We use cookies to make its website more user-friendly, secure and effective. Cookies collect information about the use of websites. Further information: Information on data protection
The term “processing” of personal data refers to any handling of data, e.g. the collection, storage, retention, use, alteration, disclosure, archival, erasure or destruction of data. The terms “processing” and “handling” are used interchangeably in this Privacy Policy. The term “personal data” refers to data relating to an identified or identifiable individual; in other words, it is possible to deduce that person’s identity either from the data itself or by combining it with additional information. The terms “personal data”, “personal information” and “data” are used interchangeably hereinafter. “Sensitive personal data” is a category of personal data that is more strictly regulated under data protection law. Sensitive personal data includes, for example, health data, data revealing racial and ethnic origin, information on religious or ideological convictions, biometric data for identification purposes and information on trade union membership.
We process personal data when prospective customers, customers or other individuals (collectively referred to as “data subjects”) apply for or purchase services or products, or use Helvetia’s online services. The section entitled “Special Privacy Policy” contains specific details regarding the processing of personal data in connection with Helvetia’s services or products. It contains information on the acquisition and processing of personal data, on data categories and on the purposes and duration of the storage of personal data. This Privacy Policy forms the basis for the processing of personal data in the course of the various business activities of Helvetia. In addition to this Privacy Policy, Helvetia informs data subjects about any business-specific processing of data in declarations of consent, declarations of release, general insurance and business terms and conditions or forms. In doing so, Helvetia makes sure that every data subject is informed about the data processing in an appropriate and timely manner, even if the personal data is not collected by the company itself.
At Helvetia, every processing of personal data is based on a comprehensive set of internal directives on data protection. Existing and new data processing operations are reviewed and assessed internally at an early stage using system-supported, predefined workflows in order to ensure that they comply with legal and internal requirements. Employees undergo regular sensitisation and training. The business processes and data processing are subject to regular inspections as well as internal and external audits. Data processing is monitored for possible incidents, and corrective measures are taken immediately in the event of an incident. We actively monitor legislative developments.
Through Helvetia’s Data Protection Unit and its Data Protection Officer, reports are submitted to Group management on an annual basis or, where necessary, on an ad hoc basis, within the framework of a clear management structure. As part of this process, the local data protection officers within the Helvetia Baloise Group are consulted. A similar data protection management system and a similar reporting system have been established at country level within the Helvetia Baloise Group. This ensures governance throughout the Helvetia Baloise Group. Through these measures, Group management and the respective executive committees ensure ongoing monitoring of data protection compliance, thereby facilitating continuous improvement and further development in the handling of personal data.
The following companies are responsible for data processing as part of their services:
Additional data controllers include the following foundations of Helvetia Swiss Insurance Company Ltd, of which it is the managing director:
Data subjects who are domiciled in the Principality of Liechtenstein can also contact our Data Protection Officer in accordance with Article 27 GDPR if they have any questions:
(collectively referred to as “Helvetia” or “we”)
Specific privacy policies may contain information about third parties with whom Helvetia works and who may themselves be controllers for data processing. Data subjects may contact these third parties directly if they have any questions regarding the exercise of rights. A list of recipients to whom data is transferred for the purposes of order processing, or who may themselves be data controllers responsible for processing personal data, can be found in the section “Special Privacy Policy”.
This Privacy Policy is based on the requirements of the Swiss Federal Act on Data Protection (“FADP”), the implementing ordinance (“DPO”), and, where applicable, the European Union’s General Data Protection Regulation (“GDPR”) and the United Kingdom’s General Data Protection Regulation (“UK GDPR”) (collectively referred to as “applicable data protection law”). Whether and to what extent these laws and other specific data protection statutory provisions apply depends on the circumstances of each individual case.
Helvetia may process your personal data in accordance with applicable data protection law.
“Processing” means any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification (including pseudonymisation and anonymisation), disclosure, archiving, erasure or destruction of data.
The processing must not unlawfully infringe the personality rights of data subjects, and any processing may be based on the following legal basis under data protection law:
In order to optimise the discharge of business processes and the conclusion of contracts, or the processing of contracts and the provision of services, Helvetia or any parties engaged by Helvetia may collect relevant personal data from third parties if this is necessary. Based on the transmission of the insurance application or notification of a claim, the third parties are expressly released from their duty of confidentiality vis-à-vis Helvetia and the appointees engaged by us. Further details can be found in the relevant Helvetia “Privacy Policy” under the section “Special Privacy Policy”.
In addition to obtaining relevant information, the processing of the contract conclusion or the provision of services may entail a need to transfer personal data to third parties involved in the contract (such as reinsurers, agents, service providers, authorities, etc.). In addition, Helvetia places these third parties under an obligation to handle the data appropriately depending on the sensitivity of the data and other circumstances. The data may be passed on to recipients in Switzerland and abroad if the circumstances of the data processing so require. For further details, please refer to Helvetia’s “List of recipients and countries”.
Profiling refers to any kind of automated processing of personal data comprising the analysis of specific personal aspects, such as economic situation, health, interests, reliability, behaviour or relocation. Through profiling, Helvetia can analyse certain personal characteristics (interests and preferences) of data subjects so that it can provide personalised advertising or offers, but also identify risks of fraud and security breaches, and assess risks in connection with contracts. The use of data analysis processes also enables Helvetia to compile statistical information. Should a fully automated individual decision be made that has legal effects or significantly affects the data subject, Helvetia will inform the data subject accordingly, and the data subject will have the opportunity to contact Helvetia so that such decisions can be reviewed by a human being. Any fully-automated decisions are, however, always based on rules for weighing the information as laid down by Helvetia in advance. Further details can be found in the relevant Helvetia “Privacy Policy” under the section “Special Privacy Policy”.
When processing personal data, we take appropriate technical and organisational measures to prevent unauthorised access and other instances of unauthorised processing. These measures are based on international standards and are regularly reviewed and adjusted if necessary.
The internet is a global open network. We recommend that you also take adequate security measures on your device.
Helvetia processes personal data for as long as is necessary to fulfil the purposes of processing, to comply with statutory retention periods, to safeguard legitimate interests (such as for documentation purposes and as evidence), or for as long as claims can be brought against Helvetia companies.
The storage period is generally determined by statutory or contractual retention obligations (e.g. retention obligations under commercial and tax law, limitation periods). Once these time limits have expired, the relevant data will be routinely erased or anonymised, provided that it is no longer required for the performance or initiation of a contract and/or Helvetia has no legitimate interest in retaining it.
Insurance Business Privacy Policy
Certain offers can be accessed via the Helvetia customer portal / Baloise customer portal. In order to complete the registration and log-on process and to ensure operation of the customer portal, Helvetia processes the following data, for example: title (Ms or Mr), first name, surname, telephone number, email address, password for portal access and IP address. Helvetia customer portal users can themselves change the customer data created in connection with the customer portal at any time. Behaviour on Helvetia websites can be compared with data from the Helvetia customer portal (e.g. age group, region the user lives in, and gender) in order to offer customer-specific products. Automated decisions are not taken in specific individual cases.
Helvetia offers a pension situation analysis through its business partner and service provider vlot AG. The pension situation analysis will be generated online. Users will be guided through the various steps and receive an overview with information. The analysis is designed to determine the size of the gap in pension provision and check whether any gaps in pension provision would arise for dependants in the event of the policyholder’s death or disability and whether income from pillar 1 (AHV) and pillar 2 (pension fund) would be enough to maintain one’s accustomed standard of living after taking retirement. In addition, the amount of savings, the costs of hedging and the affordability of the mortgage for homeowners can be estimated.
To that purpose, users will be asked for details about their pension fund benefits, existing life insurance policies and pillar 3 savings accounts, the estimated value of their property and the amount of any mortgage, as well as other assets and additional savings accounts. If the relevant documents are unavailable or a mere estimate is sufficient, the average or minimal values can be applied or certain steps can be skipped.
Users are aware that certain information they disclose via the software constitutes sensitive personal data. vlot AG collects, stores and processes this data for the purposes described above, to improve the software, and in the context of academic collaborations.
Data is transmitted from vlot AG to Helvetia only with the user’s consent and in connection with the pension situation analysis and the subsequent advice about or providing quotes for Helvetia products.
Communication by email is based on your consent.
Email communications may be used to send contract-related documents and notices, which may also contain sensitive personal data (in particular health data).
By giving your consent, you confirm that you are aware of the following risks:
Helvetia implements adequate technical and organisational security measures. However, complete confidentiality cannot be guaranteed when sending emails over the internet.
All emails from Helvetia relating to insurance contain:
1. always “Helvetia” in the subject line
2. a contract reference (e.g. policy number)
3. a standard disclaimer in the footer
These measures are designed to keep you safe and help you spot fraudulent emails (phishing).
You may withdraw your consent to receive emails at any time without notice:
(Suggested subject line: “Withdrawal of email authorisation – Contract [Your policy number]”
The withdrawal of consent takes effect as soon as we receive it. Processing may take 1–2 business days.
Consequences of withdrawal
If consent is withdrawn, it is possible that we will no longer be able to properly fulfil the insurance policy.
This Privacy Policy applies to the processing of your data in connection with the provision of occupational pensions by Helvetia Group Foundation for Employee Pensions, Helvetia Prisma Group Foundation for Employee Pensions, Helvetia LOB Invest Group Foundation for Employee Pensions, Servisa Collective Foundation, Servisa Supra Collective Foundation, Swisscanto Vested Benefits Foundation of the Cantonal Banks, as well as Baloise Collective Foundation BVG, Baloise Collective Foundation Supplementary Pension Provision and Baloise Perspectiva Collective Foundation BVG (hereinafter collectively referred to as “Helvetia” or “we”).
We process your personal data or the personal data of other persons insofar as this is necessary for the conclusion or servicing of these contractual relationships.
We process your data for the purpose of administering occupational benefit schemes and maintaining of the benefit coverage to the extent of the tasks entrusted to us.
This Privacy Policy is drawn up in accordance with the requirements of the Swiss Federal Act on Data Protection (“FADP”) and, where applicable, the European Union’s General Data Protection Regulation (“GDPR”). In the context of compulsory and non-compulsory pension provision, the specific data protection provisions of the Federal Act on Occupational Retirement, Survivors’ and Disability Pension Plans (OPA) apply. The legal basis is provided by Article 85 et seqq. of the OPA. With regard to the scope of application of the Federal Act on Vesting in Occupational Retirement, Survivors’ and Disability Pension Plans (VBA), Article 25 VBA and the relevant ordinances apply. The provisions of the FADP are supplementary and applicable to non-compulsory pension provision.
All persons involved in the administration, control or supervision of occupational pension schemes are subject to a duty of secrecy towards third parties in accordance with Article 86 OPA and Article 62 FADP.
Health data is treated as strictly confidential and can only be accessed by a limited group of employees (e.g. specially trained employees in the claims department, medical doctors involved in the case).
“Processing” means any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification (including pseudonymisation and anonymisation), disclosure, archiving, erasure or destruction of data. In such cases, the processing must not unlawfully infringe upon the rights of the data subjects; alternatively, processing may be based on various legal grounds under data protection law, as mentioned above under “General Privacy Policy / Legal basis for the processing of personal data”.
The personal data processed by us includes data that has been provided by data subjects, collected from them, or is publicly accessible. Data categories are:
Contract details
Master data
Beneficiaries’ details (e.g. surname, first name, address, place of residence, AHV number, pension calculations, advance withdrawals – for example, for residential property or as part of a divorce – and information regarding capacity for work)
Employment details: Start and end dates, degree of employment, payroll total, breaks from work and type
Amendments: Changes in salary or benefits, divorce, purchases, advance withdrawals to finance home ownership
Claims to pension benefits: Notification of the occurrence of a claim to pension benefits, reason (e.g. old age, death, disability), date of the event, details regarding capacity for work, assessment of the claim to pension benefits
Other benefit cases: Withdrawal, divorce, advance withdrawal to finance home ownership
Family situation: Marital status, beneficiaries
Previous pensions: Details of the previous pension or portable benefits institution
Banking, financial and asset-related data
Claims data
Health data: in particular, information on the state of health, previous accidents or illnesses, and details provided by the medical doctors involved during health examinations carried out upon enrolment in the pension fund or when assessing risk benefits (e.g. disability), insofar as this is necessary for the administration of the insurance relationship.
Registration data
Technical data
Behavioural and preference data
Security, warranty and compliance data
Other data (e.g. powers of attorney, official certificates, etc.)
This category includes any data derived from the above.
Where no express written consent is required by law and the disclosure of data is permitted, personal data may be disclosed, in the context of occupational pension provision, in particular to the following recipients:
Employers (e.g. for payslips, change notifications)
Pensions and portable benefits institutions (e.g. previous or new pension funds)
Social security institutions (e.g. AHV, IV, accident insurer)
Co-insurers and reinsurers
Public authorities (e.g. supervisory authorities, tax authorities, courts)
Brokers
The disclosure and sharing of your data with third parties is governed by the provisions of the OPA. A detailed list of recipients can be found in the separate “List of recipients and countries”.
Certain services can be accessed via BVGonline. In order to complete the registration and log-on process and to ensure operation of the portal, we process the following data, for example: title (Ms or Mr), first name, surname, date of birth, telephone number, email address, language, password for portal access and IP address. Users of the Helvetia BVGonline portal can update their personal data themselves at any time.
User behaviour on Helvetia’s websites can be cross-referenced with data from the Helvetia BVGonline portal (e.g. age group, region of residence and sex) in order to offer customer-specific products. Automated decisions are not taken in specific individual cases.
Helvetia Alumni Network: As part of the Alumni Network, Helvetia processes personal data to maintain relationships with former employees and to promote exchange and networking among alumni. This includes sending newsletters, invitations to events, as well as providing information on continuing education and career opportunities. The personal data processed includes your name, your private email address, your date of birth, your gender, your former positions, your level at Helvetia, as well as your date of joining and date of leaving the company.
Data retention and withdrawal of consent: Personal data is deleted or blocked as soon as the purpose for storing it no longer applies. The Alumni user profile will generally only be deleted a) in the event of death or b) if consent to registration and newsletter is withdrawn. You can withdraw your consent at any time in the Alumni Portal under “Profile / Login Data.”
The MoneyPark Cockpit is a digital platform provided by MoneyPark AG that allows users to enter information about their real estate. Among other things, the platform offers features for real estate valuation, an overview of financing options, administration and preparation for a potential sale. Further information on data protection at MoneyPark AG can be found here (https://b2b.moneypark.ch/datenschutz/). In addition, you can use the Cockpit to book consultancy appointments. The advisory services are provided by Helvetia.
Once you have registered, your usage of the MoneyPark Cockpit and the website will be tracked and analysed using a cookie in order to provide you with personalised services. To facilitate the registration and login process, as well as the operation of the MoneyPark Cockpit, we process the following data: first name, surname, mobile phone number, email address, password for accessing the MoneyPark Cockpit and IP address. In addition, address data, real estate data or financial data may be needed for individual functions. Users of the MoneyPark Cockpit can edit the data they have entered with Helvetia at any time and reuse it across various services on the portal. The MoneyPark Cockpit is operated by service providers and business partners contracted to Helvetia, to whom data from the registration process and from the MoneyPark Cockpit is passed on in anonymised form and by whom it is analysed. This enables Helvetia to provide the promised services with their support and expertise, to maintain related services, and to improve algorithms through the use of anonymised data enrichment. The retention period for the data is based on the purpose and is limited to what is absolutely necessary. Data will be erased after a period of inactivity (5 years).
The personal data processed by Helvetia comprises data which it has received directly from its shareholders or their representatives, from employees, former employees or which is provided by the custodian bank.
Categories of personal data
Identification data (e.g. name, date of birth)
Contact details (e.g. private address, email, telephone number)
Business-related personal data (e.g. number of shares, name of the custodian bank, participation at Annual General Meeting)
Purposes of data processing
Fulfilment of legal obligations (e.g. keeping the share register, organising and holding annual general meetings and making dividend payments, providing semi-annual and annual reports, providing custody account statements)
Statistical purposes (e.g. evaluations and visualisations)
Helvetia processes the above-mentioned personal data for the following purposes:
In order to optimise the discharge of business processes and the conclusion of contracts, or the processing of contracts and the provision of services, Helvetia or any parties engaged by Helvetia may collect relevant personal data from third parties (e.g. information centres, data providers, address brokers, reference providers) if this is necessary. The following data categories may be collected in the process:
Data may be passed on to recipients in Switzerland and abroad. For further details, please refer to Helvetia’s “List of recipients and countries”.
In connection with building security, we process the following personal data:
Other signposted areas
The right to request information as to whether and which data Helvetia processes and to receive a copy of this personal data.
The right to have inaccurate data rectified.
The right to request the erasure of personal data if Helvetia is no longer obliged or entitled to retain such personal data under the applicable laws and regulations.
The right to object to the processing of personal data at any time with effect for the future, unless the data processing is absolutely necessary for the performance of the contract and/or Helvetia is obliged or entitled to process the data under the applicable laws and regulations.
The right to object to the processing of personal data, in particular insofar as processing is based on legitimate interests or where data is processed for the purposes of direct marketing, and the right to withdraw consent insofar as data processing is based on consent.
The right to request that Helvetia provide you, or another controller, with the personal data you have provided to Helvetia in a commonly used electronic format for delivery, provided that the processing is carried out by automated means or is based on consent.
The right of the data subjects to express their point of view in the case of exclusively automated decisions and to request that the decision be reviewed by a natural person.
Data subjects have the option of first lodging a complaint with Helvetia’s Data Protection Unit or directly with the relevant data protection supervisory authority if they are dissatisfied with the way Helvetia has handled their rights.
If data subjects wish to exercise the above rights, they may do so by contacting the relevant data controller. For central points of contact, please refer to section “Contact details for data protection concerns”.
Data subjects also have these rights vis-à-vis other independent data controllers that cooperate with Helvetia – data subjects are requested to contact them directly if they wish to exercise rights in connection with data processing carried out by such data controllers. For details regarding Helvetia’s main cooperation partners and services providers, please refer to the “List of recipients and countries”.
Data subjects must be aware that conditions, exceptions and restrictions apply in relation to these rights under the applicable data protection legislation. In particular, Helvetia may need to process and store personal data in order to fulfil a contract, to protect its own legitimate interests, such as the assertion, exercise or defence of legal claims, or to comply with legal obligations. To the extent permitted by law, in particular to protect the rights and freedoms of other data subjects and to safeguard legitimate interests, Helvetia may also reject a data subject request in whole or in part (e.g. by redacting certain content relating to third parties or business secrets). Helvetia will notify data subjects separately in such cases.
“Helvetia as the data controller” is responsible for the websites and online services as well as other the offers that are clearly recognisable as belonging to Helvetia, unless stated otherwise. In other cases, specific privacy policies (e.g. for mobile apps from companies affiliated with Helvetia that are not explicitly listed on the web page as controllers) may take precedence over the general Privacy Policy set out below and may identify different controllers.
Helvetia processes personal data in accordance with the applicable data protection laws. Further details regarding the legal basis can be found in the general Privacy Policy.
The terms used in this Privacy Policy (e.g. “personal data”, “sensitive personal data”, “processing”) are explained in detail in the introductory section of the Privacy Policy.
Helvetia’s websites and online services may contain links to the websites and online services of other providers (e.g. in the form of social plugins) to which this Privacy Policy does not apply. The respective privacy policies of the other providers apply.
Data subjects can visit Helvetia’s websites anonymously; metadata such as browser, device type, duration of interaction, type of interaction, Helvetia websites visited or IP address is collected when they do. This metadata may be merged with other data held by Helvetia (e.g. on newsletter subscribers or mailing lists). Service providers contractually bound to Helvetia and other third parties in Switzerland or abroad are used to process the data received. For further information on this, please refer to the “List of recipients and countries” and the “Cookie settings”. Individual cookie settings can also be configured there, in addition to preferred browser settings.
Personal data is processed if it is provided when using online services (e.g. through a contact form, a request for a quote, a premium calculator, a direct online conclusion, a claim notification, live chats, a competition, etc.).
If you provide Helvetia with data relating to third parties (e.g. family members, co-insured persons), we assume that you are authorised to do so and that the data is accurate. Please inform these third parties about the processing of their data by Helvetia and provide them with a copy of this Privacy Policy. If we inform you of a new version of these documents, please also pass on these new versions in each case.
Data exchanged over the Internet is often transmitted via third countries. Website content can be transmitted via servers around the world in order to optimise the performance and security of the websites. Data may therefore be transferred abroad even if the sender and recipient are located in the same country.
Data transmitted to Helvetia via the Helvetia websites are transferred in an encrypted format. However, Helvetia will not be held liable for any damage suffered due to loss or manipulation of data. Visitors to the websites must ensure that their own systems are secured at all times by an appropriate means of protection (e.g. anti-virus software) and that their own systems and browsers are up to date.
In the operation of the website and online services, Helvetia engages service providers under contract and other third parties, both in Switzerland and abroad. For further information on this, please refer to the “List of recipients and countries”.
We would like to remind you that the Internet is an open, global network that is accessible to everyone. Communication via email is not usually encrypted and takes place only during regular office hours. It is possible that data may be lost or intercepted and/or manipulated by third parties, for example, to make it appear authentic. We take technical and organisational security measures to prevent the risk within our systems. Nevertheless, the confidentiality of data transmitted by email cannot be guaranteed. This applies, in particular, to the transmission of sensitive personal data (such as health data). Emails may be delayed, deleted, misrouted or shortened during transmission due to transmission errors, technical defects or other malfunctions. External access devices (PC, smartphone, etc. of end users) and parts of the infrastructure involved in the transmission between the sender and us are located outside the security area under our control. It is the responsibility of each Internet user to find out about the necessary security precautions and to take appropriate measures (e.g. up-to-date anti-virus software, etc.). We are not liable for any damage or consequences arising from the electronic exchange of information, particularly from the misuse of the email system, for which we were not at fault. We reserve the right to claim compensation from you for any intentional damage we may suffer as a result of our business dealings with you via the electronic exchange of information. We reserve the right in individual cases not to reply by email or to additionally require a different form (e.g. a form with a signature) for the order or information received by email.
Special privacy policies apply to private pension provision insurance policies. For further information, see Special Privacy Policy – Insurance – Email communication regarding private pension provision.
Terms of use
The digital assistant Clara (hereinafter “Clara”) is an AI-powered, latest-generation chatbot that uses large language models (LLMs). LLMs are learning models that are trained using large volumes of text data. They use statistical models to analyse large amounts of data and identify patterns and connections between words and phrases. As an AI chatbot, Clara uses generative AI to respond to questions and answers. Clara provides both predefined, standardised responses and responses generated using LLM technology.
The information provided by Clara may be incorrect. Clara’s answers are therefore not legally binding, and there is no guarantee or liability concerning the accuracy, completeness or timeliness of the information provided. Helvetia refuses any liability in this context. To ensure that your questions are answered correctly, Helvetia still recommends that you use alternative contact options or seek individual advice. Helvetia makes great efforts to optimise response quality. Clara’s answers can also be rated in the chat in order to improve the quality.
Clara’s knowledge relates exclusively to Helvetia’s information, products and services. If chats with Clara produce inadequate answers, these are not legally binding and do not reflect the stance of Helvetia.
Actions that violate any applicable legal provisions, in particular defamatory offences, violations of personality rights or the rights of third parties due to an improper use of Clara, are not permitted. Violations of these rules can be punished under civil or criminal law.
Clara is protected by intellectual property rights, including copyright. Copying, modifying or disseminating the chatbot is not permitted without the express approval of the rights holder.
As part of the chats, Clara can also record or process some customer concerns directly, e.g. a claim notification, a contact request or the updating of contact details. For these self-service options, Clara may require some personal or contractual information. In general, you can use the chat without entering any personal data. Personal data should only be provided if Clara expressly asks for it. In other cases, no personal data is required.
Helvetia reserves the right to refuse insurance benefits if incorrect details are provided. If you make a mistake or a typo in the chat, you should therefore call Helvetia’s service line on +41 58 280 1000 immediately.
Clara is multilingual. The AI-generated text in the chat is translated using machine translation only. Please note that these translations have not been checked by Helvetia’s Language Service.
You can opt to use the live chat function to contact our employees directly to discuss a specific matter. In these cases, we process the data provided to us in the chat (e.g. name, address, email address) for the stated purposes.
Privacy Policy
The digital assistant Clara uses various large language models (LLMs). Clara’s chat service is based on OpenAI’s LLM technology and is accessed via the cloud partner Microsoft Azure. Helvetia’s sole contracting partner is Microsoft. Our contracting party undertakes to guarantee data protection by taking contractual, technical and organisational measures. Helvetia collects only the data required to provide the chatbot service.
The LLM model ChatGPT can capture and process personal data such as names, addresses, telephone numbers and email addresses if you submit these in the chat. However, Helvetia does not systematically collect or store this personal data. If you nevertheless enter personal data, we will not process them in a way that can be traced back to you as an individual.
Customers can report or deal with some concerns directly in the chat with Clara, e.g. a claim notification, a contact request or the updating of contact details. If personal data is entered in the chat for these self-service options, Helvetia will use it only for the purpose for which the data was provided.
Not all chat interactions run on AI or LLM technology. In these cases too, Helvetia uses personal data entered in the chat only for the purpose for which the data was provided. This data processing takes place outside of the LLMs.
The data entered is stored in Switzerland, although it may also be accessed from within the EU for contractual purposes. Personal data is stored in the chat for six months. Neither the dialogues processed nor the personal data collected will be passed on to third parties unless there is a statutory or contractual obligation to do so.
Helvetia employees perform random checks on the Clara’s responses to improve the chat function.
Helvetia does not use cookies to track the interaction with Clara. Helvetia uses Friendlycaptcha to check whether the entries are actually made by a user or by machine or automated programs (so-called “bots”).
Helvetia uses AI technology to improve its services. If you are not happy with information from Clara or if you have other questions, please contact conversational@helvetia.ch.
Clara Voice, Helvetia's digital voice assistant
Clara Voice handles enquiries received by telephone, processes them and, where necessary, forwards them to the appropriate department.
Purposes of data processing
Categories of personal data
Helvetia recommends sharing sensitive information, where possible, only with a human employee or via the secure channels (e.g. myHelvetia).
Technology and data processing on behalf of Helvetia
Clara Voice converts the caller's spoken statements into text using speech-to-text technology. The resulting text is then processed using generative artificial intelligence. The processing is carried out by the service provider Parloa GmbH, which is bound to Helvetia by contract.
Retention period
Personal data from Clara Voice interactions, including voice recordings and transcripts, is deleted no later than 30 days after the call. Where data is transferred to Helvetia's regular business systems in connection with a specific business transaction (e.g. claim notification, contract amendment), the relevant contractual and statutory retention periods apply to such data. Anonymised data that no longer permits any inference about individual persons may be retained and analysed beyond this period for quality assurance, AI evaluation and the further development of the voice assistant.
No solely automated individual decisions Clara Voice does not take any solely automated decisions that produce legal effects concerning the caller or similarly significantly affect them. Enquiries requiring a substantive decision are forwarded to human employees.
Accuracy and liability As with any AI-based solution, individual cases may give rise to inaccurate recognition or responses. Answers provided by Clara Voice are not legally binding and do not replace individual advice. Helvetia gives no warranty as to the accuracy, completeness or timeliness of the information provided by Clara Voice.
If visitors of websites contact Helvetia using the online contact form, the data entered into this form is transmitted to Helvetia in an encrypted format in accordance with internationally recognised security standards in order to protect it from being misused by third-parties. The data used can be seen from the information on the form.
As part of the submission process, your consent to the processing of the data is obtained and reference is made to this Privacy Policy. You can withdraw your consent at any time with effect for the future. For this purpose, please contact the responsible offices.
The data will not be passed on to unauthorised third parties unless consent has been expressly given for such parties. The retention period for the data is based on the purpose and is limited to what is absolutely necessary. Data is erased within the corresponding time period.
You have the option of sending us a private message via WhatsApp or, in certain cases, setting WhatsApp as your preferred communication channel (e.g. for arranging consultations). Please note that we do not send you certain pieces of information via the same communication provider; we choose other communication channels for this purpose.
When contact is made via external communication providers, data from the communication in question may be collected and used by these providers. We have no influence on data processing by these providers. Further information about this is available in WhatsApp’s Privacy Policy at https://www.whatsapp.com/legal.
With co-browsing the user shares the content of their browser window with a customer support officer to enable them to provide the required advice. In order to use the service the user must first be connected by telephone with a customer support officer. The customer support officer will provide a personal ID to establish the connection, which must be entered in the co-browsing window. After clicking on “accept & start”, the browser content will be shared with the staff member with whom the customer is connected by telephone. The customer support officer has read-only rights, i.e. they can see and read the content of the browser window. If this content includes sensitive information (e.g. details of exclusions of cover or risk surcharges on account of illness), these will be shown to the person in the browser window too while the information is being displayed. By clicking on “accept & start”, Helvetia assumes that the user has consented to this information being shared during the co-browsing session. The data communication takes place exclusively in encrypted form. A status bar at the top of the window can be used to determine whether browser content is still being shared. The “cancel” button can be used to stop sharing at any time. The shared screen content is not recorded or saved beyond the duration of the co-browsing session. For statistical purposes, the topic (e.g. type of malfunction or assistance), time and duration of the communication are saved. Your data will not be shared with any third parties. Co-browsing requires a session cookie to be placed on your computer.
For acquisition purposes, Helvetia provides information about Helvetia products and services to individuals within Switzerland who have been referred to Helvetia. For this purpose, Helvetia customers can refer their friends, acquaintances or family members via the corresponding chatbot service as part of the “Recommend Helvetia” initiative. Following a referral they will be notified of the recommendation and the name of the person who recommended them. The recommendation and acceptance of the recommendation is voluntary. In the event of a successful recommendation, Helvetia customers are rewarded with a gift. Personal data such as first name, surname, postcode, email address, telephone number and date of birth is required for purposes of direct contact and the targeted offer of a consultation. The data will not be disclosed to third parties. The persons referred can unsubscribe from the referral programme at the beginning or at any later time via the opt-out link in the welcome email or later when the Helvetia employee contacts them. As a result, the data will no longer be processed by Helvetia and the recorded data will be erased within the corresponding period. The storage duration of the data is based on the purpose of acquisition and referral initiative and is limited to the necessary minimum.
Helvetia processes data from customer surveys on products and services for purposes of market research, to improve Helvetia’s services and operations and product development. Participation in customer surveys is voluntary and is carried out anonymously, unless indicated otherwise or expressly stated. Personal data is required if, for example, Helvetia is asked to get in touch in response to a particular praise or criticism. Within Helvetia’s dialogue panel, customers can gain access to an access-restricted portal. An email address is required for registration. Additional personal profile information is used to more accurately assign and evaluate participants in the expert panel and the survey information they provide. Customer surveys can be conducted online, on-site, by email or by telephone. Participation in customer surveys or the expert panel via the portal can be withdrawn at any time with effect for the future. This involves the deletion of the profile and related data within the corresponding period. Moreover, the storage duration of the data depends on the purpose and is limited to the necessary minimum.
When downloading mobile apps, certain personal data required for this purpose is transmitted to the relevant app store (e.g. Apple’s App Store or Google Play). In particular, the email address, user name, customer number of the downloading account, individual device identification number, payment information and the time of the download are transmitted to the app store during the download.
Helvetia has no influence on the collection and processing of this data, as it is carried out exclusively by the app store you have selected. Accordingly, Helvetia is not responsible for this collection and processing; responsibility for this lies solely with the app store. For more information, please refer to the applicable terms and conditions of Apple’s App Store or Google Play.
The advantages of mobile apps can only be provided if personal data required for app operation is collected during use. Helvetia only collects this data if this is necessary for the fulfilment of the contract between you and Helvetia. Push notifications are only sent if a corresponding device setting is activated. The receipt of push notifications can only be deactivated by the device owner in the device settings.
We may use your data to occasionally inform you about new products or services or other services of interest to you from us and our business partners.
If you do not wish your data to be processed for marketing purposes, you can inform us of this or refuse or withdraw your consent to be contacted for advertising purposes (see cContact detail for data protection concerns).
Newsletters are used to provide interested parties and customers with up-to-date information about Helvetia’s products and services and, where applicable, its cooperation partners. In addition, newsletters provide information about current developments and other useful information.
Your consent is required to subscribe to the newsletter. You give us this consent by subscribing to the newsletter, with which you also acknowledge our Privacy Policy.
When you register for the Helvetia newsletter, your contact details (title, last name, first name and email address) are transmitted to us from the data entry screen. In addition, the pseudonymised IP address of the device used to access the site, as well as the date and time of the visit, are collected.
To ensure the security of your data, we use the so-called double opt-in method. This means that after you have provided your email address and subscribed to the newsletter, we will send you an email with a confirmation link to the email address you have provided. Only when you click on this link will you receive our newsletter in future.
When the newsletter is sent, anonymised link tracking is performed for statistical purposes. This data is not passed on to third parties for any other purpose in connection with sending the newsletter, except if you enter a competition or where this is explicitly mentioned.
You can withdraw your consent at any time with future effect by clicking on the relevant link at the end of each newsletter sent to you.
In order to provide advice on Helvetia services, Helvetia can establish a connection between the insurance adviser and the prospective customer via live chat or video. This enables Helvetia to provide you with flexible advice, without having to visit you at home. Prospective customers are informed about any recording at the start of the live chat or video call. When using the corresponding applications, data is processed in a pseudonymised form for optimisation purposes. Cookies are used for this purpose. The data collected during the live chat is not used to personally identify the user of the website, unless users voluntarily provide personal data to Helvetia while using the live chat. The retention period for the data is based on the purpose and is limited to what is absolutely necessary. Data is erased within the corresponding time period.
Helvetia uses the technological services of third-party providers to stage webinars, brownbags and other online live events. When participating in online events, the names and email addresses of the participants, as provided during registration, enrolment or upon joining, are usually communicated to third-party providers for the purposes of technical implementation of the event. As a rule, the data is hosted in Switzerland. It cannot be ruled out that this data will be stored outside Switzerland, is subject to other legal systems and/or will be passed on to other third parties by the third-party providers. The respective privacy policy of the service provider(s) applies. Helvetia itself does not pass on any other customer information in connection with the staging of events and the use of third-party providers. When registering for events, Helvetia will usually ask for details of the persons participating. This may involve information about persons other than those completing the registration. By completing the registration, Helvetia places the person registering under an obligation to inform all persons registered by name about Helvetia’s Privacy Policy, and by completing the registration Helvetia assumes that the persons registered by name have been sufficiently informed about data processing by Helvetia. All data entered is used solely in connection with the organisation and staging of the event and is erased within a reasonable and/or the statutory period. Data may be passed on to third parties if, for example, lists of names have to be disclosed for the organisation of events. For further details, please refer to Helvetia’s “List of recipients and countries”. The disclosure is usually evident from the circumstances of the registration (e.g. registration for a trip, hotel or restaurant stay), otherwise Helvetia reserves the right to provide separate information in the registration mask. The retention period for the data is based on the purpose and is limited to what is absolutely necessary. Data is erased within the corresponding time period.
Helvetia can be contacted via social media.
Social media platforms generally require users to either create a registered profile or provide an email address and/or mobile phone number. However, as there is no general obligation to create profiles with real names, Helvetia reserves the right, in certain circumstances and if necessary, to correctly identify persons who have made contact before the conversation begins. It is therefore not possible to guarantee that Helvetia can be contacted anonymously via social media.
As the various messaging services offered by social media providers generally do not feature end-to-end encryption for communications, or this is not always enabled by default, Helvetia recommends conducting sensitive communications via traditional channels and, where necessary, switching to these instead. Helvetia cannot guarantee the confidentiality of communications via social media and accepts no liability in this regard.
According to the information from the social media providers, messages can be scanned automatically for keywords by a software program in order to discover or prevent possible criminal acts; they can also be checked by employees of the social media providers after report of a suspected breach of the conditions of use of the social media provider(s). Suspicious activity reports may also be issued for encrypted messages. There is also the possibility that intelligence services can filter interactions or message trails. Social media providers usually state in their privacy policies that “content, communications and other information” may be captured. This also includes exchanging messages and communicating with others. Social media providers state that they use this information inter alia in order to select adverts that are geared to users’ interests. Even if encryption is activated in a direct conversation, metadata is generated that can also be used for the purpose of personalisation by social media providers (e.g. when, how often and how long people chat). Helvetia has no influence on this.
By contacting Helvetia via social media platforms, prospective customers or existing customers agree that Helvetia may interact with them via the chosen channel.
We use social media plug-ins on our website. You can generally recognise the plug-ins by the logos of the respective social media.
When you visit such a platform, your browser establishes a direct connection with the servers of the corresponding social network. If you are logged into your respective social media user account (e.g. LinkedIn) at the same time, the relevant provider can assign your visit to our web pages to your user account. Even if you do not have a user account with the respective social media portal or are not logged in there, it is possible that your IP address will be transmitted and stored there.
We use the Facebook business tools Facebook Pixel and Facebook Retargeting on our website. These business tools are operated by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, (hereinafter “Facebook”), a subsidiary of Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, (hereinafter referred to as “Facebook”).
Facebook Pixel is a tracking cookie. It is set on all pages of our websites. This allows us to track your behaviour when you visit one of our websites. In addition, interest-based advertisements can be displayed and user profiles (profiling) or target groups can be created (Facebook Retargeting). If you do not want your personal data to be used by Facebook Retargeting and you have a user account with Facebook, you can deactivate this function here.
When you visit our websites, a direct connection is established between your browser and the Facebook server via the retargeting tags. The Facebook server is informed which of our websites you have visited. Facebook associates this information with your personal Facebook user account. If you do not want Facebook to assign the collected information directly to your Facebook user account, you can deactivate the “Custom Audiences” retargeting function here. You must be logged into Facebook to do this.
Using Facebook Event, we can track actions you take on our websites (so-called customer journey). In this case, Facebook Pixel is triggered and the action is recorded as an event. Information that is created when you interact with Facebook via the Facebook log-in, social plug-ins or in any other way (e.g. tagging a Facebook post with “Like”) is not collected. We engage Facebook to process the event information collected for campaign reporting and analytics as well as to create custom audiences so that we can track the impact of advertising campaigns and gain insights into how our website is used.
The legal basis for the processing of your personal data by Facebook Pixel is your consent. You can withdraw your consent at any time by clicking on the “Show details” button in our cookie policy. Facebook is independently responsible for any processing of personal data contained in Facebook Pixel that goes beyond this and does not serve the aforementioned purposes.
The Facebook Conversion API is a data interface through which we send data about your behaviour on our website to Facebook for analysis. This allows us to show you advertisements that match your user behaviour on our website. We use the following data in connection with the Conversions API tool:
IP address
User agent
Web page activity
For more information on the collection and use of data by Facebook, as well as your rights in this regard and the options for protecting your privacy, please refer to Facebook’s Privacy Policy.
TikTok Pixel (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and TikTok Information Technologies UK Limited, WeWork, 125 Kingsway, London, WC2B 6NH, United Kingdom) is integrated on our web pages. TikTok Pixel is a snippet of JavaScript code that allows us to understand and track visitors’ activity on our websites. We can use the information obtained in this way for the display of TikTok ads as well as for additional targeting measures.
Further information on this can be found in TikTok’s Privacy Policy.
YouTube is integrated into our websites. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “YouTube”).
YouTube offers free video clips that users can watch, rate and comment on. They also have the option of uploading their own video clips. We embed the YouTube video clips directly in our websites.
If you play such embedded video clips while visiting our websites, information about this use is shared with YouTube. Through this transmission, YouTube collects your IP address, as it cannot send content to your browser without your IP address. YouTube may also be able to assign your data to your user account as a result of the collection of your IP address, provided that you are logged in with this account. If you do not wish to be associated with your YouTube user account, you can log out of your YouTube user account before playing the video clips.
Your data will not be automatically forwarded to YouTube if you only visit our website and do not click on an embedded video clip.
The legal basis for processing your personal data is our legitimate interest. We incorporate YouTube content into our web page to provide you with useful information or to facilitate a process for you. No further data processing is involved here.
Further information on the collection and use of your data by YouTube and YouTube’s Privacy Policy can be found on the Google website. You can find information and individual setting options for protecting your privacy on YouTube via Google on your Google user account in the sections “Personal data” and “Data and personalisation”.
For further information, see YouTube’s Privacy Policy.
Our job application pages contain the conversion tracking tag for the job search platform Indeed, operated by Indeed Ireland Operations Limited in Dublin, Ireland. When you apply for a job advertised by us, the conversion tracking pixel establishes a direct connection between your browser and the Indeed server. If you have previously visited a Helvetia job advertisement on Indeed, Indeed receives anonymised information that a visitor has applied in response to the advertisement. No personal information is shared. We can use the information obtained in this way to measure the success and improve our job ads on Indeed.
Further information is available in Indeed’s Privacy Policy. If you do not want data to be collected via the Indeed conversion tracking pixel, you can deactivate this function here.
LinkedIn (LinkedIn Pixel, LinkedIn Retargeting)
We use the LinkedIn business tools LinkedIn Pixel and LinkedIn Retargeting on our website. These business tools are operated by LinkedIn Ireland Unlimited Company, Wilton Place Dublin 2, Ireland.
The LinkedIn Pixel is a tracking cookie. It is set on all pages of our websites. This allows us to track your behaviour when you visit one of our websites. In addition, interest-based advertisements can be displayed and user profiles (profiling) or target groups can be created (LinkedIn Retargeting).
When you visit our websites, a direct connection is established between your browser and the LinkedIn server via the Insights Tags. LinkedIn thereby receives the information that you have visited our website with your IP address. This allows LinkedIn to associate the visit to our website with your user account. We can use the information obtained in this way to measure ad effectiveness and to display LinkedIn ads. If you do not want data to be collected by LinkedIn, you can deactivate this function here.
Further information is available in LinkedIn’s Privacy Policy.
Further privacy policies of social media providers
The privacy policies of social media providers and further information can be found here:
Instagram data protection
WhatsApp data protection
Facebook data protection
LinkedIn Privacy Policy
Twitter Privacy Policy
TikTok Privacy Policy
YouTube Privacy Policy
The Helvetia Service Centre can be contacted by text message for advice on services provided by Helvetia. Third-party service providers are used in order to offer this service. This involves the transmission to the provider of the telephone number provided and the information contained in the text message. The provider uses binding corporate rules and EU standard data protection clauses for any transfer of data to the USA and complies with the current data protection legislation. The data processed for text-message dispatch will be erased 90 days after notification. Text messages are sent via the mobile network of one or more network providers. In most cases, there is no end-to-end encryption and there are no other additional security measures. It is possible that data may be lost or intercepted and/or manipulated by third parties. Helvetia therefore recommends that no sensitive information (e.g. health data) is sent via text messages and accepts no liability for any risks or damage. If Helvetia is contacted via text message, Helvetia assumes that Helvetia may reply via text message. However, certain information cannot be provided via text message. In such cases, it will use traditional communication channels (e.g. the postal service).
Helvetia occasionally records telephone calls for the purposes of preserving evidence, documentation, quality control and training. Before data subjects are connected to an agent, they will always be advised that the telephone conversation may be recorded and be made aware of Helvetia’s Privacy Policy. The retention period for the data is based on the purpose and is limited to what is absolutely necessary. The recordings in connection with the aforementioned purposes are automatically erased within the corresponding period (120 days). For the automated reception and handling of calls, Helvetia additionally uses the digital voice assistant Clara Voice. Further information can be found in the section "Clara Voice, Helvetia's digital voice assistant".
Helvetia uses an automated system for responding to telephone calls. The processing of personal data depends on the circumstances of the call, e.g. data may be processed to make contact by email after the telephone call. Personal data such as name, telephone number, email address or policy number are required for the automated and efficient forwarding and routing of telephone enquiries. Helvetia transfers the data to service providers contractually bound to Helvetia. For further details, please refer to the “List of recipients and countries”. The storage period of the data is limited to the necessary minimum. Data in connection with the call routing will be erased within the corresponding period.
For the purposes of sponsorship, Helvetia requires details of the beneficiary or beneficiaries of the sponsorship; these may be details of persons other than those making the registration. By completing the registration, Helvetia places the person registering under an obligation to inform all persons registered by name about Helvetia’s Privacy Policy, and by completing the registration Helvetia assumes that the persons registered by name have been sufficiently informed about data processing by Helvetia. In the context of raffles and prize draws, personal data may be required in order to administer the allocation of prizes. Helvetia reserves the right to use information about sponsorship, raffles and prize draws for internal or public advertising. In such cases, the persons concerned will be notified separately. All data will be used in connection with the requested sponsorship and erased within a corresponding period.
In order to process enquiries about the protection forest or tree certificate, Helvetia requires details of persons other than those making the payment. In completing the tree certificate order, Helvetia places the applicant under an obligation to inform all persons indicated by name concerning Helvetia’s Privacy Policy, and in completing the order Helvetia will assume that the persons indicated by name have been adequately informed concerning data processing by Helvetia. All data will be used in connection with the tree certificate requested and will be erased within a corresponding period.