Data protection policy for the website: www.stolenboats.info
Controller
This privacy policy applies to the website www.stolenboats.info. The operator of the website is:
MCS Marine Claims Service GmbH
Gasstr. 18 / Haus 4
22761 Hamburg
T: +49 40 37 48 18 0
F: +49 40 37 48 18 15
[email protected]
Introduction
This privacy policy is intended to provide you with information about the way we handle your personal data when you visit our website. Further information about what data concerning you we process and why if you contact us “off-line” can also be found on this website. In the following you will find general information in respect of our data protection and the information in accordance with Art. 13 and Art. 14 of the General Data Protection Regulation (GDPR).
Information in accordance with Art. 13 GDPR: Customers (Owner, Insurers, Insurance Agents, Financing Companies)
Information in accordance with Art. 13 GDPR: Owners and Insureds
Information in accordance with Art. 13 GDPR Service providers and suppliers
Information in accordance with Art. 13 GDPR Personal data, applications
Your rights in relation to your data are set out at the end of this privacy policy. These apply to all data processing specified in this policy, irrespective of whether or not this in on the website.
Data processing on this website
The following generally applies: You can use this website without us knowing your identity or trying to gain knowledge of your identity. The personal data (the “digital tracks”) that are left when visiting a website do not only include any data provided in contact forms such as name and address, but also IP addresses. Personal data are all information that directly identify a person or that make a person identifiable by reference to other features. “Personal data” is referred to as “data” throughout this text.
IP addresses
An IP address is the number for a device (laptop, tablet, smartphone etc.) that allows the respective device to be identified on the internet. When visiting our Website no IP address is collected or stored by us.
However, we use so-called cookies and other services when you visit our website. You can find more details about this below under “Cookies“ and “Analytics Tools”.
If you send us an email, we store your contact data and the content of the email and use them to process your query. Please note that an unencrypted email is not sufficiently protected from third parties gaining knowledge of, making changes to or erasing such data. If you do not wish to take this risk, please contact us by telephone.
Legal basis: Art. 6 (1) (b) and Art. 6 (1) (f). Our legitimate interest in processing your data is to provide you the opportunity to contact us via email.
For compliance purposes, your data remain stored in a restricted access archive in our system for 6 years to 30 years.
Data transfer
Your data may be transferred if:
you have given your express consent for this (sentence 1 of Art. 6 (1) (a) GDPR).
such transfer is necessary for us because we wish to assert legal claims and we have no reason to assume that you have an overriding interest that requires your data not being transferred (sentence 1 of Art. 6 (1) (f) GDPR).
we are obliged by law to transfer your data (sentence 1 of Art. 6 (1) (c) GDPR).
we are obliged by law to carry out a check on any existing embargoes and sanctions.
Cookies
We do not use own cookies on our website. However, we use Google Analytics cookies to record statistics regarding the use of our website and for the purpose of evaluating how we can optimise our offer to you (please see under “Google Analytics” below for details). These cookies allow us to automatically recognise that you have previously visited our website if you visit again; they store your details and settings so that you do not have to enter these again. These cookies are also deleted after a short set period.
The data processed by cookies are necessary for the specified purposes of protecting our legitimate interests and those of third parties in accordance with sentence 1 of Art. 6 (1) (f) GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a notice is always displayed before a new cookie is placed. Please note that deactivating cookies completely may result in you not being able to use all functions of our website.
Google Analytics
We use the analytics tool “Google Analytics” on our website in order to record and evaluate statistics regarding the use of our website and to continuously improve our offer on the basis of the results.
Google Analytics also uses cookies. The information about your use of our website obtained via the cookie is transferred to and stored on a Google server in the USA.
Google uses the information recorded in the cookies on our behalf in order to evaluate your use of our website. In this way we can, for example, compile reports about website activity and identify which pages are particularly accessed the most, where the access originates from and how long visitors spend on the pages. Pseudonymised user profiles can be created for the user from the processed data.
We only use Google Analytics with IP anonymisation activated. This means that your IP address is truncated by Google. IP addresses are already usually truncated in Europe. Only in exceptional circumstances will the full IP address be transferred to a Google server in the USA and truncated there.
To the best of our knowledge, the IP address sent by your browser is not consolidated with any other data by Google. If you do not wish Google to collect and use your cookies, you have the following options:
You can prevent the storage of cookies using the appropriate settings on your browser software.
You can also prevent Google from collecting the data created by the cookies and relating to your use of the website and you can prevent Google from processing such data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
Google itself provides further opportunities for settings and objections so that you can influence how the data you have left on the internet is processed.
https://policies.google.com/technologies/partner-sites?hl=en-GB (“How Google uses information from sites or apps that use our services”)
https://policies.google.com/technologies/ads?hl=en-GB (“Advertising”).
http://www.google.com/settings/ads (“manage information used by Google to display adverts”).
On this website, we use so-called social plugins from the network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugin, also referred to as the “Facebook button” allows a direct link to be made from our website to the contents of Facebook.
Facebook is certified under the so-called privacy shield agreement. Companies with this certification are accepted in Europe as (non-European) companies who comply with European data protection law. https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
If you click on the Facebook plugin on our website, your device creates a direct link to the Facebook servers. This procedure allows data concerning you to be transferred to Facebook and user profiles to be created for you. We have no control over the extent of the data that Facebook collects using this plugin and therefore inform users in accordance with our state of knowledge.
By integrating the plugin on our website, Facebook obtains information that you have accessed one or more pages of our website. If you are also logged into Facebook, Facebook can allocate your visit to your Facebook account. If you, for example, click the Like button or leave a comment, your device transfers the relevant information directly to Facebook and stores it there. If you are not a Facebook member, there is still the possibility that Facebook will gain knowledge of and store your IP address. According to Facebook, only an anonymised IP address is stored in Germany.
The purpose and scope of the data collection and the further processing and use of your data by Facebook and your rights and settings options for protecting your privacy can be found in the Facebook data protection policy. https://www.facebook.com/about/privacy/.
If you are a Facebook member but do not wish Facebook to collect data concerning you via our website and to link the same to data concerning you stored by Facebook, first log out of Facebook, delete your cookies and then visit our website. Further settings and objections to the use of data for marketing purposes are available in your Facebook profile settings. https://www.facebook.com/settings?tab=ads
Data protection officer
We have appointed a company data protection officer who provides us with constant support and advice in relation to compliance with data protection provisions:
PrivCom Datenschutz GmbH
Dr. Bettina Kähler
Rothenbaumchaussee 165 - 20149 Hamburg
E-Mail: [email protected]
Web: www.privcom.de
--- Information in accordance with Art. 13 and Art. 14 GDPR ---
Information in accordance with Art. 13 and Art. 14 GDPR - customers (e.g. owner, insurer, insurance agent, financing company)
Here you will find information in accordance with Art. 13 GDPR regarding how we handle your data if you are in a business relationship with us (e.g. owner, insurer, insurance agent, financing company).
Controller:
Purpose of data processing
Provision of expert services for pleasure crafts
Execution of service contracts
Subcontracting of expert services
Handling claims and investigating claims
Complying with tax and company law obligations
Complying with supervisory obligations
Legal basis for the data processing:
Art. 6 (1) (b) GDPR (contract, pre-contractual measures, taking steps at the request of the data subject)
Art. 6 (1) (c) GDPR (compliance with a legal obligation by the controller)
Art. 6 (1) (a) GDPR (consent of the data subject)
The controller’s legitimate interest
Not applicable.
Recipients of the data:
Internal departments
Auditors and IT service providers
Technical service providers and lawyers
Courts and prosecution offices
Supervisory authorities
Transfers to countries outside of the European Union
Depending on the place where the contracted service is to be provided and if necessary for providing services, we may transfer your data to countries outside of the European Union, in which the job site is located (e.g. location of survey).
Period of storage:
We store your data for as long as you have a business relationship with us. At the end of a business relationship, we are obliged to store the data for further 30 years due to possible claims of recourse.
Your rights in relation to your data:
Please see below.
Information in accordance with Art. 13 GDPR: owners and insureds
Here you will find information according to Art. 13 DSGVO about our handling of your data if we have been commissioned by our business partners to provide expert services (e.g. within the scope of an insurance claim, leasing or financing).
Controller:
Purpose of data processing
Provision of expert services for pleasure crafts
Execution of service contracts
Subcontracting of expert services
Handling claims and investigating claims
Complying with tax and company law obligations
Complying with supervisory obligations
Legal basis for the data processing:
Art. 6 (1) (b) GDPR (contract, pre-contractual measures, taking steps at the request of the data subject)
Art. 6 (1) (c) GDPR (compliance with a legal obligation by the controller)
Art. 6 (1) (a) GDPR (consent)
The controller’s legitimate interest
Not applicable.
Why do we need your data? (“Background for the provision of data”):
We need your data to fulfil the service orders of our business partners. As part of our activities, it is quite common that we receive your personal data from third parties and store them for processing purposes. For our activities we need not only your contact data, but also information about your personal circumstances. This is the only way in which we can guarantee best services for you.
Do we collect information about you from sources other than directly from you?
In connection with the assessment and evaluation, we may make use of information from our customers (e.g. owners, insurers, insurance intermediaries, financing companies) as well as other service providers, experts and authorities.
If there is any suspicion of insurance fraud, we may obtain data about you from other sources and not directly from you. These other sources include e.g. the police, witnesses, credit reports or information about you that is publicly available (social networks, websites).
Recipients of the data:
Internal departments
Customers (insurers, insurance brokers, insurance agents, financing companies)
Auditors and IT service providers
Technical service providers and lawyers
Collection agencies
Courts and prosecution offices
Supervisory authorities
Transfers to countries outside the European Union
Depending on the place where the contracted service is to be provided and if necessary for providing services, we may transfer your data to countries outside of the European Union, in which the job site is located (e.g. location of survey).
Period of storage:
We store your data for as long as we deal with your case. At the end of a business relationship, we are obliged to store the data for further 30 years due to possible claims of recourse.
Your rights in relation to your data:
Please see below.
Information in accordance with Art. 13 and Art. 14 GDPR: Service providers and suppliers
Here you will find information about how we handle your data if you work with us as a service provider or supplier.
Controller:
Purpose of data processing
Providing all kinds of services
Particularly providing services in the field of IT
Legal basis for the data processing:
Art. 6 (1) (b) GDPR (contract, pre-contractual measures, taking steps at the request of the data subject)
Art. 6 (1) (c) GDPR (compliance with a legal obligation by the controller)
The controller’s legitimate interest
Not applicable.
Recipients of the data:
Internal departments
Transfers to countries outside the European Union
Depending on the place where the contracted service is to be provided and if necessary for providing services, we may transfer your data to countries outside of the European Union.
Period of storage:
We store your data for as long as our contractual relationship with you exists. At the end of a business relationship, we are subject to various national and international laws regarding the further retention of your data. We are currently developing an erasure concept allowing the systematic erasure of personal data.
Your rights in relation to your data:
Please see below.
Information in accordance with Art. 13 GDPR: Employee data, applications
Here you can find information about how we handle your data if you work for us or apply for a position with us.
Controller:
Purpose of data processing
Managing the employment relationship
Conducting the application process
Legal basis for the data processing:
§ 26 of the German Federal Data Protection Act (BDSG) in the version dated 5 July 2017.
Do we collect information about you from sources other than directly from you?
To verify professional qualifications and personal reliability (in good faith), information is obtained in individual cases from the following offices:
Credit report (e.g. Schufa in Germany)
Authorities (certificate of good conduct and excerpt from the commercial central register)
Universities, training workplace
Recipients of the data:
We only process employee data and applicants’ data internally. Only the personnel department employees and the payroll accounting employees as well as the managers of the respective branch or subsidiary after prior approval of the managing director shall have access to this data.
Transfers to countries outside the European Union
We do not transfer any data to countries outside of the EU.
Period of storage:
Employee data: We store your employee data for 10 years after the end of your employment relationship with us. We are obliged to do this by tax and commercial law provisions.
Applications: We store your data for as long as the application process continues. If we do not employ you, we will store your documents for a further 6 months after you have received notice of rejection. They are destroyed after this period.
If we do not employ you but, on the basis of your documents, we believe that you may be appropriate for us at a later date, we will retain your application with your consent for a further 6 months.
Your rights in relation to your data:
Please see below.
Your rights in relation to your data
In accordance with Art. 15 GDPR, you can obtain information as to whether or not we store any personal data concerning you. If we store data concerning you, you have the right to obtain information regarding a range of further points relating to how we handle your data, such as which data we store, the reason we process them and how long they are stored.
If we have inaccurate or incomplete data concerning you, you can request that we rectify such data (Art. 16 GDPR).
You can also request the erasure of your data (Art. 17 GDPR). However, there may be reasons for which we are not permitted or not required to erase your data. These reasons are set out by law. If you request us to erase your data, we will check whether any such exceptions apply. If not, we will erase your data. The alternative to erasing your data is the restriction of processing your personal data in certain cases (Art. 18 GDPR). Let us know how you wish to proceed and we will check the statutory provisions to find a way that suits both your and our interests.
Art. 20 GDPR provides that, in certain circumstances, we must provide you with your personal data in a structured, commonly used and machine-readable format if you so request.
We have referred to our “legitimate interests” allowing us to process your data a few times in this privacy policy. If we process your data on the basis of our “legitimate interests”, you can object to such data processing (Art. 21 GDPR). To object, the above provision requires you to provide grounds “relating to your particular situation”.
If you wish to assert these rights, an email to [email protected] will suffice. Please be aware that we then need to verify your identity to ensure that we do actually only send information regarding your data or your data itself to you. After the identity check, we will deal with your request and contact you without delay.
If you believe that we do not comply with the data protection provisions regarding the processing of your data on this website, you can complain to a data protection supervisory authority. You can find a list of competent data protection supervisory authorities in Germany here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html>
Version of this privacy policy: May 2018
This data protection information is updated regularly.