Data privacy statement

The protection of your personal rights is of great importance for the GDV. Therefore, we proceed with all data processing according to the principle of limiting data processing only to the required information and the required degree. 

By way of our Further information on data processing at GDV, we inform you of the purposes for which personal data are collected, processed and used when you visit this website.

“Controller” in the terms of the General Data Protection Regulation (GDPR) is the German Insurance Association (Gesamtverband der Deutschen Versicherungswirtschaft e.V.), Wilhelmstraße 43 / 43G, 10117 Berlin (“GDV”).

Data collection when using our website
When you access our website, the browser on your device automatically sends information to the server of our website / application and temporarily stores it in a log file. We have no influence over this. The following information is also recorded without your intervention and stored until it is automatically deleted:

  • the IP address of the requesting Internet-enabled device;

  • the date and time of access;

  • the name and URL of the retrieved file;

  • the website from which access was made (referrer URL);

  • the browser you are using and, if necessary, the operating system and user interface of your Internet-enabled computer as well as the name of your access provider;

  • an individual process ID, status code (information about the data retrieval process, e.g. whether it was successful), the response time of the server and the amount of data transferred in bytes.

The legal basis for processing the IP address is Article 6(1)f GDPR. Our legitimate interest follows from the purposes of data collection listed below. We are unable to draw any direct conclusions about your identity from the data collected.

The IP address of your terminal device and the other data listed above will be used by us for the following purposes:

  • to ensure a smooth connection setup;

  • to ensure comfortable use of our website;

  • to evaluate system safety and stability.

The server log files can also be checked subsequently if there are concrete indications of illegal use of our website. The data are stored for a period of 6 months and then automatically deleted. Furthermore, we use cookies, tracking tools and social media plug-ins for our website. The exact procedures involved and how your data are used for this purpose are explained in more detail below.

Google Analytics, cookies
Your visit to our website is stored for statistical purposes in order to optimise and make our website even more attractive. Only anonymised data (e.g. anonymised IP addresses, date and time of page visit, length of stay or the page from which you accessed our website) are stored and used using technologies from Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). They do not permit any identification of visitors to this website. The IP addresses are anonymized before they are stored. This means that your IP address will be reduced by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. Google has submitted to the EU-US Privacy Shield, According to Google, the IP address transmitted by your browser will not be merged with other Google data. The legal basis for the use of Google Analytics is Article 6(1)f GDPR and your consent, which you have given by using our website. The data sent to Google Inc. for this purpose are automatically deleted once a month after 26 months, according to Google.

So-called "cookies" are also used. Cookies are small text files that are stored locally in the cache of the visitor's Internet browser. Cookies enable your Internet browser to be recognised. The information generated by the cookie about your use of the website is usually transferred to a Google server in the United States and stored there. Google will use this information on our behalf to evaluate your use of our website, to compile reports on your activities within this website and to provide us with further services connected with the use of this website and the use of the Internet. Pseudonymous user profiles can be created from the processed data.

You have the option of preventing cookies from being saved on your computer by setting your browser accordingly.

Furthermore, you can prevent the collection of data generated by the cookie relating to your use of our website and the processing of these data by Google on all websites by downloading and installing a browser add-on provided by Google (available for Microsoft Internet Explorer 11, Google Chrome, Mozilla Firefox, Apple Safari and Opera).

You can also prevent collection by Google Analytics by clicking here: Disable Google Analytics. This sets an opt-out cookie that prevents Google from collecting your data on this website in the future. Please note that you must click the link again if you have deleted the cookie in your browser or if you want to prevent data collection by Google Analytics on this website on another device. The opt-out cookie does not prevent Google Analytics from collecting data on other websites.

Further information on Google Analytics can be found in the Google Privacy Overview.

Embedded content from our social media profiles
We embed content from our social media profiles in our website:





Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA


Twitter International Company, One Cumberland Place

Fenian Street, Dublin 2, D02 AX07, Ireland

Legal basis is our legitimate interest in public relation and communication and an interesting, needs-based design of our website pursuant to Art. 6(1)(f) GDPR.

Content will only be shown once you approve the respective platform and provider by clicking on the content box (e.g. Facebook, Twitter). Your browser then connects to the respective provider’s server to load and display the content. Your browser sends the data listed under the section “data processed upon visiting our website” to the respective provider. In particular, the provider receives the information that you visited the respective page on our website. If you have a user account with the respective provider (e.g. an Facebook or Twitter account), the data may be associated by the provider with your user account. The providers may also set cookies on your computer.

We have no influence on the data processing by the providers nor do we know the full extent of the data collection, the processing and its purposes and the storage periods. To our knowledge, the providers usually collect and use your data as user profiles and for the purpose of advertising, market research and optimization of their platforms.

To the extent possible, we work towards data minimization and a privacy-compliant data processing by the social media providers, e.g. by using appropriate configuration settings. However, we only have very limited influence on the data processing by the social media providers.

You can find further information on the data processing by the social media providers here:







To exercise your data subject rights with regards to the data processing of the social media providers, please contact the respective provider directly.

The social media providers may process your personal data in the United States and are subject to the EU-US Privacy Shield,

Adobe Typekit
To optimize our website and to implement a needs-based design we use external fonts, embedded via Adobe Systems Software Ireland Limited ("Adobe"). Legal basis is Art. 6(1)(f) GDPR. Your internet browser automatically connects to Adobe’s servers and Adobe receives the data listed under the section “data processed upon visiting our website” above. We have no influence on the data transfer and further data processing by Adobe.

You can find information on the purpose and scope of Adobe’s data collection and processing here:

Adobe may process your personal data in the United States. Adobe is subject to the EU-US Privacy Shield,

Personal data (name, address data, e-mail addresses) are collected and processed in accordance with Article 6(1)b GDPR in order to process orders of association publications or individual inquiries, for example. To send publications, it may be necessary to pass on your address data to companies that support us. Furthermore, we will not pass on your personal data unless, in an exceptional case, an authority requests the data, e.g. for criminal prosecution or security purposes. After complete processing of your request, your data will be blocked and deleted after expiry of the storage obligations in tax and commercial law.

If you have registered for our newsletter, we only use the data (name, e-mail addresses) collected during registration to send the newsletter. The processing of your data is based on your consent (Article 6(1)a GDPR). 

We use the so-called “double opt-in procedure” for sending the newsletter. We will not send you a newsletter until you confirm in our notification e-mail that we should activate the newsletter service by clicking on a link. If you no longer wish to receive newsletters from us, you can unsubscribe at any time. A message in text form (e.g. e-mail to, fax, letter) is sufficient. Of course, you will also find a link to unsubscribe in each newsletter.

Contact form
When you contact us via a contact form on our website, the data you provide (e-mail address and name) will be processed by us in accordance with Article 6(1)f GDPR in order to answer your questions. We will delete the data arising in this context after the storage is no longer necessary, or restrict the processing if statutory retention obligations exist.

Social plugins and sharing functions
On our website we use social plugins from various social networks. With the help of these plugins, you can recommend articles from our website. Other users of the social network can then see that you recommend this post. In accordance with Article 6(1)f GDPR, we have a legitimate interest in promoting the recommendation of contributions on our websites via social plugins.

To ensure that your use of our websites can only be recorded on the social network if you wish, we use the so-called "Shariff" solution. Only if and as soon as you click on the button of the respective social network, a connection to its websites is established and you are asked in a new window to register in the social network, if you are not already registered. In this case, a social network cookie will also be placed on your computer. The purpose and scope of the data collection and the further processing and use of the data by social networks as well as your relevant rights and setting options for the protection of your privacy can be found in the data protection information of the respective networks or websites. We use social plugins and sharing functions of the following social networks:

  • We use the sharing button of the social network, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). By using the sharing buttons, the social network receives the information that you have accessed the corresponding page of our website. If you are logged in to the social network or log in, it can assign the visit to your account. If you recommend a post, the relevant information is transmitted directly from your browser to the social network and stored there. You can find the link to Facebook's privacy policy here: Facebook has submitted to the EU-US Privacy Shield.

  • We use the sharing button of the social network Twitter, Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA ("Twitter"). The Twitter sharing button is just a link to Twitter. For this reason, accessing our website alone does not provide any data. As with any link, only when you click the button does Twitter know from which website you are coming. The further processing of this information is the sole responsibility of Twitter. You can find the link to Twitter's privacy policy here: Twitter has submitted to the EU-US Privacy Shield.

​​​​​​​Display of videos
We use services of YouTube, LLC 901 Cherry Ave, San Bruno, CA 94066, USA, to display the videos contained on our website: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Therefore, when you open a video sequence, the YouTube website is called up. The associated data processing is based on Article 6(1)f GDPR for the display of videos.

These YouTube videos are all in "extended privacy mode", which means that no data about you as a user will be transferred to YouTube if you do not play the videos. Only when you play the videos will the following data be transmitted:

By opening the video sequence, YouTube receives the information that you have accessed the corresponding subpage of our website. This is independent of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, the information will be directly associated with your account. If you do not wish the information to be associated with your profile on YouTube, you must log out before opening the video sequence. YouTube stores your data as a user profile and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation takes place in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website.

You have the right to object to the creation of these user profiles, though you must contact YouTube to exercise this right.

When you play the YouTube videos included on our site, YouTube uses DoubleClick by Google to present ads relevant to you. We do not use DoubleClick ourselves. We have no influence on the data collected and data processing procedures, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. Below we inform you how Google processes your data according to our current state of knowledge:

A cookie used by Google DoubleClick (see also above in the section Google Analytics, cookies) assigns a pseudonymous identification number (ID) to your browser in order to check which ads were displayed in your browser and which ads were called. Google Dynamic Remarketing can also be used when calling up a YouTube video. It is used to serve ads that advertise the products and services you have viewed on other websites. By integrating such functions (e.g. AdWords), Google receives the information that you have called up the corresponding part of our website. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

You can prevent participation in these tracking procedures in various ways:

  • by setting your browser accordingly, in particular the suppression of third party cookies means that you will not receive any ads from third parties, though this setting will be deleted if you delete your cookies;

  • by disabling cookies for conversion tracking by setting your browser at to block cookies from Google, which will also be deleted if you delete your cookies;

  • by deactivating the interest-based ads of the providers that are part of the "About Ads" self-regulation campaign via the link; these settings will also be deleted if you delete your cookies;

  • by permanent deactivation using a browser add-on, which you can find at for Firefox, Internet Explorer and Google Chrome.

Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield (see above).

We use technical and organisational security measures to warrant that your personal data are protected against loss, falsifications and unauthorised access by third parties at all times. All safety measures are continuously adapted to technical progress. If you are requested to enter personal data within the offer, data will be transmitted over the Internet encrypted using SSL and thus protected against unauthorized access.

Your rights
If we process your data to protect legitimate interests, you may object to such processing for reasons relating to your particular situation. We will then no longer process your personal data unless we can document compelling reasons worthy of protection for the processing which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

You can request information about the data stored by us at any time. Please contact the data protection officer at GDV by e-mail ( or by post to the controller’s above address.

You may also request that your data be corrected or deleted under certain circumstances. As soon as you assert a claim for deletion or if the data are no longer necessary to fulfil the purpose for which they were stored or if the storage thereof is inadmissible for other legal reasons, we will delete the personal data you have stored. You may also have the right to restrict the processing of your data and to have the data you provide disclosed in a structured, common and machine-readable format.

You have the option to contact the aforementioned data protection officer or a data protection supervisory authority with a complaint. The data protection supervisory authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.