Privacy Policy

Registered office

Sassevaartstraat 46/301
9000 Ghent
RPR Ghent, dept. Gent, 0427.391.205
Insurance broker, registered by FSMA under nr. 22714 A

Concordia N.V. (hereafter called “office”) is taking your rights iro. personal data processing seriously. In this policy document we explain how we collect, process and use personal data. It is the general policy of the office with respect to personal data processing conform the applicable legislation among which the General Data Protection Regulation (GDPR).

As insurance broker the office fulfills possibly a double role in the field of personal data processing. In that case we are both responsible for processing and processor. We have the role of responsible for processing when we process personal data in our own name and for our own account. Besides this we also fulfill, on behalf of the carriers, the role of processor. This means we also collect and process personal data for the insurance companies with whom we work together and from whom we may propose and offer products to you. In this declaration we only go deeper into the processing of your personal data as responsible for processing.


Responsible for processing

The responsible for processing is Concordia N.V., headquarters: Sassevaartstraat 46/301 – 9000 Gent.

For all your questions iro. of our privacy declaration you can contact us via gdpr@concordia.be. For any questions going beyond a simple question for information, we might ask you to identify yourself, so we are sure we give the requested information and personal data to the right person.


When does our office collect and process personal data?

The office collects and processes personal data of you when you contact us in view of advice related to insurance contracts, offering or proposing insurance contracts, doing the preparing work in view of concluding insurance contracts (central administration) and the closing of insurance contracts. Besides this you can also contact us for assistance during the management and implementation of the insurance contracts concluded by you. Also when you contact us in any other way we will (have to) process your personal data. We may be required to also process your personal data about criminal convictions and offences, in order to establish, exercise or defend legal rights or for the management of our own litigation, legal obligations and for governance, security and fight against fraud. Finally it is also possible that we receive personal data about you via third parties and we use these personal data to approach you to conclude via our intermediary a contract.


Which personal data does our office collect and process?

The office collects and processes personal data that you inform us about on the occasion of contact with the office such as your name, address, e-mail address and professional personal data, such as company name and VAT-number. It also concerns all personal data which are necessary to allow us to assess your insurance needs. These are among other things personal data about your home (in case of a property insurance), your financial personal data (in case of investment insurances) and medical personal data (in case of health insurances). Your personal data are only processed in view of the insurance for which you appeal to us, unless you wish otherwise and also indicate this to us.

We collect these personal data when you fill in our documents and forms manually and also when you do this electronically. When visiting our website cookies are being used. For more information about this, please contact the office.


How long do we keep your personal data ?

We keep personal data for as long as we are required to do so by law and for as long as it is necessary for the purpose for which we use the personal data. This may differ from product to product.

We retain your personal data for as long as you are one of our customers. We will also retain it for some time after you no longer have a certain product of ours. When that is the case, we apply statutory retention time. After that, we only retain your personal data for statistical purposes and for dealing with complaints and to handle legal claims.


For which purposes does our office collect and process personal data?

The purposes for which we process personal data are of various kinds and are explained below.

For our clients we process these personal data for customer management, being the acceptance, the management and the concluding of insurance contracts and the promotion of other products and services of our office. These processing operations are mainly based on the contractual relationship with our clients, but also, as far as prospection is concerned, on your explicit consent.

With respect to suppliers we process these personal data in view of our vendor management and based on the contractual relationship we have or build up with our suppliers.

As far as it concerns prospects, these are natural persons who are not (yet) a client of us, we process the personal data for purposes of direct marketing, based on our legitimate interest to undertake. We ask prospects which we approach by e-mail their explicit consent to also be able approach them in the future. We ask prospects which are approached by letter to indicate the op-out clause if they do not want to be approached any longer by us.

As concerns our staff members, we process the personal data for purposes such as personnel management and payroll administration.

As far as our website is concerned, we tailor the content and the ease of use as much as possible to you as users. We also process your personal data to meet the obligations arising from making a website and the content available and to enable you to use the interactive applications and services on this website.


What are the bases for processing personal data by our office?

In principle we collect and process your personal data based on the contractual relationship we have with you as a consequence of your demand or request with respect to an insurance need and the resulting contract(s), as well as a consequence of the question to assist you in the management and the succession of the insurance contracts you have concluded.

When the processing is not necessary to perform the contractual relationship, it is based on our legitimate interests as company, specifically the freedom of enterprise and information. We make sure there is a balance between our and your interests, for example by granting you a right of opposition/resistance.

To be able to process your personal data regarding your past, present and future state of health, we require your consent, just as we do to carry out certain direct marketing activities.

We will only process your personal data relating to your health for purposes for which you have given your specific consent. If you do not give your specific consent or wish to withdraw your consent, this may adversely affect the conclusion, management and/or proper fulfilment of your insurance policy(ies).


Are personal data being communicated to third parties?

Your personal data are mainly processed internally. This does not alter the fact they have to be communicated to the insurance company with whom you finally conclude the agreement.

It is possible that we call on third parties for certain punctual services. In such cases your personal data can be given to third parties but only for the relevant service and always under the control of our office.

In certain cases there is a legal obligation to submit certain personal data. That is especially the case when we are legally forced or when government agencies have the right to ask us the personal data.

Your personal data are in principle not transmitted to third countries or to international organizations.


Your rights

The regulations give you several rights what has to make sure you are sufficiently protected.

As a customer you have a number of rights relating to your personal data:

  • the right to access
  • the right to rectification, deletion and limitation
  • the right to portability of your personal data
  • the right to object
  • the right to withdraw your consent
  • the right to human intervention in the event of an automatic decision
  • the right to set your business correspondance preferences

If you wish to exercise one of these rights, send an e-mail to  gdrp@concordia.be. Make sure that it is clear which right you want to exercise and in what way (e.g. by e-mail, by post) you wish to receive the information. Please note that in certain cases we will ask for more information such as a proof of identification; we want to make sure we’re helping the right person.

We will reply within 30 days. Exceptionally, this may take longer (up to a maximum of 3 months in total), but in that case, we will let you know within 1 month why this is the case.

Whether or not you can exercise your rights depends on the purpose of the processing and the legal base for the processing.

If you do not agree with the way we process your personal data, you can always contact us or file a complaint with the Data Protection Authority, Drukpersstraat 35, 1000 Brussels. This is also the address for any general questions with respect to the processing and protection of personal data.


Changes

Our office reserves the right to change this declaration and/or this policy. Changes will be notified to the users via our website.

Last version update: 1 Februari 2025

 

 

This is a free translation.

Only the original Dutch version is legally binding.