Digitalization of business processes in your insurance company
To credentials
We are pleased to welcome you to our website and with your interest in msg life odateam d.o.o.. Not only is offering our customers end-to-end support very important to us but so is ensuring that your personal information is protected. The following explains the actions we take when you visit our website – naturally in compliance with applicable data security regulations, which information we collect and how we process it. Should our data privacy statement change, it will be updated on this page in order to keep you informed as to which data msg life msg life odateam d.o.o. stores and uses. The most important data privacy information can be found below. We have organized the information by topic.
Responsible for the collection, processing and use of your personal data pursuant to the EU General Data Protection Regulation is: msg life odateam d.o.o. Titova cesta 8 SLO-2000 Maribor Phone: +386 22356200 E-mail: info.odateam@msg-life.com
Should you wish to object to the collection, processing or use of your data by msg life ag as set forth in these data privacy policies as a whole or in regard to specific measures, please e-mail, fax or mail your objection to the aforementioned address.
The data protection officer of the responsible party is: Silvija Karmuzel Titova cesta 8, 2000 Maribor Email: privacy.si@msg-life.com
1) Why we use data We wish to constantly improve our offers and make them more attractive. The only way for us to optimize the contents of the msg Internet sites to better meet your demands is to identify which sections of our Internet sites are most commonly visited and on which the most time is spent. Should you entrust us with your personal information, msg life odateam d.o.o. shall use such for the technical administration of the websites, customer management, product surveys and marketing; however, we shall only do so to the extent that is necessary. The more we understand what you want, the faster you will be able to find the information you are looking for on our Internet sites.
2) Information on the collection of personal information The following provides information on the collection of personal information when using our website. Personal information includes all information that relates to you personally, e.g., name, address, e-mail address, user behavior, etc. Any personal information you are prompted to enter on our website, such as your name, address or telephone number, shall be subject to these specific policies and you shall be notified of such by a text that reads as follows: “I hereby consent to my personal information (including my telephone number and/or e-mail address) being collected, processed and used for the purpose of contract processing and/or potential customer opportunities, surveys and information. Any forwarding to third-parties, with the exception of the companies of the msg life group, is excluded. I have the right to revoke this consent from msg life odateam d.o.o. at any time.” Our use of the data shall be limited to the aforementioned purposes. Information shall not be forwarded to third parties outside msg life odateam d.o.o.. The only exception here are the companies of the msg group. In addition to the information you share with us, we also analyze how you use our services and offers in order to lead you to the information that might interest you more quickly and in order to constantly optimize our service.
3) Legal basis for processing of personal information Numeral 6, Para. 1, Item (a) of the General Data Protection Regulation (GDPR) forms the legal basis for any consent we obtain from relevant persons for the operations involved in processing personal information. Numeral 6, Para. 1, Item (b) of the General Data Protection Regulation (GDPR) forms the legal basis for the processing of personal information in order to fulfill a contract when the relevant person is one of the contract parties. This includes processing operations necessary to complete measures that precede the contract. Numeral 6, Para. 1, Item (c) of the General Data Protection Regulation (GDPR) forms the legal basis for the processing of personal information to the extent such is necessary in order to comply with legal obligations to which our company is subject. Numeral 6, Para. 1, Item (f) of the General Data Protection Regulation (GDPR) forms the legal basis for any processing necessary to ensure a legitimate interest of our company or a third party, as long as such do not outweigh the interests, fundamental rights and fundamental freedoms of the person in question.
4) Data deletion and retention period The personal information of the relevant person shall be deleted or locked as soon as the purpose for which such was stored is no longer applicable. Storage beyond such is possible if provided by European or national lawmakers in laws or other regulations to which the responsible party is subject under Union law. Data shall also be locked or deleted once the retention period prescribed in the given norms expires, unless storage of the data is still required in order to conclude or fulfill a contract.
1) Collection of personal information when visiting our website The only personal information we collect when you visit our websites is the information your browser communicates to our servers. When you browse our website, we collect the information required on the technical side to display our website and to ensure stability and security. The following information is collected in such cases: • User’s IP address • Date and time of your inquiry • Content of the request (specific site) • Respective data volume transmitted • Website from which the inquiry is received • Information on the browser type • User’s operating system • Language and version of the browser software • Websites from which the user’s system accesses our Internet site • Websites the user’s system accesses from our website This information is also stored in our system’s log files. This information is not stored together with other personal information.
2) Legal basis for data processing Legal basis for the temporary storage of data and log files is Numeral 6, Para. 1, Item f of the General Data Protection Regulation (GDPR).
3) Purpose of processing The IP address must be temporarily stored by the system in order to enable the delivery of the website to the user’s computer. To that end, the user’s IP address must be stored for the duration of the session. IP addresses are required for problem diagnosis, website administration and demographic information. The information recorded is solely used for data security reasons, specifically to prevent attack attempts on our web server, and for statistical analysis.
4) Retention period Data is deleted as soon as it is no longer required for the purpose it was collected. Any information collected in order to provide the website is deleted as soon as the respective session is terminated. Information stored in log files is deleted no later than after seven (7) days. Storage beyond that period is also possible. In that case, the user’s IP addresses are deleted or rendered anonymous so that it can no longer be collated to the client that used it to access the site.
5) Objection and removal options Information must be collected in order to provide the website and information must be stored in log files in order to operate the Internet site. As a result, the user does not have the option to object in this case.
1) Description and scope of data collection Our website uses cookies. Cookies are text files that are stored in or by an Internet browser on the user’s computer system. A cookie can be stored to the user’s operating system anytime they access a website. Cookies contain a distinctive character string that enables the unique identification of the browser when the same website is accessed again. Cookies cannot execute programs or transfer viruses to your computer. We use cookies to make our website more user-friendly. A few elements on our Internet site also require that our system be able to identify the browser that accessed our site to be identifiable again even after a user has switched to a different site.
2) Legal basis for data processing Legal basis for the processing of personal information when using cookies is Numeral 6, Para. 1, Item f of the General Data Protection Regulation (GDPR).
3) Purpose of data processing Cookies that are necessary for technical reasons are used to make the website easier for users to use. A few functions on our Internet site cannot be offered without using cookies. In those cases, our system must be able to recognize the browser again even after a user has switched to a different site. The user data collected by cookies required for technical reasons is not used to create user profiles. These purposes form our legitimate interest in processing personal information as set forth in Numeral 6, Para. 1, Item f of the General Data Protection Regulation (GDPR). 4) Retention period Cookies are stored on the user’s computer and communicated from said computer to our site. Thus, the user has full control over the use of cookies. You can disable or limit the transmission of cookies by changing the settings in your Internet browser.
5) Objection and removal options Cookies that have already been stored can be deleted at any time. This can be done automatically as well. However, disabling the cookies used by our website may mean you will not have full access to all of the functions of our website.
6) Cookie settings
Cookie Settings
7) Cookies used
a) Absolutely necessary cookies These cookies enable you to navigate our website and make use of its features. Key services such as saving earlier actions, e.g. your cookie settings, cannot be provided without these cookies. They are only used when you visit our website and are normally erased when you close your browser. They are also used to optimise the way the website is displayed when you access it using a mobile device so that you do not use an unnecessary amount of data. Cookies also make it easier to switch from http to https, ensuring that the transmitted data remain secure.
b) Analytical cookies Analytical cookies collect information on how users interact with our website. This way, we can determine what pages have been visited and gain a complete overview of user activity on our website. The cookies do not collect or store any information that can be directly associated with you as a person. The collected information is normally processed in aggregated form. Performance and statistical cookies are only used to improve the performance of the website and tailor the online experience to the needs of its users. Performance and statistical cookies are used on the basis of our legitimate interest in better understanding user behaviour on this website. However, you can deactivate these cookies at any time by changing the settings in your browser.
8) Blocking of cookies The creation of cookies can be blocked through browser settings. However, keep in mind that after you have blocked all cookies, you may not be able to access some of the features of the website. Usually, web browser changes which concern the way cookies are used and / or accepted can be performed in the “Options” or “Browser Preferences” section. Here we provide a list of links to instructions on how to block cookies for some of the most commonly used web browsers: – Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647 – Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies – Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox – Apple Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac.
1) Description and scope of data collection Our Internet site offers contact forms which can be used to contact us electronically. When a user takes advantage of this option, the information they enter on the input screen is transferred to us and stored. That data is:
The following information is also stored when you submit your message:
In order to process the information, we obtain your consent when you submit the information and reference this data privacy statement. Alternatively, we can also be contacted using the e-mail address provided. In that case, the personal information the user includes in the e-mail is stored. The information obtained in this context is not transferred to third parties outside the msg life group. The information is only used to process the conversation.
2) Legal basis for data processing Legal basis for processing information once the user’s consent has been obtained is Numeral 6, Para. 1, Item a of the General Data Protection Regulation (GDPR).
3) Purpose of data processing The personal information provided on the input screen is used for the sole purpose of handling the contact request. In case of contact by e-mail, the information is processed as a necessary legitimate interest. Any other personal information processed during the transmission is processed to prevent misuse of the contact form and to ensure the safety of our IT systems.
4) Retention period Data is deleted as soon as it is no longer required for the purpose it was collected. In regard to personal information from the input screen of the contact form and personal information sent by e-mail, such information is deleted when the respective conversation with the user is terminated. A conversation is considered terminated when the circumstances indicate that the subject under discussion has been fully clarified. Any further personal information collected during the transmission is deleted no later than within a period of seven days.
5) Objection and removal options The user can revoke their consent to having their personal information processed at any time. Should a user contact us by e-mail, they can revoke their consent to having their personal information stored at any time. It will not be possible to continue a conversation in such cases. Please contact msg life’s marketing team by e-mail if you would like to revoke your consent/the storage of your information info@msg-life.com. Any personal information stored as part of the contact request will be deleted.
To virtualize meetings, msg life odateam organizes videoconferences in which participants’ voices and potentially also their images are transmitted to all other participants by microphone and webcam (‘videoconferences’).
In the process, msg life odateam uses service providers which provide msg life odateam with their software and potentially also technology (‘videoconference systems’). Pursuant to Article 28 GDPR, msg life odateam has entered into a processing agreement with each of these service providers.
1) Data processing by msg life odateam for the purposes of videoconferences
We have to process various types of data to use videoconferences. The total amount of data processed as part of videoconferences depends on the features of the videoconference system provided by the videoconference service provider and on the data each user provides before, during and after taking part in a videoconference.
As a rule, the following personal data of a videoconference can be processed:
Data relating to the user: like the user’s display name, online status (optional), status notifications, profile picture (optional), email address (under certain circumstances) and preferred language.
Meeting metadata: like the date, time, duration, meeting ID, phone number (under certain circumstances) and location.
Text, audio, video and other multimedia data: like data from your microphone, your webcam or a device display (if you use a screen or content-sharing tool) will be processed for the duration of the meeting for the purposes of displaying video signals and audio signal and multimedia file playback. For example, the latter is necessary if you have to give a screen presentation. Each user can activate and deactivate the transmission of data from their camera and microphone at any time. A user must actively turn on the screen/content-sharing tool and can turn it off again at any time.
You can also use the chat feature simultaneously in a videoconference. In this context, the text you type, the links or content you share and your social interactions (such as emojis, pictograms, ‘liking’ comments or sending GIFs) will be processed to show them to the participants in the videoconference.
2) Legal grounds for data processing The legal grounds differ depending on whether employees of msg life odateam are taking part in the videoconference organized by msg life odateam:
If the personal data of employees of msg life odateam are processed, the data processing is based on Article 88 GDPR in order to establish, execute (i.e. organize) and terminate the employment relationship.
For other videoconferences and if we have no contractual relationships with the participants (i.e. employment), we organize videoconferences on the basis of point (f) of Article 6(1) GDPR. In this context, we also have a legitimate interest in the effective execution of videoconferences for and with third parties.
3) Storage of data Videoconferences are not recorded. Suppose a videoconference is set to be recorded. In that case, msg life odateam will inform all participants transparently and, if necessary, ask for their consent.
Microsoft logs the content of chats when Microsoft Teams is used. Files that users share in chats are stored in the OneDrive for Business account of the user who shared the file. Files that team members share in a channel are stored on that team’s SharePoint website.
No automated decision-making as defined by Article 22 GDPR is used.
4) Data recipients Personal data processed in connection with participation in videoconferences are only shared with our processors, i.e. the service providers who help us execute the videoconferences. Otherwise, the data will only be disclosed to third parties if msg life odateam is legally obliged to do so (e.g. by court order) or if the data subjects explicitly consents to disclose their data.
5) Data processing outside of the European Union Where possible, msg life odateam has restricted its storage sites to data centers in the European Union. Therefore, no data processing takes place outside of the European Union.
1) Description and scope of data collection Our Internet site offers users the option to register by providing personal information (e.g., in order to register for events or career events). During that process, information is entered on an input screen and transmitted to us in encrypted form and stored. The information is not shared with third parties outside the group of companies. The following information is collected during the registration process: • Form of address (required field) • First name (required field) • Last name (required field) • E-mail (required field) Further personal information may be requested depending on the event. The user’s consent to having this information processed is obtained during the registration process.
3) Purpose of data processing User registration is required for the provision of certain content and services on our website, such as: • Registering for events or career events (e.g., university fairs) • Publication requests (e.g., customer magazines, studies or whitepapers)
4) Retention period Data is deleted as soon as it is no longer required for the purpose it was collected. In the case of information collected during the registration process, this would be when the registration is removed from or modified on our Internet site.
5) Objection and removal options User can cancel their registration at any time. You can have the information we have stored for you modified at any time. Please contact msg life odateam d.o.o.’s marketing team by e-mail at info@msg-life.com. We will forward your request to the appropriate party.
This website uses Google Analytics, a web analytics service that is provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland (“Google”). Google Analytics uses so-called “Cookies”, which are text files stored on your computer, to enable the analysis of your website usage.
It cannot be avoided that the collected data may be transmitted to a Google server in a third country and saved there, particularly a server of Google’s parent company, Google LLC, based in 1600 Amphitheater Parkway, Mountain See, California, USA.
On this website, the IP anonymization function is activated. This means that Google will shorten your IP address before storing it; this will be done for all member states of the European Union or other states where the agreement referring to the European Economic Area applies. The full IP address will be sent to a Google server in the USA and shortened there only in cases of exception.
On behalf of the operator of this website, Google will utilize said information to analyze your use of this website, prepare reports on website activities and provide other services related to the use of the website and internet for the operator of the website. In this case, based on the processed data, pseudonymous user accounts can be created. The IP address delivered from your browser and shortened by Google Analytics will not be combined with other data of Google.
The storage of cookies can be prevented by activating the corresponding setting in your browser software. But, disabling the cookies used by our website may mean that you will not have full access to all of the functions of our website.
You can also avoid Google from collecting the data generated by the cookie and data related to your website use (along with your IP address), as well as the processing of said data by Google, by downloading and installing the Browser Add-On: https://tools.google.com/dlpage/gaoptout?hl=en
The analysis of the use of the website is considered a legitimate interest as defined in Numeral 6, Para 1, Item (f) of the General Data Protection Regulation (GDPR).
For more information regarding Google’s use of data for advertising purposes and possibilities concerning the settings and opt out options please go to Google’s websites: https://policies.google.com/technologies/partner-sites?hl=en („Google’s use of data when you use websites or apps of partners”), https://policies.google.com/technologies/ads?hl=en („Use of data for advertising purposes“), https://adssettings.google.com/u/0/authenticated?hl=en („Determine which advertisements Google shows you“)
So-called “social plugins” are used on our website. These currently include plugins for Facebook, Twitter, LinkedIn and YouTube services. Information, including personal information, may be sent to service providers when using these plugins, including providers in the USA, and may be used by them.
1) Shariff protection tools The website itself does not collect any personal information using social plugins or any information about their use. msg uses the so-called “Shariff” – German for sheriff – solution to prevent data from being sent to service providers without the user’s knowledge, including to providers in the USA. This solution ensures that personal information is not automatically sent to providers of the individual social plugins when you visit our website. Data cannot be sent to the service provider or stored by them until a user actually clicks on one of the social plugins. More information on the Shariff solution can be found on the provider’s website, Heise Medien Gmbh & Co. KG: http://m.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
2) Data privacy statement for the use of Facebook plugins Plugins for the social media network Facebook (provider: Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA) are integrated into our sites. The Facebook plugins on our site can be identified by their Facebook logo or the “Like” button. An overview of the various Facebook plugins can be found at: http://developers.facebook.com/docs/plugins/. When you visit our sites, the plugin is used to establish a direct connection between your browser and the Facebook server. That informs Facebook that you visited our site from your IP address. Clicking the Facebook “Like” button on our sites while still logged onto your Facebook account allows you to link content from our sites to your Facebook profile. This permits Facebook to assign your visit to our sites to your user account. We would like to point out that as a provider of the sites, we do not receive any information on the content of the transmitted data or how it is used by Facebook. More information can be found in Facebook’s data privacy statement at: https://www.facebook.com/policy.php. You will need to log out of your Facebook account if you do not want Facebook to assign your visit to our sites to you Facebook account.
3) Data privacy statement for the use of Twitter The functions of the Twitter service are integrated into our sites. These functions are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Using Twitter and the “re-tweet” function links the websites you visit to your Twitter account and shares them with other users. Information is also sent to Twitter when you do so. We would like to point out that as a provider of the sites, we do not receive any information on the content of the transmitted data or how it is used by Twitter. More information can be found in Twitter’s data privacy statement at: http://twitter.com/privacy. You can modify the data protection settings of your Twitter account at: http://twitter.com/account/settings.
4) Data privacy statement for the use of LinkedIn Our website uses the functions of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. A connection to the LinkedIn servers is established anytime our sites that contain LinkedIn functions are accessed. LinkedIn is informed that you visited our Internet sites from your IP address. Clicking the “Recommend” button by LinkedIn while you are stilled logged onto your LinkedIn account allows LinkedIn to assign your visit to our Internet site to you and your user account. We would like to point out that as a provider of the sites, we do not receive any information on the content of the transmitted data or how it is used by LinkedIn. More information can be found in LinkedIn’s data privacy statement at: https://www.linkedin.com/legal/privacy-policy.
5) Data privacy statement for use the of Google Maps This site uses an API for the Google Maps map service. Provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Your IP address must be stored in order to use the Google Maps functions. That information is generally sent to a Google server in the USA, where it is stored. The provider of this site has no influence over the transmission of that data. Google Maps is used in the interest of making the presentation of our online offers more appealing and to make the locations mentioned on our website easier to find. This is considered a legitimate interest as defined in Numeral 6, Para. 1, Item f of the General Data Protection Regulation (GDPR). More information on the use of user data can be found in Google’s data privacy statement at: https://policies.google.com/privacy?hl=en&gl=de.
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes. In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
Your information is processed in Germany. Data is also processed in European and non-European foreign countries within the legally permissible limits. There are no plans for transmission to third countries.
msg life odateam d.o.o. has taken extensive technical and operational safety precautions in accordance with applicable European law to protect your information from unauthorized access and misuse.
No information with be shared with third parties, with the exception of the companies of the msg life group.
Anytime your personal information is processed you are considered an affected person pursuant to the GDPR and you have the following rights in connection with the responsible party: 1) Right to disclosure You have the right to request information on the scope, origin and recipient of stored information, as well as the purpose of the storage, at no charge to you. 2) Right to correction You have the right to demand a correction and/or completion from the responsible party should the processed personal information related to you be incorrect or incomplete. The responsible party must make the corrections without delay. 3) Right to deletion You have the right to request that the responsible party immediately delete any personal information related to you and the responsible party is required to delete said data without delay should any of the following reasons apply: (1) The personal information related to you is no longer required for the purpose it was collected or processed in any other manner. (2) You revoke the consent on which the processing was based pursuant to Numeral 6, Para. 1, Item a or Numeral 9, Para. 2, Item a of the General Data Protection Regulation (GDPR) and there is no other legal basis for the processing. (3) You submit an objection to the processing pursuant to Numeral 21, Para. 1 of the General Data Protection Regulation (GDPR) and no legitimate reasons for the processing that have precedence over your objection exist, or you submit an objection to the processing pursuant to Numeral 21, Para. 2 of the General Data Protection Regulation (GDPR). (4) The personal information related to you was processed unlawfully. (5) The deletion of the personal information related to you is necessary in order to meet a legal obligation under Union law or the law of the member states to which the responsible party is subject. (6) The personal information related to you was collected in relation to services offered by the information company pursuant to Numeral 8, Para. 1 of the General Data Protection Regulation (GDPR). 4) Right to data portability You have the right to obtain the personal information related to you and which you shared with the responsible party in a structured, commonly used and machine-readable format. 5) Right of objection You have the right, for reasons arising from your particular situation, to object to the processing of personal information related to you, which was being processed pursuant to Numeral 6, Para. 1, Item e or f of the General Data Protection Regulation (GDPR), at any time; this includes any profiling based on these policies. The responsible party will cease processing any personal information related to you unless they can provide proof urgent, protection-worthy reasons for the processing that outweigh your interests, rights and freedoms or unless the processing serves the enforcement, exercising or defense of legitimate claims. You have the right to revoke your privacy consent statement at any time. Revoking your consent shall not affect the legitimacy of the processing that was performed with your consent up to the time your consent was revoked. 6) Right to submit complaint to supervisory body Notwithstanding other administrative or legal remedy, you will generally have the right to submit a complaint to a supervisory body, specifically in the member state of your place of residence, your place of employment or the location of the alleged breach, if you are of the opinion that the processing of the personal information related to you violates the GDPR. The supervisory body to which the complaint is submitted shall inform the complainant of the status and results of the complaint, including the option of legal remedy pursuant to Numeral 78 of the GDPR.
