ALTERNATIVE RISK TRANSFER, , , , , and the .
1. Who is the data controller?
A data controller is the individual or legal person who controls and is responsible to keep and use personal data in paper or electronic files. ALLIANZ GLOBAL CORPORATE & SPECIALTY SE (AGCS) is the data controller as defined by relevant data protection laws and regulation.
2. What personal data will be collected?
We may collect and process various types of personal data about you as follows:
We may also collect and process “sensitive personal data” about you such as, for example data resulting from medical reports or your claims history.
3. How will be obtain and use your personal data?
We will collect and use the personal data that you provide to us and that we receive about you (as explained below) for a number of purposes and with your explicit consent unless applicable laws and regulations do not require us to obtain your explicit consent, as shown below:
Basically, for insurance contracts that do not include sensitive / special categories of personal data, consent is not required according to Article 6 (1)(b) GDPR; and for insurance contracts that do include sensitive / special categories of personal data, consent is required according to Article 9 (2)(a) GDPR.
Swipe to view more
|Purpose||Your explicit consent required?|
|Insurance contract administration (e.g. quotation, underwriting, claims handling).||
Your constent is only required for the processiong of sensitive personal data unless the prosessing can be done based on a legal obligation or the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capactiy.
|To administer debt recoveries.||No.|
|To inform you, or permit Allianz Group companies and selected third parties to inform you, about products, services, marketing preferences. You can change these at any time by contacting us as specified in section 9 below.||Yes.|
|For automated decision making (including profiling), for credit scoring purposes, to personalize your experience on the wesbite (by presenting products, services, marketing messages, offers, and content tailored to you) and to make other decisions about you using computerised technology such as assessing which products might be most suitable for you.||
Your consent is only required for the processing of sensitive personal data.
|Fraud prevention and detection.||No.|
|Meet any legal obligations (e.g. tax, accounting and administrative obligations).||No.|
|To redistribute risk by means of reinsurance and co-insurance.||No.|
As mentioned above, for the purposes indicated above, we may process the personal data we receive about you from public databases, third parties such as brokers and business partners, other insurers, credit reference and fraud prevention agencies, advertising networks, analytics providers, search information providers, loss adjustors, surveyors, intermediaries, premium finance companies, delegated authorities, lawyers.
For those purposes indicated above where we have indicated that we do not require your explicit consent or where we otherwise require your personal data to underwrite your insurance product and/or process your claim, we will process your personal data based on our legitimate interests and/or to comply with our legal obligations and/or the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity. When we process your personal data based on our legitimate interest we consider that such interests are not overridden by your interests or fundamental rights and freedoms which require protection of your personal data, in particular where the data subject is a child.
We will need your personal data if you would like to purchase our products and services. If you do not wish to provide personal data to us, we may not be able to provide the products and services you request or that you may be interested in, or to tailor our offerings to your particular requirements.
4. Who will have access to your personal data?
We will ensure that your personal data is processed in a manner that is compatible with the purposes indicated above.
For the stated purposes, your personal data may be disclosed to the following parties who operate as third party data controllers only on a “need to know”-basis:
For the stated purposes, we may also share your personal data with the following parties who operate as data processors under our instruction and limited to “need to know”:
Finally, we may share your personal data in the following instances:
5. Where will my personal data be processed?
Your personal data may be processed both inside and outside of the European Economic Area (EEA) by the parties specified in section 4 above, subject always to contractual restrictions regarding confidentiality and security in line with applicable data protection laws and regulations. We will not disclose your personal data to parties who are not authorized to process them.
Whenever we transfer your personal data for processing outside of the EEA by another Allianz Group company, we will do so on the basis of Allianz’ approved binding corporate rules known as the Allianz Privacy Standard (Allianz’ BCR) which establish adequate protection for personal data and are legally binding on all Allianz Group companies. Allianz’ BCR and the list of Allianz Group companies that comply with them can be accessed under . Where Allianz’ BCR do not apply, we will instead take steps to ensure that the transfer of your personal data outside of the EEA receives an adequate level of protection as it does in the EEA. You can find out what safeguards we rely upon for such transfers (for example, Standard Contractual Clauses) by contacting us as detailed in section 9 below.
6. What are your rights in respect of your personal data?
You have the right to:
You may exercise these rights by contacting us as detailed in section 9 below providing your name, email address, account identification, and purpose of your request. You may also make an access request by completing the available via .
7. How can you object to the processing of your personal data?
Where permitted by applicable law or regulation, you have the right to object the processing of your personal data (including for purposes of direct marketing). Once you have informed us of this request, we shall no longer process your personal data unless permitted by applicable laws and regulations.
You may exercise this right in the same manner as for your other rights indicated in section 6 above.
8. How long do we keep your personal data?
According to our Record Retention Policy, we will retain your personal data generally for 10 [ten] years from the date the insurance policy or product expires, a claim has been settled or the business relationship ends basically, unless a longer retention period is required or is permitted by law and necessary from our side.
We will not retain your personal data for longer than necessary and we will hold it only for the purposes for which it was obtained.
9. How can you contact us?
If you have any queries about how we use your personal data, you can contact us by, post or email as follows:
ALLIANZ GLOBAL CORPORATE & SPECIALTY SE
Data Protection Officer
10. How often do we update this privacy notice?
This privacy notice was last updated on May 25th, 2018.