Datenschutz
The following privacy policy provides an overview of the collection and processing of personal data. We respect and protect your privacy, regardless of whether you are a customer, potential customer or visitor to our website.
This privacy policy details what data are processed when you contact us over the Internet. It applies to the health insurance and healthcare fund of SBK Siemens-Betriebskrankenkasse – these are referred to below as ‘SBK’.
It also provides you with information on the processing of your data in line with the legal standards (Article 13ff. GDPR). This privacy policy gives you a quick and easy overview of which personal and social security data we collect from you and what we do with them. Additionally, it describes your rights under the data protection laws and who you can contact if you have any questions.
1. Privacy policy
2. Important information
3. Information on the processing of your data
Privacy policy for the internet service of SBK
We hope to provide you with comprehensive information about the products and services of SBK through our website and our newsletters.
The protection of your personal data is very important to us. The following privacy policy provides you with an overview of when we store data and the purposes for which they are collected and processed.
As a public body, we are subject to the provisions of the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the special provisions concerning the protection of social security data of the books of the German Social Code (SGB), especially Books I, V, X, XI and XII. Our adherence to the statutory provisions is verified on a regular basis.
Your consent to the processing of data
Your data from your visit to the website will not be collected, processed or used automatically without your express consent. Your IP address is stored in server log files for 30 days. However, we cannot access them and as such, they cannot be associated with an individual. We will store your personal data if you expressly provide us with them. This might be in one of the following cases:
Each input screen on the website describes which data are collected, stored and used. Fields marked as optional are voluntary.
Use and disclosure of your data
If you provide us with your data, we will only use them for the original purpose, e.g. in order to respond to queries or send the newsletter. Your data will not be passed on to third parties without your consent. Data are only passed on to third parties in line with mandatory statutory regulations or if the disclosure is necessary for the purposes of litigation or prosecution in the event of an attack on our network infrastructure.
We have our external service providers sign a contractual undertaking to adhere to the provisions concerning the protection of social security data. To this end, we enter into a legally required data processing contract in the sense of Article 28 GDPR in conjunction with Section 80 of Book X of the German Social Code (SGB). As the client, we inspect the protection of your personal data prior to the start of the data processing, and then regularly monitor compliance with the technical and organisational measures implemented by the contractor.
Whenever you provide personal data, your data will be encrypted before they are transmitted over the Internet in order that they cannot be accessed by unauthorised parties.
Persons under the age of 15 should not provide us with any personal data without the permission of their parents or guardians.
Use of cookies
A cookie is a small text file containing information which is installed on the browser of the visitor. Cookies cause no damage to your computer. They serve to make our website more user-friendly and effective. You can configure your browser to notify you of the installation of cookies, to only allow specific cookies, to block cookies in certain cases or in general and to delete cookies automatically when you close your browser window. Deactivating cookies might limit the features of this website.
We use session cookies in some parts of our website. They become invalid automatically at the end of your visit.
Necessary cookies
These cookies ensure the basic functions of the SBK website so that you can use it. These functions include, for example, site navigation, the processing of forms and access to your personal online self-service branch Meine SBK.
Statistic cookies
SBK web pages use Matomo web analysis software for the statistical analysis of visitor access activities. Software cookies are used for this purpose.
By consenting to the use of statistic cookies, you are helping us continuously improve our website through the analysis of anonymous statistics. The legal basis for this is Article 6(1)(a) GDPR. This data cannot be analysed in connection to any particular person.
Matomo is configured in compliance with data protection laws. The information collected by cookies on the use of the website is stored on SBK servers in Germany. Your IP address is anonymised as soon as it has been processed and before it is stored. The information generated by the cookie on your use of SBK web pages is not shared with third parties.
External services
Cookies may be set or comparable technologies from external services may be used if you have given us your consent for this. The legal basis is Articl 6(1)(a) GDPR. This refers to:
Datawrapper: We use the data visualisation service Datawrapper to create infographics for our website. If you call up these infographics and consent to the use of the external service, Datawrapper GmbH collects technical usage data for the statistical analysis of user access. No IP addresses are recorded. Datawrapper does not pass on any user data to third parties. You can find more information in Datawrapper's privacy policy at
Google Maps: our web pages use Google Maps, a map service provided by Google Ireland Ltd (‘Google’) in order to display locations. The use of this technology means that information on how you use this website (e.g. your IP address) may be transmitted to Google and stored there. Cookies are also set by the service. By using this website, you consent to the collection, processing and use of the automatically collected data and the data you provide by Google, a representative of Google or a third-party provider. You can find Google’s privacy policy and terms of service at
Monotype: our web pages use web fonts provided by Monotype Imaging Holdings Inc. (‘Monotype’) for the uniform display of fonts. Your browser loads the necessary web fonts in the browser cache when a page is accessed, in order to display text in the correct font. For licensing reasons, Monotype also records an anonymised project identification number for SBK, the web address of the licensed website and a referrer URL. Your IP address is also transmitted to a Monotype service provider in order to log access to the fonts and prevent unauthorised use. These IP addresses are not shared with Monotype, stored or otherwise processed. Monotype’s privacy policy can be found at
Netigate: We use the software of the provider Netigate (Netigate Deutschland GmbH, Untermainkai 27-28, 60329 Frankfurt am Main) to conduct surveys. Only data collected on our behalf is stored in the software. Personal data is deleted from the software every 30 days at the latest. IP addresses or host names are not stored. If you take part in a survey, your answers will be analysed exclusively by SBK. Personal data will not be passed on to third parties.
YouTube: our web pages use the YouTube service provided by Google Ireland Ltd (‘Google’) to display videos. The use of this technology means that with your prior consent, information on how you use this website (e.g. your IP address) may be transmitted to Google and stored there. Cookies are also set by the service. By using this website, you consent to the collection, processing and use of the automatically collected data and the data you provide by Google, a representative of Google or a third-party provider. You can find Google’s privacy policy and terms of service at
Links to other websites
We accept no responsibility for the content of websites to which our website contains links. If you believe that third-party websites to which our website contains links are in breach of the law or otherwise have inappropriate content, please let us know. We will follow up on your report immediately and remove the link if necessary.
Social media plugins
You can use a social plugin embedded on the SBK website in order to share content from the SBK website on a social network. These social plugins are provided as a service from each social media provider.
Data transmission
If you use a social media plug-in, data will be transmitted to the server of the social media provider in question if you have previously given your consent for this. The data that is transmitted is, for example, your IP address or the URL of the site you visited. The transmission takes place even if you are not registered with the social network in question. The collected data can be merged at a later date, e.g. if you register with the social network in the future.
Please note that our data protection guidelines and liability provisions do not apply to the websites of third-party providers to which our website contains links. SBK has no control over how the social media providers use your data. If you would like to know how each social media provider approaches data protection, please see their various privacy policies. Please see the links below for more information on the potential use of your data and the duration of storage:
Facebook and Instagram
Activities on the SBK Facebook page and the SBK Instagram page:
SBK points out that you use Facebook and or Instagram, of Meta Platforms, Inc, and its functionalities on your own responsibility. We have no influence on the type and scope of the data processed by Facebook and Instagram, the type of processing and use or the transfer of this data to third parties, in particular to countries outside the European Union.
Information about what data Meta Platforms, Inc processes and for what purposes it is used can be found in their privacy policy:
In the privacy settings of your profile, you have the option of restricting the processing of your data. You can find information on this here:
Meta Platforms, Inc provides us with statistics about our fans. These are anonymous demographic data such as age, gender and place of residence. We use these statistics to select relevant information for our posts or to display advertising on Facebook and Instagram. You have the option to object to targeted advertising in your Facebook settings.
Please bear in mind that you are using the Facebook or Instagram platform of Meta Platforms, Inc. and consider what data you want to post on Facebook and/or Instagram and with whom you want to share this data.
On Facebook and Instagram, we may only answer your questions in accordance with data protection regulations. This means that we cannot respond to your cases and process them via Facebook. We naturally treat policyholder data confidentially, which excludes communication about personal matters on public channels.
Facebook competitions
For the purposes of communicating, implementing and processing the competition, personal data of the participants is processed by SBK (and especially stored). Once the winner has been determined and the prize issued, the data of all users involved in the competition is deleted. SBK will not transmit data to unauthorised third parties.
To set up, implement and process the competition, SBK processes the email address and name (first and surname) of the participant. When the winner has been determined, their address is also processed for the purpose of issuing the prize (sending it by post). This data will be deleted once the prize has been issued.
By reaching out in writing (post, fax or email), participants can at any time request information from SBK about what personal data pertaining to them is being stored by SBK, and can request that the data be corrected or deleted.
Objections to the use of data can be submitted to the following email address:
This promotion and the resulting prize is not affiliated with Facebook and is not sponsored, supported or organised by Facebook in any manner. The recipient of the information provided by the user is not Facebook, but rather Siemens-Betriebskrankenkasse (SBK). The information provided is used only for the promotion and is protected and treated as confidential as a matter of course. The provision of personal data is voluntary, but is required in order to participate in the promotion.
Please see the following link for more information on the potential use of your data and the duration of storage by Facebook: Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA
Newsletter
Employer newsletter
We offer you the opportunity to subscribe to our employer newsletter. To receive this newsletter, you need a valid e-mail address. Entering your surname and first name is optional. You will then receive a confirmation e-mail in which you must confirm your newsletter subscription (opt-in). The data you enter will only be used to send you our newsletter. It will not be passed on to third parties. You can unsubscribe from the newsletter at any time by clicking on
Personal info mail
You can subscribe to our personal info mail in Meine SBK. To receive this newsletter, you need a valid e-mail address. You will receive a confirmation e-mail in which you must confirm the newsletter subscription (opt in). The data you enter will be used exclusively for the purpose of receiving our newsletter. It will not be passed on to third parties. You can cancel your subscription to the personal info mail at any time on
Reminder e-mails
The SBK offers the option of registering for regular reminders for preventive check-ups. We are also happy to remind you about service topics (e.g. uploading a photo for the electronic health card). You need a valid e-mail address to subscribe to these e-mails. You can register for this via your personal customer consultant. You will then receive a confirmation e-mail in which you must confirm this subscription (opt in). The data you enter will be used exclusively for the purpose of receiving our newsletter. It will not be passed on to third parties. You can unsubscribe from the newsletter at any time via the "unsubscribe link" in the emails or via your personal customer consultant.
The opening of the employer newsletter, the personal info mail and the reminder e-mails as well as clicks on further links are recorded. This data is used to optimize our newsletters with regard to the interests of our policyholders and to maintain data quality. A personal evaluation is not possible with this data.
Right to withdraw consent
If you have voluntarily provided us with consent to the storage and use of your personal data for a specific purpose, you can withdraw it at any time with future effect. The data in question will then be erased without undue delay.
If you would like to withdraw your consent to the use of your data, please send an email to
Contact
If you have any questions or suggestions, please contact our data protection officer:
SBK
SBK-Pflegekasse
Datenschutz
Heimeranstr. 31
80339 München
Alternatively, use our online form for an encrypted data transfer:
When you use the contact form, please provide either your health insurance number or your address and phone number so that we are able to process your query. It goes without saying that we will only use these data to process your query and will delete them afterwards. Please note that messages (e.g. emails) are not encrypted when they are transmitted over the Internet. Therefore, it cannot be ruled out that information might be read, modified or deleted by unauthorised third parties. For this reason, we recommend that you use the forms on the SBK website as data in these are encrypted and transmitted securely.
Privacy policy for 'Meine SBK'
The following privacy policy supplements the general privacy policy for the website www.sbk.org for the protected area ‘Meine SBK’ which can be used by SBK policyholders after they register for it separately. Unless provided for otherwise in this privacy policy, the general privacy policy applies.
SBK, as the controller in the sense of the data protection legislation, provides various online services through ‘Meine SBK’. SBK collects and processes certain personal data, described below, in order to provide the services in ‘Meine SBK’ and improve it. SBK uses these data in order to provide the services and features available through ‘Meine SBK’.
Registration
To use Meine SBK a separate registration for the SBK Account, which allows the use of Meine SBK, is necessary. This requires the insurant’s number, SBK healthcare card identification number, postal code and an email address. Unrestricted access can only be activated by linking a mobile device (iOS, Android) of your choice, assigning an app code and providing secure proof of your identity. This allows you to use the full range of functions of Meine SBK.
Data collected and processed in the context of this registration can be found in the
As part of a registration for ‘Meine SBK’, the following personal data will be stored in your personal area and can be accessed, supplemented and sometimes even modified by you:
Use of personal data
SBK collects other data as part of specific online services (e.g. uploading photos for the electronic SBK healthcare card, retrieval status of online mail documents in order to arrange for a possible subsequent dispatch by mail) within ‘Meine SBK’. These data are collected and processed in line with the statutory remit of SBK which is supported by a service provider that is obliged to maintain the secrecy of personal data.
Prevention of misuse and guaranteed traceability
In order to prevent the misuse of your personal access to SBK and ensure the necessary traceability, which is also in your interests, the following procedures are logged:
The user ID, date, time, identification type and a transaction code are all logged.
Use of cookies, analytics tools and external services
The use of cookies, analytics tools and external services is detailed in the general privacy policy for the SBK website.
Deletion of your account
If you no longer wish to use Meine SBK, you can request the deletion of the SBK Account at any time. All data associated with the registration of the SBK Account will then be deleted, unless there are statutory rights or obligations of retention in individual cases. In this case, the personal data collected specifically for Meine SBK will also be deleted unless any statutory rights or duties of retention would prevent this on a case-by-case basis.
Contact
If you have any questions or suggestions, please contact our data protection officer:
SBK
SBK-Pflegekasse
Vorstandsbeauftragter Datenschutz
Heimeranstraße 31
80339 München
Tel.:
Alternatively, use our online form for an encrypted data transfer:
When you use the contact form, please provide either your health insurance number or your address and phone number so that we are able to process your query. It goes without saying that we will only use these data to process your query and will delete them afterwards. Please note that messages (e.g. emails) are not encrypted when they are transmitted over the Internet. Therefore, it cannot be ruled out that information might be read, modified or deleted by unauthorised third parties. For this reason, we recommend that you use the forms on the SBK website as data in these are encrypted and transmitted securely.
Privacy policy for the SBK video consultation
In an SBK video consultation you receive competent and personal advice.
The protection of your personal data is very important to us. The following privacy policy provides you with an overview of when we store data and the purposes for which it is collected and processed.
As a public body, we are subject to the provisions of the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the special provisions concerning the protection of social security data of the books of the German Social Code (SGB), especially Books I, V, X, XI and XII. Our adherence to the statutory provisions is verified on a regular basis.
Your consent to the processing of data
Your data from the video consultation will not be collected, processed or used automatically without your express consent.
You would ideally provide your consent to SBK for processing data from the video consultation, which is conducted in Cisco Webex Meetings, in the SBK video consultation form online. We will store your personal data if you expressly provide us with this data.
Each input screen on the SBK video consultation form online describes which data is collected, stored and used. Fields marked as optional are voluntary additional information.
Furthermore, you also confirm that you will not take any screenshots or photos or make any other recordings of images and sound transmitted during the video consultation. You agree not to pass on images and sound from the video consultation to third parties, nor will you distribute, publish or otherwise repurpose this information. If you fail to comply with these requirements, SBK reserves the right to exclude you from participating in the SBK video consultation temporarily or permanently and to take legal action.
Use and disclosure of your data
If you provide us with your data, we will only use this data for the original purpose of arranging your appointment and conducting the video consultation. Your data will not be passed on to unauthorised third parties without your consent. Data is only passed on without consent in line with mandatory statutory regulations or if the disclosure is necessary for the purposes of litigation or prosecution in the event of an attack on our network infrastructure.
We have our external service providers sign a contractual undertaking to adhere to the provisions concerning the protection of social security data. To this end, we enter into a legally required data processing contract in the sense of Article 28 GDPR in conjunction with Section 80 of Book X of the German Social Code (SGB). As the client, we inspect the protection of your personal data prior to the start of the data processing, and then regularly monitor compliance with the technical and organisational measures implemented by the contractor.
Whenever you provide personal data, your data will be encrypted before it is transmitted over the internet so that it cannot be accessed by unauthorised parties.
Persons under the age of 15 should not provide us with any personal data without the permission of their parents or guardians.
What data concerning you do we process? (Types of stored data)
We collect your personal data and social security data as part of the video consultation with you, e.g. as a prospective client, customer, employer or business partner. Specifically, these are the following:
Social security data of the customer/prospective client
The following data concerning customers is stored:
Additional data processed
Right to withdraw consent
If you have voluntarily provided us with consent to the storage and use of your personal data for a specific purpose, you can withdraw it at any time with future effect. The data in question will then be erased without undue delay.
If you would like to withdraw your consent to the use of your data, please send an email to
Contact
If you have any questions or suggestions, please contact our data protection officer:
SBK
SBK-Pflegekasse
Datenschutz
Heimeranstr. 31
80339 München
Alternatively, use our online form for an encrypted data transfer:
When you use the contact form, please provide either your health insurance number or your address and phone number so that we are able to process your query. It goes without saying that we will only use these data to process your query and will delete them afterwards. Please note that messages (e.g. emails) are not encrypted when they are transmitted over the Internet. Therefore, it cannot be ruled out that information might be read, modified or deleted by unauthorised third parties. For this reason, we recommend that you use the forms on the SBK website as data in these are encrypted and transmitted securely.
2. Important information
Social security data in emails?
Generally speaking, unencrypted emails are like a postcard. We therefore recommend that you do not send any sensitive data by email.
As a rule, we do not respond to queries involving sensitive data by email, rather by post or through your online inbox in ‘Meine SBK’. We can provide the information you require in this protected area. Do you no longer have an account with ‘Meine SBK’? No problem. Click
We recommend that you use your private account for email correspondence with SBK.
Warning regarding fraudulent calls
Recently, there have been numerous cases involving people posing as employees of a health insurer or claiming to be acting on behalf of a health insurer calling policyholders.
In the calls, the fraudsters ask for the account details of the policyholder under false pretences, for example a payment from a bonus scheme.
In other cases, fraudsters have asked for the policyholder’s address details, allegedly in order to send them information about supplementary insurance policies, and then signed them up to a supplementary insurance policy and demanded payment.
We cannot conceive of the schemes the fraudsters will think up next.
Please note: Neither SBK nor your personal SBK consultant will ever phone you and ask for your data.
What can you do if you receive such a call?
3. Information on the processing of your data
Controller
The contact details of SBK, the controller, are as follows:
SBK Siemens-Betriebskrankenkasse
Heimeranstr. 31
80339 München
Tel.:
Mail:
Data protection officer
The data protection officer appointed by the management of SBK and the data protection team can be contacted as follows:
Post:
SBK
SBK-Pflegekasse
Datenschutz
Heimeranstr. 31
80339 München
Email:
or
using the
What are personal data?
Data are personal or relate to a person if they can be associated with a specific natural person unequivocally. They include, for example, information such as your name, date of birth, address, personal email address, health insurance number and phone number.
European lawmakers have defined it in a slightly more complex manner (Article 4 no. 1 GDPR):
‘For the purposes of this Regulation, “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.’
What are social security data?
Social security data are personal data that are processed a statutory health insurance fund (such as SBK), for example, in connection with their duties under the German Social Code (SGB). Therefore, the data listed above are also social security data.
Trade and company secrets are equivalent to social security data. They include all data relating to a business or business operations, including of legal entities, that are of a confidential nature.
Legislators have provided the following definition in the German Social Code (Section 67(2) SGB X):
‘Social security data are personal data (Article 4(1) GDPR) that are processed by an entity referred to in Section 35 of Book I in connection with its duties under this Code. Trade and company secrets are all business-related data, including those concerning natural persons, which are of a confidential nature.’
What does data processing mean?
When we process personal data and social security data, this means that we collect, store, use, transmit or erase them, for example.
This is defined as follows by the European General Data Protection Regulation (Article 4 no. 4 GDPR):
For the purposes of this Regulation, ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
What legal grounds are there for data processing and for what purpose do we process your data?
We process personal data and social security data in accordance with the provisions of the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Social Code (SGB).
The specific purpose of the processing is determined by the following breakdown of the legal grounds.
If we process data having been granted consent, we will describe the purpose before asking for any consent from you.
Change of purpose
In deviation from the purposes and legal grounds described above, we can use your data for other purposes without being obliged to notify you in advance (i.e. a change of purpose) if the following criteria are met:
Legal grounds:
At SBK, your data are processed on legal grounds.
The legal grounds are set out by the various books of the German Social Code (SGB), especially Book I (General Part), Book IV (General Rules for Social Security), Book V (Statutory Health Insurance) and Book X (Social and Administrative Procedures and Protection of Social Data).
Specifically, we process data on the following legal grounds:
SBK health insurance fund
Medical Service (MDK) (Section 284(1) no. 7 SGB V)
SBK healthcare fund
Medical Service (MDK) (Section 94(1) no. 4 SGB XI)
Please be aware of the obligations to cooperate set out in Section 60ff. SGB I in order that SBK is able to fulfil its legal duties. These obligations require you to provide SBK with certain personal data that are necessary for the fulfilment of the legal duties concerning you. Failure to cooperate on your part can result in delays or even the rejection of applications you file for benefits. Additionally, please be aware of your duties to provide SBK with information and notification pursuant to Section 28a SGB IV, Section 198ff. SGB V and Sections 50 and 100 SGB XI.
These data expressly do not include voluntary details such as your phone number or email address. Your refusal to provide these data does not represent a breach of any duty to provide information, notification or cooperation and you will not suffer any negative repercussions.
Your social security data that SBK processes are subject to the data protection regulations of Books I and X of the German Social Code (SGB) and the German Federal Data Protection Act (BDSG), as well as the General Data Protection Regulation (GDPR) from 25 May 2018. SBK ensures that the secrecy of social security data in the sense of Section 35 SGB I is maintained.
Consent:
Additionally, SBK can process data on the grounds of express declarations of consent pursuant to Article 6(1a) GDPR in conjunction with Section 67b(2) SGB X and the relevant statutory provisions in the specialised books of the German Social Code (Sections 39(1a), 39a, 44(4) of Books V and XI of the German Social Code (SGB)).
For example, we will ask for your consent to data processing if we want to provide you with even better support and advice in a specific case. This requires your documented prior consent. In these specific cases, we will approach you, explain the sense and purpose of the necessary data processing to you and ask for your consent.
You can also provide consent to a wide range of reasons to contact you (e.g. participation in customer satisfaction surveys or competitions). In each case, you will be notified in detail of what data we will process and how we will use them.
All of these declarations of consent are voluntary. This means that you do not need to fear any repercussions if you do not wish to grant consent. Additionally, you can withdraw your consent at any time. For more information, see the section on your right to withdraw consent
What data concerning you do we process? (Types of stored data)
We collect your personal data and social security data when you contact us, e.g. as a potential customer, policyholder, employer or business partner. In particular, this means when you are interested in our products, submit applications, visit our website, register for our online services or contact us by email or phone, or if you receive benefits from us or pay premiums to us as part of your insurance policy with SBK. Specifically, these are the following:
Social security data of the policyholder
Data concerning members and family members
The following data concerning policyholders are stored:
Membership data
The following social security data are stored in connection with your membe
Insurance policy data
The following social security data are stored in connection with your insurance policy:
Contribution data (only for direct payers)
The following social security data are stored in connection with your premiums:
Benefit data
The following social security data are stored in connection with your benefits:
Data on the caregiver
The following social security data are stored in connection with the caregiver:
Name, surname
Date of birth
Pension insurance number
Address
Phone number
Email address
Data on the legal representative / carer
The following social security data are stored in connection with your legal representative:
Business partner data
Data concerning employers and pay offices
The following data concerning employers and pay offices are stored:
Care provider data
The following data concerning care providers are stored:
Data on contractual partners and suppliers
The following data concerning contractual partners and suppliers are stored:
Social security data of other people
Data on the recipient of the publication
The following data are stored if publications are obtained:
Data concerning potential customers
The following data concerning potential customers are stored:
Data concerning visitors to our website
The following data concerning website visitors are stored:
Automated decision-making (Article 22 GDPR)
We do not use fully automated individual decision-making in order to conclude and execute insurance policies.
Who receives your data?
Within SBK, your data are made available to the people who need them in order to carry out their assignments. We guarantee this, for example, by using the latest software to manage your data. The software meets the requirements of the General Data Protection Regulation. For example, this includes the requirement that it must be possible to configure the software so that the employees of SBK are only able to access the data necessary for their specific fields of activity.
SBK transmits social security data to the following recipients in line with the statutory regulations of the German Social Code (SGB) or other regulations:
Medical Service (MDK) as part of medical examinations,
- IT service providers
Your data are stored in a specially secured environment within a certified data processing centre.
The data processing centre of SBK is
BITMARCK Holding GmbH
www.bitmarck.de - Other IT service providers for the
- provision of IT and telecommunications services, e.g.
- Provision of hardware and software
- Telecommunications
- Advice and support
- Maintenance and support
- File and data media destroyers
Disposal of files and data media - Service providers for advertising and market analysis
- Customer satisfaction survey
- Market research
- Marketing measures
- Letter shops, post and parcel delivery services, printers
- Generation and sending of informative material
- Printing services
- Email newsletters
- Digitisation service providers
- SBK app
- Card manufacturers and trust centres
- eGK
- Billing service providers
- Inspection of invoices of care providers, e.g. pharmacies and medical aid providers
HOWEVER: Under no circumstances will we sell your data to third parties.
Processing in a third country
SBK processes your personal data and social security data in Germany. Generally speaking, this also applies to the service providers we use. In justified cases, data can be lawfully transmitted to member states of the EU or EEA.
Data are not transmitted to countries outside of the EU or EEA including Switzerland, also known as third countries.
Duration of storage
The social security data are stored and erased in line with the requirements of Sections 110a SGB IV, Section 304 SGB V Section 107 SGB XI and of the General Administrative Regulation on Accounting in Social Security (SRVwV).
Maximum or, if no regulations apply, social security data are only stored for as long as necessary for the purposes for which they were collected.
What rights do you have (rights of the data subject)?
In line with our commitment to transparency, it goes without saying that we guarantee and protect your rights.
Every data subject has the
Right to information
You are entitled, at any time, to demand that we provide you with information on the following:
Your right to access information is restricted if the information would adversely affect the rights and freedoms of others.
As we have to process a wide range of data in connection with your insurance, please make any request for information as precise as possible and indicate the information or processing to which your request for information relates.
Our ‘right to information’ form is the fastest way to request information from us.
Simply fill in the form and send it securely. You will be sent the information as quickly as possible.
If you do not want this, please understand that we can only accept requests for access to information that are in writing (and signed by your own hand).
Right to rectification
If you determine that the data concerning you are incorrect or incomplete, you are entitled to their rectification or supplementation. To exercise this right, please contact your personal consultant and provide us with the documents supporting your conclusion that will enable us to examine your request.
We will handle your request as quickly as possible and notify you of the outcome and any other necessary steps.
Right to be forgotten (erasure)
We have to store your social security data in line with statutory requirements in order to fulfil our legal duties.
You are entitled to obtain the erasure of the data where one of the following grounds applies:
Right to restriction of processing
You are entitled to demand that SBK restrict processing where one of the following applies:
For example, the processing of social security data can be restricted by means of blocking which will prevent employees of SBK from accessing them.
Right to withdraw consent
Any consent you give to the use of personal data relating to you may be revoked at any time. The withdrawal of consent applies to the future. We will erase your personal data in accordance with the statutory deadlines for erasure. The data will no longer be used after you withdraw your consent.
Please post your notice of withdrawal of consent to SBK 80227 Munich or email it to
You can also withdraw consent through ‘Meine SBK’. Do you no longer have an account with ‘Meine SBK’? No problem,
Right to data portability
You are entitled to receive the personal data and social security data that you have provided to us in a portable format.
If you change insurer, the health insurance funds will transmit the data necessary to continue your insurance policy to one another in line with Section 304(2) SGB V. You are not required to do anything.
Right to lodge a complaint
You are entitled to lodge a complaint with the supervisory authority of SBK if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation.
The relevant supervisory authorities are:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Husarenstr. 30
53117 Bonn
or through the contact form at
Federal Office for Social Security (Bundesamt für Soziale Sicherung)
Friedrich-Ebert-Allee 38
53113 Bonn
or
or through the contact form at