Privacy Policy

Status: March 2025

Ellen Culpeck Insurance Broker GmbH (hereinafter “we” or “us”) takes the protection of your personal data very seriously. We process your data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) as well as current case law. In the following, we will inform you clearly and transparently about the type, scope and purpose of data processing and your rights as a data subject.

1. Responsible body and contact

The controller within the meaning of the GDPR is Ellen Culpeck Insurance Broker GmbH, Nato Flugplatz – Gebäude 81, Lilienthalallee 100, 52511 Geilenkirchen. You can contact us for all data protection concerns as follows

Postal address: Ellen Culpeck Insurance Broker GmbH, Nato Flugplatz – Gebäude 81, Lilienthalallee 100, 52511 Geilenkirchen, Germany
E-mail: [email protected]
Telephone: +49 (0) 2451 2983

2. Categories of personal data and data sources

We process personal data that we receive from you as part of our business relationship or that you provide to us, e.g. via our website or other communication channels. Depending on the type of relationship (e.g. prospective customer or customer as policyholder), this may include the following data in particular:

Master data: e.g. title, surname, first name, date/place of birth, marital status, address, contact details (telephone number, e-mail address)
Identification data: e.g. ID data (identity card or passport number), tax identification number, other information required for identification.
Contract and application data: Information that you give us in connection with the initiation or execution of contracts. This includes information on desired insurance products, insurance applications, insured risks, existing contracts, damage reports, bank details and payment data, tax and billing data, etc.
Special categories of data: Where necessary for certain insurance policies, special categories of personal data may also be processed in accordance with Art. 9 (1) GDPR – in particular health data (e.g. information on pre-existing conditions for life or health insurance policies) or, where applicable, information on trade union/religious affiliation (e.g. for special tariffs). We only collect such data if it is necessary for the brokerage or management of corresponding contracts and either a legal permission exists or you have given us your express consent (Art. 9 para. 2 lit. a GDPR)
Communication data: Contents of inquiries, conversations or correspondence (e.g. by email, contact form, post or telephone) as well as records of consultation meetings or brokerage documentation (protocols) that we create on the basis of legal requirements (e.g. consultation protocol in accordance with Section 62 VVG for insurance policies).
Technical data when visiting the website: When you visit our website, data is automatically collected for technical reasons (server log files). This includes, for example, the IP address of the requesting device, date and time of access, pages/files accessed, browser type and version, operating system, referrer URL. As a rule, this technical access data does not allow your person to be identified directly and is evaluated solely to ensure the trouble-free operation of the website and for IT security.

As a rule, we collect the data directly from you. In some cases, however, we also obtain data from other sources if this is permitted. This may be the case, for example, if we use external comparison and quotation platforms to submit applications to insurers. We may also use information from publicly accessible sources (e.g. commercial register, Internet) to the extent permitted, insofar as this is relevant to our services.

3. Purposes and legal bases of data processing

We process your personal data for specific purposes and on the basis of the relevant legal bases of the GDPR:

a) For the initiation and performance of contracts (Art. 6 para. 1 lit. b GDPR):

Data processing is carried out in order to provide you with our services as an insurance agent. This includes in particular

Advice and brokerage of insurance contracts: We process your data in order to process your request, assess risks, determine suitable insurance solutions and obtain offers from insurance companies. If a contract is concluded, we process your data for contract management, support and, in the event of a claim, to assist with claims settlement.
Correspondence and customer service: We use your contact data to communicate with you in the context of contract initiation or execution, e.g. to respond to inquiries, arrange appointments, send documents and information, queries regarding applications or claims notifications, etc.

The processing of this data is necessary for the fulfillment of our contract with you or for the implementation of pre-contractual measures; without this data, we cannot prepare or execute the desired brokerage contract or conclusion of an insurance contract.

b) For the fulfillment of legal obligations (Art. 6 para. 1 lit. c GDPR):

We are subject to various legal obligations that make it necessary to process your data. These include in particular

Commercial and tax law obligations: Statutory retention periods and documentation obligations require the storage of certain data for a longer period of time (see section 8 Storage period below). For example, we must retain business records and tax-relevant documents in accordance with the German Commercial Code (HGB) and the German Fiscal Code (AO) for 6 to 10 years.
Insurance and commercial law requirements: As an insurance agent, we are bound by the provisions of the Insurance Contract Act (VVG), the Trade Regulation Act (in particular §§ 34d GewO) and the supervision of the Chamber of Industry and Commerce (IHK). For example, we are required to prepare advisory documentation and retain certain information.
Money laundering and sanctions checks: In some cases, we are required by the German Money Laundering Act (GwG) to verify your identity (KYC check) and, in the case of large sums of money or certain transactions, to check whether money laundering or sanctions lists are relevant. A terrorism/sanctions list check may also be required before a contract is concluded.
Regulatory requirements: We may have to report data to supervisory authorities (e.g. BaFin or the competent supervisory authority for data protection) or facilitate audits. Insurers are also subject to regulatory requirements, which we comply with in the brokerage process.

In all these cases, we only process the data that is necessary to fulfill the respective legal obligation and rely on Art. 6 para. 1 lit. c GDPR as the legal basis.

c) On the basis of legitimate interests (Art. 6 para. 1 lit. f GDPR):

Where necessary, we process your data beyond the actual contractual purposes to protect our legitimate interests or those of third parties. This only takes place if your legitimate interests are not overridden. Examples of such legitimate interests are

Direct customer support and information: if you are already our customer, we may use your contact details to inform you about similar products and services (e.g. follow-up products or insurance updates) as part of the existing business relationship, provided you have not objected to this. (However, we only send promotional emails if the legal requirements of Section 7 UWG are met or you have given your consent).
Assertion and defense of legal claims: In the event of a dispute, we may use relevant data for the preservation of evidence and legal defense (e.g. documentation of consultation meetings, contractual documents, correspondence). This may also justify longer-term storage beyond the term of the contract in order to defend ourselves against any claims.
Ensuring IT security and operation: We process technical data in order to protect our systems and prevent misuse (e.g. detection of cyber attacks, logging of access). We also use organizational measures to prevent unauthorized persons from accessing data (see also section 7 Data security).
Business management and internal administration: Data may be used in a permissible manner, for example to create anonymized evaluations, to further develop our consulting services, to train employees or as part of internal audits and compliance checks. We take care to use pseudonymized or aggregated data wherever possible.
Prevention and investigation of criminal offenses: Measures to prevent fraud, investigate cases of misuse or prevent criminal offenses (e.g. insurance fraud) may constitute a legitimate interest. This may also include comparisons with publicly available information if there is a specific reason to do so.

d) Based on your consent (Art. 6 para. 1 lit. a GDPR):

If you give us your consent, we will process your personal data for the purposes specified therein. This applies, for example:

Disclosure to third parties outside of contract processing: we ask for your permission if we wish to disclose your data to third parties in cases that are not covered by contract processing or legal obligations. For example, you could consent to us forwarding your contact details to a cooperation partner who offers a complementary product.
Promotional communication: Unless you are already a customer or certain forms of advertising are not permitted by law, we will obtain your express consent to send you newsletters or offers by email, telephone or messenger. You can of course revoke such consent at any time.
Processing of special data (health data): The processing of health data is required for certain insurance policies (e.g. life, health or disability insurance). We only process this sensitive data with your express consent in accordance with Art. 9 para. 2 lit. a GDPR – e.g. by signing a release from confidentiality and consent under data protection law. In such consent, we will inform you separately about the scope of data processing. Any disclosure of health data to insurers, doctors or experts will also only take place on the basis of your consent and any additional releases from confidentiality.

Any consent given is always voluntary and can be revoked by you at any time with effect for the future.

The revocation does not affect the legality of the processing carried out up to that point.

4. Disclosure of data and recipients

Your personal data will always be treated confidentially by us. We only pass it on to third parties if and insofar as this is necessary to fulfill the stated purposes or you have consented or a legal basis permits or provides for this. Recipients of your data may include in particular

Insurance companies and their partners: If you conclude an insurance contract through us or report a claim, we will transmit your data required for this purpose to the respective insurance company (or its branch or general agency). Depending on the line of business, it may also be necessary to provide data to reinsurers or service providers associated with the insurer (e.g. medical service providers for life insurance, claims adjusters, appraisers). The insurers then use the data under their own responsibility for risk assessment, contract fulfillment and claims processing. We ensure that only the necessary information is passed on.
Product providers and cooperation partners: We sometimes work together with other partners in order to offer you a comprehensive range of financial and insurance products. For example, we may forward your request to a specialist broker or wholesaler (“pool”) if we are unable to offer a particular product directly. These partners process your data on our behalf or in joint responsibility for the preparation of offers. We ensure that all partners are contractually bound to data protection.
External service providers (processors): We use carefully selected external service providers who provide services on our behalf and may have access to personal data in the process. Examples include IT service providers (maintenance of hardware and software, hosting providers), cloud and data center providers, service providers for archiving/file storage, providers of customer management software (broker management program), newsletter mailing service providers, etc. We conclude order processing contracts with these processors in accordance with Art. 28 GDPR to ensure that your data is processed there just as securely and for the intended purpose.
Cloudflare: We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of globally distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in Cloudflare’s server log files. Cloudflare is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves. You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests. The functionality of the website is not guaranteed without the processing. Your personal data will be stored by Cloudflare for as long as is necessary for the purposes described. You can find further information on objection and removal options vis-à-vis Cloudflare at Cloudflare DPA. Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf
Typeform: We use Typeform from TYPEFORM SL, C/Bac de Roda, 163 (Local), 08018 Barcelona Spain (Typeform) for our contact forms. This enables us to provide you with an easy way to contact us. Mandatory fields are marked with an *. Typeform is the recipient of your personal data and acts as a processor for us. The processing of the data specified in this section is not required by law or contract. Without your consent and the transmission of your personal data, we cannot provide you with a contact form. However, you can contact us at the following e-mail address: [email protected]. The data is stored exclusively for the purpose of sending inquiries and responding to them. The mandatory information is used to assign and respond to your request. In addition, Typeform collects the following personal data with the help of cookies: Information about your end device (IP address, device information, operating system, browser settings). Furthermore, usage data such as the date and time when you used the contact form is collected. Typeform requires this data to ensure that the contact form is displayed and functions properly. This corresponds to Typeform’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). Further information can be found at: https: //help.typeform.com/hc/en-us/articles/360029581691-What-happens-to-my-data Further information on objection and removal options vis-à-vis Typeform can be found at: https: //admin.typeform.com/to/dwk6gt The legal basis for this processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. The revocation can be made via the contact options provided. Your data will be processed for as long as the corresponding consent is available. The declaration of revocation does not affect the legality of the processing carried out so far. Your data will be deleted after processing has been completed, unless further storage is required by law.
Google Fonts (local hosting): This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. There is no connection to Google servers. Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Consultants and bodies within our corporate organization: This may include, for example, our tax advisor or auditor (access to invoice data as part of their auditing and consulting activities), lawyers (in the event of a dispute), insurers as part of our own business insurance policies (e.g. disclosure of a claim involving your data) or debt collection service providers in the event of outstanding claims. Such recipients are also legally or contractually bound to confidentiality and data protection.
Authorities and public bodies: In the event of statutory duties to provide information, personal data may be passed on to authorized authorities, e.g. tax authorities (in the case of tax-relevant transactions), law enforcement authorities (upon request as part of an investigation), supervisory authorities (such as the responsible state data protection officer or the Chamber of Industry and Commerce, insofar as they have audit rights) or courts (in the case of legal disputes as evidence). In such cases, your data will only be passed on in accordance with the legal requirements.

Your data will not be transferred to unauthorized third parties or for purposes other than those specified. In particular, we do not sell or disclose any data unless you have expressly consented to this.

5. Data processing when using our social media sites

We maintain publicly accessible profiles on social networks and platforms in order to communicate with customers and interested parties and to provide information about our company. Specifically, we currently use the following social media channels

Instagram: Operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. (Data protection information from Instagram: see)
X (formerly Twitter): Operated by X Corp (USA) or in the EU by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland. (Privacy policy of X/Twitter: see)

Please note that we may be jointly responsible with the respective platform operator on these platforms in terms of data protection insofar as we influence the data processing (joint controllership pursuant to Art. 26 GDPR, e.g. for statistical evaluations of usage data on our profiles).

However, the primary data processing when visiting the social media pages is carried out by the operators of the social networks. They collect and use your personal data (e.g. through cookies or similar technologies) for their own purposes, in particular to analyze your usage behavior for advertising and market research. We only have limited influence on this data processing.

Data processing by the platform operators: When you visit our profiles, the aforementioned companies may collect your IP address, device-specific information and your usage behavior on the platform, among other things. If you are logged into your respective account at the same time, the platform provider can assign the visit to your user account. Even if you do not have your own account or are not logged in, data may be collected, e.g. via cookies on your device. The platform operators may create user profiles from your usage behavior and use these for personalized advertising and market research, which may also be displayed outside the platform. For details, please refer to the privacy policies of the respective services (see links above). There you can also find out on what legal basis the providers process the data and how you can change existing advertising/privacy settings, for example.

Data processing by us on social media: If you contact us via social media (e.g. by writing us a message, responding to one of our posts or leaving a comment), we process the personal data collected in the process in order to deal with your request. This includes your profile name, any other information you have made visible from your profile and, of course, the content of your message/comment. We use this data, for example, to respond to your request or to react to feedback. Depending on the context, the legal basis for this is Art. 6 para. 1 lit. b GDPR (if you make an inquiry in relation to a contract or our services) or Art. 6 para. 1 lit. f GDPR (our legitimate interest in communicating with the public and raising our profile). We may also use publicly visible contributions from you on our pages (e.g. comments) within the scope of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, for example to respond to them or to quote them within the platform if necessary.

We also receive anonymized statistics from the platform operators about the use of our social media pages (so-called “insights”). These contain, for example, demographic information about visitors to our site (grouped by age or gender), reach and interaction figures, etc., but no direct personal references. This aggregated data helps us to understand which content is well received and how we can optimize our offering. We only have limited influence on the creation and processing of this insights data by the platform; it is largely carried out by the provider according to its rules.

Information on risks and responsibility: We would like to point out that you use the aforementioned social media platforms and their functions at your own risk. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). If you do not want the operators to associate your usage behavior with your profile, you should log out of your account and delete any cookies before visiting our site. You can assert your rights to information, correction, deletion, restriction, etc. both against us and against the respective platform operator. Please note, however, that we do not have full access to the data stored by the platforms. The platform operator is usually in a better position to provide information or enforce your rights. However, we are happy to support you to the best of our ability.

Data transfer to third countries by social media: Some of the social media providers mentioned have their corporate headquarters in the USA. It is therefore possible that personal data may be transferred to the United States or other third countries when using our social media presences. For the USA, there is currently an adequacy decision by the EU Commission under the new “EU-U.S. Data Privacy Framework” for certified companies; if a provider is not certified, we base the transfer on the standard contractual clauses of the EU Commission or your express consent. Nevertheless, we would like to point out that a lower level of data protection may prevail in third countries and that, for example, US authorities could access data without you as an EU citizen being entitled to the same legal remedies.

Storage period on social media: We delete or anonymize the communication data that we have received directly via social media as soon as the purpose has been fulfilled and there are no legal retention obligations. For example, an inquiry is deleted after it has been conclusively answered and no further storage is required. Publicly posted content generally remains on the platform until you delete it yourself or we remove it, if permitted. We have no influence on the storage period of the data collected by the social media providers. This depends on the terms of use of the respective service. Please contact Instagram, X or YouTube directly to find out how long your data is stored there and how you can arrange for it to be deleted.

6. Data security

We take appropriate technical and organizational security measures (TOMs) to protect your personal data from unauthorized access, loss, alteration or disclosure. These include, for example

The storage of your data on secure, protected server systems; encrypted databases where necessary.
Access restrictions according to the need-to-know principle: only authorized employees who need to know the data for the purposes mentioned are granted access to it. Our employees are also committed to confidentiality and data protection.
Encryption: Our website uses TLS encryption (recognizable by “https://” in the URL) to protect the transmission of confidential content (e.g. in the contact form). We also use common encryption methods for emails, provided your email provider supports this. Please note, however, that unencrypted e-mails on the Internet do not guarantee complete confidentiality – so please do not send us particularly sensitive information by unencrypted e-mail.
Data backup and redundancy: We create regular backups in order to be able to reconstruct the data in the event of technical problems or data loss. This backup data is also stored securely.
Up-to-dateness and control: We always keep our security measures up to date with the latest technology and adapt them as soon as new risks are identified. Our systems are protected against attacks by firewalls, virus protection and monitoring.

Please note that 100% security can never be guaranteed for data transmissions on the Internet. However, we secure our systems and processes to the best of our ability in accordance with legal requirements and the state of the art.

7. Storage period and deletion

We do not store your personal data for longer than necessary. In principle, we process and store personal data for as long as is necessary for the respective purposes (fulfillment of contractual obligations or purposes for which you have given your consent). If the processing purpose no longer applies, we delete or anonymize your data as part of the regular deletion routines. However, we observe the following deadlines and retention obligations in particular:

Contract and consultation documents: we retain data from our business relationship (contract documents, applications, correspondence, consultation records, etc.) for the duration of the contract and beyond. After the end of the contract, the data is initially retained to the extent necessary in order to consider any warranty or liability claims. We retain relevant documents until the expiry of the regular limitation period for civil law claims. According to §§ 195 ff. BGB (beginning at the end of the year in which the claim arose). In individual cases, however, limitation periods can also be up to 30 years (absolute maximum period).
Retention under commercial and tax law: Irrespective of any limitation period, we are obliged to retain certain data for periods specified by law. For example, contract documents, accounting vouchers, invoices, proof of payment, business letters or emails must be archived for 6 or 10 years in accordance with the provisions of the German Commercial Code (HGB), the German Tax Code (AO) or the German Insurance Tax Act (Versicherungssteuergesetz). These periods begin at the end of the calendar year in which the document was created. During this time, the data is blocked (i.e. no longer actively used), but retained for auditing purposes and verification obligations. After the deadlines have expired, the data concerned is routinely deleted.
Creditworthiness and brokerage inquiries (without conclusion of a contract): If you have made use of our offers without a contract with an insurer or lender being concluded (e.g. pure offer preparation, advice without conclusion), we only store the data collected for as long as is necessary for further support or a possible subsequent conclusion of a contract. If it is clear that no contract will be concluded and there is no further interest on your part, we will delete your data after 12 months at the latest (in the case of requests for quotations) or after completion of our consultation, provided that no other retention obligations apply.
Application documents: If you apply to us and are not hired, we will generally delete your application data no later than 6 months after completion of the application process. Data will only be stored for longer with your consent (inclusion in the applicant pool) or if we have to assume on the basis of concrete evidence that we need the data to defend against legal claims (in this case at the longest until the claim has been clarified).
Social media communication: As explained in section 6, we delete direct inquiries or messages on social media channels as soon as the conversation is concluded and no further storage is required for reasons of proof. Public posts remain on the platform until you delete them or we remove them in accordance with our moderation rules.

In exceptional cases, further storage may be necessary, for example if required by law or official orders, in the event of ongoing legal disputes or if you have consented to longer storage.

8. Your rights as a data subject

As a data subject affected by data processing, you have a number of rights under the GDPR that you can assert against us:

Right to information (Art. 15 GDPR): You can request information about which of your personal data we have stored and how we process it.
Right to rectification (Art. 16 GDPR): You have the right to request the rectification of inaccurate data or the completion of incomplete data.
Right to erasure (Art. 17 GDPR): Under the conditions of Art. 17 GDPR, you can request the erasure of your personal data. This is the case, for example, if the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent and there is no other legal basis. Please note that the right to erasure is subject to restrictions – for example, if we are legally obliged to retain the data or we need the data to assert legal claims. The restrictions pursuant to Sections 34 and 35 BDSG apply.
Right to restriction of processing (Art. 18 GDPR): Under certain conditions, you can request that we only process your data to a limited extent (e.g. if you dispute the accuracy of the data, for the duration of the obligation to verify).
Right to data portability (Art. 20 GDPR): You have the right to receive the data that you have provided to us in a commonly used, machine-readable format or – where technically feasible – to request that it be transmitted to a third party.
Right to object (Art. 21 GDPR): You can object tothe processing of your personal data, which we carry out on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR), at any time for reasons arising from your particular situation. If you object, we will no longer process the data concerned for these purposes unless we can demonstrate compelling legitimate grounds that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. In particular, you can object to direct marketing at any time without giving reasons – in which case we will no longer use your data for advertising purposes. (For details on the right to object, see also section 10 below).
Right to withdraw consent (Art. 7 para. 3 GDPR): If you have given us your consent, you can withdraw it at any time with effect for the future (see section 4 d above). An informal notification by e-mail to us is sufficient. Withdrawal will not result in any disadvantages for you, except that we may no longer be able to provide certain services.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): If you believe that the processing of your personal data violates data protection law, you can lodge a complaint with a data protection supervisory authority. You can do this with the authority responsible for us (State Commissioner for Data Protection and Freedom of Information NRW in North Rhine-Westphalia) or any other data protection authority. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

To assert your rights, you can contact us informally at any time (e.g. by e-mail to our above address). Please specify which right you are requesting under the GDPR and provide as much information as possible so that we can process your request efficiently. We will examine your request immediately and implement it in accordance with the legal requirements.

9. Right to object in accordance with Art. 21 GDPR

Individual right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which we carry out on the basis of Art. 6 para. 1 lit. e or lit. f GDPR (data processing in the public interest or on the basis of legitimate interests). This also applies to profiling based on this. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.

Objection to the processing of data for direct advertising: In cases where we process your personal data for the purpose of direct advertising (e.g. sending advertising emails to existing customers), you have the right to object to the processing of your data for the purpose of such advertising at any time. If you object to processing for direct marketing purposes, we will no longer use your personal data for these purposes.

The objection can be made informally and should preferably be addressed to: Ellen Culpeck Insurance Broker GmbH, Nato Flugplatz – Gebäude 81, Lilienthalallee 100, 52511 Geilenkirchen, Germany, e-mail: [email protected].

10. Topicality and changes to this privacy policy

This data protection declaration was last updated in March 2025. We regularly review it to ensure that it is up to date and complies with the applicable legal situation and current official requirements and court rulings. If necessary (e.g. in the event of legal changes to the GDPR/BDSG or if our range of services is expanded to include new data processing), we will amend this privacy policy accordingly.

The current version of the privacy policy is available on our website at https://culpeck.com/privacy-policy/. We retain older versions for verification purposes.

Note: This privacy policy provides comprehensive information in accordance with Art. 13, 14 GDPR. If you have any questions or uncertainties regarding individual points, please do not hesitate to contact us. We will be happy to help you with how we implement data protection in our company.