Your data in safe hands
Are you signing up for an insurance or financial service? Then we will need your details. We find it important that you know what we do with your personal data and what rights you have, so that you can trust your data to be in safe hands with us.
What data do we use?
Most of the time, we will ask for your name, address, email address and telephone number, but sometimes we will ask for other details, too, such as your registration number for a car insurance or your bank account number for a direct debit of your premium. What details we need will vary from product to product. Usually, you yourself will provide us with your details, at other times we obtain your data in a different manner. For instance, we can retrieve from Roy-data how many years you have driven without submitting a claim.
What do we use your data for?
We use your data to
- Offer you a product or service.
- Take out a product or service.
- Enter into and perform a contract with you.
- Map your needs and preferences.
- Make our products and services better match your needs.
- Make you a personal offer at the right time.
- Assess our risks.
- Prevent fraud. In a personal investigation we can also use information which we find about you on the Internet.
- Conduct scientific, statistical and market research.
- Comply with the law.
- Keep records of how and when we are in touch with you.
You can find the complete list here (Dutch webpage).
Which contact moments do we record?
We record what we agree on with you. We also use our contact moments to improve our communication. These are contact moments, for instance, which we record:
- Letters and emails which we send to and receive from you.
- Telephone conversations and chats.
- What you do and look at on our websites.
- What you do and look at in our apps.
- Our contacts through social media, such as Facebook, Twitter and WhatsApp.
Achmea B.V. is responsible
Achmea B.V. is responsible for all of Achmea’s brands where the proper processing of your personal data is concerned.
Where we get your data and who we share them with?
At certain times we will forward your data and at other times we will check your data at other companies. We do not sell your data, but we can exchange data with:
- Achmea’s other brands.
- Our suppliers and business partners, such as our datacentre supplier.
- Credit Registration Bureau.
- Tax authorities
- The foundation CIS (Stichting Centraal Informatiesysteem).
The complete list you can find here (Dutch webpage).
If it is necessary to pass data on to recipients outside the European Economic Area (EEA), we will do this with the utmost care. Within the EEA, the same privacy rules apply. How do we make sure that your data are safe with us?
Our website, app and IT systems are safely secured and we always take measures to prevent abuse of your data. Our employees are also given clear instructions on how to deal with your data.
We are extra careful with sensitive data
By sensitive data we mean, for instance:
- Your Citizen Service Number and bank details.
- Your medical details.
- Our medical consultant is responsible for the proper processing of your medical details. Employees will only have access to your medical data if authorised by the medical consultant. Our medical consultant and employees are under a duty to secrecy.
- Data related to criminal law.
- We may ask if you have a criminal record if we have to assess the risk for an insurance of financial product. If it is more than 8 years ago since you were suspected or convicted, you will not need to report it.
How long do we keep your data?
We will keep your data as long as we need them or as long as we are obliged to by law. After that, we will erase or anonymise your data. If we anonymise your data, we remove all data which refer to you, so they cannot be linked to you anymore. Anonymous data help us to gain better insight into our risks, products and services.
Privacy rules and laws
We comply with the laws and rules for privacy. These are, inter alia:
- The General Data Protection Regulation (GDPR).
- De Uitvoeringswet Algemene Verordening Gegevensbescherming. Dutch General Data Protection Regulation Implementing Act.
- De Gedragscode Verwerking Persoonsgegevens Verzekeraars. Dutch Personal Data Processing Code of Conduct for Insurers.
- Het Protocol Incidenten Waarschuwingssysteem Financiële Instellingen. Dutch Incident Alert System Protocol for Financial Institutions.
- Gedragscode Persoonlijk Onderzoek. Dutch Personal Investigation Code of Conduct.
- De Telecommunicatiewet. Dutch Telecommunications Act.
The law also provides for your rights. You are entitled:
- to retrieve your data from us.
- to have your data changed if they are incorrect.
- to have your data erased.
- It often happens that we are unable to erase your data, for instance, because we still need them or we need to comply with the law.
- to object to a certain use of your data.
- For example, if you no longer wish to receive emails with offers from us. Our emails contain a link through which you can unsubscribe. You can also call us. In other cases, you must state clearly what you object to, so that we can evaluate this.
- to withdraw your consent.
- Did you give us consent to use your data? You have the right to cancel this later. From that time on, we will no longer use your data.
- to transfer your data.
- If you have given us data with your consent or on the basis of our agreement. Transfer may take place to another party or to you.
- to temporarily restrict the use of your data.
- For example, if you have objected to the use of your data.
Let us know when you wish to exercise your rights
Send us a letter and enclose a copy of your passport or ID document. Please make your Citizen Service Number and passport photo illegible. We will reply within one month from receipt of your letter.You can contact details on the website of your insurer.
Do you have a question, tip or complaint?
Send an email to Achmea’s Data Protection Officer at firstname.lastname@example.org. You can also send a letter to:Achmea B.V.Attn. Privacy ManagerCompliance & Operational Risk ManagementP.O. Box 8663700 AW Zeist Do we not find a solution? Send your complaint to the Autoriteit Persoonsgegevens.
We can change this Privacy Statement
For example, we can do this if something changes in the laws or regulations, or if we develop new products or services. You can always find the most recent version on our website. This most recent version is of 2018-04-23.