EN
The purpose of this notice on the protection of personal data is to inform you about the personal data processed by SWINZ, acting as data controller, the legal basis and purposes of such processing, the persons to whom your data are transferred, the data retention period and the rights you may exercise in respect of your data.
SWINZ is committed to respecting the privacy and protection of personal data.
BelgaMGA SA (SWINZ), Chaussée de Louvain 435, 1380 Lasne (Belgium), licensed underwritingagent entered in the register of insurance intermediaries kept by the Financial Services and Markets Authority (FSMA) under number 0846.053.992 and registered with the ECB under number BE0846.053.992 (RPM Nivelles).
The SWINZ Data Protection Officer can be contacted at :
By email: support@swinz.be
By post: SWINZ - DPO, Chaussée de Louvain 435, 1380 Lasne
We use personal data for different purposes depending on our relationship with you. The legal justification depends on the purpose for which your personal data is used. Where a data processing is based on 'legitimate interest', we have carried out a balancing test, as required by law, and have determined that, taking into account the limited personal data collected, the processing carried out and your reasonable expectations, our legitimate interest in carrying out that processing is not overridden by your interests or fundamental rights and freedoms.
The personal data that you communicate to us or that we have legitimately received from our partner brokers, insurance companies, companies in contact with them, or third parties, may be processed by SWINZ for the purposes listed below:
Insofar as the communication of personal data is necessary to achieve the purposes listed above, personal data may be communicated to insurance companies, companies and/or persons in contact with them (lawyers, experts, medical consultants, private inspectors in the context of fraud detection, reinsurers, co-insurers, insurance intermediaries, service providers, other insurance undertakings, external auditors, representatives, underwriting offices, claims settlement offices, TRIP ASBL, Datassur, Alfa Belgium, The Belgian Common Guarantee Fund (FCGB) and other sectoral organisations) for processing in accordance with these purposes. Further details concerning Datassur and Alfa Belgium can be found in Annex 1 hereto. This data may also be communicated to the supervisory authorities, to the competent public services and to any other public or private body with which SWINZ may be required to exchange personal data in accordance with the applicable legislation.The data subject may receive specific clauses from SWINZ or the insurance companies during the performance of the contract, for example a clause applicable to the handling of a claim. Such specific clauses will not affect the validity of this clause or its applicability for the purposes listed above.
Under the applicable data protection laws, certain data (known as "sensitive personal data") are afforded special protection. SWINZ processes data relating to health and criminal convictions in accordance with the following principles:
Personal data, communicated by the data subject him/herself or legitimately received by SWINZ from insurance companies, companies in relation with them or third parties, may be processed by SWINZ for direct marketing purposes (commercial actions, invitations to events, personalised advertising, profiling, data matching, brand awareness, etc.), in order t o improve its knowledge of its customers and prospects, to inform them about its activities, products and services, and to send them commercial offers.This personal data may also be communicated to the insurance undertaking or insurance intermediary for their own direct marketing purposes or for the purposes of joint direct marketing operations, with a view to improving knowledge of joint customers and prospects, informing them about their respective activities, products and services, and sending them commercial offers. In order to offer the most appropriate services in relation to direct marketing, this personal data may be communicated to companies and/or persons acting as sub-contractors or service providers for the benefit of SWINZ, an insurance company and/or the insurance intermediary.Such processing is necessary for the legitimate interests of SWINZ consisting in the development of its business activity. Where necessary, such processing will be based on the consent of the data subject.
SWINZ's subcontractors, insurance companies, companies and/or persons related to them to whom personal data are communicated, may be located both within and outside the European Union. In the event of transfers of personal data to third parties located outside the European Union, SWINZ complies with the legal and regulatory provisions in force regarding such transfers. In particular, it ensures an adequate level of protection for personal data transferred in this way on the basis of alternative mechanisms put in place by the European Commission, such as standard contractual clauses or binding company rules in the case of intra-group transfers.
The data subject may obtain a copy of the measures put in place by SWINZ to transfer personal data outside the European Union by sending a request to SWINZ at the address indicated below (paragraph "How to contact us"). The data subject may also obtain a list of countries for which an adequacy decision on transfers does or does not exist.
SWINZ retains the personal data collected in relation to the insurance contract for the entire duration of the contractual relationship or the management of claims files, updating them whenever circumstances so require, extended by the legal retention period or the limitation period so as to be able to deal with any claims or appeals that may be lodged after the end of the contractual relationship or after the closure of the claims file.SWINZ retains personal data relating to offers that have been refused or not acted upon for up to five years after the offer or refusal to conclude has been made.
We take all reasonable steps to protect your personal data. This includes putting in place processes and procedures to minimise unauthorised access, disclosure or unwanted deletion of your personal data. We ensure that third parties with whom we share yourpersonal data also have adequate security measures in place.SWINZ follows security and service continuity standards and regularly assesses the security level of its processes, systems and applications, as well as those of its partners.
The data subject has the right :
You can contact BelgaMGA SA to exercise your rights by post, dated and signed, accompanied by a copy of your identity card, addressed to: SWINZ – Data Protection Officer, Chaussée de Louvain 435, 1380 Lasne.SWINZ will process requests within the statutory time limits. Unless a request is manifestly unfounded or excessive, no payment will be required for the processing of such requests.
If you have any unresolved concerns, you have the right to complain to the SWINZ Data Protection Officer:
If you are not satisfied with the response, you can complain to the competent data protection authority (in Belgium : https://www.dataprotectionauthority.be/citizen ).The person concerned may also lodge a complaint with their local court of first instance.
The processing of personal data may change in response to a number of factors, such as regulatory changes, technical developments and changes in the purposes for which the data is processed. SWINZ therefore reserves the right to amend this privacy notice at any time, but will do so in all cases in accordance with applicable laws and regulations. The most recent version of this notice will always be available on our website.In the event of major modifications, SWINZ will make reasonable efforts to ensure that the persons concerned are aware of them.
Any fraud or attempted fraud will result in the application of the penalties provided for in the applicable legislation and/or the general or special terms and conditions and may give rise to criminal proceedings. In order to detect and combat insurance fraud, and to analyse risks, insurers exchange certain personal data. Below you will find more information about two databases created for this purpose within the insurance sector. Occasionally, insurers will also directly exchange information, including personal data, in the context of detecting and combating insurance fraud.
The RSR file is managed by Datassur (1000 Brussels, Square de Meeûs 29, ECB number 0456.501.103), t h e d a t a controller. In t h e legitimate interest of insurers who are members of Datassur, the personal data of the insured (candidate-insured) may be communicated to Datassur for recording in the RSR file. The purpose of the RSR file is to ensure proper risk analysis and to combat insurance fraud. Personal data may only be recorded in the RSR file in the cases that can be consulted via https://www.datassur.be/fr/services/rsr. An insurer cannot make a decision based exclusively on information from the RSR file.
The Claims Database is managed by Alfa Belgium (1000 Brussels, Square de Meeûs 29, ECB number 0833.843.870), the data controller. After a claim has been reported in t h e motor insurance sector, a limited amount of personal data of the insured, the driver and the other party involved in the claim will be communicated in the legitimate interest of the members of Alfa Belgium to Alfa Belgium for registration in the Claims Database. The members of Alfa Belgium are the insurers, the FCGB and the BBAA. The purpose of the Claims Database is to combat (organised) insurance fraud. The functionality of the Claims Database is limited to providing neutral information without any analysis or investigation of possible insurance fraud. On the basis of the results file, Alfa Belgium members will be able to establish possible links between claims files. Analysis of the results fileand the subsequent investigation remain the exclusive competence and responsibility of the members of Alfa Belgium. An insurer cannot make a decision based exclusively on information from the Claims Database.
As a data subject, you have a right t o information, a right of access, a right of correction, a right of deletion, a right to restrict processing, a right to object and a right to lodge a complaint with the Data Protection Authority (rue de la Presse 35, 1000 Brussels, contact@apdgba.be, https://www.dataprotectionauthority.be/citizen ).
To exercise your rights concerning the SERP file, you may contact Datassur (1000 Brussels, Square de Meeûs 29, or privacy@datassur.be). In order to exercise your rights concerning the Claims Database, you are always welcome to contact Alfa Belgium (1000 Brussels, Square de Meeûs 29, or info@alfa-belgium.be). You must enclose a copy of your identity card with your letter or e-mail. Further information on Datassur's and Alfa Belgium's policy regarding the processing of personal data and your rights as a data subject is available at http://www.datassur.be (Datassur) and http://www.alfa-belgium.be/fr/vie-privee (Alfa Belgium).
