1. General and scope of application
The following information and details are intended to inform you about how we handle your personal data. In order to provide our service(s), we process your personal data in accordance with the Swiss Data Protection Act (DPA) and - where applicable - the European General Data Protection Regulation (GDPR).
2. Who is responsible for processing your personal data and whom can you contact in this regard?
Responsible for the processing of your personal data in accordance with applicable data protection laws and regulations is:
AWP P&C S.A., Saint-Ouen (Paris), Wallisellen (Switzerland) branch, hereinafter also referred to as "AWP Switzerland" or "we".
If you have any questions about the processing of your personal data or wish to exercise any rights to which you are entitled, you can contact us by e-mail or by post as follows:
3. What personal data do we process?
Depending on the situation or contractual relationship, we process various categories of personal data about you that we have either received from you or have been provided to us by third parties, that we obtain from public sources or that arise from the performance of the contract. The most important categories of personal data are as follows:
- Personal and contact details (first name/last name, address, telephone number, email address and other contact details if applicable, gender, date of birth, marital status, language preference, nationality, relationship to other persons and/or companies or other third parties if applicable).
- Data on the customer or contractual relationship (application data such as information on the insured risks, co-insured persons, beneficiaries, previous insurers, previous claims history, relationships with third parties involved; data on customer activities such as data on the conclusion of the contract, processing of the contract or provision of benefits, claims, customer contacts, participation in competitions).
- Payment information and payment connection data (e.g. account holder, account number / IBAN, credit card number, credit card holder).
- Health data and/or other personal data requiring special protection (e.g. in the context of claims processing, medical reports and certificates, incl. diagnoses, clarification reports, receipts for invoices for medical costs, data concerning injured third parties).
- Other data that we are required or authorised by law to collect and process and that we require for your authentication, identification or to verify the data we collect (e.g. compliance with or verification of sanctions regulations).
- Technical data (when visiting our website or using apps, e.g. IP address, cookies, logs in which the use of our systems is recorded and other technical identification data).
4. For what purposes and on what legal basis are your personal data processed?
We process your personal data in accordance with the legal requirements for the purposes described below:
- Establishment, administration, implementation and settlement of contractual relationships (e.g. for the purpose of customer advice and support, risk assessment, credit assessment, contract administration and adjustment, collection of premiums or contributions, claims processing, benefit payments, surveys on customer satisfaction in connection with the contractual service).
- Safeguarding our legitimate interests or those of third parties e.g. to detect fraudulent activities, for market research and other marketing purposes, to improve / redevelop products and services or operations, to evaluate customer relationships to optimise contracts, for internal training and quality assurance (e.g. recorded telephone calls), for security purposes and access controls, to conduct customer satisfaction surveys.
- Adherence to laws, directives and recommendations of authorities and internal regulations ("Compliance").
We process your personal data on the following legal basis:
- Initiation or execution of a contract.
- Legitimate interest in data processing, i.e. in particular in order to pursue the purposes and related objectives described above and to be able to implement appropriate measures.
- Legal foundations.
- Consent, if required.
5. To which recipients do we pass on your personal data, if any?
Your personal data may be disclosed to the following categories of third parties, either in their capacity as data controllers or as processors acting on our behalf, in order to fulfil the purposes indicated above.
The following are disclosed to the data processors: Allianz Group companies, insurance intermediaries, brokers, ceding companies, reinsurers, doctors, cooperation and contract partners (e.g. in the case of group insurance contracts), service providers in the areas of claims processing, IT services, logistics, printing services, debt collection, marketing and - insofar as we are legally obliged or entitled to do so or this appears necessary to protect our interests - government bodies such as offices, authorities, courts.
7. How long do we process or retain your personal data?
We process your data for as long as our processing purposes, the statutory retention periods, contractual provisions and our legitimate interests in processing for documentation and evidence purposes require or storage is technically necessary. In the absence of other information on the respective retention and processing period of a specific category of data, we generally retain your personal data for up to 10 years, unless a longer retention period is provided for by law. If there are no legal or contractual obligations to the contrary, we delete or anonymise your data after the retention or processing period has expired as part of our normal processes.
8. How do we protect your personal data?
We take reasonable security measures to maintain the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and to protect against the risks of loss, accidental alteration, unauthorised disclosure or access.
9. What rights do you have with regard to your personal data?
You have a right to information, correction, objection, restriction and deletion of your personal data and - where applicable - a right to data portability as well as a right of appeal to the competent data protection supervisory authority.
Furthermore, you have the right to object to the processing of your personal data for the purpose of direct marketing. If we process your personal data within the scope of legitimate interests, you can also object to the processing if there are reasons against the data processing based on your particular situation. If our processing is based on your consent, you have the right to revoke your consent.
If you wish to exercise these rights, please contact our Privacy Team via the contact address given in 1.
Please note that the exercise of these rights may result in us no longer being able to enter into or perform the contract or to offer or provide further services. We may also, in certain circumstances and in accordance with applicable law, refuse or only partially comply with such disclosure or refuse to correct or delete your personal data.
Last update: 11.09.2023.