Privacy statement according to Art. 13 and 14 of the EU General Data Protection Regulation (GDPR) (information requirements)
1. Name and contact details of the body responsible for data processing as well as of the company’s data protection officer
This information on data protection holds for data processing carried out by:
Contact information of the Company (responsible body):
Meyerthole Siems Kohlruss Gesellschaft für aktuarielle Beratung mbH
50674 Köln/Cologne Germany
Phone: +49 (0)221 42053-0
Contact information of the data protection officer:
Dipl.-Kfm. (MBA) Günther Otten
Phone: +49 (0)221 9783130
2. Collection and storage of personal data and nature and purpose of their use
a) When visiting the website
Upon visiting our website aktuare.de the browser of your device automatically sends information to the server of our website, which might allow us to identify you.
- IP address of the computer submitting a query
- date and time of the visit
- name and URL of the visited file
- website from which the access occured
- browser used and, if applicable, the operating system of your computer and the name of your access provider.
We are processing the before mentioned data for the following purposes:
- to ensure a seamless connection to the website
- to ensure a comfortable visit of our website
- to evaluate the security and stability of the system
- for further administrative purposes.
The legal basis for the processing of the collected data is Art. 6 para. 1 sentence 1 lit. f GDPR. Our justified interest is derived from the purposes listed above concerning data collection. The collected data will not be used to draw conclusions about you.
In order to optimize our website we are using cookies – little files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our site.
Who else has access to your data?
The website https://aktuare.de is being hosted by:
DOM Digital Online Media GmbH
The DOM Digital Online Media GMBH therefore has access to the collected data due their role as contract processor.
How long are we keeping your data?
All data will be deleted as soon as it is no longer necessary to achieve the goals that justified their collection. For the provision of the website this is the case once the respective session has been concluded.
b) When subscribing to our newsletter
c) When using our contact form
For queries of any kind we offer you to get in touch with us by using the contact form provided on this website. Using the contact form requires a valid e-mail address so that we can identify you and have a way to respond to your inquiry
The legal basis for the processing of data for the purpose of getting in touch with us occurs according to Art. 6 Para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.
How long are we keeping your data?
The personal data that is collected via the contact form will be deleted automatically after closing your query.
3. Disclosure of data
Your personal data will neither be disclosed to third parties nor further processed after the completion of your query.
In order to optimize our website we are using cookies – little files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain viruses, trojans or any other malware. Cookies store pieces of information that depend on the particular device that you are using. This does not mean, that we receive direct information about your identity.
We are using cookies to enhance the user experience of our website. To that end we use so-called session cookies that show us which language you have selected and which site you have visited before. We are however neither collecting nor storing any personal information. These cookies are being deleted automatically upon leaving the website.
According to the GDPR Session cookies are excluded from the opt-in requirement, which is why this website does not have a cookie banner.
Why are we using cookies?
We are utilizing cookies in order to ensure the usability of the website and of the other applications, since it is necessary, that the used browser can still be recognized after switching sites. The data collected by cookies will however not be used for the creation of user profiles.
On which legal basis are we processing this data?
The data processed by cookies for the purposes listed above is necessary for the protection of our justified interests and those of third parties according to Art. 6 para. 1 lit. f GDPR.
Most browsers will save cookies automatically. You can however configure your browser to not save cookies on your computer or to send you a notification before generating a cookie.
How long are we saving your data?
The personal data mentioned above will be deleted as soon as it is no longer necessary to achieve the goals that justified their collection.
5. Rights of the persons affected
You have the right
- to disclosure of your personal data that is processed by us according to Art. 15 GDPR. In particular you can request the following information:
the purpose of processing
the category of personal data which has been collected
the categories of recipients to whom your data is being or has been disclosed to
the planned period of time for which the data will be saved
whether there is a right to correction, deletion, restriction of processing or objection
whether there is a right to appeal
the origin of your data if it was not gathered by us
whether there is an automated decision process that includes profiling and, if need be, relevant information on how these processes work;
- to immediately demand the correction of incorrect personal data or the completion of personal data that we have saved according to Art. 16 GDPR
- to demand the deletion of personal data that we have saved if processing is not necessary to ensure the right to freedom of expression and freedom of information, to fulfil a legal obligation, for reasons of public interest or for the enforcement, exercise or defense of legal claims according to Art. 17 GDPR
- to demand the Right to Restrict Processing by Art. 18 GDPR, if you you deny the correctness of the data. You may also exercise this right if the processing is illegal, but you decline the deletion of the data despite us no longer needing it, since you require it to enforce, carry out or defend legal claims or if you have entered an objection to the processing according to Art. 21 GDPR.
- to obtain your personal data, that you supplied us with, in a structured, common and machine-readable format or to demand the transmission to another responsible person according to Art. 20 GDPR
- to withdraw the consent that you have given us at any time according to Art. 7 Para. 3 GDPR. As a consequence we will no longer be allowed to carry out the processing that depended on this consent.
- to issue a complaint with the supervisory authorities that are responsible for us according to Art. 77 GDPR: Commissioner of Data Protection and Freedom of Information North Rhine-Westphalia, post office box 20 04 44, 40102 Düsseldorf / Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Postfach 20 04 44, 40102 Düsseldorf.
6. Right to object
If your personal data is processed on the grounds of justified interest according to Art. 6 Para. 1 sentence 1 lit. f GDPR, you have the right according to Art. 21 GDPR to enter an objection against the processing of your personal data as far as there are reasons that result from your particular situation or if the objection is due to direct advertising. In the latter case you have a general right to object, that will be realized by us without any indication of a particular situation.
Please remember, that it is your right to either contact us or the responsible data protection authorities of the federal state, if you have any complaints regarding this topic.
7. Data security
As part of our consulting service, we offer a certified data security that you can rely on. We guarantee that we do not pass on your data to third parties - it is only used for the administration of your access and of the mailing list.
As a qualified external processor in line with Art. 28 GDPR we also process your data within data pools – an outstanding challenge for the quality and the security of our IT systems.
Our information safety management system is compliant to ISO IEC 27001.
On the backdrop of escalating losses of data and system failures caused by attacks on IT infrastructures of companies, a reliable security standard becomes more important by the day. IT security and data protection are core elements that allow clients and cooperation partners to confide in the company and are therefore a critical cornerstone for the competitiveness of any business.
Both the IT which plays a central role in execution of business transactions and the use of global network structures for data communication demand a wholistic Information Security Management System (ISMS) that minimizes risks for systems and data.
In compliance with the international norm ISO/IEC 27001 the criteria of ISMS are reviewed and evaluated concerning their complexity by an independent third party body. A successful review according to ISO/IEC 27001 assigns the company:
- confidentiality, integrity and availability of the processed information
- effective execution of the statements made in the company’s declaration of data protection
- effective protection of personal data according to GDPR and the Federal Data Protection Act (BDSG-neu)
- effective protection of the technical systems against unauthorised access (both internal and external).
ISO 27001 certificate
Since 2011 the Information Security Management System of Meyerthole Siems Kohlruss has been certified according to ISO 27001 (Dekra). Examinations of the system are being carried out on a regular basis.
- Secure data transmission to all MSK servers, including extranet.aktuare.de:
Security with SSL: You are using an encrypted connection to our certified server, https://extranet.aktuare.de/unternehmen/login.html. For our SSL encryption, we use certificates provided by the company Digicert and apply the transport layer security TLS 1.2 or a newer version.
- Secure email traffic:
8. Social media and links to other websites (external links)
In addition to this website we also maintain sites in various social media platforms, that you can access via links on our website. If you visit one of these sites, personal data may be transmitted to the provider of the social media platform. It is possible that – in addition to the data that you have actively provided to the platform – further information is being stored and processed by the providers of the social network.
The provider of the platform processes, if applicable, the most important data of the computer system from which you access the network – for instance your IP address, the used processor type and the browser version including plug-ins.
If – during a visit on said social media site – you are logged into your private account of the network, the platform can allocate your visit to the respective account.
Information on the purpose and the extent of the data collection by the respective platform as well as information regarding the further processing of your data there and your rights can be found in the provisions of the respective companies responsible at:
- Xing: https://privacy.xing.com/de/datenschutzerklaerung
- Twitter: https://twitter.com/de/privacy
- LinkedIn: https://www.linkedin.com/legal/privacy-policy
Furthermore, we point out that our website contains further links to external websites; our company has no influence on the processing of your data on such external websites.
9. List of service providers
The following service providers supply services on behalf of MSK, which make it necessary to enquire and process personal data on the basis of article 28 of GDPR.
- Contractor: DOM, Main Area: Provision of server environments for the operation of web servers, mail servers and the extranet including maintenance, backup and updates of the operating system.
- Contractor: HRMC, Main Area: Support for IT and telephone systems, in particular maintenance and extension of the existing system, conception, technical support of the staff (system administration). Support in developing individual software for customers.
- Contractor: Cologne Intelligence, Main Area: Support for IT security, in particular design and implementation of secure IT infrastructures in the context of development of individual software for customers.
The following service provider also supplies services for MSK, but the processing of personal data does not play a key role here. Moreover, the contractor is only occasionally active for MSK.
Contractor: Tax consultancy BHS Bähner & Hardes, Steuerberatungsgesellschaft mbH, Cologne, Main Area: Financial and payroll accounting, annual accounts.
10. Topicality of and alterations to this privacy statement
This privacy statement is currently valid. It is dated from December 2022.
Due to a further development of our website and offers related to it or by legal or official requirements it may necessary to change this privacy statement. The current privacy statement can be visited and printed out at any point at www.aktuare.de.