Home Privacy

Privacy Policy

I. Introduction

This data protection policy aims to inform about the processing of your personal data by wefox Germany GmbH as operator of wefox (hereinafter also referred to as “controller” or “we”) when using this website, our customer platform, our contact form or our newsletter.

II. Who is responsible for collecting and using your information?

wefox Germany GmbH is the controller and therefore responsible for the collection and processing of your personal data according to the applicable data protection law:

wefox Germany GmbH
Urbanstraße 71
10967 Berlin
E-Mail: [email protected]

III. What purposes do we use your information for?

1. How your information is used when you visit the website
When you visit our website, your browser transmits certain data to our web server. This is done for technical reasons in order to provide you with the information you have requested. In order to enable you to visit the website, the following data is collected, briefly stored and used:

  • IP address,
  • Date and time of the request,
  • Time zone difference to Greenwich Mean Time (GMT),
  • Content of the request (specific site),
  • Access status/HTTP status code,
  • Transferred volume of data,
  • Website from which the request comes,
  • Browser, operating system and its interface, language and version of the browser software.

Moreover, to protect our legitimate interests, we store this data for a limited time in order to be able to initiate a tracking of personal data in the event of unauthorized access or access attempts to local servers. This is permitted to us according to Art. 6 (1) (f) GDPR.

a. Cookies

Our website uses cookies. Cookies are small pieces of text to store information on the web browser in the memory of your device. Thus we are able to obtain certain information. Cookies cannot run programs or transmit viruses to your computer. They are used to make our internet services more user-friendly and effective overall.

Below you will find information about cookies, how we use them on our website and what options you have if you would rather deactivate them – despite their advantages. If you do not deactivate cookies or use the opt-out function as described below, we will assume that you accept the use of cookies.

aa. Terminology

In case you have any questions about the particular cookies and their functions, you can contact us at

wefox Germany GmbH
Urbanstraße 71
10967 Berlin
E-Mail: [email protected]

bb. Cookies we use

This website uses cookies, which are described below to improve user experience:

  • Functionality of the website
    Cookies that are technically necessary for our website to function technically or that offer a service or option you have requested; e.g. a cookie that “remembers” your personal settings, such as selected language or similar.
  • Performance analysis of the website
    We are constantly striving to improve our website. For this purpose, we use cookies that provide us with overall statistics on the number of visitors, which areas of a page are viewed most, information on the city or location of the users and the length of their stay, etc. We use cookies to keep track of the number of visitors. These can be installed by external analysis providers commissioned by us (III.1.b.).
  • Social media cookies
    In order to share content from our website via social media channels such as Facebook or Twitter, a cookie must be installed on your device. Further information can be found in the guidelines of the respective company.
  • Targeting and Tracking Cookies
    In order to be able to provide you with the most relevant information about our products and services, we use cookies to be aware of which content you have viewed on our website. We may also use this information for the purposes of our advertising campaigns on third party websites. In that case, we may also receive information about the websites of our marketing partners on which you saw our advertisements. Similarly, third parties may display their advertisements on our website and they may become aware that you have visited our website (III.1.c.).

cc. How to control cookies – Opt Out

You can also use our website without cookies. To prevent the use of cookies by your Internet browser, you can deactivate the use of cookies via the settings of your Internet browser. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers. You can use the help functions of your Internet browser to learn how to deactivate and/or delete cookies. Please note that the deactivation/deletion of cookies may result in certain functions of our website no longer functioning as expected. Cookies that may be required for certain functions of our website are shown below. In addition, the deactivation/deletion of cookies only affects the Internet browser used for this purpose. For other Internet browsers, the deactivation/deletion of cookies must be repeated accordingly.

We store this data until the end of the term of a respective cookie or until you delete the cookies.

Further processing of personal data by means of cookies can be found in the relevant sections of this information.

b. Web Analytics

We use your information in the context of website analyses in order to make them more user-friendly and for market research purposes. Therefore we use web analytics tools. These tools use your IP address either in abbreviated form or not at all. Such analysis cookies are used pursuant to Art. 6 (1) (f) GDPR. As the operator of this website, we have a legitimate interest in analysing user behaviour in order to optimise our website. Learn more about the web analysis tools we use.

Our website uses the web analysis service Google Analytics. Provider of the web analysis service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses cookies which are stored on your computer and which enable an analysis of user behaviour when visiting the website. We use Google Analytics in conjunction with IP anonymization. The IP address within the European Economic Area (EEA) will be abbreviated before the transmission to the USA. Only in exceptional cases will the IP address be abbreviated in the USA. On our behalf, Google will use this information to evaluate your use of the website, to create reports on website activities and to provide us with further services relating to website and Internet use. The IP address transmitted by Google Analytics is not merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings on your browser. You can also prevent Google from collecting and processing the information generated by the cookie about your use of this website (including your IP address) by downloading and installing the browser plug-in available at the following link:

For such exceptional cases, in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield,

In order to obtain statistics on the use of our website, we have also integrated the Mixpanel service. Mixpanel is a web analysis service operated by Mixpanel, Inc., 405 Howard St, Floor 2, San Francisco, CA 94105, USA. Mixpanel places a persistent cookie on your device that also records your user behaviour on the website. This data is then analysed by Mixpanel and forwarded to us. Mixpanel collects and stores usage data in pseudonymous profiles. These are not combined by us with personal data. This gives us insight into the way in which the website as a whole is used and we can then decide whether changes are necessary or useful in order to increase user-friendliness in particular.

If you wish to prevent the collection and use of your data by Mixpanel, you can deactivate the service on the website by having an opt-out cookie set. Please note that only the browser you are currently using is affected by setting the cookie. Collecting and using your data in other browsers remains possible until you have deactivated Mixpanel there as well. The collection of usage data will be enabled again, if you delete the opt-out cookie. Further information on how Mixpanel handles user data can be found in the Mixpanel Privacy Policy:

The data processing also takes place in the United States. The participation of Mixpanel Inc. in the EU-U.S. Privacy Shield ensures an adequate level of data protection (

This website uses Optimizely, a web analysis service of Optimizely GmbH, Christophstr. 15-17, 50670 Cologne, (“Optimizely”). The information generated by cookies about your use of our website is usually transferred to an Optimizely server in the USA and stored there. We have activated the IP anonymization function on our website so that your Optimizely IP address within the EU and the EEA is abbreviated beforehand. Only in exceptional cases the full IP address is transmitted to an Optimizely server in the USA and will be abbreviated there. For these cases Optimizely has submitted to the EU-U.S. Privacy Shield ( to ensure an adequate level of data protection.

On behalf of wefox Optimizely will use this information to evaluate your use of the website and to compile reports on website activities. The IP address transmitted by your browser will not be merged with other Optimizely data.

In addition to the options mentioned under, you can deactivate Optimizely tracking at any time and prevent Optimizely from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by following the instructions at

We use a plugin of the web analysis service NewRelic on our website. This service is provided by NewRelic Inc, 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA. This enables us to collect statistical evaluations of the speed of our website. Using the plugin NewRelic receives the information that a user has accessed the respective page. NewRelic collects and stores your IP address for this purpose. Further information on how NewRelic handles your data can be found at:

The data processing also takes place in the United States. An adequate level of data protection is ensured by the participation of NewRelic Inc. in the EU-U.S. Privacy Shield.

c. Marketing

We will also use your information to display advertising tailored to you and your interests. We use the following tools, which use your IP address (in abbreviated or unabbreviated form) for this purpose. We use this information on the legal basis of Art.6 (1) (f) GDPR. As the operators of this website, we have a legitimate interest in displaying product recommendations and carrying out marketing measures. Learn more about the tools we use for this purpose.

We use Unbounce, a web analysis service of Unbounce Marketing Solutions Inc, Unit 415 -375 Water Street, Vancouver, BC, Canada V5T 4R4. For our promotions and advertising campaigns, landing pages are hosted by Unbounce and used by us. Your browser transmits your IP address directly to Unbounce. We receive an anonymous statistical evaluation of the activities of the users on the platforms we use. Thus we cannot establish any references to persons. Further information about Unbounce and data protection at Unbounce can be found here:
We use the “Facebook Custom Audiences” function operated by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”). This technology enables users who have already visited our website and are interested in the offer to be addressed again via ad inserts through targeted advertising on Facebook. The advertising is displayed by means of cookies, which can be utilized to analyze user behavior when visiting the website and to subsequently offer targeted product recommendations and interest-based advertising. Information about the activities of the user on the website, e.g. surfing behavior, visited sub-pages of the internet services, etc. is recorded.

Further information can be found at

You can disable the Custom Audiences function at You will have to register first.

Facebook has submitted to the EU-US Privacy Shield,, to ensure an adequate level of privacy for your data.

Wefox uses the online advertising offer of Google “Google AdWords” and as part of Google AdWords the Conversion Tracking. The Google Conversion Tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). When you click on an ad placed by Google, a conversion tracking cookie is placed on your computer. These cookies expire after 90 days and do not contain any personal data. When you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google AdWords customer receives a different cookie. The information collected using the conversion cookie is used to generate conversion statistics for us. This tells us the total number of users who clicked on the ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.

In addition to the options listed under, you can deactivate personalised advertising for you in Google’s advertising settings at

For more information on how we handle your data, please visit

Google’s retargeting service uses so called “double-click” cookies. This allows you to submit, optimize and evaluate ads based on your previous visits to this website by collecting and storing information about your surfing behaviour for marketing purposes on a pseudonym basis. On this basis, targeted product recommendations can be displayed as advertising banners on other websites. In no event will we combine this information with data from your customer relationship or use the data to personally identify you as a visitor to this website. Google has submitted to the EU-US Privacy Shield,, in order to ensure an adequate level of data protection when processing your data in the exceptions in which your data is processed in the USA.

You can prevent Google DoubleClick from collecting usage data by following the instructions at the following link:

This website participates in partner programs of Affilinet GmbH (Sapporobogen 6-8, 80637 München). This is a service for integrating advertisements in the form of text links, image links, advertising banners or input forms. Cookies are used to enable a usage analysis of the website. Affilinet also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on websites. The information generated by cookies and web beacons on the use of this website (including your IP address) and delivery of advertising formats is transferred to an Affilinet server and stored there. Affilinet may share this information with Affilinet’s contractual partners. However, Affilinet will not merge your IP address with your other data. You may refuse the use of cookies by selecting the appropriate settings on your browser. Further information on data use can be found in Affilinet’s Privacy Policy:

d. Use of your data to secure the functioning and security of our website

We also use a web service of Cloudflare Inc., 101 Townsend St, 94107 San Francisco, USA (hereinafter: CloudFlare) to make the website faster and safer. Cloudflare collects your information such as IP addresses, system configuration information and other information about traffic to and from the website as well as log data. This data helps us to identify new threats and access by unauthorized third parties. The data processing is necessary for the purposes of pursuing our legitimate interests according to Art.6 (1) (f) GDPR. The error-free and secure functioning of our internet services are such legitimate interests.

Cloudflare has submitted to the EU-US Privacy Shield,, to ensure an adequate level of data protection when processing your data in the USA.

For more information on how Cloudflare handles your data, visit

In addition, wefox uses the service “LogEntries”, which is operated by RAPID7, The One Building, 2nd Floor, 1 Grand Canal Street Lower, Dublin 2, Dublin, Ireland, to evaluate the log files. Log files (such as your IP address, operating system used and name of the Internet service provider) are transferred to LogEntries in order to evaluate them in an anonymous form. The evaluation takes place in order to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Therefore, the processing is based on the aforementioned legitimate interests, Art.6 (1) (f) GDPR. For more information, please visit:

Data processing also takes place in the United States. Rapid7 Inc.’s participation in the EU-U.S. Privacy Shield ensures an adequate level of data protection.

e. Social Plug-ins

We have implemented Facebook’s, Google+’s and Twitter’s social plug-ins on our website. You can recognize the provider of the plug-in by the marking on the box by his initial letter or the logo. We use the so-called two-click solution. As a result, no personal data is passed on to the providers of the plug-ins during a purely informational visit of our website. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, share the page, the plug-in provider will also store this information in your user account and will share it publicly with your contacts.

The legal basis for the use of the plug-ins is art.6 (1) (f) GDPR. Through the plug-ins we offer you the possibility to interact with your social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such an analysis takes place in particular (also for not logged in users) for displaying of demand-driven advertisement and in order to inform other users of the social network about your activities on our website.

For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the Privacy Policies of the respective providers as notified below. There you will also receive further information on your rights in this regard and setting options for the protection of your privacy. Below we have listed the addresses of the respective plug-in providers and URL with their data protection information:

aa. Facebook
Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”). Information on Facebook’s data protection: Facebook has also submitted to the EU-US Privacy Shield,

bb. Twitter
Twitter, Inc. 1355 Market St, Suite 900, San Francisco, California 94103, USA; For more information and adjustment options, see:

Twitter has submitted to the EU-US Privacy Shield,

cc. Google +
Plugins of the social network Google+; is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). An overview of the Google+ plugins and their appearance can be found here:; information on data protection at Google+ can be found here: Google has also submitted to the EU-US Privacy Shield,

f. Links to social media websites

You will also find links to social media networks such as Facebook, Twitter, Google+, YouTube and LinkedIn on our website. These are not social plug-ins provided by the social media provider, which already transmit data to the provider when the page is loaded without the users having any influence. Behind the buttons to the social media networks there is only a link to the social media network including the transfer of the website to be shared. No user data is transmitted from the website to the social media network. If you are already logged in to the respective social media service at the time you click the button, the sharing dialog will recognize this so that you can share the content directly. If this is not the case, you will be asked to log into the social media network. From this point on you will be on the website of the respective social media network. Please find the information on data processing of the respective providers below.

aa. Facebook
Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Face-book”). Information on Facebook’s data protection : Facebook has also submitted to the EU-US Privacy Shield,

bb. Twitter
Twitter, Inc. 1355 Market St, Suite 900, San Francisco, California 94103, USA; For more information and customization options, see:

Twitter has submitted to the EU-US Privacy Shield,

cc. Instagram
Instagram is one of the products provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland,

LinkedIn has submitted to the EU-US Privacy Shield,

dd. LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland;

LinkedIn has submitted to the EU-US-Privacy-Shield,

ee. XING
XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany,

2. Email Requests
You can contact us via the e-mail address provided on our website. If you send us an e-mail, we collect, store and use your

  • Name, last name
  • E-mail address
  • The contents of your message.

Processing will only take place to the extent necessary for processing your request and for corresponding with you. The legal basis for e-mail inquiries is Art.6 (1) (f) GDPR. If contact by e-mail is aimed at entering into a contract, the legal basis is Art.6 (1) (b) GDPR.

The collected data is used solely for the purpose of processing your request. The data collected during the sending process is necessary to prevent misuse of the function and to ensure the security of our systems.

3. Information Email and Newsletter
With your consent, you can subscribe to our newsletter, which will inform you about further products and services.

For the registration to our newsletter we use the so-called double opt-in procedure. This means that after your registration we will send you an e-mail to the e-mail address you have provided us with in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP address and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

The only mandatory information for sending the newsletter is your e-mail address. The indication of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation we will save your e-mail address for the purpose of sending you our newsletter. The legal basis is your consent according to Art.6 (1) (a) GDPR.

You can revoke your consent to receive the newsletter at any time (sec. VII.) and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail, or by sending an e-mail to [email protected] or by sending a message to the contact details given in the imprint.

4. Registration on and use of our platform
You have the opportunity to use our customer platform and thus make use of our services as an insurance comparison portal and insurance broker in accordance with our General Terms and Conditions by registering on our platform. The mandatory information for registration includes:

  • Name, last name
  • Address
  • E-mail
  • Mobile telephone number
  • Date of birth (date, place, name of birth)

The processing of this data is based on art.6 (1) (b) GDPR, since this information is necessary for the fulfilment of the services based on our general terms and conditions.

Within the framework of your brokerage or broker subcontract, we mediate insurance contracts (hereinafter referred to briefly as “brokerage”) and / or support and administer existing contractual relationships or support claims settlements. For this purpose, your personal data is required for pre-contractual measures, consulting documentation, contract application or conclusion, communication with the product providers as well as contract support. Your data will be collected, processed and used by the broker within the scope of your brokerage order for contract-related advice and processing and will be transmitted by the broker to providers (e.g. insurance companies, comparison platforms) requested by him for this purpose and stored and used by them for checking the application. The collection and use of your data is necessary to fulfil the contract with you and is based on Art.6 (1) (b) GDPR.
For special categories of personal data – such as your health data – the law requires the granting of an additional data protection consent. The scope and purpose of the relevant data processing results from the declaration of consent. The legal basis for this is art.6 (1) (a) GDPR.

Insofar as we use your data to inform you about other products and services, this will only be done with your consent pursuant to art.6 (1) (a) GDPR, which you can revoke at any time (sec. VII.).

IV. With whom and how do we share your information?

1. Data transfer for data processing on our behalf
wefox outsources certain processes and tasks to service providers to ensure the handling of complex issues that require special knowledge or cannot be taken over internally or to be able to fulfil the contract with you, such as hosting our website, analyses of user behaviour on our websites, etc. Therefore we will forward your data to the following categories of recipients:

  • Insurers, cooperating intermediaries, broker pools,
  • Technical service providers
  • For web analysis and marketing purposes to recipient mentioned in sec III.1.b and c.

We will only forward such information to the service providers and companies that are necessary for the respective service. Further information will not be transmitted to the companies.

Also in the context of forwarding your information to other service providers, we would like to ensure that your data is handled with care and that you can also enforce your rights when using other service providers. For this reason, appropriate contracts have been concluded with the service providers to the extent necessary to protect your information.

The transmission of your personal data takes place for the purpose of contract initiation or execution with you on the basis of Art.6 (1) (b) GDPR, due to our legitimate interest in keeping our products functional and safe, on the basis of Art.6 (1) (f) GDPR and if you have given us your consent for the processing of your personal data on the basis of your consent within the meaning of Art.6 (1) (a) GDPR.

2. Data transfer due to legal obligation
Beyond that we transmit your personal data only if a legal obligation exists for such transmission. The transmission takes place on the basis of Art.6 (1) (c) GDPR (e.g. to the police authorities in the context of criminal investigations or to the data protection supervisory authorities).

3. Processing of data outside the EU/EEA
Some of your data will also be processed in countries outside the European Union (“EU”) or the European Economic Area (“EEA”). In these cases, we ensure, for example, through contractual agreements (EU standard contract clauses) with our contractual partners that an adequate level of data protection is guaranteed for your data.

V. When will your information be deleted?

We store your data as long as this is necessary for the above-mentioned purposes or until you have withdrawn your consent (for more information see sec. VII.). If these purposes cease to exist or you have withdrawn your consent, we will delete your data.

We delete the data unless we have other legal reasons for further storage. If the data are not deleted because they are necessary for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. Information collected in connection with tax and legal obligations is sometimes stored for a corresponding period of time. The storage periods are then up to ten years. In addition, it may happen that personal data must be stored for the period during which claims can be asserted against wefox Germany GmbH (statutory limitation period up to thirty years).

VI. What rights do you have regarding to the processing of your information?

In order to inform you of all possibilities within the scope of the collection and use of your information/personal data, we would like to draw your attention to the rights you are entitled to in this context.

a. Right of access
You can request information on how, by whom, for what purposes and under what conditions your data is collected and used.

b. Right to rectification
We do not want to transfer false or outdated information in the context of the use of your personal information, e.g. to prevent misunderstandings or possible damages. Therefore, you have the opportunity to update or correct the information we have collected about you at any time.

c. Right to restriction of processing
You can also ask us to use your data only to a limited extent. This means that your data may still be stored but may only be used for limited purposes (e.g. to assert legal claims).

d. Right to object
If we collect and use your information on the basis of legitimate interests, you have the right to object to the use of your information.

e. Right to lodge a complaint with a supervisory authority
It is important to us to comply with all laws and provisions regarding your data. However, if you believe that by using your data we are in breach of the General Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority.

f. Right to erasure
We also delete your data insofar as they no longer required for the purposes stated herein and if we are not obliged to retain them (sec. V. ). However, if you believe that there is no legal reason for further storage, you can assert your right to erase the data.

g. Right to data portability
You also have the right to transfer any data you have provided to us. This means that we provide you with this data in a structured, common and machine-readable format.

VII. Consent and withdrawal of consent

If you have given us your consent for the processing of your personal data, you can withdraw this at any time. Please note, the withdrawal has no effect on the legality of the data processing carried out in the past on the basis of your consent.

VIII. How to contact us?

To exercise your above rights or the withdrawal of your consent or if you have any further questions about data protection at wefox, you can contact us as follows: wefox Germany GmbH Urbanstrasse 71, 10967 Berlin, Germany, E-Mail: [email protected]

You can contact our data protection officer, Koray Dogan, Urbanstraße 71 10967 Berlin, at [email protected].

You can also contact us if you wish to complain about how we collect, store and use your personal data. It is our goal to provide the best possible remedy with regard to your complaints. However, if you are not satisfied with our answer, you can also contact the competent supervisory authority. The Berlin Commissioner for Data Protection and Freedom of Information can be contacted at [email protected]. Further contact information can be found on the Authority’s website at

IX. Changes to this Privacy Policy

We reserve the right to update this privacy policy from time to time. Updates to this privacy statement will be published on our website. Changes apply as soon as they are published on our website. We therefore recommend that you visit this page regularly to find out about any updates that may have been made.

Send this to a friend