Data protection

The data controller is the natural or legal person who oversees and is accountable for the storage and use of personal data in paper or electronic form. ALLYSCA Assistance GmbH acts as a data controller as defined in relevant data protection laws and regulations. ALLYSCA Assistance GmbH
Rosenheimer Str. 116a
81669 Munich, Germany
Phone +49 89 41861-0
Email: info@allysca.de

When you visit the ALLYSCA website, our web server automatically records the details of your visit, including:

• IP address
• the website from which you accessed our website
• the type of browser software used
• the pages of the ALLYSCA website that you visit
• Date and duration of your visit to the ALLYSCA website

We also collect and process various types of personal data, including

• Last name, first name, title
• Address
• Contact details
• Company name, line of business or profession, position

CONTACT FORM If you contact us via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent. The data entered in the contact form is therefore processed exclusively on the basis of your consent. You can revoke this consent at any time. All you need to do is send an informal email to datenschutz@allysca.de . The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected by this. SSL or TLS encryption For security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, the ALLYSCA website uses SSL or TLS encryption. You can recognize such an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

ALLYSCA uses your personal data for the following purposes:

• for the technical administration and further development of the ALLYSCA website
• for customer and user management and marketing
• for the initiation and maintenance of business relationships
• to conduct research and analysis with regard to our business relationships
• to inform you about events, services, products and news when you visit the ALLYSCA website or in the mailing list
• to comply with legal obligations (e.g. tax, accounting and administrative obligations)

We will inform you accordingly if we need your consent to process your personal data.
Otherwise, we process your personal data to fulfill our legitimate business interests (including maintaining contact with potential and existing customers, providing news and information about ALLYSCA, organizing and hosting events, and conducting market research and analysis) or when necessary to comply with legal obligations. In addition, we may process your personal data in order to enter into a contractual relationship with you or to fulfill our obligations under an existing contract with you. ALLYSCA complies with applicable laws and regulations when using personal data.

The provider of this website uses services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyze usage data. We do not use cookies for web analysis by default. If we use analysis and optimization cookies, we will obtain your explicit consent separately in advance. If this is the case and you give your consent, cookies are used to enable a statistical analysis of the reach of this website, to measure the success of our online marketing measures and test procedures, e.g. to test and optimize different versions of our online offering or its components. Cookies are small text files that are stored by the Internet browser on the user’s end device. etracker cookies do not contain any information that enables a user to be identified. The data generated with etracker is processed and stored by etracker on behalf of the provider of this website exclusively in Germany and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently audited and certified in this respect and has been awarded the ePrivacyseal data protection seal of approval. Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimization of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, merging with other data or disclosure to third parties takes place. You can object to the data processing described above at any time. The objection has no detrimental consequences.

We use Google’s reCAPTCHA service in the forms for changing the address, communication data and access account. The purpose of the query is to distinguish human input from automated, machine input. We base the processing on our legitimate interest (Article 6(1)(f) GDPR) in protecting the website from automated spying, misuse and SPAM. For this purpose, your input is transmitted to Google and processed there. The IP address and any other data used by Google for the service will be transmitted to Google. You can find more information about Google reCaptcha and the privacy policy at https://www.google.com/recaptcha/intro/v3.html or https://www.google.com/privacy Processing company Google Ireland Limited Gordon House, Barrow Street Dublin 4 Ireland Data protection information of the processing company Below you will find the e-mail address of the data protection officer of the processing company: data-access-requests@google.com Data processing purposes To protect our website against attacks using state-of-the-art technology. Data collected This list contains all data collected by or through the use of this service. Your web request the IP address the browser type the browser language the date and time of your request one or more cookies that may identify your browser Legal basis The following is the required legal basis for the processing of personal data: Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest) The required legal basis for the use of cookies and similar technologies for this tool: Art. §25 TTDSG para. 2 (technically necessary) Place of processing European Union, worldwide Retention period 30 days (cookies) 9 or 18 months (log data) Data recipient Google and its worldwide business units Transfer to third countries worldwide Further information and opt-out Click here to read the data processor’s privacy policy and, if necessary, to obtain further information and set consents from Google. https://policies.google.com/?gl=de&hl=de

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information (surname, first name) that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or is only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. We use the so-called double opt-in procedure to ensure that the newsletter is sent with your consent. This involves the potential recipient being added to a mailing list. The user then receives a confirmation e-mail to confirm the registration in a legally secure manner. The address is only actively added to the mailing list if confirmation is given. The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Sendinblue (formerly Newsletter2Go) is used as the newsletter software. Your data will be transmitted to Sendinblue GmbH (formerly Newsleter2Go GmbH). Sendinblue (formerly Newsletter2Go) is prohibited from selling your data and using it for purposes other than sending our newsletters. Sendinblue (formerly Newsletter2Go) is a German, certified provider that has been selected in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act. Sendinblue enables us to organize and analyze the newsletter dispatch. The data you enter to receive the newsletter, such as your email address, is stored on SendinBlue’s servers. Sending newsletters with SendinBlue allows us to analyze the behavior of newsletter recipients. The analysis shows, among other things, how many recipients have opened their newsletter and how often links in the newsletter were clicked. SendinBlue supports conversion tracking in order to analyze whether a previously defined action has taken place after clicking on a link. Details on data analysis by SendinBlue can be found at: https://de.sendinblue.com/legal/termsofuse/. You can find further information here: https://de.sendinblue.com/informationen-newsletter-empfaenger/

The website uses the following social media plug-ins (“plug-ins”):

• Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA;
• Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA
• XING AG, Gänsemarkt 43, 20354 Hamburg, Germany
• LinkedIn, operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA
• YouTube plugin, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

All social media links and social media plug-ins (YouTube plug-in) are marked with the brand names of the respective providers Facebook, Twitter, Xing, LinkedIn and Google (“Provider”). In order to increase the level of data protection and to comply with the applicable legal situation for plug-ins, we have taken additional precautions by means of a so-called consent solution. In this way, we ensure that when you visit the ALLYSCA website, a direct connection is not automatically established from your browser to the provider’s servers. Only if you give your consent to data transmission in the cookie settings on our website for the YouTube plug-in or click on a social media direct link will your browser establish a direct connection to the server of the respective provider. The provider receives the information that the ALLYSCA website has been accessed via your browser. The content of the plug-in or the link to social media is then transmitted directly to your browser by the provider.
If you interact with the plug-in, e.g. by playing an embedded YouTube video, the data is transmitted directly from your browser to the provider and stored by the provider. For more information on the purpose and scope of data collection, processing and use, please refer to the following privacy policy:

• Facebook: https://de-de.facebook.com/about/privacy/
• Twitter: https://twitter.com/privacy
• XING AG: https://dev.xing.com/plugins/share_button/privacy_policy
• LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE
• Google: https://policies.google.com/privacy?hl=de

We will ensure that your personal data is processed in a way that is compatible with the above-mentioned purposes. For the stated purposes, your personal data may be disclosed to the following parties who process the data as third party data controllers:

• Other companies in the ERGO Group
• Authorized representatives and external service providers

For the above purposes, we may also share your personal data with the following parties who act as processors under our direction:

• Other companies in the ERGO Group
• Authorized representatives and external service providers

In addition, we may disclose your personal data in the following cases: To law enforcement, government agencies and regulatory authorities to comply with applicable legal obligations. We will not disclose your personal data to parties who are not authorized to process it.

If applicable laws or regulations permit, you have the right to do so:

• access the personal data stored about you and know its origin and the purposes and means of processing, as well as details of the data controller(s) and the parties to whom this data may be disclosed
• to withdraw your consent at any time if your personal data is processed with your consent
• to update and correct your personal data
• to delete your personal data from our records if they are no longer required for the above-mentioned purposes
• restrict the processing of your personal data in certain circumstances, for example if you have contested its accuracy, for as long as we need to verify it
• retrieve your personal data in electronic form
• lodge a complaint with us and/or the competent data protection authority
• object to the processing of your personal data by us or ask us to stop processing it (including for the purpose of direct marketing)

If you have any questions or would like to assert your rights, you can contact us by post or e-mail: ALLYSCA Assistance GmbH
Data Protection Officer
Rosenheimer Str. 116a
81669 Munich, Germany
E-mail: mailto:datenschutz@allysca.de

In the event of breaches of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues for our company is the Bavarian State Office for Data Protection Supervision. Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach Postal address:
P.O. Box 1349, 91504 Ansbach
Telephone: 0981/180093-0
Fax: 0981/180093-800
E-mail: poststelle@lda.bayern.de
Homepage: http://www.lda.bayern.de

ALLYSCA has implemented appropriate technical and organizational security measures to protect the personal data it collects via the ALLYSCA website from unauthorized access, misuse, loss or destruction.

The Internet is generally not considered a secure environment; unauthorized third parties could access information sent over the Internet (e.g. via email), potentially leading to disclosure, alteration of content or technical failure. Even if both the sender and the recipient are located in the same country, information sent over the Internet may be sent across international borders to a country with a lower level of data protection than the country of residence. ALLYSCA assumes no responsibility or liability for the security of the information during transmission to ALLYSCA over the Internet. You may also choose another method of communication with ALLYSCA to protect the confidentiality of your information if you deem it appropriate.

We do not store your personal data for longer than necessary and only for the purposes for which it was collected.

If you have any questions about how we use your personal data, you can contact us by post or email:

ALLYSCA Assistance GmbH
Data Protection Officer
Rosenheimer Str. 116a
81669 Munich, Germany
Email: mailto:datenschutz@allysca.de

We regularly revise this privacy policy. We ensure that the latest version is always published here. This privacy policy was last updated on 13.02.2023.