Helvetia Privacy Policy

Prior to the conclusion of a contract, we process your data in order to offer you the desired consultation and relevant products as well as to contact you in this regard.

If you apply to us for insurance cover, we also need your information to assess and evaluate the risk to be assumed by us (if necessary also with the assistance of third parties, e.g. companies of the Baloise Group or reinsurers). For the purpose of individualised, targeted risk assessment and evaluation and as a necessary basis for decision-making and calculation in connection with the insurance contract and for the calculation of premiums, we may also carry out automated data processing and create customer profiles.

We also process data in connection with the conclusion of the contract to check creditworthiness and to initiate the customer or supplier relationship. In some cases, this information is checked for compliance with legal requirements.

If the contractual relationship is established, we process your data to implement the contractual relationship, in particular to provide and claim contractual services, to manage the customer relationship, for example to draw up the insurance policy or to issue invoices, and to communicate with you. This also includes consultation and customer support, the enforcement of legal claims arising from contracts (debt collection, court proceedings, etc.) as well as accounting or termination of contracts.

In the event of a claim, we process your data (if necessary with the involvement of third parties, e.g. experts, physicians and other service providers) to assess the amount of the claim and to settle the benefit claim.

In the case of collaboration with other companies, such as within the framework of corporate partnerships or in relation to intermediaries and brokers, we also process master and contract data in particular for the purpose of initiating and processing contracts.

We may use your data to send you advertising about our products and services as well as those of our group companies and cooperation partners (within and outside the insurance sector), for example in the form of newsletters or other regular contacts (by email or post, by telephone or as part of other marketing campaigns such as competitions, events).

In order to make our offers more relevant to your requirements and interests, we personalise some of our communications to allow for an individual approach. Contact may be made in writing, by email or by telephone. To do this, we link data that we process about you – in particular master data, contract data, behavioural data and communication data – and determine preference data as a further basis for personalisation. We can also create interest profiles about you and divide you into advertising groups (without including particularly sensitive personal data such as health data).

In order to provide you with comprehensive advice on insurance, asset management, pension planning and financial matters (e.g. financing, funds and other financial investments), we may process your personal and policy details, as well as the information you provided during the consultation with your insurance adviser.

Processing of your social insurance data (e.g. compulsory accident insurance or occupational pension) for these purposes is only carried out on the basis of your consent in individual cases.

To manage our relationships with customers and third parties, we may also invite you to our customer events and inform you about our products and services before, during or after the event.

You can inform us if you do not wish your data to be processed for the above purposes or if you wish to withdraw your consent in this regard (see contact address in clause 2).

We are committed to continuously developing our products and services to better meet your needs. Therefore, we also sometimes contact you for market research purposes and use the results in anonymised form for addressing various questions within the company. To determine customer satisfaction, we can ask you about your experience with us. We also use your responses to contact you personally, to actively address your concerns and to improve our internal processes.

We also collect, store and process your data for the evaluation, improvement and redevelopment of our products and services. In doing so, we analyse which products are used by which groups of people and which adjustments would be necessary in the future. The results of these analyses are – as far as possible – carried out in pseudonymised or anonymised form.

Data that we require for statistical evaluations and data analyses are aggregated and no longer allow any conclusions to be drawn about your person. The aggregated data is required for the creation of insurance-specific statistics (e.g. for the development of new insurance rates) or for topic-specific evaluations and data analyses (e.g. with respect to road safety or fire protection measures) as well as for sales reporting. We also use the data of all existing contracts – likewise without the possibility of drawing conclusions about you personally – to analyse the entire customer base and for the fulfilment of our insurance contractual obligations, for example for consultation regarding a contract adjustment or contract amendment or for goodwill decisions or the provision of comprehensive information.

To comply with laws and regulatory obligations (e.g. anti-money laundering checks, international tax exchange), we are required to subject your data to further checks (e.g. regarding identity, beneficial ownership of funds or shareholdings in companies, as well as automated comparison with external watchlists) and, in some cases, to share it within the Group and with correspondent banks for the purpose of benefit payments. We may be required to report to authorities or disclose records in certain cases. Personal data about you may be processed in the course of internal and external investigations, for example by law enforcement or supervisory authorities or an appointed private body.

The legal obligations may be subject to Swiss law, but also to foreign regulations to which we are subject.

In order to prevent insurance fraud, we also check claims if there are any suspicions in your interest. To do this, we may process your data for your and our protection against criminal or fraudulent activity. We also use automated data analysis to identify indications of insurance fraud. This includes enquiries in the event of a claim or benefit payment, including with third parties such as co-insurers and social insurers, service providers, public authorities, doctors and experts, as well as searches in the HIS information systems and – in the case of motor vehicle insurance – CarClaims-Info (see clause 8).

We may also process your data for other purposes, for instance, as part of our internal processes and administration. This includes training, educational and administrative purposes (such as the management of master data, accounting, data archiving and the management and ongoing improvement of the IT infrastructure), the protection of our rights (e.g. to enforce claims in and out of court and before authorities in Switzerland and abroad, or to defend ourselves against claims, such as by preserving evidence, legal clarifications and participation in judicial or official proceedings), security purposes (e.g. access controls, monitoring of buildings), statistical purposes and the evaluation and improvement of internal processes.

In the course of preparing, carrying out or finalising mergers, acquisitions, demergers, transfers of assets or similar transactions, we may also sell businesses, parts of operations or companies to other companies, or acquire them from such companies, which may also result in the exchange and processing of your data.

Master data includes, in particular, contact information (e.g. name, address, telephone number and email address), personal details (e.g. date of birth, age, gender, nationality, data from identification documents), other identification data (e.g. AHV number, customer number, UID number and tax identification number) or information about your relationship with us (e.g. partner/customer status, customer history). Account details are also collected, including bank account details (e.g. account numbers) or credit card details.

We receive master data from you yourself or from third parties, for example our policyholders who appoint you as beneficiary or premium payer, our contracting parties, intermediaries, Group companies and from public registers (e.g. the Commercial Register). We also receive data in connection with address changes, as we are involved in an address update network which sends us and the other companies involved in the network updated address data (e.g. the new address after a move).

This is your data collected in connection with the conclusion of a contract or the processing of the contract and claims settlement.

Contract data includes your details from non-binding insurance proposals (offers), applications, contracts and information relating to pre-contractual arrangements, e.g. information from previous advisory consultations and details from other existing (third-party) contracts.

This includes, for example, the type and date of the contract, details of the insured risks and risk factors, the term of the contract, details of previous insurers or other insurance policies, including any previous claims, and details of other contractual relationships relating to insurance contracts (e.g. regarding intermediaries). Depending on the product, we also collect particularly sensitive personal data, for example health data as part of a health examination, if we require this information.

Contract data also includes financial data, i.e. information on income from employment, pensions and investment income, your assets, your creditworthiness (i.e. information that allows conclusions to be drawn about the likelihood of receivables being settled) and your payment history (i.e. information regarding payment demands and debt collection).

Depending on the insurance product, we process additional product-specific details, particularly for the purpose of calculating the insurance premium. This includes:

• in motor vehicle insurance, e.g. registration number, vehicle details, mileage, information on the premium level system (bonus/malus) and vehicle financing (leasing details); in the event of a claim, data recorded by the insured vehicle, e.g. speed, acceleration, deceleration, date and time
  
  
• in property and single-item insurance, for example make and model, value and age of the insured property, photographs of the insured property or proof of purchase
  
  
• in household insurance, for example living and housing situation, value of home contents, ownership structure, number of persons in the same household
  
  
• in building insurance, for example pledge documents regarding ownership of land and residential property, location, type of building, type of construction
  
  
• in liability insurance, for example living and housing situation, number of people in the joint household, ownership situation, canton of residence
  
  
• in life insurance, for example information on the family and financial situation (incl. number of persons in the same household, employment status), data on the various persons involved in the contract and health data
  
  
• for Non-Life Insurance Corporate Clients (property, liability and engineering insurance), for example type of business, NOGA code, legal form, annual turnover, gross technical profit, business inventory, main and secondary place of insurance, AHV annual payroll total, total fees, construction class, safety equipment for fire and theft, sum insured
  
  
• in marine insurance, for example annual turnover, means and routes of transport
  
  
• in construction and contractor’s liability insurance, for example information on the construction object, activity concerned, contracts of surety, turnover, payroll total, association memberships as well as information on contact persons, correspondence recipients, surety and guarantee beneficiaries, consortium partners and brokers
  
  
• in accident and daily sickness allowance insurance and in the case of occupational pension insurance, for example information on the company, the location, the persons to be insured and their employment conditions, workloads, payroll totals, information on the state of health and on previous accidents or illnesses, information on previous insurers, co-insurers and reinsurers, recipients of correspondence, physicians and brokers involved
  
  
• in factory warranty insurance, for example the type of property, year of construction, age of the individual components, as well as other real estate information, the factory payroll totals and guaranteed sums as well as information on new real estate owners.

We generally collect contract data directly from you, from contracting parties and from third parties involved in the processing of the contract (e.g. employers), but also from third-party sources (e.g. providers of creditworthiness data, credit agencies or the Central Compensation Office [CCO]), from persons in your environment (e.g. family members, legal representatives) and from publicly accessible registers (e.g. Register of Criminal Convictions when admitting intermediaries).

We may also obtain data – and, in some cases, where necessary for the product in question, health data – from other private and social insurers (e.g. previous insurers regarding past insurance history and claims experience), medical treatment providers and experts. When you submit an insurance application to us or file a claim or benefit claim, you release these offices from any obligation to maintain confidentiality. Where necessary, we will obtain separate consent from you in your insurance application, health declaration or claim or benefit claim.

The claims data primarily includes details of the specific claim, e.g. from your claims notification. This includes the circumstances and extent of the loss, the number of claims and the injured parties or parties involved, or, in the insured event of death or disability, in particular the death certificate and the assessment and coordination of Benefit Payments. In order to determine the circumstances of the claim and to clarify its liability, Helvetia may access data recorded by the insured vehicle in the event of damage to a motor vehicle. Helvetia uses this data exclusively for the purposes described in the event of a claim and does not disclose it to unauthorised third parties.

To assess the claim, we work with third parties, such as social insurers, experts or external claims adjusters both in Switzerland and abroad, from whom we also receive data. With regard to life, accident, passenger accident, daily sickness allowance and liability insurance, we also process particularly sensitive personal data in the event of a claim (e.g. health data or data on criminal proceedings). Based on your declaration of release from confidentiality, we obtain relevant information from service providers (e.g. physicians, psychologists, persons who provide services on the orders of or on behalf of a physician, laboratories, hospitals, facilities for [partially] inpatient or outpatient care, nursing homes). In order to clarify entitlement to benefits, for example in the event of recourse, we may also receive and process information on the claim from other private and social insurance providers, Group companies or other third parties involved.

This includes data relating to the compliance with legal obligations incumbent on us and the related clarification and reporting, for example in the context of combating fraud, money laundering and terrorism. We obtain such data from publicly available sources and registers (e.g. sanctions lists) or from public authorities (e.g. information on US citizens/double citizens, economic background, beneficial owners, controllers, politically exposed persons, matching with sanctions lists).

WWhen you contact us via the contact form, via our Customer Service, by email, telephone or chat, by letter or via other means of communication (e.g. customer portal), we collect the data exchanged between you and us, including your contact details and the marginal data of the communication.

We will specifically point out to you if we record telephone conversations, such as for evidence or training purposes. If you do not wish to be recorded, please let us know or end your call.

When communicating with you, for example when you submit a request for information, we sometimes also collect data to establish your identity (e.g. information from official identification documents, answers to security questions) in order to prevent us releasing information to unauthorised third parties.

In order to provide you with the best possible service and advise you on our products and services, we would like to find out your preferences and determine your requirements. To do this, we collect and use data about your behaviour when you interact with us and about the preferences you tell us or that we identify.

Behavioural data is comprised of details of certain actions, such as the use of electronic means of communication (e.g. whether and when you opened an email), the use of our websites (for more information, see helvetia.ch/datenschutz) or customer portals, the way in which you obtain products and services, your interaction with our social media profiles and your participation in prize draws, competitions and events.

Preference data tells us about your requirements and which products or services might be of interest to you. We obtain this information from the analysis of existing data, such as behavioural data, so that we can tailor our consultation and our offers more precisely to you. In order to improve the quality of our analyses, we may link this data with other data that we obtain from third parties such as address brokers, public offices and publicly accessible sources. This includes, for example, information on your household size, income bracket and purchasing power, socio-demographic data, shopping behaviour and contact details of relatives.

We may also collect data from you in other situations. In connection with official or judicial proceedings, for instance, data accumulates (e.g. files, evidence) that may also relate to you. We may also collect data for health protection reasons (e.g. within the framework of protection concepts).

We may receive or produce photographs, videos and audio recordings in which you may be identifiable (e.g. at events, by security cameras, etc.). You will always be asked for your consent or informed accordingly in advance. For security purposes, we may also collect data on who enters certain buildings and when, or who has corresponding access rights (e.g. in the case of access controls or based on registration data or visitor lists, etc.), who participates in events or campaigns (e.g. competitions) and when, or who uses our infrastructure and systems.

We obtain the data mentioned here primarily from you, but also from third parties (e.g. authorities) and in some cases also from our Group companies.

When your personal data is processed by recipients in accordance with clause 7.6 above, your data may also be transmitted abroad, for example when personal data is forwarded to other Group companies or to service providers. Under certain circumstances, we may also transmit data to third parties abroad who are involved in the processing of the contract (e.g. co-insurers and reinsurers, authorities and courts), as well as to other bodies such as foreign tax authorities.

Your data may therefore be processed worldwide, including outside Switzerland or the European Union or the European Economic Area (i.e. also in so-called third countries such as the US). Many third countries currently do not have laws that ensure a level of data protection equivalent to the applicable FADP.

Therefore, following a risk assessment, we take contractual precautions to contractually compensate for the weaker legal protection, as well as further measures (e.g. pseudonymisation) to reduce the risk of state/government access abroad authorised by foreign legislation.

We rely on the guarantees required by law, insofar as the recipient is not already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exceptional provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests, if the performance of a contract requires such disclosure, if you have given your consent or if it is a matter of data that you have made generally accessible and you have not objected to its processing.

A detailed list of the countries to which we may transfer data can be found in the separate list of recipients and countries, which you can access at www.helvetia.ch/privacy or request from our Data Protection Officer.

In order to prevent insurance fraud, we also check claims if there are any suspicions in your interest. To do this, we may process data for your and our protection against criminal or fraudulent activity. We also use automated data analysis to identify indications of insurance fraud. This includes clarifications in the event of a claim or benefit case, also with third parties such as co-insurers and social insurers, service providers, authorities, physicians and experts, as well as queries in the information systems HIS and – in the case of motor vehicle insurance – CarClaims-Info.

• CarClaims-Info
  To combat insurance fraud in the field of motor vehicle insurance, we – like most other insurance companies – provide SVV Solution AG, a subsidiary of the Swiss Insurance Association (SIA), with vehicle-related claims data that are recorded in the CarClaims-Info database. Through the use of such data, it is possible to check whether for example a registered vehicle claim has already been settled by another insurance company. If there are reasonable grounds for suspicion, the companies may share relevant data (e.g. vehicle expertise, indemnification agreement).

For further information about Car Claims Info, please visit www.svv.ch/en/car-claims-info.

• Reference and information system (HIS)
  In order to prevent and detect cases of insurance fraud, we are connected to the reference and information system (HIS) provided by SVV Solution AG. The insurance companies participating in this system register in the HIS persons who have fulfilled a specifically defined reason under the HIS regulations for filing a report (e.g. fraudulent substantiation of a claim pursuant to Article 40 VVG). Each individual entered in this system is informed thereof in writing. We can query the HIS in connection with claims settlement and use the data transmitted to check whether information concerning the natural person has been saved as part of a report in the past. In case of relevant information, we can conduct a more in-depth review before settling the claim. With your separate consent, the relevant data can also be shared among the participating insurers in the event of a positive query result. Information from the HIS is only used in connection with the claims investigation. The operation of the HIS is subject to regulations, meets the legal requirements with regard to data protection and is registered with the Federal Data Protection and Information Commissioner (FDPIC).

Find out more about HIS at www.svv.ch/his.

• CLS (Clearing and Leasing Centre)
  We remain connected to the CLS-Info system for checking leases relating to motor vehicle insurance. This database stores the vehicle and registered keeper details of Helvetia customers that are required by law to be provided to the road traffic authorities.

For further information on CLS, visit www.svvsolution.ch/systeme/cls/datenschutzerklarung-fur-cls/.

Your data will only be stored by us for as long as is required for reaching the aforementioned purposes and for as long as we are legally or contractually obligated to store it.

In individual cases, it is possible to retain personal data for longer, for example if claims are asserted against us (during the statutory limitation period) or if we are otherwise contractually, legally or officially obliged to do so, if you consent to this or if legitimate (business) interests, documentation and evidence purposes require this. As soon as your data is no longer required for the above purposes, it will be deleted as part of our standard deletion processes.

When processing personal data, we take appropriate technical and organisational measures to prevent unauthorised access and other instances of unauthorised processing. These measures are based on international standards and are regularly reviewed and adjusted if necessary.

In accordance with the applicable data protection law and under certain conditions, you have the following rights:

Right of access

You may request information as to whether we process your data and, if so, what data is being processed, and receive a copy of this personal data.

Right to rectification

You can request that we correct incorrect data or complete incomplete data.

Right to erasure

You can request the erasure of your data unless we are obliged or authorised to retain your data under applicable laws and regulations.

Right to restriction of processing

You have the right to object to the processing of your personal data at any time with future effect, provided that the processing is not strictly necessary for the performance of a contract and/or that we are not obliged or authorised to process the data under applicable laws and regulations.

Right to object to data processing and withdraw consent

Where applicable, you have the right to object to the processing of your data, in particular for the purposes of direct marketing, profiling conducted for direct marketing and other legitimate interests in the processing.

In cases where data processing is based on your consent, you have the right to withdraw this consent at any time. If you withdraw your consent this does not affect the lawfulness of the data processing undertaken on the basis of your consent up until the revocation.

Right to data portability

You may request that the data provided by you be released or transmitted in a commonly used electronic form to another controller, provided that the processing is carried out by means of automated processing or you have consented to the processing.

Rights in the case of automated individual decision-making

You have the right to express your point of view in the case of exclusively automated individual decisions and to request that the decision be reviewed by a natural person.

Right to complain

You also have the right to lodge a complaint with our Data Protection Unit or the competent data protection supervisory authority if you do not agree with our handling of your rights.

Contact details of regulatory authority

• You can contact the Swiss Supervisory authority here.
• The contact details for the Liechtenstein Data Protection Office can be found here.
• A list of authorities in the EEA can be found here.
• The UK supervisory authority can be contacted here.
  

Please note that these rights are subject to legal requirements and that exceptions and restrictions apply. In particular, we may need to further process and store your data in order to safeguard our own legitimate interests, such as the establishment, exercise or defence of legal claims, or to comply with legal obligations. To the extent legally permissible, in particular to protect the rights and freedoms of other data subjects and to safeguard legitimate interests, we must therefore also partially or wholly reject a data subject’s request (e.g. by redacting certain content that concerns third parties or our trade secrets). In order for us to be able to rule out fraudulent use, we must verify your identity (e.g. with a copy of your identity card, if identification is not possible in any other way). We generally retain information in connection with the processing of data subject requests for three years.

For queries and to exercise your rights, you can contact any of the companies listed below in writing or by email:

FIRMA
Datenschutz
Strasse Nr.
4002 Basel
E-Mail: Adresse

We would like to remind you that the Internet is an open, global network that is accessible to everyone. Communication via email is not usually encrypted and takes place only during regular office hours. It is possible that data may be lost or intercepted and/or manipulated by third parties, for example, to make it appear authentic. We take technical and organisational security measures to prevent the risk within our systems. Nevertheless, the confidentiality of data transmitted by email cannot be guaranteed. This applies, in particular, to the transmission of sensitive personal data (such as health data). Emails may be delayed, deleted, misrouted or shortened during transmission due to transmission errors, technical defects or other malfunctions. External access devices (end-users’ PCs, smartphones, etc.) and parts of the infrastructure involved in the transmission between the sender and us are located outside the security perimeter over which we have control. It is the responsibility of each Internet user to find out about the necessary security precautions and to take appropriate measures (e.g. up-to-date anti-virus software, etc.). We accept no liability for any consequences or damage arising from the electronic exchange of information, and in particular from any misuse of the email system, for which we are not responsible. We reserve the right to claim compensation from you for any intentional damage we may suffer as a result of our business dealings with you via the electronic exchange of information. We reserve the right, in individual cases, not to reply by email or to require an additional form of confirmation (e.g. a signed form) for orders or information received by email.