Privacy policy

In the following, we would like to illustrate that we handle your personal data with care.

1. Controller

Controller is:

Xempus AG
Arnulfstr. 126
80636 Munich

We have appointed a company data protection officer in accordance with Section 37 GDPR.

Our data protection officer and data protection team can be reached at the e-mail address datenschutz@xempus.com.

2. Which data is used for which purpose

Generally

In principle, our offer can be used anonymously. In order to ensure the operation of our offer and to optimise the use of our offer, we do, however, use various technical aids. The corresponding data processing is explained separately in this privacy policy.

Generally, the legal basis for data processing by us is the legitimate interest within the meaning of Section 6(1)(f) GDPR to operate our service professionally and securely, as well as Section 6(1)(b) GDPR, which allows us to process data for the performance of a contract with you as a contracting party or to carry out pre-contractual measures that take place at your request. If you have given us your consent to separate data processing, the legal basis until revoked is Section 6(1) lit. a) GDPR

Hosting

We use the hosting services of neo-scale GmbH, Herdweg 62, 70174 Stuttgart, Germany, to provide you with our services. For this purpose, we require computing capacity, storage space and database services as well as technical maintenance services. As the responsible party, we have a legitimate interest in the use of these services for the technically error-free and optimised provision of our offer in accordance with Section 6 (1) f) GDPR. In the context of hosting, inventory, contact, content, contract, usage, meta and communication data of users of our offer are processed.

For this purpose, we have concluded a corresponding data processing agreement (Sec. 28 GDPR), in which we oblige the hosting company to handle the transmitted data with care and not to pass it on to third parties.

Browser data and log files

Your browser automatically transmits the following data to us to enable the use of our offer:

  • Browser type and browser version,
  • operating system used,
  • referrer URL,
  • host name of the accessing computer,
  • time of the server request,
  • IP address.

The web server with which our offer is made available stores this information in so-called log files.

The legal basis for this processing is the legitimate interest according to Section 6 (1) f) GDPR to operate this offer professionally and securely.

Cookies

When using this offer, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and through which certain information flows to the body that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer. They are used to make the website as a whole more user-friendly and effective.

You can configure your browser settings according to your wishes and refuse to accept individual or all cookies. We would like to point out that you may then not be able to use all the functions of this offer.

Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested are stored on the basis of Section 6 (1) f) GDPR. The basis for this is the legitimate interest in storing cookies for the technically error-free and optimised provision of this offer.

Insofar as cookies are also used for other purposes (e.g. tracking cookies to analyse your surfing behaviour), these are dealt with at the appropriate point in the data protection information.

The following types of cookies may be used on this website:

Session-Cookies

Session cookies are mandatory in order to guarantee essential functions of the offer. Without them, the offer cannot be used as intended. Session cookies are deleted after the end of the use of the offer. Your consent to the use of these cookies is not required.

Performance-Cookies

Performance cookies record how visitors use the website, e.g. which pages are called up most frequently by users and whether error messages are displayed. These cookies do not store any other information. They are used exclusively to increase user-friendliness and to tailor the offer more specifically to users. This data is also stored exclusively in anonymised form. The cookies have a lifespan of 13 months.

Marketing-Cookies

Marketing cookies are used to present users with marketing content that is tailored and relevant to them. Enable the use of marketing cookies to allow marketing content to be tailored to your needs and to display relevant content. Select "Allow cookies" in your browser to make the best use of cookies for this offer. You can manage or switch off the use of cookies yourself via the "Cookie settings" option. You can revoke your consent at any time.

E-Mail-Marketing

With your consent, we will send you information (e.g. on news, promotions, events or surveys) on our company, its services and products and on the subject of old-age provision by e-mail with a personal address. These are in particular our newsletter or e-mails on other occasions, such as the publication of new product features, a new tutorial on the product or information on our current promotions and offers.

Legal basis

Data processing with regard to this e-mail communication is based on your consent in accordance with Section 6 (1) a) GDPR, Section 7 GDPR in conjunction with. § Section 7 (2) no. 2 UWG.

Your consent is secured and logged by us using the double opt-in procedure in order to be able to prove consent in case of doubt. The logging, in particular of the time of consent and the time of confirmation of your consent, is based on Section 6 para. 1 lit. f) GDPR. Accordingly, we have a legitimate interest in operating secure and legally compliant email communication in order to prevent or avoid any misuse and to avoid harassing third parties.

You can revoke your consent or unsubscribe from our email communication at any time. For this purpose, we provide a corresponding link in each of these e-mails. Alternatively, you can also stop receiving such e-mails in the future at any time by sending an informal declaration to us, for example by e-mail to widerruf@xempus.com. The legality of the data processing operations already carried out remains unaffected by a revocation or deregistration.

Storage time

The data you provide for the purpose of receiving these e-mails will be stored by us until you unsubscribe or revoke your subscription and will then be deleted both from our servers and from the servers of a service provider used by us. Data that we store for other purposes remains unaffected by this.

For example, we may continue to store your email address for up to four years on the basis of our legitimate interest, so that we can prove consent previously given. The processing of this data is limited to the purpose of a possible defence against claims. The data will be deleted after the purpose of processing no longer applies. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed to us at the same time.

E-Mail-Marketing with Eloqua

This service uses the marketing automation software "Eloqua" from the provider Oracle to send e-mails. Our contractual partner is ORACLE Deutschland B.V & Co. KG, Riesstraße 25, 80992 Munich; the application is operated in data centres in the EU. You can view ORACLE's data protection declaration at https://www.oracle.com/de/legal/privacy/.

Eloqua is used to prepare, send and track/analyse marketing emails to track whether our emails are opened and which links are clicked. The application is only used if consent has been given. The tracking data collected is only linked to the email address and website tracking data. The analysis helps us to technically improve the e-mail dispatch and to better adapt the content of the e-mails to your interests and the interests of readers in general in the future. Reference is made to the existing rights of the user. If you do not wish to receive the tracking within our marketing e-mails, you must stop receiving the e-mails.

Marketing Automation Software

In order to optimise our offers, we use the marketing automation software "Eloqua" from the provider Oracle. Our contractual partner is ORACLE Deutschland B.V & Co. KG, Riesstraße 25, D-80992 Munich; the application is operated in data centres in the EU. You can view ORACLE's privacy policy at https://www.oracle.com/de/legal/privacy/.

Eloqua is used for tracking user behaviour on our website. Session and performance cookies are set for this purpose. The application is only used if consent has been given for the use of performance cookies.

When tracking user behaviour by means of performance cookies on our website, the data is in principle immediately anonymised, which means that it is not possible for us to identify the visitor. In this case, the anonymous statistical data is stored separately from any personal data that may be collected and does not allow any conclusions to be drawn about a specific person. In these cases, data on user behaviour with regard to the offer and the other data are generally not combined. Only if consent has been given, e.g. if you receive marketing e-mails from us, will the tracking data be linked exclusively to your e-mail address. In this case, the data is not anonymised. If you wish to withdraw your consent to tracking, you can do so here.

The data collected from you will be deleted from our servers and Oracle's servers at the latest when the purpose of processing no longer applies.

Web forms

The web forms used in the offer are created with "Eloqua", a marketing automation software of the provider Oracle, and the data entered are processed with this software. Our contractual partner is ORACLE Deutschland B.V & Co. KG, Riesstraße 25, 80992 Munich; the application is operated in data centres in the EU. You can view ORACLE's data protection declaration at https://www.oracle.com/de/legal/privacy/.

If you fill out a web form in our offer, the information you provide in the form, including any contact data you may have provided there, will be stored for the purpose of processing your request. The data entered in the web form is processed on the basis of Section 6 (1) (b) of the General Data Protection Regulation (GDPR) for the performance of a contract or for the implementation of pre-contractual measures in response to your enquiry or on the basis of our legitimate interest (Section 6 (1) (f) GDPR) in being able to respond to your request as described in the enquiry.

The data you enter in the web form will remain with us until you request us to delete it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry).

Mandatory legal provisions - in particular retention periods - remain unaffected. With your consent, we also use an e-mail address you have entered to link anonymously collected information about the use of our offers to the unique identification number assigned by Eloqua by means of the Eloqua marketing automation software. More details can be found in this statement under the heading Marketing Automation Software. Your consent (Section 6(1)(a) GDPR) is required to use your email address for this purpose.

You can revoke this consent at any time with effect for the future by informally notifying us, for example by e-mail to widerruf@xempus.com. If you do not wish to give your consent, you can alternatively inform us of your request via the e-mail address marketing@xempus.com.

XEMPUS bAV Check

Our occupational pension calculator is intended to help you get a better picture of the topic of occupational pensions before you take out an occupational pension plan. Our occupational pension calculator therefore aims to essentially reflect your personal pension situation. In order to achieve a good approximation of the calculation result to your personal circumstances, you must therefore enter some important parameters (e.g. age, tax class or monthly gross income). If you do not provide these details, default values will be used in the occupational pension calculator which could only coincidentally match your personal situation.

If you provide the essential parameters in the occupational pension calculator, your information will be processed for the purpose of an approximate calculation of your personal pension situation.

The processing of the data provided in the bAV calculator is carried out on the basis of Section 6 (1) (b) GDPR for the purpose of carrying out pre-contractual measures in response to your request. Data will only be passed on to third parties or processed for other purposes if required by law or if we are otherwise entitled to do so, e.g. in the case of your consent.

The data you provide in the pension calculator will remain with us until you request us to delete it or the purpose of the processing no longer applies (e.g. after you have finished using the pension calculator). Mandatory legal provisions - in particular retention periods - remain unaffected.

Job offers

Job offers on our website are linked to our online application procedure, for which a separate data protection declaration is stored.  If you do not use this online application procedure and apply directly to us by e-mail, for example as part of an unsolicited application, we will collect and process your personal data for the purpose of processing the application procedure. The legal basis for this is Section 6 (1) b) GDPR for the implementation of pre-contractual measures, which takes place at your request.

Other services and technologies used by this offer:

3. How long will your data be stored

For data backup purposes, complete copies of the collected and stored data are made daily. These copies are stored in encrypted form for up to 13 weeks.

If you have given us consent, we will delete the personal data as soon as the purpose of processing no longer applies.

4. Which rights do you have

Your rights to information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data. We take into account legal provisions regarding retention and documentation periods. In addition, we retain your data within statutory periods in order to ward off claims under liability law.

You can contact us at any time about this and other questions on the subject of personal data. You will find the contact details under point 1 of this data protection notice. If you request that your data be blocked or deleted, you may no longer be able to make full use of our services.

Your right of withdrawal for consents

Some data processing operations are only possible with your express consent. You can revoke an already given consent at any time by informally notifying us, for example by e-mail to widerruf@xempus.com, with effect for the future. The legality of the data processing carried out until the revocation remains unaffected by a revocation.

Your rights of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Section 6(1)(e) or (f); this also applies to profiling based on these provisions.

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

Your right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format.

Your right to complain to the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority in matters of data protection law is:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 27 (Schloss)
91522 Ansbach

https://www.lda.bayern.de

Version 210318