a GDPR and with respect to online transactions, Art. 6 (1) lit. b GDPR. The legal basis for health data processing is Art. 9 (2) lit. a GDPR.
The data will be deleted when they are no longer necessary for the purposes for which they were collected. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when the circumstances indicate that the matter in question has been definitely resolved. The additional personal data collected during the sending process will be deleted at the latest after seven days.
Users are entitled to revoke their consent to the processing of personal data at any time.
Emails that you send us through your email application may under some circumstances be unencrypted. Please check the settings of your email application or consult your email provider. We routinely encrypt our email responses using transport layer security (TLS). We send unencrypted emails only if transport layer encryption is not supported by your provider. This form of encryption, however, is broadly supported by email providers.
If you prefer end-to-end encryption (S/MIME) of your email communications, we would be happy to set this up for you. To configure the secure connection, please send us a quick email to email@example.com and we will take it from there.
For secure communications, we recommend the contact form on this website.
You can request information about the personal data we hold about you by writing to the above address. In addition, under certain circumstances, you may request your data to be rectified or deleted. You are also entitled to restrict the processing of your data and to have the right to receive the data you have provided to us in a structured, commonly used and machine-readable format.
You have the right to object to the processing of your personal data for direct marketing purposes. If we process your data to protect legitimate interests, you can object to the processing of data on compelling legitimate grounds relating to your particular situation.
You have the option to complain either to the data protection officer specified above or to a data protection supervisory authority. The data protection supervisory authority responsible for us is:
Hamburg Commissioner for Data Protection and Freedom of Information
If you are living in Switzerland we recommend visiting our Swiss website. There you are given valuable information and you can take out all travel insurances online.
For legal reasons you are not allowed to book travel insurances on our German website. We apologize for the inconvenience.