Privacy notice for losleben App

Below you will find more information on how we process your personal data when you use our losleben App. "Personal data" refers to any information that relates to a natural person (such as names, addresses, contract data).

Data controller
We, the

WIENER STÄDTISCHE Versicherung AG Vienna Insurance Group
Schottenring 30, 1010 Vienna
Telephone: +43 (0)50 350-20000 or email: kundenservice@wienerstaedtische.at

If you have any concerns or questions about the processing of your data by our company, we request that you contact our Data Protection Officer at datenschutz@wienerstaedtische.at.

Purpose and legal basis for processing your data
Our losleben app is available to you as a customer. You can use it to inform yourself about your current contractual relationship, register benefit claims and view their processing status, as well as use other available digital services at any time.

The disclosure and processing of your personal data is necessary for the use of this app.

During the registration process, personal data is requested so that we can clearly identify you and give you access to your data. There are two options available to you in this regard:

• Identity check using ID document and photo
  To provide you with a convenient and future-proof option for identity verification, we work together with Onfido, a leading service provider in this area. If you use this option, the required data will be transmitted end-to-end encrypted and automatically deleted after processing. Further information on data processing by Onfido can be found here: https://onfido.com/privacy  

• Identity verification by disclosing data
  You can also use our identity check by providing personal data (name, date of birth, policy number, e-mail address and your cell phone number). This data is compared with the personal data we have on file for you and supplemented if necessary.

After successful identification, 2-factor authentication is required. In this regard, the disclosure and processing of your e-mail address and your cell phone number is required for sending an SMS TAN for secure registration and use.

Based on your voluntary consent, your location will be used for selected use cases when using the app.

The processing of data for the use of this app is based on your consent in accordance with Art. 6 (1)(a) GDPR. If you contact us in the course of using the APP or register claims for services, we process your data in accordance with Art. 6 (1)(b) for contractual fulfilment.

Which information do we process/store?
We only ask you for personal data that is required for the registration process and secure login. If you do not provide us with this data or do not provide it to the extent required, you will not be able to use this service.

We process the following data for clear identification during initial registration and for logging into the APP:

Identity check using ID document and photo

• Photo of a valid ID document
• Photo (Selfi to compare with the ID card)

Identity verification by disclosing data

• First ans last name
• Date of birth
• Policy number
• Cell phone numer
• e-mail address

If you give your consent to the use of your location data, your location will be saved locally in the app.

Recipients of your data
The protection of your data is important to us. Therefore, data shall only generally be transferred if there is a contractual or legal requirement where this is necessary to safeguard our overriding legitimate interest or you have issued your consent to do so. In such cases, your data shall only be transferred to the extent that is absolutely necessary.

One of our basic principles is to either handle the essential data processing of our business ourselves or have it carried out by specialized companies within our group of companies in Austria. This is our central IT service provider, twinformatics GmbH, Obere Donaustraße 63, 1020 Wien, as well as our ServiceLine, serviceline contact center dienstleistungs-gmbh, Schottenring 30, 1010 Wien. You can find a detailed overview of possible data recipients in the document "Data recipients" on our homepage at https://www.wienerstaedtische.at/datenschutz-informationen.html.

Data security
We take extensive technical and organisational measures to make our data processing secure. In particular, this concerns the protection of your personal data against unintentional or unlawful destruction, loss, modification or unauthorised disclosure of or unauthorised access to personal data that are transferred or saved or are processed in another way.

The protective measures include, for example, the use of modern security software and encryption procedures, physical access control, authorisation concepts and other precautions in order to defend against and prevent attacks.

The data used when using the app is transmitted in encrypted form. Two-factor authentication is required for secure login (enter your e-mail address and a TAN code sent to your cell phone number via SMS).

Retention period of your data
When you use our app, your data is stored locally on your device. If you submit claims, the necessary data will be encrypted and sent to us to check your claims. The retention periods for our insurance relationship apply in this regard.

Your rights
You have the right to request information as to whether we process personal data from you. If this is the case, you may request information about the data itself, the purpose, categories, recipients, origin and storage duration of the data we process concerning you.

If we process information about you that is incorrect or incomplete, you may request that it be rectified or completed. You may also request the erasure of data that has been processed unlawfully. Please note, however, that this applies only to incorrect, incomplete or unlawfully processed data. If it is unclear whether the data processed concerning you is incorrect or incomplete or has been processed unlawfully, you may request that the processing of your data be restricted until final clarification of this issue. You may file an objection against the processing of your data to fulfil legitimate interests for reasons resulting from your specific situation at any time (Art. 6(1)(f)). You may also withdraw your consent at any time and without reason to prevent the further use of your personal data that has been collected and used on the basis of your consent or for the purposes of direct advertising.

You may receive the data we have processed about you, if we have received this directly from you, in a machine-readable format determined by us, or contract us with the direct transfer of these data to a third party chosen by you, provided this recipient has made this possible for us from a technical perspective and neither unreasonable expenses nor statutory or other duties of secrecy or confidentiality requirements prevent this from our side or from that of the third parties.

Should you have any concerns, we ask that you contact us using the contact information provided below. To ensure that your personal data does not fall into the wrong hands, we ask that you attach proof of identity, e.g. a copy of your identification document, when submitting your concern.

If you believe that the processing of your data infringes upon data protection law or that your claims to data protection have been otherwise violated, you have the right to lodge an appeal with the Austrian data protection authority, Barichgasse 40-42, 1030 Wien.

Use of automated decision making including profiling in accordance with Art. 22(1) and (4) GDPR
We do not use automated decision making or profiling.

Adaptation of this declaration
This notice replaces all previous versions. The current version can be founded on our homepage at www.wienerstaedtische.at/datenschutz-informationen.html.

Contact
If you have any questions or concerns relating to data protection, please contact us at datenschutz@wienerstaedtische.at. Or contact us by post at the following address:

WIENER STÄDTISCHE Versicherung AG Vienna Insurance Group
Data Protection Officer
Schottenring 30
1010 Vienna, Austria