Brezel

Privacy Policy

With the following information, we inform you on what basis, for what purposes, under what conditions and by what means your personal data is processed when you use this website and our online platform. This also includes the processing of your personal data in connection with the initiation, conclusion and performance of insurance contracts.
When processing personal data, we comply with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR).
Please read this Privacy Policy carefully. We reserve the right to amend and update this Privacy Policy on a regular basis. We therefore recommend that you check this Privacy Policy regularly in order to obtain the latest information on our processing and use of personal data.

Who is responsible for processing your data?

The controller responsible for data processing is Brezel Digitaler Assekuradeur GmbH, Moosacher Str. 82, 80809 Munich, Germany ("BREZEL", "we", "us"). You can find more information about us in the Legal Notice.Please note our Privacy Policy and our Cookie Policy.

What data we process and what we use your data for

We process the categories of data listed below for the respective purpose in accordance with the applicable legal basis. We generally collect the data directly from you.
If you provide us with information and data when registering or logging in to our online platform, when initiating or concluding an insurance contract or when executing and processing an insurance contract, you confirm that this information and data is complete, correct and up-to-date.
If the processing of your personal data is based on your consent, you can revoke your consent at any time with effect for the future. The revocation has no detrimental effect on the insurance contract you have applied for or concluded.
Please note that the withdrawal of your consent does not affect the lawfulness of the processing of your personal data prior to the withdrawal. Even if your consent is withdrawn in relation to a specific use, the processing of your personal data for other lawful purposes remains unaffected.

Information on the customer account and insurances

We process the name, date of birth and other data to identify the policyholder (or any heirs), address, telephone number, e-mail address, other contact options and information on availability, password, information on the insured pet (including chip number and health information on the pet), information on other insured items, on previous insurance policies, on the applicable insurance tariff, on applicable discounts, other contract information, information on the scope of the insurance cover, the policy number, communication on the insurance contract, information on the content of the insurance contract, declarations on the conclusion, amendment, cancellation or termination of the insurance contract, other contractual declarations by both parties, claims notifications, other information on the claim, veterinary invoices, declarations on confidentiality obligations, communication with veterinarians, insurance benefits, evidence and documents submitted in connection with an inheritance case, communication with legal advisors and representatives, other processing information and payment transactions.
We process this data in particular for the following purposes:

Registration and login to our online platform; provision of the online platform and its functions
Verification of identity in accordance with legal requirements for customer identification and transactions and comparison with public databases (where applicable, in particular checks for customer verification, export control, money laundering, terrorist financing); necessary notification to competent authorities.
Initiation, conclusion, performance, fulfilment and settlement of an insurance contract and communication for these purposes, including in particular communication on claims, insurance benefits, payment transactions, contract amendments and contract extensions
Examination of claims and insurance benefits
Collection of insurance premiums, payment of insurance benefits, other necessary payments, in particular refunds
Responding to enquiries and applications from the policyholder
Exercise of rights by the policyholder, including processing and responding to applications, enquiries, complaints and objections
Examination of legal succession in the event of inheritance
Assertion of claims; prosecution or defence of legal claims
Prevention and avoidance of fraud or misuse of insurance benefits, identity theft or misuse of payment methods
Prevention and prevention of misuse of or damage to our systems and other information technology
Responding to enquiries about data protection
Statistical surveys and reports

The processing of the above data is necessary for the initiation, conclusion and fulfilment of a contract requested by you and for the fulfilment of legal obligations to which we are subject. If the data is processed to protect us against misuse and damage or for statistical purposes, the processing is also in our legitimate interest or in the interest of the respective insurer.

Recording of calls

With your consent, we process recordings of telephone conversations with us for quality control purposes and to improve our service quality. If you wish to conclude legal transactions with us by telephone or make legal declarations, we process recordings of telephone conversations for documentation purposes in connection with the conclusion and fulfilment of contracts and for the fulfilment of legal obligations to which we are subject.

Newsletter, Advertising

We process your name, your contact details and information on consents granted and the history of advertising measures in order to send you information on our products, services and other offers by e-mail, telephone or post or via our online platform. Processing for the purpose of sending a newsletter and advertising by e-mail, telephone or post only takes place with your prior consent or if otherwise permitted by law.
If you receive a newsletter or advertising from us by email on the basis of your consent, we may also collect data about the sending and use of the newsletter or advertising. For this purpose, newsletters and advertising e-mails contain links to image files. When you open a newsletter or a promotional e-mail, your e-mail programme loads these image files. This enables us to track whether and when our newsletters and advertising emails have been opened and what content has been read. We use the information collected in this way to make the use of newsletters and advertising information more attractive, to control the dispatch and for statistical purposes.
You can unsubscribe from a subscribed newsletter or advertising emails at any time. If you wish to unsubscribe, you can use the unsubscribe link in the respective e-mail.

Information on veterinarians, witnesses and experts

As part of the fulfilment of the insurance contract and the processing of claims, we may also process the personal data of third parties. This includes, in particular, names, contact information, statements, declarations and documents from veterinarians, witnesses and experts. The processing of this information is based on the legitimate interest of the insured person and our legitimate interest in the proper fulfilment of the contract and verification of contractual performance obligations.

Server log information

As part of the operation of our website and the online platform, we process information that your browser automatically transmits to our systems. This includes, in particular, browser type, browser version, operating system used, URL of a referring page, name and IP address of the accessing computer, date and time of the server request. We use this data for the technical provision of our website and for IT security purposes. The basis for data processing is our legitimate interest in the proper operation of our website.

Cookie Policy

Information on the use of our own and third-party cookies on our website and in the online platform can be found in our Cookie Policy.

How long do we process and store your data?

We process and store personal data for as long as this is necessary for the respective purposes. Thereafter, we will delete this data immediately in the regular course of business. In the event that we decide to store the processed personal data for statistical purposes, this will be done by storing anonymised data that does not allow any conclusions to be drawn about your person. Statutory retention obligations remain unaffected.
As a rule, we store personal data as follows:

if the data are processed on the basis of an application for an insurance contract: for a period of up to five years from the submission of the application for an insurance contract, if the application is not approved or the contract is not concluded for other reasons.
if the data are processed on the basis of a concluded insurance contract: for a period of five years, whereby the period begins from the date of termination of the individual insurance cover.
if the data is processed exclusively on the basis of consent: until the explicit withdrawal of consent.
if the data is processed on the basis of an overriding legitimate interest: until the legitimate interest ends.
if the data is processed in connection with the recording of telephone conversations about incoming or outgoing calls from the customer service centre, it is stored in a secure archive for a period of at least five years.
if the data is processed in connection with data protection requests: within two years of the final conclusion of the respective procedure.

The data will be deleted after expiry of the periods specified, unless there is another reason for processing.

Who do we share your data with?

Personal data is processed by us or passed on to affiliated companies or external service providers for processing for the purpose of providing services. These process the data exclusively on our behalf, on the basis of a corresponding contract and in accordance with our instructions. Affiliated companies or external service providers provide services for us in particular in the following areas:

Operation of data centre services
Provision and maintenance of other information technology
Operation and support of our customer service
Sending electronic messages (e-mail, SMS and others)
Checking the solvency and creditworthiness of a policyholder
Receivables management and debt collection
Checking veterinary invoices for legitimacy and accuracy
Provision of payment services

We only disclose your personal data to third parties if this is necessary for the fulfilment of the contract, if we or the third party have a legitimate interest in the disclosure, if this is necessary to fulfil a legal obligation or if you have given your consent. We may disclose personal data to a third party in particular if

insofar as this is necessary for the conclusion and execution of the insurance contract (disclosure e.g. to insurers, reinsurers, banks, payment service providers)
insofar as we are obliged to do so by or due to legal requirements (disclosure e.g. to supervisory authorities)
in connection with the conduct of a legal dispute (forwarding e.g. to courts, lawyers, ombudsman, arbitration board)
in connection with the audit of bookkeeping, the preparation of annual financial statements or in connection with commercial and tax obligations (forwarding e.g. to tax consultants, auditors)
in connection with possible criminal offences (disclosure e.g. to investigating authorities)
in the event of the sale of our business operations or the transfer of contracts

We may also pass on personal data to reinsurers, reinsurance brokers and their representatives in order to fulfil legal obligations and to cover insurance risks.
The transfer of personal data in connection with the use of cookies takes place in accordance with our Cookie Policy.

Do we process your data outside the EU or the EEA?

In principle, we only process your data within the EU and the EEA. Under certain circumstances, data processing may be carried out on our behalf by a processor outside the EU or the EEA. If, in such a case, there is no adequacy decision by the Commission in relation to the recipient country, we will agree appropriate guarantees for the protection of personal data with a corresponding service provider, in particular by agreeing the applicable EU standard contractual clauses.
The processing of personal data in connection with the use of cookies may also take place outside the EU or the EEA under certain circumstances. For details, please refer to our Cookie Policy.

How do we protect your personal data?

We take technical and organisational security measures to protect the personal data managed by us against destruction, loss, alteration or unauthorised disclosure of personal data or unauthorised access to personal data. All personal data provided by you via your customer account is transmitted to us in encrypted form. We use a state-of-the-art encryption method for this purpose. Your data is password-protected in the systems in which it is stored. The persons who have access to it are prohibited from passing on your data to third parties without authorisation due to strict security requirements. Our security measures are constantly being improved.

What rights do you have?

You have the right of access to your personal data, the right to rectification, erasure, restriction of processing, the right to object to processing and the right to data portability, in each case in accordance with the statutory provisions.
If the processing of personal data is based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You can also contact our data protection officer to assert your above rights.
You have the right to lodge a complaint with the competent supervisory authority in accordance with the statutory provisions if you are of the opinion that the processing of your personal data violates the statutory provisions. For this purpose, you may in particular contact the authority in the EU Member State of your place of residence or the place of the alleged infringement.
The Bavarian State Office for Data Protection Supervision (Bayerische Landesamt für Datenschutzaufsicht – BayLDA) is responsible for us. The current contact details of the supervisory authority can be found at www.lda.bayern.de.

How can you reach us?

If you have any questions or suggestions on the subject of data protection or would like to assert your rights, you are welcome to contact our data protection officer by e-mail or letter using the following contact details:
By e-mail: datenschutz@brezel.de
By post: Brezel Digitaler Assekuradeur GmbH, Attn: Data Protection Officer, Moosacher Str. 82, 80809 Munich, Germany.

Changes

We reserve the right to make changes to this data protection notice.

Status: February 2025