Concordia N.V. (hereafter referred to as the “office”) attaches great importance to your rights in respect of data processing. In this policy document, we explain how we collect, process and use your personal data. It forms the general policy of the office with respect to data processing in accordance with the applicable legislation, including the General Data Protection Regulation (GDPR).
As an insurance broker, the office may fulfil a double role in the field of data processing. In this case, we are both a data controller and a data processor. We assume the role of controller when we process data on our own behalf and for our own account. We also act as a processor on behalf of the insurance companies. This means that we also collect and process personal data on behalf of the insurance companies with whom we work and whose products we present and offer to you. In this policy, we focus only on the processing of your data as a data controller.
The data controller is Concordia N.V., with registered office at: Sassevaartstraat 46/301, 9000 Ghent.
When does our office collect and process data?
The office collects and processes data about you when you contact us for the purpose of obtaining advice on insurance contracts, presenting and offering insurance contracts, carrying out preparatory work with a view to concluding insurance contracts and the closing insurance contracts. You may also call upon us or contact us for assistance during the management and performance of the insurance contracts you have concluded. Moreover, when you contact us in any other way, we will (have to) process your data. Finally, we may also obtain data about you from third parties and we use this data to approach you to enter into a contract with us.
What data does our office collect and process?
The office collects and processes the data that you provide to us in the course of contacts with the office, such as your name, address, e-mail address and business data, such as company name and VAT number. This also includes all the data necessary to allow us to assess your insurance needs, such as data about your home (in case of a property insurance), your financial data (in case of investment insurance) and medical data (in case of health insurance). Your data will only be processed in the context of the insurance for which you have contacted us, unless you explicitly state otherwise.
We collect these data when you complete our documents and forms manually or electronically. Cookies are used when you visit our website. To find out more about this, please contact the office.
For which purposes does our office collect and process data?
The purposes for which we process data are of various kinds and are explained below.
For our clients, we process these data for customer management purposes, namely the acceptance, management and conclusion of insurance contracts and the promotion of other products and services of our office itself. These processing operations are mainly based on the contractual relationship with our clients, but also, as far as prospection is concerned, on your explicit consent.
As far as suppliers are concerned, we process this data within the framework of our supplier management and on the basis of the contractual relationship we have or are establishing with our suppliers.
With regard to prospects, i.e. natural persons who are not (yet) clients of ours, we process the data for direct marketing purposes on the basis of our legitimate interest as a company. We ask prospects who are approached by e-mail for their explicit consent to also be approached in the future. We ask prospects who are approached by letter to tick an opt-out clause if they do not want us to contact them anymore.
With regard to our employees, we process data for personnel management and payroll administration purposes.
As far as our website is concerned, we adapt its content and user-friendliness as far as possible to meet your needs as a user. We also process your data to meet the obligations arising from providing a website and its content and to enable you to use the interactive applications and services on this website.
What is the basis for data processing by our office?
In principle we collect and process your data based on the contractual relationship we have with you as a consequence of your application or request with respect to an insurance need and the resulting contract(s), and as a consequence of the request to assist you in the management and the monitoring of the insurance contracts you have concluded.
If the processing is not necessary to perform the contractual relationship, then it is based on our legitimate interests as a company, specifically the freedom of enterprise and information. To this end, we make sure there is a balance between our and your interests, for example by granting you a right of objection.
Insofar as medical or sensitive data is concerned, we can only process your personal data with your explicit consent. You will be asked to grant this consent as soon as you become a client of ours. If that has not been done, we ask you to report this to us, so that we can take the necessary steps.
Is the data passed on to third parties?
Your data is mainly processed internally. However, it must be communicated to the insurance company with which you finally conclude a contract.
It is possible that we call on third parties for certain specific services. In this case, your data may be passed on to these third parties but only for the service concerned and always under the supervision of our office.
In certain cases there is a legal obligation to hand over certain data. This is the case, for example, if we are legally obliged to do so or if public authorities have the right to request data from us.
In principle, your data will not be passed on to third countries or to international organizations.
The regulations give you various rights whish should ensure that you are adequately protected.
You can object at any time to the use of your data by our office for direct marketing purposes. If you do not wish to be informed of offers from our office, you can indicate this via firstname.lastname@example.org or by ticking the box in the information provided to you on specific occasions.
You can always consult and, if necessary, correct your data that we process. Simply request this possibility via email@example.com, supplying proof of your identity. We ask for this proof of identity to prevent your data from being communicated to an unauthorised person.
If you do not agree with the way we process your data, you can always file a complaint with the Data Protection Authority, Drukpersstraat 35, 1000 Brussels. This is also the address for any general questions with respect to the processing and protection of personal data.
Our office reserves the right to modify this policy. Changes will be notified to users via our website.
29 October 2018.