Skip to the content
DeutschBecome a member
Become a member

Privacy policy online office and service app

Service app and online office

Our service app and online office (hereinafter jointly referred to as "online services") offer you various options for communicating with your ZF BKK. You can use our service app and online office to submit applications or documents digitally or update stored data.

You will receive your personal access to your online services as an insured person of ZF BKK. As a person insured with ZF BKK, you can use this access data to register online to use the service app and the online office. Registration and use of the Service App and the online office is free of charge for you.

The following information applies to all services and functions of the Service App and the online office, unless additional or different information is provided in the respective subsections:

Your registration with and use of the ZF BKK online services is voluntary. The service app and online office are used for the secure and digital use of various ZF BKK services, including

  • Digital transmission of applications and documents
  • Updating and retrieving stored data
  • Retrieving information about your insurance, benefits and important services
  • Simple communication with your ZF BKK

Responsible body

The controller responsible for data processing on this website is

ZF BKK
Otto-Lilienthal-Strasse 10
88046 Friedrichshafen
Telephone: 07541 36908-0
E-mail: leistung@zfbkk.de

Data Protection Officer

We have appointed a data protection officer for our company:

Otto-Lilienthal-Straße 10
88046 Friedrichshafen
Telephone: 07541 3908-1310
E-mail: datenschutzbeauftragter@zfbkk.de

What data is processed?

The categories of data processed in the online services may include

  • Personal master data: First name, last name, date of birth, gender, address
  • Insurance data: Insured person number, insurance status
  • Contact information: E-mail address, telephone number
  • Health data: Information on sick notes, diagnoses, medication, medication plans, allergies, pregnancy status (incl. date)
  • Access data: Username, password, login information
  • Biometric data: Fingerprint, facial recognition
  • Device data: Hardware ID, metadata of images (e.g. recording time, location)
  • Communication data: Data on uploaded applications, documents and mailbox contents
  • Documentation data: Certificates of incapacity for work (incl. medical key, duration of incapacity for work, attending physician, image and metadata, schedule of preventive medical check-ups

Which data is processed in individual cases depends on which data you transmit or retrieve when using the service app or online office.


For what purposes is the data processed?

We process your personal data for the purpose of identifying and verifying the status of the insured person.

In addition, we process your data for the provision of health insurance replacement benefits, in particular the provision, processing and administration of applications, documents and sick notes.

To provide a secure communication channel (mailbox) for the exchange of documents and information between you and ZF BKK.

Insofar as we process access and authentication data, including biometric data, this is done for the purpose of providing access to the online services and ensuring secure login authentication to protect your data.

Health data is processed to support medical care and preventive healthcare, such as reminders for check-ups and vaccinations based on age, gender and pregnancy status. In addition, we process health data to support medication planning and check interactions, contraindications and age restrictions.

As part of the member recommendation process, we process the contact details of recommended members for the purpose of being contacted by ZF BKK.

What is the legal basis for processing?

The processing of your personal data in our service app and online office is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

Please note that the information transmitted may be particularly sensitive personal health data pursuant to Art. 9 para. 1 GDPR. In this case, your consent to data processing also relates to sensitive data in accordance with Art. 9 para. 2 a) GDPR.

Who is the data passed on to?

For the secure execution of the registration process and technical support for authentication as part of the online services, personal data will be passed on to IT security service providers if necessary.

Your personal data will not be passed on to third parties in any other way as part of the use of the online services or transferred abroad.


How long will my data be stored?

We store your data in the respective online service until you withdraw your consent.

You can revoke your consent to data processing informally in the following ways:

By post to

ZF BKK
Data protection
Otto-Lilienthal-Straße 10
88046 Friedrichshafen

By e-mail to

leistung@zfbkk.de


The revocation is free of charge for you. If you withdraw your consent, your user account and all data contained therein will be irretrievably deleted within four weeks. You can also delete your user account within the respective online service yourself.

When you delete your user account, all data within the service will be irrevocably deleted.

Please note that the deletion of your user account is not associated with the termination of your insurance relationship. Your data will be stored as part of the insurance relationship in accordance with the statutory retention obligations.

Do I have to provide this data?

The service app and online office is a digital communication option between ZF BKK and our policyholders. The use of the service app and online office as well as the entry and modification of data is voluntary. You can also share all data with us in other ways. The use of the online services is neither legally obligatory nor necessary to enter into a contract with us.


What rights do I have regarding processing?

You have the right to request confirmation as to whether personal data concerning you is being processed by ZF BKK. If such processing is taking place, you can request the following information from us:

  • the purposes for which the personal data are processed; the categories of personal data which are processed;
  • the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed
  • the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period
  • the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing
  • the existence of a right to lodge a complaint with a supervisory authority
  • all available information about the origin of the data if the personal data is not collected from the data subject
  • the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.