Van Dessel Insurance Brokers (hereinafter “the office”) takes your rights in relation to data processing seriously. In this policy document, we explain how we collect, process and use your personal data. It constitutes the office's general policy in relation to data processing in accordance with applicable legislation, including the General Data Protection Regulation (GDPR).
As an insurance broker, the office potentially fulfils a dual role in relation to data processing. In this respect, we are both the data controller and the data processor. We assume the role of data controller when we process data in our own name for our own account. In addition, we also fulfil the role of data processor on behalf of the companies. That means that we also collect and process personal data for insurance companies with whom we collaborate and from whom we present and offer products to you. In this notice, we only expand on how we process your data as a data controller.
The party responsible for processing is Verzekeringskantoor Van Dessel, Misstraat 112, 2590 Berlaar, company number 0446.433.491.
When does our office collect and process data?
The office collects and processes information about you when you contact us for the purposes of advice about insurance contracts, offering or proposing insurance contracts, carrying out preparatory work for the purpose of entering into insurance contracts and actually entering into insurance contracts. In addition, you may also call on us or contact us for assistance with managing and implementing the insurance contracts that you have entered into. Even when you contact us in any other way, we will (need to) process your information. Finally, it is also possible that we obtain information about you through third parties and use this information to approach you to enter into a contract through our mediation.
Which data does our office collect and process?
The office collects and processes information which you report to us in response to contact with the office, such as your name, address, e-mail address and professional details, such as company name and VAT number. This also relates to all information which is necessary to allow us to assess your insurance requirements. Among other things, this relates to information about your residence (as part of fire insurance), your financial details (in relation to investment insurance policies) and medical information (in relation to health insurance policies). Your data is only processed as part of the insurance policy for which you call upon us, unless you request otherwise and also specify this.
Furthermore, the company processes images of surveillance cameras in and around the operational offices. If a surveillance camera is in place, the company must clearly inform by displaying obvious signs, as legally requested. The period of retention should not excess one month, unless the registered images could be useful in proving a crime, justifying damages or identifying a criminal, a heckler, a witness of a victim. Under these circumstances, they should be kept longer.
For what purposes does our office collect and process data?
The purposes for which we process data are diverse in nature and are explained below.
On behalf of our customers, we process this data for customer administration, in particular acceptance, management and entering into insurance contracts and promoting other products and services offered by our office itself. These processing operations are mainly based on the contractual relationship with our customers, but also, insofar as it relates to prospecting, on your express consent.
We process this data relating to suppliers as part of our supplier administration and based upon the contractual relationship, which we have or build up with our suppliers.
If it relates to prospects, i.e. natural persons who are not (yet) one of our customers, we process the data for the purposes of direct marketing, based upon our legitimate interest in doing business. From prospects who are approached by e-mail, we request the express consent to also be able to approach them in the future. We request prospects who are approached by letter, to tick an opt-out clause if they do not wish to be approached by us in the future.
In relation to our staff, we process their data for purposes such as personnel management and payroll administration.
As regards our website, we tailor its content and user-friendliness as much as possible to you, its users. In addition, we process your data to meet the obligations which arise out of making a website and its content accessible and allowing you to use the interactive applications and services on this website.
What are the basic principles for processing data by our office?
In principle, we collect and process your data based on the contractual relationship we have with you as a result of your query or request in connection with an insurance requirement and the contract(s) arising out of this, and also as a result of the requirement to assist you in the administration and monitoring of the insurance contracts you have entered into.
Wherever the processing of data is necessary for carrying out the contractual relationship, it is based on our legitimate interests as a company, in particular freedom of enterprise and information. In so doing, we always ensure that a balance is struck between our interests and yours, for example by acknowledging your right to object.
Insofar as it relates to health data or so-called sensitive data, we can only process your personal data subject to your express consent. You are asked for this as soon as you become one of our customers. If that has not happened, we would like to ask you to report this to us, so that the necessary steps can be taken to rectify this.
Is the data passed on to third parties?
Your data is mainly processed internally. This does not alter the fact that it has to be communicated to the insurance company with which you eventually enter into the agreement.
It is possible that we call upon third parties for one-off services. In such cases, your data may be provided to third parties, but only for the relevant service and always under the control of our office.
In certain instances, there is a statutory obligation to pass on certain data. This is particularly the case when we are statutorily obliged to do so or government bodies have the right to request data from us. ur data is not, in principle, passed on to third-party countries or to international organisations.
Legislation grants you various rights, which must ensure that you are adequately protected.
You can at all times object to the use of your data by our office for direct marketing purposes. If you do not wish to be kept informed about offers from our office, you can report this by e-mailing firstname.lastname@example.org or by checking a box in the information which is sent to you on specific matters. You can always view the data we process in relation to you, and if necessary arrange for it to be updated. In addition, you have the right to erasure, the right to restriction of processing, the right data portability, the right to object, the right not to be the object of a decision based solely on automated processing, including profiling and the right to withdraw your consent. To do so, you only need to request this by e-mailing our Data Protection Officer at email@example.com or by sending a letter to Van Dessel Insurance Brokers, attn. Data Protection Officer, Misstraat 112, 2590 Berlaar, with proof of your identity. We request this to prevent your data being passed on to anyone who is not entitled to it.
If you do not agree with the way in which we process your data, you can always lodge a complaint to the Data Protection Authority, Drukpersstraat 35, 1000 Brussels. You can contact them for all general queries relating to the processing and protection of personal data.
Our office reserves the right to amend this notice and/or policy. Amendments will be reported to users through the website.
25/10/2018 (version 0.3)