Skip to the content
DeutschOnline officeBecome a member
Online officeBecome a member

Privacy policy online office and service app

Service app and online branch

Our service app and online office (hereinafter collectively referred to as "online services") offer you various options for communicating with your ZF BKK. With our service app and online office, you can submit applications or documents digitally or update stored data.

As an insured person with ZF BKK, you will receive your personal access to your online services. As an insured person with ZF BKK, you can use this access data to register online to use the service app and online office. Registration and use of the service app and online office is free of charge for you.

The following information applies to all services and functions of the service app and online office, unless additional or different information is provided in the respective sub-items:

Your registration for and use of ZF BKK's online services is voluntary. The service app and online office are designed for the secure and digital use of various ZF BKK services, including

  • Digital transmission of applications and documents
  • Updating and retrieving stored data
  • Retrieval of information about your insurance, benefits, and important services
  • Easy communication with your ZF BKK

Responsible body

The responsible body for data processing on this website is:

ZF BKK
Otto-Lilienthal-Straße 10
88046 Friedrichshafen
Phone: +49 (0)7541 3908-0
Email: leistung@zfbkk.de

Data protection officer

We have appointed a data protection officer for our company:

Otto-Lilienthal-Straße 10
88046 Friedrichshafen
Phone:
Email: datenschutzbeauftragter@zfbkk.de

What data is processed?

The categories of data processed in the online services may include:

  • Personal master data: first name, last name, date of birth, gender, address
  • Insurance data: Insurance number, insurance status
  • Contact information: email address, telephone number
  • Health data: Information on sick notes, diagnoses, medications, medication plans, allergies, pregnancy status (including date)
  • Access data: user name, password, login information
  • Biometric data: Fingerprint, facial recognition
  • Device data: Hardware ID, image metadata (e.g., time and place of recording)
  • Communication data: Data on uploaded applications, documents, and mailbox contents
  • Documentation data: certificates of incapacity for work (including medical code, duration of incapacity for work, attending physician, image and metadata, schedule for preventive medical checkups

The data processed in each individual case depends on the data you transmit or retrieve when using the service app or online office.


For what purposes is the data processed?

We process your personal data for the purpose of identifying and verifying your insurance status.

In addition, we process your data for the provision of health insurance benefits, in particular the provision, processing, and administration of applications, documents, and sick notes.

To provide a secure communication channel (mailbox) for the exchange of documents and information between you and ZF BKK.

Insofar as we process access and authentication data, including biometric data, this is done for the purpose of providing access to online services and ensuring secure login authentication to protect your data.

Health data is processed to support medical care and health prevention, such as reminders for preventive medical checkups and vaccinations based on age, gender, and pregnancy status. In addition, we process health data to assist with medication planning and to check for interactions, contraindications, and age restrictions.

As part of the member referral program, we process the contact details of referred members for the purpose of ZF BKK contacting them.

What is the legal basis for processing?

The processing of your personal data in our service app and online office is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) GDPR.

Please note that the information transmitted may constitute particularly sensitive personal health data in accordance with Art. 9 (1) GDPR. In this case, your consent to data processing also applies to sensitive data in accordance with Art. 9 (2) a) GDPR.

To whom is the data passed on?

To ensure the secure execution of the registration process and technical support for authentication within the scope of online services, personal data will be passed on to IT security service providers as necessary.

Your personal data will not be passed on to third parties in any other way in connection with the use of online services, nor will it be transferred abroad.


How long will my data be stored?

We store your data in the respective online service until you revoke your consent.

You can revoke your consent to data processing informally in the following ways:

By mail to

ZF BKK
Data Protection
Otto-Lilienthal-Straße 10
88046 Friedrichshafen

By email to

leistung@zfbkk.de


Revocation is free of charge for you. Upon revocation of your consent, your user account and all data contained therein will be irretrievably deleted within four weeks. You can also delete your user account yourself within the respective online service.

When you delete your user account, all data within the service will be irrevocably deleted.

Please note that deleting your user account does not terminate your insurance relationship. Your data will be stored within the scope of the insurance relationship in accordance with the statutory retention obligations.

Do I have to provide this data?

The service app and online office provide a digital communication channel between ZF BKK and our insured members. The use of the service app and online office, as well as the entry and modification of data, is voluntary. You can also share all data with us by other means. The use of online services is neither legally mandatory nor necessary to enter into a contract with us.


What are my rights with regard to processing?

You have the right to request confirmation as to whether personal data concerning you is being processed by ZF BKK. If such processing is taking place, you can request the following information from us:

  • the purposes for which the personal data is processed; the categories of personal data that are processed;
  • the recipients or categories of recipients to whom your personal data has been or will be disclosed;
  • the planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
  • the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
  • the existence of a right to lodge a complaint with a supervisory authority;
  • any available information on the origin of the data if the personal data is not collected from the data subject;
  • the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.