top of page

Our commitment to dialogue and transparency

 

At dAssure, it its mission to help you, our client, enjoy life in peace of mind, by protecting your family and your belongings. This means that we need to collect data to understand the nature of the risks we protect you from and provide you with the products and services that best meet your needs.

 

In today's world, the volume of available data is growing exponentially. This allows us to improve your experience as a customer by offering you bespoke products, as well as more targeted information and more simpler and more efficient procedures.

 

We are convinced that protecting your personal data must be done so without jeopardising transparency and accountability. In accordance with the European GDPR regulations of 25 May 2018, you have the following rights in relation to your personal data:

  • Right to erasure of data: You have the right to demand that your personal data be erased. This right is also called the 'right to be forgotten'.

  • Right to information: you have the right to know what data we have collected about you, how long we keep this data, the legal basis on which we rely to collect and retain this data, how you can exercise these rights.

  • Right of consultation: you have the right to check which data is correct here.

  • Right to data portability: You can request your data in electronic format at any time or have this data transferred to another supplier.

  • Right to change: You have the right to ask us for a change to your data. We may not reuse your information until it has changed.

  • Right to object to profiling: you have the right to prohibit us from using your data for profiling (such as for a segmentation), or to process your data automatically.

 

You can exercise these rights very easily by contacting us via e-mail (europe@rrcompliance.com), via our website or post as noted in our privacy statement below.

 

Given the sensitive nature of this data, we ask you to always add proof of identity to your application.

​

You can also contact our Data Protection Officer (DPO) with all your questions and complaints about your personal data at the email address europe@rrcompliance.com.

Privacy Statement

​

This is the privacy statement of dAssure, a trading style of RR Compliance Associates Europe B.V., with its headquarters in Herengracht 449 A, 1017BR Amsterdam. Contactable by email on europe@rrcompliance.com and registered with the Chamber of Commerce under number: 88942570.

​

General definitions

Unless explicitly stated otherwise below, the terms used in this regulation have the meaning attributed to them in the General Data Protection Regulation (Algemene Verordening Gegevensbescherming) – hereinafter AVG.

  • Personal data: all information regarding an identified or identifiable natural person (the data subject).

  • Data subject: the person to whom the personal data relate.

  • Processing of personal data: any operation or set of operations performed on personal data, whether or not by automatic means, including in any case the collection, recording, organisation, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission,  dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of data.

  • Data controller: the data controller is the person who decides on the purpose of and the means for data processing.

  • Data processor: the person who, on behalf of the controller, processes personal data without coming under the direct authority of  that person.

  • Provision of data: the disclosure or provision of personal data.

  • User of personal data: the person who, as employee or otherwise, is authorised by or on behalf of the controller to  process personal data.

  • Client: a natural or legal person who has instructed the controller to provide a service.

  • Third party: any natural or legal person, public authority, service or body other than the data subject, the controller, the processor and  the persons who, under the direct authority of the controller or the processor, are authorised to process the personal data. 

  • Consent of the data subject: any freely given, specific, informed and explicit indication of his or her wishes by which the data subject,  either by a statement or by a clear affirmative action, signifies agreement to personal data relating to him/her being processed.

  • Data concerning health: personal data relating to the physical or mental health of a natural person, including data concerning healthcare  services that are provided, through which information is provided about the health status.

  • Supervisory authority: an independent government agency established by a member state. In the Netherlands this is the Dutch Data Protection Authority (Autoriteit persoonsgegevens).

 

​

We shall ensure that we complies with all applicable privacy legislation and regulations, including the General Data Protection Regulation (AVG), the Financial Services Act (Wet Financiele Diensten), the Dutch Financial Supervision Act (Wet op het Financieel Toezicht – WFT) and all other applicable codes of conduct and guidelines.

​

What do we process your personal data for?

We processes the personal data for the following reasons:

  • assessing and accepting potential clients;

  • managing and expanding the client base;

  • entering into and executing agreements;

  • exchanging information with other parties who/that require information in connection with executing the product information, such as reinsurers, insurance brokers, collection agencies, adjustment firms, accountants, payroll  administrators, provided this is strictly necessary for the performance of the (insurance) contract;

  • performing analyses of personal data for statistical purposes and the use of an archiving system • to handle or settle the claim, invoice or damage.

  • to be able to comply with legal requirements, such as tax laws and social security legislation;

  • performing an investigation into the client’s identity, the origin of the money and guarding against money laundering pursuant to the Dutch Act on Measures to Prevent Money Laundering and Financing of Terrorism (Wet ter voorkoming van witwassen en financiering van terrorisme – Wwft).

​

Which data do we process?

  • We (potentially) processes the following personal data:

  • Contact details, such as name, address, town/city, telephone number and email address; • Age, gender, civil status;

  •  Information about current financial products, such as insurances;

  • Personal data are only processed in accordance with the purposes for which they are obtained.

​

Conditions for lawful processing

Personal data are only processed for the purposes outlined in article 4 and are not otherwise processed in a way that is incompatible with the purposes for which they are obtained;

 

The personal data are only processed by individuals who, due to their profession, office or statutory provision,  or who in accordance with an employment contract or agreement, have a duty of confidentiality.

 

Personal data are only processed to the extent that they are relevant and not excessive in relation to the purposes for which  they were collected defined in article 4.

 

Personal data are only processed if one of the grounds for processing in article 6 (AVG) is applicable, i.e.:

  • the data subject has given his/her unambiguous consent for the processing;

  • the data processing is necessary for the performance of an agreement to which the data subject is party,  or to take precontractual measures further to a request by the data subject and that is required in order to enter into  an agreement; 

  • the data processing is necessary in order to fulfil a legal requirement to which the controller is subject;

  • the   data processing is necessary to safeguard the vital interests of the data subject;

  • the data processing is necessary for the correct fulfilment of a public service remit by the relevant  administrative body,  or the administrative body to which the data are disclosed, or

  • the data processing is necessary for the purposes of the legitimate interests pursued by the controller or of a third party  to whom the data are disclosed, unless the interests or fundamental rights and freedoms of the data subject, in particular  the right to the protection of privacy, prevails.

 

We maintains confidentiality in respect of the personal data of which it becomes aware, except for cases where it is legally obliged to report this information or if this reporting stems from the controller’s remit.

 

Access to personal data

Employees only have access to personal data insofar as this is required for them to carry out their work. Every user of personal data must observe strict confidentiality in respect of the data of which he/she becomes aware pursuant to that access.

 

The administrator and those individuals who are working within the scope of an assignment given by Us or a user, only have access to personal data insofar as this is necessary for the use and the processing  of data, and they have signed a confidentiality statement to this end.

​

Security of personal data

To safeguard the principle of integrity and confidentiality, We will take all technical and  organisational measures to prevent unauthorised access to or unauthorised use of personal data.

 

We  comply with the duty to report data breaches, as defined in the policy rules of the reporting requirement.

 

An internal procedure is in place for dealing with incidents. We take measures to inform the Personal Data Authority (Autoriteit Persoonsgegevens) and the data subjects if this is required within the scope of the reporting requirement.

​

Disclosure of personal data

We do not disclose your personal data to other individuals for any reason. We are,  however, allowed to  disclose this data if consent has been given to that end, or if it is obliged to do so pursuant to the law or court decision, or if such a  disclosure is for the purposes of the processing of personal data. 

 

Right of access and the right to erasure

The data subject has the right to access and to receive a copy of the data relating to him/her. The data subject must submit a request to that end. The request, as referred to in this article, shall be fulfilled within 4 weeks of receipt of the request.

 

The right of access is only granted to the data subject or his/her representative. Where applicable, the data subject or his/her  representative has/have to be able to identify himself/herself/themselves and/or demonstrate his/her/their authority. Exceptions to the right to erasure exists as allowed for by the relevant laws. No charge is made for sending and providing copies.

 

In the event of deletion of data, a statement will be included in the data that, at the request of the data subject, the data shall  be deleted.

​

Right to data portability

The data subject has the right to receive his/her personal data that he/she has disclosed to Un in a structured,  conventional and legible form. The data subject has the right to transfer that data to another controller, without being prevented in doing so by the controller  to whom the personal data were disclosed.We shall ensure that the data is in a standard and commonplace format enabling the data subject to receive the data. On request, the format – at the request of the data subject– can also be sent to a third party.

​

Right to protection, addition and correction of recorded personal data

On request, the recorded data will be expanded to include a statement issued by or on behalf of the data subject relating to the  recorded data. If the recorded data are factually incorrect, incomplete or irrelevant for the purpose of processing, or are in breach of the legal  requirement in relation to the processing, the data subject must submit a written request to the  controller in which an improvement, addition, deletion or protection of the data is/are requested.

 

As soon as possible following receipt of the aforementioned request, the controller shall inform the data subject in writing whether,  or to what extent, the request shall be fulfilled. Reasons will always be given for a refusal.

​

The controller shall ensure that a decision regarding addition, correction or deletion is implemented as soon as possible. In the event of deletion of data, the data will include a statement that, at the request of the data subject, the data have been deleted.

 

Right of objection

If data are the subject of processing under article 4, the data subject can raise an objection to that with the  controller in relation  to the data subject’s special personal circumstances, in the event there is a justified interest. Within four weeks of receipt of the objection, We shall assess whether the objection is justified.  In the event the objection is justified, the processing shall immediately be ceased.

 

For dealing with an objection, We can request a fee (Fees for the Rights of Data Subjects (Personal Data  

Protection Act) Decree) (Besluit kostenvergoeding rechten betrokkene WBP), Government Gazette 2001 305). The fee is refunded  in the event that the objection is judged to be well-founded.

​

Retention periods

We shall never retain the data for longer than necessary for the purpose for which the data are collected, taking into account the maximum statutory retention period.

In the event that data no longer needs to be retained, all identifiable characteristics will be deleted, or the data in its entirety shall  be deleted.

 

Your visit to our website and cookies

We use cookies on our websites. When you visit our website, cookies are placed on your computer, tablet or smartphone. Cookies are small, simple, text files. When you next visit the website, the cookies are used to identify you. Cookies will ensure, for example, that when you visit our website, you are not given or have to enter the same information every time. Your settings and preferences are  remembered which simplifies your future visits to the website. In addition, cookies allow information and offers on the website to be  tailored to your preferences. Cookies are stored for a maximum of 4 weeks. 

​

What cookies do we place?
The website uses technical, functional, analytical and tracking cookies and stores technical information. This concerns, for example:

  • IP address of the visitor;

  • Date and time of the visit;

  • URL of the referring site (the site from which the visitor originates);

  • The pages visited on our website;

  • Information about the browser used (type and version, operating system, etc.)

Technical information and cookies are used by us to facilitate your visit to the website(s), improve performance and user experience and increase the relevance of the offer on these website(s). Cookies can be placed both by us and by other parties with whom we work. Below is an overview of types of cookies used.

​

Functional cookies
These are cookies that are necessary for the website to function properly and to provide a requested service. These cookies are used to store certain user and preference settings, store any login details, and to optimize the user convenience of the website. Temporary data is stored in order to display pages faster and to see if a user is logged in.

 

Analytical cookies
These cookies are used to collect information about the use of the website. Google Analytics software is used for this, among other things. This determines, among other things, the number of website visitors, the pages visited and the duration of their stay. The collected data is used to improve the service and to optimally tailor the content of the website to the wishes and needs of the users.

 

Tracking or advertising cookies
Tracking cookies are cookies that collect data about the (internet) behavior of the user of the website. These tracking cookies are used to allow the user to make optimal use of our website. For example, these cookies are used to record information about the visit so that relevant information can be used for the convenience of the user on the next visit by, for example, filling out forms or offering advertisements or vacancies that fit the user's (search) profile.

As you can see, it is convenient for you to work with cookies. But if you object to the use of cookies, you can also delete them from your PC yourself. You can do this via the privacy settings of your mobile device.

 

Amendments to the privacy statement

We may amend this privacy statement in the future. You will find the most up-to-date privacy statement on the website.

 

Complaints

If you are of the opinion that the provisions of this regulation are not being complied with and/or if you have any other cause  for complaint, you can file a complaint and send it to  our address noted above or e-mail it to europe@rrcompliance.com 

 

We will swiftly acknowledge your complaints and provide you with our complaints procedure.

 

You are entitled at any time to submit a complaint to the supervisory authority. The Dutch Data Protection Authority  (Autoriteit Persoonsgegevens) shall supervise compliance with the statutory rules concerning personal data  protection.  The contact details for the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) are:

Post:

Autoriteit Persoonsgegevens 

(Dutch Data Protection Authority)

Bezuidenhoutseweg 30 

2594 AV Den Haag      

Telephone

0900 - 2001201

bottom of page