Data privacy statement

1. Data controller

Aktiv Assekuranz Makler GmbH
Hanauer Str. 67 80993 München
Phone: +49 89 149 708-0
E-Mail: info(at)aktiv-assekuranz.de
Data protection officer Mr Reinhard Ernst


You can contact our data protection officer at the above address or by email to datenschutz(at)droege-vers.de.


2. Processing of personal data, legal basis and purpose of use

Within the framework of our activity, it is necessary for us to process your personal data in our EDP; we may also need to pass them on to third parties or to let third parties receive them. The type and scale of the necessary data will depend on the desired or existing insurance protection and our corresponding service range. The European GDPR (the new Federal Data Protection Act; BDSG neu) permits processing of personal data subject to specific conditions. In some cases, in particular if data concerning health are affected, explicit consent is required, however. Therefore, please take note of the following information.

Information on processing activities.

1. Purposes of processing activities

We process your personal data as far as this is necessary and depending on the order placed with us, in order to record your contract and risk situation, review and evaluate it, to compile offers for you for appropriate insurance protection and to submit these to you, to mediate the corresponding insurance contracts for you, to support and manage your insurance contracts and to support you in processing claims and payments.


2. Processing activities concerning personal data

We process your personal data as far as this is necessary for the above purposes. Processing shall in particular include the collection, recording and use of data. The scale depends on what insurance protection you are interested in, what insurances you already have and what insurance contracts are to be mediated and supported. These may include the following details:


a) Name, address, date of birth, phone number, fax number, email, marital status, profession, health details, object details, company details, income, turnover, tax details, other personal or commercial facts, pension wishes, risk appetite, experience in the area of financial investments, bank details.

b) Contract details concerning existing or terminated contracts, in particular in the case of insurance comparisons and concerning surrender values and premium payments. We protect your data from unauthorised access and unauthorised disclosure. Our employees, who may be charged with processing of your data, are obligated to preserve data secrecy in accordance with point (f) of Article 5(1), Article 32(4) of the General Data Protection Regulation (GDPR).


3. Transfer of your personal data to third parties for any other purposes than the ones listed below will not take place

We will only pass on your personal data to any third parties:


a) If you have explicitly given your consent to this according to point (a) of sentence 1 of Article 6(1) GDPR.

b) If transfer is necessary according to point (b) of sentence 1 of Article 6(1) for compliance with a contract with you or for carrying-out any pre-contractual measures that are performed upon your request.

c) If it is necessary to meet a legal obligation of the controller in accordance with point (c) of sentence 1 of Article 6(1) GDPR.

d) If it is necessary in accordance with point (f) of sentence 1 of Article 6(1) GDPR to assert, exercise or defend any legal claims and if there is no reason to assume that you have an overriding legal interest in non-disclosure of your data.



4. Cooperation with third parties in disclosure and receipt of data

Within the framework of coverage requests, contract conclusions, contract administrations and processing of payments and claims, it may be necessary to disclose data to third parties or to receive data from third parties. The data are only disclosed at the scope necessary according to the corresponding purpose.

The following categories of third parties may be concerned: - insurances - reinsurances - broker pools - cooperating insurance brokers - technical service providers (= operators of comparison software or customer administration programmes) – sub-intermediaries - social security providers - credit institutions and capital investment companies - building societies - financial service providers and securities trade companies - lawyers, tax advisors, auditors - insurance ombudsmen - Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht; BaFin) - legal successors – underwriting agents - experts.

Further data recipients may be those bodies for which you have given us your consent for data transmission or to which we are authorised to transmit personal data based on reconciliation of interests.

5. Right to withdrawal/consequences of withdrawal

If your personal data are processed based on legitimate interests in accordance with point (f) of sentence 1 of Article 6(1) GDPR, you have the right to object to processing of your personal data in accordance with Article 21 GDPR as far as there are grounds for this that result from your particular situation or the objection is targeted against direct marketing. In the latter case, you have a general right to object that will be implemented by us without any indication of a particular situation.


An objection that is not targeted against our direct marketing may mean that we cannot provide our services anymore for existing contracts either. In case of withdrawal, we will either erase or initially block your data. This will depend on the following circumstances: Personal data are erased without undue delay if processing was not legitimate or turns out to be illegal due to subsequent circumstances or if knowledge of the data is no longer necessary for compliance with our tasks. Instead of erasure, the data may be blocked as far as erasure is prevented by archiving periods stipulated in the law, articles of association or in contracts. Longer storage of personal data may be necessary in particular due to the documentation obligations we are subject to under the Insurance Contract Act (Versicherungsvertragsgesetz) or as evidence. Blocking is deemed suitable as well if erasure is not possible or would only be possible with disproportionate effort, or if it would affect interests to be protected of the data subjects. The data will further be blocked if their accuracy is contested by the data subject, and neither accuracy nor inaccuracy can be established.


If you want to exercise your withdrawal right or right to object, simply send an email to info(at)droege-vers.de



6. Legal succession/transfer of inventory

If the broker wholly or partially transfers its business operation to another broker (e.g. within the framework of sale of the business operation, the client agrees that the broker will provide the contract and service data of the customer to the receiving broker. The broker will inform the client before forwarding the data and disclose the name and address of the receiving broker. The client has the right to object to the data transfer to the receiving broker at any time.



7. When visiting the website

When calling our website www.droege-holding.de, the browser used on your terminal device will automatically send information to the server of our website. This information is temporarily stored in a log file. The following information is recorded without any action on your end and stored until automatic erasure.

This may include, e.g., the following data: a) Internet protocol address of the requesting computer, b) Date and time of the access, c) Name and URL of the called file, d) Website from which the access takes place (referrer URL), e) Browser used and, if applicable, the operating system of your computer and the name of your access provider. The personal data named are processed by us for the following purposes: a) Ensuring smooth establishment of the website's connection, b) Ensuring comfortable use of our website, c) Evaluation of system safety and stability, as well as for further administrative purposes. The legal basis for processing activities shall be point (b) of sentence 1 of Article 6(1) GDPR. Our legitimate interests follow from the purposes listed for data collection above.

7.1 Use of cookies

Our website uses cookies. These are small text files your web browser stores on your terminal device. Cookies help us make our offer more user-friendly, more effective and safe. Some cookies are “session cookies." Such cookies will be deleted again automatically after the end of your browser session. Other cookies, in contrast, remain on your terminal device until you delete them yourself. Such cookies help us recognise you when you return to our website. A modern web browser lets you monitor, limit or prevent the setting of cookies. Many web browsers can be configured so that cookies are deleted automatically when the programme is closed. Deactivation of cookies may restrict the function of our website. As the provider of this website, we have a legitimate interest in storage of cookies for technically correct and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these will be covered separately in this data protection policy.


Cookies that are needed to exercise electronic communication processes or to provide certain functions desired by you (e.g. shopping basket) will be set based on point (f) of Article 6(1) GDPR. As the provider of this website, we have a legitimate interest in recording of cookies for technically correct and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these will be covered separately in this data protection policy.


7.2 Google Analytics

Our website uses functions of the web analysis service Google Analytics. The provider of the web analysis service is Google inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses "cookies." These are small text files your web browser stores on your terminal device and that allow analysis of your website use. Information produced by a cookie concerning your use of our website will be transmitted to a server of Google and stored there. The server is usually located in the USA.

Google-Analytics cookies are set based on point (f) of Article 6(1) GDPR. As the provider of this website, we have a legitimate interest in analysis of user behaviour in order to optimise our web offer and potentially marketing.

7.2.1 IP anonymisation

We use Google Analytics in conjunction with the function IP anonymisation. This ensures that Google will abbreviate your internet protocol address within member states of the European Union or in other contracting states of the convention on the European Economic Area before transfer to the USA. There may be exceptions where Google will transfer the full internet protocol address to a server in the USA and abbreviate it there. On our order, Google will use this information to evaluate your use of the website, in order to compile reports on the website activities and to provide further services connected to website use and internet use towards us. The internet protocol address transmitted by Google Analytics will not be combined with any other data of Google.

7.2.2 Objection to data recording

You may prevent recording of your data by Google Analytics by clicking the following link. An opt-out cookie will be set that will permanently prevent recording of your data during future visits to our website: Deactivate Google Analytics.


You can prevent cookies being stored by setting your browser software accordingly; in that case, however, we draw your attention to the fact that you may possibly be unable to use all of the website’s functions to their full extent. Moreover, you can prevent Google collecting the data generated by the cookies and relating to your use of the website (including your IP address), and processing of this data by Google, by downloading and installing the browser plugin available at the following link. The address of the link is: https://tools.google.com/dlpage/gaoptout?hl=en


For details on handling of user data by Google Analytics, see the data protection statement of Google: https://support.google.com/analytics/answer/6004245?hl=de.

8. SSL or TLS encryption

Our website uses SSL or TLS encryption for reasons of safety and to protect the transmission of confidential contents that you send to us as the page operator. Data that you transmit through this website cannot be read by third parties because of this. You can recognise an encrypted connection by the "https://" address line of your browser and the lock icon in the browser line.

9. Contact form

Data transmitted by contact form, including your contact details, are stored in order to enable us to process your query or to be available for subsequent questions. The data are not passed on without your consent.


The data entered in the contact form shall only be processed based on your consent (point (a) of Article 6(1) GDPR). By submission, your give us your consent to process your data. You can withdraw your consent at any time. Withdrawal only requires informal communication by email. The lawfulness of the processing activities performed until the withdrawal shall remain unaffected by this. Data transmitted through the contact form will remain with us until you demand that we erase them, withdraw your consent to storage or storage of these data is no longer necessary. Mandatory legal provisions – in particular archiving periods – shall remain unaffected by this.


10. Data security

Apart from this, we use appropriate technical and organisational safety measures in order to protect your personal data from accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures will be improved continually according to the technological developments.


11. Right to lodge a complaint with the competent supervisory authority

As a data subject, you have the right to lodge a complaint with the competent supervisory authority in case of any breach of data protection law. The competent supervisory authority for issues of data-protection law is the state data protection officer of the Federal state in which our undertaking is registered. The following links provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

12. Current version and amendments of this data protection statement

Further development of our website and offers on it or changed statutory or authority specifications may require amendments to this data protection statement. You may view and print the respective current data protection statement at any time on the website at www.droege-holding.de.

This data protection statement is currently valid as of July 2019.