Own damage

Your own costs arising from cyber damage, e.g. e.g.:

• Backward coverage for any undetected information security breach prior to commencement of the contract
• Forensics and damage assessment
• Assumption of the costs for a maximum of 48 hours, provided there is no insured event (deductible is not taken into account)
• Notification of affected third parties and data protection authorities and related services
• Crisis communication / crisis management
• Costs for data monitoring services
• Vulnerability analysis and recommendation of system improvements
• System improvements after network security breach to close the vulnerability
• Defense against cyber blackmail including costs for e.g. B. Reward Funds
• Damage to trust by third parties
• Malicious software removal and deleted and damaged data recovery
• Costs for restoring essential hardware
• Reimbursement of an interruption damage (lost operating profit and ongoing costs)
• Loss mitigation costs to mitigate the business interruption loss
• Business interruption due to data loss as a result of an information security breach or operator error
• Disruption of the IT systems due to infrastructure failures of systems that are exclusively within the control of the insured

Third Party Damages

Claims for damages from third parties that may result from a hacker attack, loss of data or a violation of data rights are accepted. In addition we offer:

• Examination of the liability issue
• Unlimited reverse coverage
• Late notification period of five years for damage during the contract period
• Claims for copyright and naming rights violations in the event of unauthorized
• Publication of electronic media content
• Claims for payment of contractual penalties by e-payment service providers
• Defense in data protection proceedings
• Penalties for data confidentiality breaches
• Immaterial damage and personal injury due to personal injury
• Contractual indemnification obligations towards contract data processors
• Contractual claims for damages

Preventive measures

46% of all cyber damage is caused by your own employees. Therefore, together with its cooperation partner Perseus, HDI offers prevention training for your employees to make them fit for the topics of cyber security and data protection. Easy to understand.

In addition, Perseus also offers ongoing and sustainable training for your employees. These include, among other things

• Digital training formats
• Fictitious hacker attacks
• Cybersecurity toolbox
• Digital tools for cyber security in everyday work
• Up-to-date information on the latest news
• Regular practical tips

Who is insured in cyber insurance?

• Insured Insurance cover exists for the policyholder named in the insurance certificate and the co-insured companies expressly named there.
• Existing companies within the European Economic Area (EEA) as legally independent subsidiaries are also insured unless expressly named.

This applies if the companies already exist when the insurance begins

Co-insured persons are:

• All employees working for the insured on the basis of an employment or service contract.
• Employees are natural persons who are employed as employees or freelancers.
• Also former employees who have left the service of the insured, insofar as they are employed for their work for the insured.
• All board members duly appointed for the insured.
• Newly added companies (subsidiaries)

If a company becomes a subsidiary through incorporation or acquisition during the term of the contract, it is automatically considered to be co-insured from the date of incorporation or acquisition.

Notwithstanding this, coordination with the insurer is required if:

• The turnover of the newly formed or acquired business is more than 20 percent of the insured's consolidated business.
• The new subsidiary is not active in the same industry as the companies already insured.

Not included in the insurance cover are insurance claims of newly added companies (new subsidiaries):

• For which insurance cover exists under another insurance contract.
• Which were known or should have been known at the time of acquisition or incorporation.

When does cyber extortion occur?

Cyber ​​blackmail occurs when the insured is credibly threatened with an information security breach and offered to stop it by paying a ransom or blackmail.

What does an operating error mean according to insurance conditions?

An operating error is the improper operation of the policyholder's computer system through negligent, including grossly negligent, action or omission by an insured natural person, provided that data is changed, damaged, destroyed, deleted, encrypted,

What is a network security breach ?

A network security breach is:

• Infection of the insured's IT systems with any type of malware.
• Unauthorized use, duplication, modification or deletion of data stored electronically by the insured.

This also applies to data that is stored outside of the insured person's IT systems, insofar as the insured person has direct access to this data.

• A denial-of-service attack on the insured's IT systems.
• Unauthorized appropriation of access codes or access keys of the insured or other co-insured persons through phishing, pharming or other criminal acts.
• A computer sabotage of the IT system of an insured person or an attempt to do so (§ 303b StGB).
• A theft or loss of an insured's IT systems.
• Any unwanted transmission of malware to or denial of service attacks against a third party originating from an insured's IT system.
• IT systems within the meaning of these conditions are all hardware and software systems operated by the insured and used professionally, including network components and networks as well as end devices (including mobile).
• This also applies to professionally used IT systems of co-insured persons.

The insurance also covers work-related data on the systems of the co-insured persons (e.g. bring your own device).

How quickly does the insurance pay for damage?

Compensation for costs, services and personal damage

• Compensation is due when the insurer's determinations as to the reason and amount of the claim have been completed.

Two weeks after notification of the damage, the policyholder can claim the amount as an advance payment, which is the minimum to be paid according to the situation.

When can the payment be deferred by the insurer?

The insurer can defer payment until then

• Doubts exist as to the policyholder's entitlement to receive.
• Official or criminal proceedings against the policyholder or his representative as a result of this insured event are still ongoing.
• Compensation for third-party claims

Important:

The insurer must notify the policyholder within two weeks of the date on which the of the third party with binding effect for the insurer has been determined by a final judgement, acknowledgment or settlement from the claim of the third party. If the third party has been satisfied by the policyholder with binding effect on the insurer, the insurer must pay compensation to the policyholder within two weeks after the third party has been satisfied.

What are the policyholder's obligations in the event of a claim?

The policyholder must fulfill the following obligations upon and after the occurrence of the insured event:

• Damage reduction

If possible, he must ensure that the damage is averted and reduced. In doing so, the policyholder must follow the insurer's instructions, insofar as this is reasonable for him, and obtain instructions if the circumstances permit.

If several insurers involved in the insurance contract issue different instructions, the policyholder must act according to his best judgment.

• Duty to notify

The policyholder has:

• Promptly notify the insurer of an information security breach after becoming aware of it. The notification must be made directly to the office specified in the insurance certificate/supplement.
• Notify the insurer within one week of the facts that could result in his liability towards a third party. If the third party asserts a claim against the policyholder, the policyholder is obliged to report this within one week of the assertion.

• If a public prosecutor's office, official or judicial procedure is initiated against him, a court order is issued or a dispute is announced to him by a court, he must report this immediately.

• Obligation to provide information

The policyholder has:

• As far as possible, to provide the insurer with any information immediately - on request in text form - that is necessary to determine the insured event or the scope of the insurer's obligation to provide benefits, as well as to allow any investigation into the cause and amount of the damage and the scope of the obligation to pay compensation.
• Provide supporting documents requested by the insurer which he can reasonably be expected to obtain.
• Documentation of the damage pattern

The policyholder must leave the damage pattern unchanged until the insurer permits a change.

If changes are unavoidable, the damage must be documented in a comprehensible way.

• Assistance with claims settlement

The policyholder has:

• To provide the insurer with detailed and truthful claims reports and to support them in the determination and settlement of claims. All circumstances which the insurer considers important for the processing of the claim must be communicated and all documents requested for this must be sent.
• Leaving the management of the procedure to the insurer if a liability claim is asserted against him in court. The insurer hires a lawyer on behalf of the policyholder. The policyholder must authorize the lawyer and provide all necessary information and the requested documents.
• Filing of Appeals

The policyholder must lodge an objection or other necessary legal remedies against a court order or an order from administrative authorities for damages within the time limit.

An instruction from the insurer is not required.

• Cyber ​​extortion measures

In the event of cyber extortion, the policyholder must immediately report the threat and authorize the insurer and service providers to pass on all related information to the investigating authorities.

Can the insurance be canceled if I have not provided correct information?

Yes, if the policyholder intentionally or through gross negligence violates an obligation that he has to fulfill towards the insurer before the insured event occurs, the insurer can terminate the contract without notice within one month of becoming aware of the violation.

However, the insurer has no right of termination if the policyholder proves that he has breached the obligation neither intentionally nor through gross negligence.

Can the insurance also refuse to settle a claim?

The insurance company can only refuse to settle a claim if:

• If the policyholder intentionally violates an obligation, the insurer is released from the obligation to pay.
• In the event of a grossly negligent violation of the obligation, the insurer is entitled to reduce its benefits in proportion to the severity of the owed by the policyholder.
• If the policyholder violates an obligation to provide information or provide information after the insured event has occurred, the insurer is only fully or partially released from payment if he has informed the policyholder of this legal consequence by means of a separate notification in text form (e.g. e-mail, fax or letter). pointed out.

Important: The insurer remains obliged to pay if the policyholder proves that he did not violate the obligation through gross negligence. This also applies if the policyholder proves that the breach of the obligation was not responsible for the occurrence or the determination of the insured event was still the cause of the determination or the scope of the insurer's obligation to provide benefits. This does not apply if the policyholder has fraudulently violated the obligation.

Can the insurance be canceled after a claim?

The insurance contract can be terminated by either party after the insured event has occurred if:

• A payment has been made or wrongly refused by the insurer under an insurance contract.
• The liability claim has become pending.
• The policyholder with a claim asserted by him insurance benefit was legally rejected.

The termination must be received by the contractual partner in text form (e.g. email, fax or letter) no later than one month after the conditions for termination have been met.

However, if the insurer instructs the policyholder to allow a legal dispute to arise, the period only begins when the liability judgment becomes final.

What does the Performance Update Guarantee mean?

Will HDI Versicherung AG change the underlying cyber insurance Insurance conditions exclusively for the benefit of the policyholder and without additional premium, the contents of the new conditions also apply to this contract with immediate effect.

Newly added additional modules associated with an additional premium, which must be applied for separately, do not automatically become part of the insurance contract through this clause.

When is general not provided?

The following are excluded from insurance cover regardless of contributing causes:

• War

Insurance claims or damage due to war. War means: war, invasion, civil war, insurrection, revolution, riot, military or any other form of seizure of power.

• Political dangers

Insured events or damage based on acts of hostility, riot, civil commotion, general strike, illegal strike.

• acts of terrorism

Insurance claims or damage caused by acts of terrorism. Acts of terrorism are any actions aimed at achieving political, religious, ethnic or ideological goals that are likely to spread fear or terror in the population or parts of the population in order to influence a government or state institutions.

• Financial market transactions

Claims or damages arising out of or in connection with any form of purchase or sale of securities, commodities, derivatives, foreign exchange, bonds and comparable assets.

• Outflow of assets

Insured events or damage from the outflow of assets of the insured arising in connection with an information security breach, unless expressly insured.

• Intent and knowing breach of duty

Insurance events that were caused by the insured or their representatives intentionally or by knowingly deviating from the law, regulation, decision, power of attorney or instruction or by other knowing breaches of duty.

• Penalties/fines/punitive damages

Fines, fines and other public penalties as well as punitive and exemplary damages imposed on the policyholder, unless otherwise agreed.

• Infringement of intellectual property rights

Claims or Damages arising out of or in connection with

• plagiarism or infringement of patents, trademark rights, copyrights and other forms of intellectual property,
• Licenses or royalties,
• competition and antitrust violations,

unless otherwise agreed.

• Nuclear Energy

Insurance claims or damage caused by nuclear energy, nuclear radiation or radioactive substances.

• Discrimination

Insurance claims or damage due to the violation of a regulation to protect against discrimination, in particular from the General Equal Treatment Act.

• Penalties

Insurance claims or damage due to contractual penalties, unless expressly insured.

• Sovereign intervention

Insurance claims or damage in connection with an official intervention, including resolution seizure, nationalization, destruction or other action by any government agency or other government entity.

• Infrastructure failure

Insurance claims and/or damage due to infrastructure failure or disruption. All private or public facilities (including local authorities, communities, districts, etc.) that supply energy or connect to communication facilities are considered infrastructure serve all kinds.

These include in particular:

• the supply of electricity, gas, oil or water,
• Internet, cable, satellite or other telecommunications connections,
• Domain Name Systems

However, insurance cover exists for interruptions or disruptions in the IT systems of the insured that occur solely within the control of the insured.

• Illegal collection of data

Insurance claims or damage resulting from the fact that insured persons illegally record personal data with the knowledge or as a result of a negligent lack of knowledge of a representative.

• Gambling

Insurance claims or damage as a result of the organization or hosting of competitions, lotteries or other games of chance.