Privacy policy

This policy explains how we use the personal data we collect when you use our website.

We are responsible for your data

Genki

Genki UG (haftungsbeschränkt) Dorothee-Sölle-Platz 2, 50672 Cologne, Germany [email protected]

Values

• We value your privacy as much as we do our own.

• We’re committed to keeping your personal data safe.

• We’ll not ask you for personal data that we don’t need to provide our services.

• We’ll not use your personal data for any reason other than why you gave it.

• We’ll not give anyone access to your personal data unless we’re forced to by law or if it’s necessary to provide our services to you.

Data

The data we collect

• Technical data (date and time, IP address, information about your device and browser)

• Referral data (what other website has brought you to our website, if any)

• Personal data (name, email address, date of birth, phone number, home country, country of citizenship, password)

• Payment data (card information)

• Insurance conditions (insurance options, applicant and insured persons, medical information)

• Consent status (accepting cookies, our terms of service, or updates about our services)

• Behavioral data (how you use our websites)

• Communication (insurance consultations, customer support, feedback & ratings)

How we collect your data

You explicitly provide us with most of the data we collect. We collect and process data when you…

• communicate with us,

• request a quote for one of our insurance products,

• purchase one of our insurance products,

• make changes to your insurance, or

• contact us.

Some data is automatically provided by using our websites:

• Technical, referral, and behavioral data

How we use your data

We collect your data so that we can…

• advise you on the right health insurance,

• give you a quote for our insurance products,

• process your insurance purchase,

• ensure you the insurance coverage that you’ve bought,

• manage your insurance,

• respond to you contacting us,

• notify you about important information regarding your insurance,

• notify you about updates to our services,

• improve the security, reliability, and usability of our services, and

• advertise our services to potential customers through advertisements and remarketing.

Who processes your data

To provide our services we need to share some data with other companies:

• DR-WALTER concludes health insurance agreements, processes your claims, and provides insurance-related customer support. Please also look at their data protection notice.

• Squarelife concludes health insurance agreements, processes your claims, and provides insurance-related customer support. Please also look at their privacy policy.

• Stripe is our payment processor. They charge cards on our behalf to keep payment data safe.

• Cloudflare, Heroku, and DigitalOcean enable us to provide technical services like our websites.

• Amazon Web Services and MongoDB enable us to safely store and process your data.

• Intercom and WhatsApp enable us to provide great customer support.

• HubSpot enables us to advise you on health insurance.

• OpenAI enables us to make our customer support even better and faster.

• Flixcheck enables us to manage some of your insurance application information.

• Drip and Twilio enable us to send emails and SMS messages reliably.

• Google, Meta, Microsoft, and Reddit enable us to advertise our services to the right audience on other websites by using behavioral data.

• Google and PostHog allow us to better understand our visitors and improve our websites and services by analyzing the technical, referral, and behavioral data we collect.

• Slack enables our team to coordinate internally.

How we store your data

• We securely store your data on servers within the European Union.

• Your data is transferred using modern encryption.

• Our systems are properly secured and maintained.

• Payment data is stored exclusively by Stripe, a popular and trusted payment processor. They keep your payment information safe using the highest standards.

How long we store your data

• Technical data is stored for no longer than one year.

• Personal and payment data is stored for no longer than one year. If they are required to provide the services that you’ve requested that period will extend accordingly.

• Insurance conditions are stored indefinitely once you’ve bought an insurance product.

• Consent status is stored indefinitely until you revoke the consent.

• Referral and behavioral data are stored indefinitely.

Your data protection rights

• The right to access – You have the right to request copies of your personal data.

• The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete information you believe is incomplete.

• The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.

• The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you want to exercise any of these rights, please contact us at our email [email protected].

If you have access to our Member Center you can access and change your personal data there.

Complaints

You can file complaints related to data protection with the controller that is responsible for us:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (The North Rhine-Westphalia Commissioner for Data Protection and Freedom of Information)

Kavalleriestr. 2-4, 40213 Düsseldorf, Germany +49 211 38424-0 [email protected]

Marketing

• We occasionally send emails with updates about our services.

• We only send you such emails if you’ve given us consent or have subscribed to our services.

• You can opt out of receiving these emails

  • under “Your data” in the member center,

  • by following the “Unsubscribe” link in such emails, or

  • by telling us at [email protected].

Advertising

• We use Google, Meta, Microsoft, and Reddit to advertise our services to potential customers.

• We use remarketing or similar services to advertise to potential customers on other websites that have previously visited our websites.

• You can opt out of Google’s use of cookies in Google’s Ads Settings or using the Network Advertising Initiative.

Cookies

What cookies are

Cookies refer to data that is stored automatically on your device when you use a website. That data remains accessible to that website when you navigate between its various pages. Cookies can be used to identify you and to maintain information like website preferences.

For further information visit allaboutcookies.org.

How we use cookies

We use cookies…

• to improve the security and reliability of our websites,

• to give our visitors a more personalized experience,

• to help us optimize our digital marketing campaigns, and

• to participate in behavior-based advertising where a third party collects information about your use of our websites so that they can provide ads tailored to your interests on other websites.

What types of cookies we use

There are several different types of cookies. Our website uses:

• Strictly necessary cookies – They ensure that you can access the services we provide, for example, our member center. They also help us to improve the security and reliability of our websites.

• Performance cookies – They collect information about how you use our websites, like which pages you visited and which links you clicked on. None of this information can be used to identify you. It’s all aggregated and, therefore, anonymized. Their sole purpose is to improve our services for you. This includes cookies from third-party analytics services.

• Marketing cookies – They track your online activity to help advertisers deliver more relevant advertising, and to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and are almost always from a third party.

How you can manage cookies

You can set your browser not to accept cookies, and allaboutcookies.org explains how to remove cookies from your browser. Note that you may no longer be able to access some of our services if you no longer accept cookies.

Links

Our websites contain links to other websites. Our policy applies only to our websites. If you follow a link to another website you should consult their respective privacy policy.

Changes

We keep our privacy policy under regular review and list all changes here.

11th November 2024

• Added country of citizenship as personal data we store and process.

• Added Flixcheck, HubSpot, Meta, Microsoft, PostHog, Slack, Squarelife, and WhatsApp to data processors.

• Clarified that we process and store your communication with us for customer support and insurance advisory.

• Clarified use of advertising services.

23rd August 2023

• Added Drip and OpenAI to data processors.

11th June 2022

• Removed Hotjar from data processors.

• Added Twitter to data processors.

5th April 2022

• Removed SendGrid from data processors.

• Added Intercom to data processors.

18th December 2021

• Clarified writing and overall structure.

• Added DigitalOcean, Facebook, Google, and Hotjar to data processors.

• Added information about advertising and performance analytics.