ITIA is aware that the protection of your privacy is an important concern for you when visiting our web pages. We take our remit, guaranteeing the confidentiality of your data within the framework of applicable regulations of data privacy law, very seriously in the interests of both parties. We use the latest techniques for holding dialogues with you and safeguarding your data.
The following data protection information applies to the web presence of ITIA.
We hereby inform you about the processing of your personal data when using our web pages and the rights you have under applicable data protection legislation.
Responsible for data processing:
International Travel Insurance Alliance e.V.
c/o ERGO Reiseversicherung AG
Tel: +49 (0) 89 4166 00
You can contact our Data Protection Officer at the above address (FAO: Data Protection Officer) or use the email address email@example.com
Personal data we automatically process
When visiting our website, we automatically obtain and use information transmitted by your device’s browser only as much as necessary to provide the website and the services, to identify potential cases of abuse and to establish statistical information regarding the usage and traffic of the website. These information include browser type, IP address, device type and URLs to member websites. The statistical information does not allow us to identify any particular user.
Our website offers a number of services and functionalities that require the processing of personal data (for example your name, user name, user ID (for registered users), contact details like address, country of residence phone number and email address and company details), such as our services for registered users, online contact form or the subscription to our newsletter.
|Provision of our website and its functionalities||We base the processing of your personal data on our legitimate interests to have an online presence and promote our organization. (Art. 6 (1)(f) GDPR) Insofar as we collect your consent for certain processing activities (e.g. user of functionality cookies) we base the processing on this consent. (Art. 6(1)(a) GDPR) You can withdraw your consent at any time with effect for the future.|
|Provision of our internal ITIA member services||We base the processing of your personal data on the performance of a contract to which you are party or in order to take steps at the request of the data subject prior to entering into a contract. (Art. 6 (1)(b) GDPR)|
|Newsletter subscription management||We rely on your voluntary consent. (Art. 6 (1)(a) GDPR) You can withdraw your consent at any time with effect for the future.|
|Fraud and misuse prevention||We base the processing of your personal data on our legitimate interests in protecting our organization, its website, functionalities and users. (Art. 6 (1)(f) GDPR)|
|Management of queries and requests||We base the processing of your personal data on our legitimate interests in enhancing our reach, managing our public relations and assisting(prospective) members (Art. 6 (1)(f) GDPR)|
Data will be sent to service providers (such as hosting providers and communication providers) for the aforementioned purposes.
|Recipient of personal data||Purpose|
|Kerk SolutionsPrivate Limited, a corporation organized and existing under the laws of the Republic of Sri Lanka, with its head office located at: 135B 1/1 Rajagirya Road, Rajagiriya, Sri Lanka||Providing, maintaining and managing the webpage|
|Regulatory authorities||If necessary to fulfil contractual or statutory obligations|
|Affiliated companies||As part of corporate communication or governance|
In the event personal data is sent to service providers or group companies outside the European Union (EU) and European Economic Area (EEA), it is only sent once an appropriate level of data protection has been ratified for the third country by the EU Commission, or other appropriate data protection safeguards are in place (such as EU standard contractual clauses). You can request further information from the contact details given at the start of this document.Personal data will be transferred to or is accessed by the following recipients in a third country:
|Kerk Solutions Private Limited, a corporation organized and existing under the laws of the Republic of Sri Lanka, with its head office located at: 135B 1/1 Rajagirya Road, Rajagiriya, Sri Lanka, system provider and manager||Sri Lanka Appropriate data protection safeguard: EU Standard Contractual Clauses|
You have the right to access the personal data in accordance with Art. 15 GDPR.
You have the right to request your data to be rectified in accordance with Art. 16 GDPR.
You have the right to have your data erased in accordance with Art. 17 GDPR.
Youhave the right to request restriction the processing of your personal data in accordance with Art. 18 GDPR.
You have the right to data portability in accordance with Art. 20 GDPR.
You also have the right to withdraw your consent at any time with effect for the future, Art. 7 (3) GDPR.
|Right of objection, Art. 21 GDPR|
|If we process your personal data based on our legitimate interests, you have the right to object to this processing for reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or processing serves the purposes of enforcing, exercising or defending legal claims. If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal datafor such marketing, which includes profiling to the extent that it is related to such direct marketing.|
To exercise any of the above rights, please contact our Data Protection Officer as described above in Section 1.
You have the right to lodge a complaint with a data protection supervisory authorityin accordance with Art. 77 GDPR.
We erase your personal data as soon as it is no longer required for the aforementioned purposes. This is a regular process based on statutory obligations for producing documents and compulsory safe custody under, notably, the commercial code, fiscal laws and the general tax code. Maximum storage periods are generally up to 10 years. It might also be the case that personal data is stored for the period during which claims can be asserted against us (statutory limitation period of three or up to 30 years).
Cookies are small pieces of data stored in text files that are saved on your computer or other devices when websites are loaded in a browser. They are widely used to remember you and your preferences, either for a single visit (through a "session cookie") or for multiple repeat visits (using a "persistent cookie").
Session cookies are temporary cookies that are used during the course of your visit to the Website, and they expire when you close the web browser.
Persistent cookies are used to remember your preferences within our Website and remain on your desktop or mobile device even after you close your browser or restart your computer. They ensure a consistent and efficient experience for you while visiting the Website and Services.
Cookies may be set by the Website ("first-party cookies"), or by third parties, such as those who serve content or provide advertising or analytics services on the Website ("third party cookies"). These third parties can recognize you when you visit our website and also when you visit certain other websites.
What type of cookies do we use?
- Necessary cookies
Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our Website and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account to access the content.
Please see below the table for an overview of our used cookies:
|laravel_session||2 Hours||A cookie for each member is created when the member logs in to maintain session data (user name, user ID, member type)|
|XSRF-TOKEN||2 Hours||This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks.|
Our website may contain links or references to other websites outside of our control and responsibility. Please be aware that this notice does not apply to these websites. We encourage you to read the Privacy Statement and terms and conditions of linked or referenced websites you enter. These third-party websites may send their own cookies and other tracking devices to you, log your IP address, and otherwise collect data or solicit personal data.ITIA assumes no liability whatsoever for how up-to-date the information provided is, nor for its correctness, completeness and quality.
The continued development of our web pages and advances in technology result from time to time in modifications to our Privacy Statement. In case of changes or amendments to this Statement, we will give you proper notice.