Privacy policy

Principles

As an insurer it is essential for Bâloise to have enough requisite information to be able to evaluate the risk insured (and provide you with the tariff and appropriate guarantees), administer the contracts or settle claims. And some of this information may be of private nature. The way in which the information will be treated (collecting, retention, use, modification…) is the subject of the present policy.

1. General information on the data processing

1.1. Type of data

Various data are collected, used, stored, as e.g.:

Data regarding the company

  • information allowing to identify the policyholder such as the name of the company, the national registration number, the registered office, the location of economic activity; the number of persons employed; the structure of the business group; the extract of the Mémorial C about the foundation of the company, a copy of the statutory powers;
  • contact details such as the mailing address, the phone number;
  • information allowing the identification of the parties involved such as a copy of the administrators' identity cards;
  • information regarding the identification of the economical beneficiaries such as their name, address, date and place of birth, nationality;
  • bank details for the payment processing such as your bank account number.

Data concerning the members of the supplementary pension scheme

  • personal data such as the name as well as the date and place of birth;
  • contact details such as the address, phone number and email address;
  • bank details for the payment processing such as the bank account number;
  • data required for the calculation of the insurance premium;
  • information provided by the former supplementary pension scheme manager such as extra insurance premiums that have been applied or exclusions;
  • information regarding the family situation such as the number of persons living in a household;
  • heath data, subject to the affiliated member's authorization;
  • data of the beneficiaries designated by the affiliated members;
  • information regarding the use of the online access (e.g. via cookies).

Once the legal retention period of these data has expired or the data are no longer required, they will be purely and simply erased.

1.2. Purpose of data processing

We use your data as well as those of the supplementary pension scheme members for the sole purposes mentioned when we collected your data, or because we are required to do so by law.

1.2.1. Management of contracts and settlement of claims

We collect, retain and process your data as well as those of the supplementary pension scheme members in case we need them to:

  • manage the customer relationship;
  • establish a client profile;
  • offer services;
  • evaluate risks;
  • settle claims;
  • establish invoices;
  • answer questions;
  • offer technical assistance.

1.2.2. Enhancement of products

We collect, retain and process your data in order to evaluate and enhance our existing services and to develop new products and services.

1.2.3. Compliance with the legal regulations

In order to comply with our legal obligations we need to have some information in particular in the context of money laundering prevention or simply tax information exchange.

1.3. Transmission of your data to other companies

We wish to insure you in the best possible manner. We may transmit your data to other insurance companies (in the context of coinsurance) or reinsurers.

1.4. Data exchange with third parties

Where necessary, data may be exchanged with the following persons:

  • our medical officer at the time of the subscription or a claim settlement;
  • a reinsurer at the time of the subscription or a claim settlement;
  • an insurance agent or broker for the administration of your contracts;
  • an insurer in the context of a coinsurance transaction (subscription and claim settlement) or just claim settlements;
  • a bankruptcy administrator.

On request we can also receive (or share) relevant supplementary information provided by authorities, private insurers, reinsurers, social security organizations and intermediaries or even other third parties which are legitimately involved in the set up or the administration of the contract or in a claim settlement.

1.5. External service providers in Luxembourg or abroad

By external service providers we are targeting mainly experts or lawyers.

The service providers are bound by contractual obligation to solely use the data received for the purpose of the fulfilment of the mission they have been entrusted with.

If necessary we impose on the service providers outside the EU the obligations that have been introduced by the European Commission, in order to grant you the best possible safety of your personal data.

1.6. Your rights regarding your data

You and the affiliated members of the supplementary pension scheme have the possibility to:

  • know precisely which personal data we hold about you;
  • rectify or complete false or missing data;
  • suppress part or all of your data except if the laws in force oblige or authorize us to keep them;
  • limit the processing of your data for certain purposes or to oppose any processing at all;
  • ask for the transmission of your data to other third parties.

To that end, you and the affiliated members of the supplementary pension scheme may forward a written request either by regular mail or email attached with a copy of an identification document.

Should either you or the affiliated members of the supplementary pension scheme notice that your rights are not (or no more) respected, you have the possibility to lodge a complaint with the National Commission for Data Protection (https://www.cnpd.lu).

1.7. Data retention period

We do not keep your data or those of the affiliated members of the supplementary pension scheme any longer than necessary or prescribed by law.

1.8. Adjustments to this information on data processing

Our privacy policy is being continually updated. The present version is the latest release.

2. Processing of sector specific data

In the life assurance sectors we have to process certain personal data like your medical data.

This information is needed in order to evaluate the insurance risk before concluding an insurance policy, to comply with contractual obligations and to settle claims. As mentioned above, you will always have the possibility to restrict either partially or entirely the processing of the data in our possession; as a consequence, it could hinder Bâloise from settling a claim.

The service providers whom we work with are contractually bound to respect the prescriptions on data protection, confidentiality obligation and storage of data.

3. Data protection / security

3.1. Confidentiality

We treat your data and those of the affiliated members of the supplementary pension scheme (such as details on insurance policies or claim settlements) as confidential. We ensure their safety and take any measures required for the protection/security of the data. The implemented information safety standards are constantly being adapted in order to grant an optimal level of data protection.

3.2. The dangers of the internet

Generally, if you submit data via the internet, it shall be at your own risk. However, we can assure you that on the Bâloise websites, the data transmitted are protected by appropriate locking mechanisms.

We also undertake technical and organizational safety measures in order to decrease the risk on our websites. However, we ignore the level of security of the equipment you are using. Hence, you need to get informed about the prevention measures that are required and to take the necessary steps to this end.

3.3. Blocked access

If we are aware of security risks, we have the right to interrupt the access to our websites or, in severer cases, to block it until there are no more risks. We are not liable for any consequential loss or damage caused by the interruption or the blocking access.

Contact details

In case you need more information or you have any questions or suggestions or you wish to complain, to not hesitate to contact our data protection officer.

Bâloise Luxembourg
Data Protection Officer
23, rue du Puits Romain, Bourmicht
L- 8070 Bertrange
email: dataprotection@baloise.lu