Receive an email from us with a download link to open on your mobile phone.
By clicking the button you accept our privacy policy.
This is a convenience translation of the German privacy policy and is not legally binding. The German privacy policy is legally binding and can be found here.
Version dated 16.02.2024
The following data protection information applies to visitors and users of the website, its subdomains and the Horizion65 app (hereinafter “Portal”)
When “we” or “us” is used in the following, this refers to Horizon65 GmbH in the legal sense.
We hereby inform you about the processing of your personal data and the rights to which you are entitled under data protection law.
We are registered in the Commercial Register of the Charlottenburg District Court under the number HRB 228814 B and are active as an insurance broker in accordance with § 34 d Para. 1 of the Trade, Commerce and Industry Regulation Act.
We are very delighted that you have shown interest in using this portal. Data protection is particularly important to us. The use of our portal by natural persons is only possible with the provision and processing of personal data. The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to us. By means of this data protection information, we would like to inform you about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, we will inform you of the rights to which you are entitled by means of this privacy policy. As the data controller, we have implemented numerous technical and organizational measures to ensure that the personal data processed via our portal is protected as completely as possible. Nevertheless, Internet-based data transmissions can generally have security gaps, meaning that absolute protection cannot be guaranteed. For this reason, you and any other data subject are free to transmit personal data to us by alternative means, for example by telephone.
Person responsible for data processing
We are responsible for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR:
Horizon65 GmbH
Under den Linden 24
10117 Berlin
Phone: +49(0)30 837 961 33
E-mail: [email protected]
Website: https://horizon65.com
Contact details of the data protection officer
Horizon65 GmbH
Under den Linden 24
10117 Berlin
[email protected]
Definitions
Our data protection declaration is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). It should be easy for you to read and understand. To ensure this, we would like to explain the terms used in advance. We use the following terms, among others, in this privacy policy
Collection of general data and information
In our portal, we collect a range of general data and information every time you or an automated system accesses the website or our app. This general data and information is stored in the server log files.
The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our portal (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our portal, (5) the date and time of access to our portal, (6) an Internet protocol address (IP address) and (7) other similar data and information which serve to avert danger in the event of attacks on our information technology systems can be recorded.
Contact possibility via our portal
Due to legal regulations, our portal contains information that enables quick electronic contact and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If you contact us by e-mail or via a contact form, the personal data you provide will be stored automatically. Such personal data transmitted by you to us on a voluntary basis will be stored for the purpose of processing or contacting you. This personal data will not be passed on to third parties. The legal basis for the processing of your personal data for processing your request is Art. 6 para. 1 sentence 1 b GDPR.
Registration on our portal
You have the option of registering on our portal.
The following data is currently stored with the registration:
Purpose and legal basis of data processing
We process your personal data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the relevant data protection provisions of the German Insurance Contract Act (VVG) and all other relevant laws.
Insofar as we obtain your consent for processing operations for a specific processing purpose, Art. 6 para. 1 sentence 1 a GDPR serves as the legal basis for processing operations.
If you commission us to provide support, i.e. to broker, amend and manage existing and newly concluded insurance contracts, we require the personal data you provide in order to assess the risk to be assumed by an insurance company and to conclude the insurance contract. If the insurance contract is concluded, we process this data to implement the contractual relationship and in the event of a claim. In these cases, we process your personal data in accordance with Art. 6 para. 1 sentence 1 b GDPR.
We use the data from all insurance contracts to analyze the entire customer relationship, for example to advise on contract adjustments, contract amendments or to provide comprehensive information.
We will inform you about this on a case-by-case basis,
It is not possible to manage your insurance contracts without processing your personal data.
When using our portal, data and information are required in order to (1) correctly deliver the contents of our portal, (2) optimize the contents of our portal and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our portal and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
This collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The data of the server log files are stored separately from all personal data provided by a data subject.
This data and information is processed on the basis of Art. 6 para. 1 sentence 1 f GDPR.
The registration data you enter is required to provide the area of our portal in which we offer additional services after the user has registered. The legal basis for this is Art. 6 para. 1 sentence 1 b GDPR.
When you register on the controller’s portal, the IP address assigned to you by the Internet service provider (ISP), the date and the time of registration are also stored. This data is stored against the background that this is the only way to prevent misuse of our services and, if necessary, to enable criminal offenses to be investigated. In this respect, the storage of this data is necessary to safeguard the controller. This data will not be passed on to third parties unless there is a legal obligation to pass it on or it serves the purpose of criminal prosecution. The legal basis for the processing of your registration data for these purposes is Art. 6 para. 1 sentence 1 f GDPR.
Your registration with voluntary provision of personal data also serves us to offer you content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to change the personal data provided during registration at any time or to have it completely deleted from the controller’s database. Registered users can, for example, have their existing insurance contracts managed by us.
If special categories of personal data (e.g. your health data and other data protected under Section 203 StGB) are required for this, we will obtain your consent in accordance with Art. 9 para. 2 sentence 1 a in conjunction with Art. 7 GDPR. If we compile statistics with these data categories, this is done on the basis of Art. 9 Para. 2 j GDPR in conjunction with Section 27 BDSG. If you withdraw your consent, the management of the insurance contract is not possible or only possible to a limited extent. Until you withdraw your consent, the processing of your personal data remains lawful.
We also process your data in order to protect our legitimate interests or those of third parties (Art. 6 para. 1 sentence 1 f GDPR). This may be necessary in particular for
If we process personal data to protect a legitimate interest of ours or a third party, this will only take place if the interests, fundamental rights and freedoms of the data subject do not outweigh this. We are permitted to carry out such processing operations in particular because they are specifically mentioned by the European legislator. In this respect, it takes the view that a legitimate interest could be assumed if you are our customer (Recital 47 Sentence 2 GDPR).
Legitimate interests in the processing pursued by the controller or a third party
If the processing of personal data is based on Article 6 (1) sentence 1 f GDPR, our legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholders.
In addition, we process your personal data to fulfill legal obligations, e.g. regulatory requirements, retention obligations under commercial and tax law or our duty to provide advice. In these cases, the legal basis for the processing is the respective legal regulations in conjunction with Art. 6 para. 1 sentence 1 c GDPR.
Exchange of data with insurance companies
In order to review your existing insurance contracts with insurance companies and to be able to advise you with regard to your insurance cover, we request your personal data from insurance companies to the extent necessary.
If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance in accordance with the statutory provisions.
We transmit your personal data to insurance companies in order to establish, amend and manage insurance contract relationships with insurance companies.
The legal basis for the exchange of data with insurance companies is Art. 6 para. 1 sentence 1 b GDPR.
Insofar as the insurance companies process your personal data for the establishment, execution and termination of your insurance contracts, the insurance companies are considered to be responsible for data processing within the meaning of Art. 4 No. 7 GDPR and their respective data protection notices apply.
Health data
The legal basis for the processing of health data is your consent in accordance with Art. 6 para. 1 sentence 1 a GDPR, which we obtain separately from you and which you can revoke at any time with effect for the future without giving reasons. Our contact details can be found in the section “Name and address of the controller”.
Photos of contracts and documents
At Horizon65, we offer a service that includes contract and document verification to help our users with their insurance matters. As part of this service, users have the option to submit photos of their policies and documents via our portal or app. These submissions allow us to offer personalized advice and support based on the specific details of the user’s contracts.
The photos are collected with the utmost respect for the privacy of the users. The information contained in these photos is used solely for the purpose of reviewing and advising on the contracts and documents submitted. Access to these photos is restricted to authorized personnel directly involved in the contract review process.
The images may be captured for uploading one’s own profile photo; scanning a QR code for a referral program; scanning a QR code to import an investment from another user into one’s own account; taking pictures of an existing contract so that an expert can fill out the data for the user or taking pictures of the required documentation to sign up for an investment plan.
The images are captured by the user uploading the image to the app or taking a picture with their phone camera.
We collect the images in the app to provide a simple user experience. If the image is a QR code, this image is not captured but processed directly in the app itself.
The images are only used to make user requests and are not shared outside our company. Each user has their own account manager within our company, only this person has access to the images in order to carry out actions requested by the user (checking a contract, signing a pension plan, entering data for a contract).
The images are only stored by us for as long as the user retains their user account with us. The user decides whether to upload images and is not obliged to use the Horizon65 app. They can exercise their GDPR rights at any time and request the removal or restriction of use of the images.
Non-disclosure to third parties
Horizon65 does not share the photos of contracts and documents submitted by users with third parties. The privacy of our users and the confidentiality of their documents are of utmost importance. Disclosure of these photos outside of Horizon65 would only occur with the express consent of the user or as required by law.
Categories of recipients of the personal data
External contractors/service providers
To manage your insurance contract relationships, we or companies commissioned by us to fulfill the contract use companies, some of which are based within the territorial scope of the GDPR. In this case, the service providers will in turn store, process and further process your personal and special personal data (e.g. contract-related data).
For the transfer and processing of personal data, in particular health data and other data protected under Section 203 of the German Criminal Code (StGB), to and by companies based in the USA, we will obtain a separate declaration of consent and release from confidentiality from you, in which the companies concerned are also listed.
The following list shows the contractors/service providers commissioned within the territorial scope of the GDPR.
| Service | Purpose | The company |
| Amazon AWS S3 | Webhosting | Amazon Web Services Inc. |
| Appointment booking | Appointment booking | Calendly LLC |
| Advertising tracking | Marketing | Facebook Ireland Limited, Ireland |
| Website Analytics | Marketing | Google Ireland Limited, Ireland |
| Google Firebase | Marketing | Google Ireland Limited, Ireland |
| User Session Inspection | Web design optimization | Hotjar Limited |
| InSign | Contract signing | IS2 Intelligent Solution Services AG |
| E-mail marketing | Marketing | Mailjet GmbH |
| Vonage | Telecommunications | Vonage Limited |
| Sentry | Bug reporting | Functional Software Inc. |
| VoIP phone + SMS | Telecommunications | Twilio Inc. |
| Hubspot | Support System | Hubspot Inc. |
| Mobile app analytics | Web design optimization | UXcam Inc. |
| Amplitude Analytics | Web design optimization | Amplitude Inc. |
| Tiktok | Marketing | TikTok Technology Limited |
| Appsflyer | Mobile attribution | AppsFlyer Ltd. |
The companies mentioned above in this section in turn receive data about your contracts, for example from insurance companies, which they store, process and in turn transmit to us, e.g. for the correct and up-to-date presentation of your contracts in your digital insurance folder.
Other recipients
In addition, we may transfer your personal data to other recipients, such as authorities to fulfill legal reporting obligations (e.g. social insurance agencies, tax authorities).
Data transfer to a third country
If we transfer personal data to service providers outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection, if other appropriate data protection guarantees (e.g. binding internal data protection regulations or EU standard contractual clauses) are in place or if we have obtained your consent.
Usage data, analysis tools and third-party tools
When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous, which means that the surfing behavior cannot be traced back to you.
You can object to this analysis or use certain tools that prevent the use of cookies.
Information on our third-party analysis tools can be found in the following sections.
Cookies
So-called cookies are used when individual Internet pages are called up. Cookies are text files that are stored on a computer system via an Internet browser and saved in your Internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of cookies, the operator can provide the users of this website with more user-friendly services that would not be possible without the cookie setting. By means of a cookie, the information and offers on our portal can be optimized for the benefit of the user.
On the one hand, we use so-called “session cookies”. Session cookies are automatically deleted at the end of your visit to our portal. On the other hand, we use cookies that remain stored on your device until you delete them. As already mentioned, these cookies enable us to recognize the users of our portal. The purpose of this recognition is to make it easier for users to use our portal. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is taken over by the website and the cookie stored on the user’s computer system.
You can prevent the setting of cookies by our portal at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, you may not be able to use all the functions of our portal to their full extent.
The legal basis for the storage of cookies, which are technically necessary for the provision of certain functions of our portal, is Art. 6 para. 1 sentence 1 f GDPR.
If all browser data is deleted, any objection settings that have already been set will also be deleted, so that you will have to declare any objections you have already declared again.
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool are based on Art. 6 para. 1 f) GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising.
If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 a) GDPR; the consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/
Data stored by Google at user and event level that is linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. For details, please see the following link: https://support.google.com/analytics/answer/7667196?hl=de.
Facebook Pixel
Our website uses Facebook’s visitor action pixel to measure conversions. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
This allows the behavior of site visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. This allows Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.
According to Facebook, the data collected is also transferred to the USA and other third countries.
Facebook Pixel is used on the basis of Art. 6 (1) f) GDPR. The website operator has a legitimate interest in effective advertising measures including social media.
If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 a) GDPR; the consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
Insofar as personal data is collected on our website with the help of the tool described here and transmitted to
Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Square, Ireland are
Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR).
The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the wording of the agreement at: ttps://www.facebook.com/legal/controller_addendum.
According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.
You can find further information on protecting your privacy in Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/.
You can also deactivate the remarketing function “Custom Audiences” in the settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this.
If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
Data protection regulations for hyperlinks
Our portal contains so-called hyperlinks to websites of other providers. When you activate these hyperlinks, you will be forwarded directly from our portal to the website of the other provider. You can recognize this by the change of URL, among other things. We cannot accept any responsibility for the confidential handling of your data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please consult these websites directly for information on how these companies handle your personal data.
Duration of data storage / deletion of personal data
We will delete your personal data if it is no longer required for the above-mentioned purposes. Personal data may be stored for the period during which claims can be asserted against our company (statutory limitation period of three to thirty years). We also store personal data insofar as we are legally obliged to do so. Corresponding proof and retention obligations arise from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act, among others. The storage periods are up to ten years.
Rights of data subjects
In accordance with Articles 15 to 22 GDPR, you have certain rights with regard to the processing of your personal data.
Right of access, right to rectification, erasure, portability or restriction
You have the right to request information about the personal data stored about you at the above address (Art. 15 GDPR). You also have the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR. Our employees are available to you as contact persons in this context. The restrictions under Sections 34 and 35 BDSG apply in particular to the right to information and the right to erasure.
Right to object pursuant to Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 sentence 1 e GDPR (data processing in the public interest) and Art. 6 para. 1 sentence 1 f GDPR (data processing on the basis of a balancing of interests); this also applies to profiling based on this provision within the meaning of Art. 4 no. 4 GDPR, which we use to assess creditworthiness or for advertising purposes.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
Right of appeal
In accordance with Art. 77 GDPR in conjunction with Section 19 BDSG, you have the option of contacting the above-mentioned data protection officer or a data protection supervisory authority with a complaint. The data protection supervisory authority responsible for us is
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstraße 219
10969 Berlin
Phone: 030 13889-0
Fax: 030 2155050
[email protected]
Secure your long-term financial future and start learning about potential investments using our intuitive and easy-to-understand mobile app.
