(Status: May 2018)

In the following, we provide information about the collection of personal data when using our website. Personal data includes all data that can be related to you personally, e.g., name, address, email addresses, and user behavior. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are reviewed regularly and adapted to technological progress.

1. Controller
Pursuant to Art. 4 Para. 7 of the EU General Data Protection Regulation (GDPR), the controller is:

Berns equine insurance solutions GmbH
Berns assekuradeur GmbH
Wüllnerstraße 138
D-50935 Cologne

2. Person Responsible for Data Protection
Anja Berns
anja.berns@berns-equine.com
Tel. +49 172 9644656

3. Subject Matter of Data Protection
The subject matter of data protection is personal data as defined by Art. 4 No. 1 GDPR. This includes all information relating to an identified or identifiable natural person. This generally covers all information that allows for the identification of a natural person (at least indirectly). This may include, for example, names or contact details (e.g., telephone number, postal address, and email address). The IP address can also constitute personal data in this sense.

4. Collection, Processing, and Use of Personal Data
Berns collects, processes, and uses your personal data only to the extent that the GDPR, the BDSG (Federal Data Protection Act), or another legal provision permits or mandates it, or if you, as a user of our websites, have consented to the collection, processing, and use.

5. Your Rights
You have the following rights regarding the personal data concerning you:

5.1 General Rights
You have the right to access, rectification, erasure, restriction of processing, objection to processing, and data portability. To the extent that processing is based on your consent, you have the right to withdraw this consent with effect for the future.

5.2 Rights in Data Processing Based on Legitimate Interest
Pursuant to Art. 21 Para. 1 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 Para. 1 (e) GDPR (data processing in the public interest) or Art. 6 Para. 1 (f) GDPR (data processing for the purposes of a legitimate interest); this also applies to profiling based on these provisions. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

5.3 Rights Regarding Direct Marketing
If we process your personal data for the purpose of direct marketing, you have the right, pursuant to Art. 21 Para. 2 GDPR, to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

5.4 Right to Lodge a Complaint with a Supervisory Authority
You also have the right to lodge a complaint with a competent data protection supervisory authority regarding the processing of your personal data by us.

6. Collection of Personal Data when Visiting Our Website
In the case of purely informational use of the website—i.e., if you do not register or otherwise provide us with information—we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6 Para. 1 (f) GDPR:

IP address

Date and time of the request

Time zone difference to Greenwich Mean Time (GMT)

Content of the request (specific page)

Access status/HTTP status code

Amount of data transmitted in each case.

7. Consent-Based Processing and Use of Your Data for Customer Care
If you have given us your consent, we will also use the data collected for the purposes explained under Sections 9, 10, 11, and 12 for customer care. This means that we store your data for information purposes and use it, for example, in the case of repeated contact or a prospective business relationship, to respond to your concerns. The legal basis for processing your data is Art. 6 Para. 1 (a) GDPR. We delete the data generated in this context after storage is no longer required or restrict processing if statutory retention obligations exist.

8. Website Analysis
For the purposes of analyzing and optimizing our websites, we use various services as described below. For example, we can analyze how many users visit our site, what information is most in demand, or how users find the site. We collect, among other things, data about which website a data subject came from (so-called "referrer"), which subpages of the website were accessed, or how often and for how long a subpage was viewed. This helps us to design and improve our offerings in a user-friendly manner. The data collected in this process is not used to identify individual users personally. Only anonymous or, at most, pseudonymous data is collected. The legal basis for this is Art. 6 Para. 1 (f) GDPR.