ERGO Digital IT GmbH
Warschauer Str. 6
Managing directors: Tomasz Smaczny, Joseph Lapierre
Commercial register: Amtsgericht Charlottenburg (Berlin), HRB 181799 B
VAT No.: DE815659108
The information you provide in your online application will be stored on an IT system belonging to a service provider in the United States. We have agreed to an adequate level of data protection equivalent to European standards with this service provider. Additionally data protection provisons in Germany require your consent for certain categories of data to be processed by a service provider outside the European Union. In the event your application contains so-called “special personal data” in the meaning of § 3 paragraph 9 of Germany’s Federal Data Protection Act (for example, information on religion, ethnic and racial origin or health), you herewith expressly consent to the storage and technical processing of such data by the service provider in the United States.
In case you choose to apply online, you hereby give your permission to the service provider to e-mail your data in encrypted form to our recruiter and to the forwarding of such information from the recruiter to other legal entities of ERGO.
For contact persons and addresses, please see the relevant job advertisements or our website.
We know that protecting your private sphere when using our website is an important concern. We take our duty to ensure that your data remains confidential very seriously, and we comply with the applicable provisions governing data protection law. We use suitable technology to conduct a dialogue with you and to safeguard your data.
We would like to inform you here about the processing of your personal data when you use our website and its apps, and about your rights under data protection law.
Who is responsible for processing the data and who is the Data Protection Officer?
Controller for the data processing is
ERGO Group AG
You can contact our Data Protection Officer by writing to email address firstname.lastname@example.org
What categories of data do we use and where do they come from?
As a matter of principle you can use our website anonymously. We do not save any personal data or data which can be related to a person using the website (such as IP addresses). When visiting our website we collect data (the date, time, pages visited, navigation, and software used) in an anonymised form so that the usage pattern can be analysed, also anonymously, by an external service provider. The data is anonymised before it is saved by the service provider.
What are the purposes for which data is processed?
If you provide us with your personal data in specific circumstances we treat this data in accordance with the provisions of the data protection legislation applicable at the company’s head office. If you send us an email or complete an online form on our website and send it to us we process the personal data indicated in the form (e.g. your name or email address) only for the purposes of our correspondence with you so we can send you the documents or information you requested, or for any other purposes you may have indicated on the form in question.
We will inform you in advance if we want to process your personal data for a purpose which is not indicated there.
On what legal basis is your personal data processed?
We process your personal data in compliance with the provisions of the European General Data Protection Regulation (GDPR), the NEW German Federal Data Protection Act (Bundesdatenschutzgesetz) and all other relevant legislation on the processing of personal data.
The specific legal basis for processing the data depends on the context in which we receive the data and the purpose for which we receive it. In so far as is necessary, we will therefore inform you in the case of the relevant application.
In general, the legal basis will either be “the legitimate interests of the controller for the purpose of conducting the communication” or, in the context of application procedures for undertaking pre-contractual measures which are necessary at the request of the person in question or, particularly in the context of exercises with a defined group of users (e.g. applicants’ or shareholders’ portals) the legal basis will be the consent of the user or the data subject, as applicable.
Who will obtain your data?
Within the controller (the ERGO Digital IT GmbH), the only persons and departments to receive the relevant data are the persons and departments responsible for the process in question; in this respect there is a clear allocation of duties and a clear authorisation concept. The data may also be passed to service-providers for the purposes specified above. The involvement of service providers is necessary, for example, as part of the administration and maintenance of IT systems. The list of all service providers who can process data on our behalf can be seen in Section 8.
Personal data can also be sent to other recipients in so far as this is necessary for the performance of contractual or statutory obligations (e.g. sent to supervisory authorities).
This data can also be forwarded to Group companies e.g. as part of Group communications or Group management.
Is your data sent to a third country?
If personal data is sent to a service provider or Group company outside the European Economic Area (EEA), it is only sent if the EU Commission has confirmed that the country has an adequate level of data protection or if other adequate data protection guarantees (e.g. the agreement of EU standard contractual clauses or “Privacy Shield”) are in place. You can also request the information from the places or persons specified as contacts at the beginning of this section (Service providers located in a third country shown in section 8).
What measures do we take to protect your data?
We take appropriate and state of the art technical and organisational security precautions to protect data against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. In the case of the dialogue forms available on our website, we use SSL (Secure Socket Layer) encryption to protect your details. This SSL connection protects your data against scrutiny by unauthorised persons. For the sake of your own security, please always use these dialogue forms. If you send data to us in unencrypted form as normal non-secure emails, it is possible for these emails to be viewed or amended by unauthorised persons during transmission.
What data protection rights do you have as a Data Subject?
You can request information from the above address about your personal data which has been saved. Under certain conditions you can also require that your data is corrected or deleted. You also have a right to restrict the processing of your data and a right to the disclosure in a structured, customary and machine-readable format of the data you supplied.
If we process your data to protect our legitimate interests you may object to this processing for reasons which arise from your particular situation. We will then cease processing your personal data unless we can demonstrate compelling reasons worthy of protection for the processing which override your interests, rights and freedoms or if the processing is for the assertion, exercise or defence of legal claims. If we process your data by reason of consent you have given, you may revoke this consent at any time with effect for the future.
Where can you file complaints?
You can file complaints either with the Data Protection Officer detailed above or with a data protection supervisory authority. The data protection supervisory authority responsible for us is:
The North Rhine-Westphalia Commissioner for Data Protection and Freedom of Information (LDI NRW):
Kavalleriestrasse 2-4 40213 Düsseldorf
For how long is your data saved?
We delete your personal data as soon as it is no longer required for the purposes stated above. This is done regularly as a result of statutory obligations to provide proof and also retention obligations which are defined, amongst other places, in the German Commercial Code, the Tax Code and other tax legislation. Under the above legislation the retention periods are normally up to ten years. In addition, it does sometimes happen that personal data is retained for the period in which claims may be asserted against us (the legal period of prescription varies between 3 and 30 years). You can find additional information, in so far as it is relevant, in the sections on the various data processing operations.
On 1 March 2013, the German companies of the ERGO Group signed up to “Code of Conduct for handling personal data by the German insurance industry” (Data Privacy Code of Conduct). The Data Privacy Code of Conduct governs the collection, processing and use of your personal data. This Code of Conduct was agreed between the German Insurance Association (GDV) and the German data protection supervisory authorities. The Data Protection Officer in Berlin examined the Data Privacy Code of Conduct and determined that the provisions are compliant with the current law on data protection. The companies that have signed up agree to adhere to the stipulated requirements and, if applicable, implement any regulations still outstanding by the due date. For the first time, a data privacy standard has been drawn up that is applicable throughout the industry. Previous federal data protection regulations have now been specified in more detail and concerns about data protection have been taken into consideration beyond the legally prescribed standards. Additional consent is no longer necessary in many instances as a result of the Code of Conduct. In cases of highly sensitive data – such as, for instance, health data – we still require consent to record and use the data, as well as a statement providing permission to disclose confidential information.
You can download the German Insurance Association’s Code of Conduct for handling personal data here: Code of Conduct (in German, PDF file). You can also request the German text as a hard copy. Please request a copy by sending us an email to email@example.com.
The companies of the ERGO Group in Germany have been using new consent forms and statements providing permission to disclose confidential information for their applications, requests and membership applications since 1 January 2013. The statements were agreed between the German Insurance Association (GDV) and the data protection supervisory authorities. They provide even more transparency concerning the handling of your personal data. Consent form for the permission to collect and proceed health data and the disclosure of confidential information (in German, PDF file).
Furthermore, cookies are used in conjunction with using the personal customer portal. Cookies do not contain any personal information. In order to be able to request log-in data for ERGO Digital IT website or to register with ERGO Digital IT GmbH, cookies have to be permitted for the ergo-digital.breezy.hr website via your browser. The settings of cookies vary from browser to browser.
If you choose to send a message to ERGO Digital IT GmbH by way of the contact form, the information is sent using an encryption technique known as SSL (secure socket layer) with a key length of at least 128 bit.
Our websites use plug-ins of several social networks, including Facebook, Twitter, Google+ and others. The plug-ins are marked with a logo or with the add-on “social plug-in”.
If you access one of our website pages or apps containing such a plug-in, these plug-ins can create a direct link with the social network and could transmit data. The plug-in, your browser and the social network will then all communicate with one another. Due to the incorporated plug-ins, the social networks will be informed that you have accessed a particular page on our website. If you are logged into the social network at the time, it can attribute the visit to your social network account. If you interact with the plug-ins, e.g. by clicking the “Like” button or making a comment, this information is transmitted directly to the social network and stored there in accordance with the guidelines of the relevant social network. For information on the purpose and scope of collecting this data and its subsequent processing and utilisation by the social network, as well as your rights in this regard and the settings available to protect your private sphere, please refer to the data privacy information available from the social network in question. If you do not wish social networks to collect data about you via our website, you will need to log out of all social networks before visiting our website or using our app.
ERGO Digital IT GmbH constantly looks to maintain suitable technology to ensure that its information and communication systems are secure. In this respect, it draws on national and international standards.
While applying for one of the positions in the Job Opportunities section You will be asked to provide important information relevant like name, contact information, employment or education history, professional certifications, or any similar data required for the recruiting process.
For recruiting purposes Your data is being processed by Breezy HR, Inc. outside European Economic Area (servers located in the U.S.) complying with the EU-US Privacy Shield Framework
Please remember that You always have the right to access and/or correct Your data by emailing firstname.lastname@example.org
All information also available here: Breezy
ERGO Digital IT GmbH constantly tries to ensure maximum transparency and safety to our Users and Employees- in case you have any question or see potential enhancements, please contact us by emailing email@example.com