Data protection

The responsibility for processing your personal data rests with

AWP P&C S.A., Branch Office for Germany
Bahnhofstrasse 16
D-85609 Aschheim (near Munich), Germany

The Data Protection Officer can be contacted by standard mail at the aforementioned address, using the suffix "Data Protection Officer", or by email at datenschutz-azpde@allianz.com.

2.1. When you visit the website

Whenever you access our website, www.allianz-reiseversicherung.de, the browser you use on your device automatically sends information to our website's server. This information is temporarily stored in a logfile. The following information is collected and stored, without any action on your part, until the time of automatic deletion:

• IP address of the requesting computer,
• date and time of access,
• name and URL of the requested file,
• website from which access is obtained (referrer URL),
• the browser you are using and, where applicable, the operating system on your computer and the name of your access provider.

We process the data mentioned for the following purposes:

• to guarantee a trouble-free connection to the website,
• to guarantee comfortable use of our website,
• to evaluate system security and stability, and also
• for other administrative purposes.

The legal basis for data processing is Art. 6, para. 1, sentence 1 f) GDPR. Our justified interest ensues from the purposes of data collection listed above. We will never use the data we collect to draw conclusions about you personally.

In addition, we use cookies and analytics services during visits to our website. More detailed information can be found in paras. 4 and 5 of this declaration.

2.2. When you arrange insurance via the website

The data you share when arranging an insurance policy via our website are used for settlement procedures within the posting process and any subsequent insurance benefit process. Only those data that are essential to settlement procedures shall be collected, stored and used.

We collect and save the following customer data:

• Personal data (e.g. name, address, date of birth, email address)
• Travel information (e.g. travel date, destination, cost, booking date)
• Payment Information (e.g. account holder, IBAN & BIC / credit card number, credit card company, credit card holder)
• Policy purchase date

The legal basis for data processing is Art. 6, para. 1, sentence 1 b) GDPR. Such processing is required for concluding and fulfilling the terms of the insurance contract.

2.3. When notifying claims via the website

The data you share relating to a damage event when notifying a claim on our website are used to process the claim. Only those data that are essential to settlement processes shall be collected, stored and used.

The legal basis for data processing is Art. 6, para. 1, sentence 1 b) GDPR. Such processing is required to handle the claim.

Insofar as special categories of personal data, such as health data for example, are collected, we shall obtain your consent in accordance with Art. 9, para. 2 a) in conjunction with Art. 7 GDPR.

The personal data we collect when you visit our website are not transmitted to third parties for any purpose other than those stated below.

We disclose your personal data to third parties only if:

• you have granted your express consent to this in accordance with Art. 6, para. 1, sentence 1 a) GDPR,
• such disclosure is required in order to assert, exercise or defend legal rights in accordance with Art. 6, para. 1, sentence 1 f) GDPR and there is no reason to believe that you have an overriding legitimate interest in preventing disclosure of your data,
• if there is a legal obligation to disclose the data in accordance with Art. 6, para. 1, sentence 1 c) GDPR, and
• this is legally permissible and, in accordance with Art. 6, para. 1, sentence 1 b) GDPR, is required to execute the contractual relationships with you.

Please refer to the information, provided under this link, for handling special categories of personal data (e.g. health data) in case of a damage event..

We use cookies on our website. Cookies are small files, automatically created by your browser, that are stored on your device (laptop, tablet, smartphone or similar) whenever you visit our site. Cookies do not cause any damage to your device, and do not contain viruses, trojans or other malware.

Cookies store information that is created in connection with the device you use. However, this does not mean that we obtain knowledge of your identity directly.

Most browsers accept cookies automatically. You can, however, configure your browser to prevent cookies being saved on your computer or to always show a prompt before a new cookie is created. Please be aware that you may not be able to use all of our website's functions if you deactivate cookies completely.

We have a legitimate interest in setting cookies pursuant to Art. 6, para. 1 f) of the EU General Data Protection Regulation. A legitimate interest ensues, for analysis and evaluation purposes, from the aim of improving the website experience for users. In addition, we use cookies to pursue our marketing interests.

4.1 First Party Cookies

First-party cookies are cookies that we use directly. The information is accessible only within the www.allianz-reiseversicherung.de domain.

We use these cookies to enhance your experience on our website. We use so-called session cookies, for example, to establish that you have already visited certain pages of our website. These session cookies are deleted automatically when you leave our site.

In addition, we use temporary cookies, which are stored on your device for a defined time, to likewise optimise user experience. If you return to our website to make use of our services, the site will automatically detect that you have visited before. It will also know which information you entered and the settings you made to save you having to repeat the exercise.

We also use cookies to statistically record the use of our website and to analyse these statistics to optimise our content for you (see para. 5). If you return to our website, these cookies allow us to automatically detect that you have visited our site before. These cookies are automatically deleted after a defined time.

4.2 Third Party Cookies

Third-party cookies are cookies that we use for our partners whenever you visit our website - www.allianz-reiseversicherung.de.

These cookies are designed to customise advertisements and to measure the effectiveness of marketing campaigns.

We employ the tracking methods listed below on the basis of Art. 6, para. 1, sentence 1 f) GDPR. The purpose of these tracking measures is to ensure that our website is designed to meet the needs of our users and that it is optimised on an ongoing basis. We also use these tracking measures to statistically record the use of our website and to analyse these statistics to optimise our content for you. These interests are considered legitimate by the aforementioned regulation.

The data processing purposes and data categories are provided in the tracking tools concerned.

a) Google Analytics

To ensure that our website is designed to meet the needs of our users and that it is optimised on an ongoing basis, we use a web analytics service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; referred to below as "Google"). In this context, pseudonymised usage profiles are created and cookies (see para. 4) are employed. The information generated by the cookie about how you use this website, such as

• browser type/version,
• operating system used,
• referrer URL (site visited previously),
• host name of the accessing computer (IP address),
• time of server request,

are transmitted to a server of Google in the USA and stored there. The information is used to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the purposes of market research and to design this website to meet the needs of our users. This information may also be transmitted to third parties, insofar as this is legally prescribed or such third parties process these data on our behalf. Under no circumstances will your IP address be merged with other data from Google. IP addresses are anonymised, making it impossible to associate them with individuals (IP masking).

You can prevent these cookies from being installed by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website.

Furthermore, you can prevent the collection of data generated by the cookie and related to your usage of the website (including your IP address) and the processing of these data by Google by downloading and installing a browser add-on.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help function, for example.

b) Google Adwords Conversion Tracking

We also use the Google Conversion Tracking function to statistically record the use of our website and to analyse these statistics to optimise our content for you. In this process, Google Adwords sets a cookie (see para. 4) on your computer if you found our website via a Google ad.

These cookies become invalid after 30 days and are not used to identify you personally. If the user visits certain web pages of the Adwords customer and the cookie has not yet expired, Google and the customer will be able to detect that the user clicked on their ad and was redirected to this site.

Every Adwords customer receives a different cookie. Cookies cannot, therefore, be tracked via the websites of Adwords customers. The information obtained using the conversion cookie helps to create conversion statistics for those Adwords customers who decided to use conversion tracking. These Adwords customers learn the total number of users who clicked on their ad and who were redirected to a site carrying a conversion tracking tag. However, they do not receive any information that can be used to identify users personally.

If you do not wish to be involved in the tracking process, you can decline to do so by setting the required cookie - via a browser setting that generally deactivates the automatically setting of cookies, for example. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the "www.googleadservices.com" domain. You can find Google's data privacy information on conversion tracking here.

Our website offers a chat function for direct communication between you and our service staff. We do this through LiveZilla. LiveZilla uses cookies. The information generated by the cookie on how you use the website (including your IP address) is transmitted to our server and stored there. The IP address is anonymised before it is saved and is not used to identify the user. Personal or pseudonymised user profiles are neither created directly or passed on.

We process your data only for the time required to achieve the purpose of processing and to fulfil legal obligations.

You have the right to be informed about all of the information stored by us, and to demand that incorrect data be corrected. Under certain conditions, you also have the right to the erasure of data, the right to object to processing, the right to the restriction of processing and the right to data portability.

You may object to the processing of your data for direct marketing purposes. If we process your data in order to protect legitimate interests, you may object to this processing for reasons pertaining to your particular situation.

If you have any objections concerning the handling of your data, you may contact the aforementioned Data Protection Officer. You are also entitled to lodge an objection with a data protection supervisory authority.

During visits to our website, we use the popular SSL (Secure Socket Layer) process in conjunction with the highest encryption level supported by your browser. This is normally 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is being transmitted in encrypted format by the closed display of the key or lock symbol in the bottom status bar of your browser. We also employ suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or full loss, destruction or against unauthorised access by third parties. Our security measures are being constantly improved in line with technological development.

Updated: November 2018