Personal data policy for Topdanmark, administration company for the Danish Guarantee Fund for Non-Life Insurance Companies

(How Topdanmark processes personal data)

What data do we collect?

We only collect data that is necessary for us, and we always process personal data in accordance with laws and guidelines in force. What data is necessary depends on which purpose the data is to be used for. At Topdanmark, we process the following categories of personal data:

  • Contact and identification data
  • Staff number
  • Policy and income data
  • Claim data
  • Payment data
  • Health data
  • Income for property
  • Trade union
  • Data on criminal circumstances
  • Investigations

We register only data on individuals if this is necessary. In connection with processing your insurance or claim, it may be necessary to collect data on the following people:

  • Policy holders & insured parties
  • Next of kin
  • Claimants
  • Counterparties
  • Guardians
  • Pledgees/mortgagees
  • Advisors (bank/lawyer/accountant)
  • Therapists, (doctors, psychologists, physiotherapists etc.)

 

Where and how do we collect the information?

We collect data both from you and from third parties such as your previous insurance company, your claims assessor your doctor and Alpha Insurance under bankruptcy partners.

We collect data on you e.g. via cookies, telephone contact or chatting with you. We also receive data if you use social media such as Facebook, where you follow us, actively write comments or communicate with us in other ways. If you take part in investigations or answer a questionnaire, we also collect data about your answers.

We also collect information from public-sector and private registers such as the CPR register, trade unions, the national vehicle register, BBR, credit reference agencies and telephone book data.

Purpose for processing your data

We use your data to process your insurance and claims. We also use the data to process claims and court cases as well as making investigations and analyses so that we can continually improve our advice, service and technical solutions.

We use the data we collect from public-sector and private registers to update address data, collect data on your property or your vehicle and to check that you are not registered in a credit reference agency.

We store data on your use of our website

The data on your use of our homepage will be processed confidentially in the same way as all other customer data.

When you use our website, we use cookies to store data on your use of the pages. We use them both to make it easier for you to use our websites and to be able to improve the site.

Read more about Cookies

Categories of recipients:

As a financial company, we are subject to a more stringent confidentiality about financial activities. We therefore process your data confidentially and only disclose it to others if you have given your consent, or if we have a legitimate interest in accordance with the legislation.

Topdanmark discloses the data to the following recipients:

Individuals related to an insurance or pension, e.g. policyholders, next of kin, claimants, beneficiaries and counterparties

Other insurance companies

Pledgees/mortgagees

Public authorities (the police, the tax authorities, municipalities etc.)

Repairers, e.g. workmen

Lawyers

Banks

Doctors and other therapists

Business partners

How long do we store your data?

Topdanmark is obliged to delete personal data when it is no longer relevant.  This means that we continuously delete data when we no longer have a legitimate purpose, could receive a demand or have a legal obligation to store it.

Topdanmark’s deletion rules are based on the Statute of Limitation’s absolute rules of limitations and the Danish accounting legislation’s requirements for storage.

Data security

Your security is important to us. We therefore have both technical and organisational measures in place to take care of the data we receive. That means that we have e.g.:

  • Work-related access to all locations
  • Encryption of data transmission and storage
  • Virus scanners on the servers
  • Back-up and recovery on all servers
  • IT systems with access management based on user ID and personal passwords that must have a minimum of eight characters
  • VPN and encryption in connection with remote desktops and other mobile units.
  • Procedures and policies for processing and communicating personal data
  • E-learning for all employees
  • Employees who are certified in personal data protection

 

Processing by data processors

Topdanmark can choose to use data processors, including providers of software, hosting, security and storage. Your personal data may therefore be disclosed to data processors.

All data processors are subject to written instructions and checks to ensure that your personal data is used only for the specific purpose for which the data was collected.

Topdanmark has chosen to outsource some processing, including IT technical development and support to countries outside the EU/EEA. When we do this, we protect your rights by using the EU Commission’s standard contract, binding corporate rules or the so-called ”Privacy Shield” approved by the EU Commission.

We have contracts with all our data processors, and we check that they comply with our instructions for secure processing. As part of the instructions, we require that these data processors process your data confidentially and implement suitable technical and organisational measures against your data being accidentally or illegally destroyed, lost or compromised, or being disclosed to third parties, misused or otherwise processed in violation of the GDPR.

Your rights:

You can exercise your rights at any time – though with certain statutory exceptions.

  • You are entitled to access the data we process about you.
  • You are entitled to object to the collection and continued processing of your data, including in relation to automated individual decisions.
  • You can also demand that we correct or delete the data. However, we only delete your data if you are no longer a customer with us, and wait until no more demands can be made on us as a consequence of previous claims and insurances.
  • You are entitled to receive your data that you have given us in a machine-readable format and to have your data transmitted to another data controller (data portability).
  • If you have given your consent, you may always contact us to hear about the scope, and you may also withdraw your consent at any time. We will then cease to process your data, unless we can continue the processing on another basis.

Appeals

If you are unsatisfied with Topdanmark’s processing of your data, you may appeal to the Danish Data Protection Agency, Borgergade 28, 5., DK-1300 Copenhagen, Tel. +45 33193200, email dt@datatilsynet.dk, website www.datatilsynet.dk.

Contact Topdanmark, administration company for the Danish Guarantee Fund for Non-Life Insurance Companies:

Topdanmark A/S, Topdanmark Forsikring A/S, Borupvang 4, DK-2750 Ballerup is the data controller.

If you have questions about the processing of your personal data or wish to exercise any of your rights, you are welcome to contact us at administration.topdanmark.dk, or call +45 44 68 33 11. You can also write to our data protection advisor at persondata@topdanmark.dk.