Protection of personal data
In order to provide you with the most complete and transparent information on the use of your personal data by Assurlink, also known by its trade name Owen, we invite you to read the following provisions on the protection of your personal data. These provisions will be regularly updated to keep you informed of any changes in the use of your data.
For what purposes do we use your data?
The personal data that Assurlink collects about you is used solely for explicit, legitimate and specific purposes in connection with the various services or products that we offer. Only data that is useful to us is collected.
We use your personal data for the following purposes
The conclusion, management and execution of insurance contracts, namely:
- Underwriting and management of partnership contracts between Assurlink/Owen and distributors wishing to market its insurance and service offerings;
- Follow-up and invoicing of Owen's services to partner distributors;
- Insurance contracting: this involves studying the specific needs of each potential subscriber in order to propose a suitable contract, which also includes analyzing the risk to be insured in order to establish a suitable rate and to verify its insurability;
- Management of insurance contracts: this includes the pre-contractual phase up to the termination of the contract (e.g. pricing, issuing of pre-contractual, contractual and accounting documents, collection of premiums and contributions). This also includes risk monitoring (e.g. we may have knowledge of data relating to your offences or convictions in the field of motor insurance) and other necessary technical operations;
- The execution of insurance contracts: this concerns the operations necessary for the implementation of guarantees and benefits. In this context, the data collected are related to the management of claims and benefits covered by the insurance contract;
- Development of statistics and actuarial studies;
- The exercise of recourse and the management of claims and litigation related to our activities and allowing us to ensure the contestation, exercise or defense of your rights in application of the guarantees subscribed or the exercise of our legal rights;
- The execution of legal, regulatory and administrative provisions in force, with the exception of those that are subject to a particular formality provided for by the applicable provisions on the protection of personal data. This may include processing relating to the execution of tax rules, or the collection of contributions for various funds (e.g., compulsory insurance guarantee fund, major natural hazard prevention fund);
- As well as the management of anti-fraud control operations or the fight against money laundering and the financing of terrorism. The management of your requests for rights, in particular the right of access, rectification, opposition, in application of the applicable regulations.
Your data may also be used for technical operations for the purposes set out herein. This includes, in particular, technical or cybersecurity operations related to the detection of anomalies and the security of your data and of our information systems from which your data are processed.
The data collected is essential for these processes and is intended for the Owen departments concerned, as well as, where applicable, for its distribution and management partners or insurers who intervene in connection with the services marketed. We will not be able to study your insurance quotation or your subscription request or to execute your contract if you do not provide us with the necessary data.
Finally, your data may be used for the purposes of managing our commercial relationship or our prospects and improving our customer knowledge, namely
- The realization of satisfaction surveys, collection of opinions on our products and services;
- The realization of loyalty operations, surveys ;
- To ask you to test products or services, or promotional actions such as the organization of contests with the exception of online gambling subject to the approval of the Online Gaming Regulatory Authority (ARJEL);
- The elaboration of commercial statistics to analyze the adequacy of our products and services to the needs of our customers and prospects (measurement of the audience of our Internet sites, including by the analysis of your on-line navigation and your reactions to emails), so that we can know you better, appreciate if the messages that we address to you present an interest for you and propose offers, contents and services adapted to your profile. These analyses will be carried out in compliance with the authorizations that you may have given us, particularly in the case of the use of cookies or other tracers;
- The technical operations of prospection, (which includes in particular the technical operations like the normalization of address, the deduplication and the enrichment of data concerning you);
- The transfer, rental or exchange of data relating to the identification of customers or prospects in order to improve the services offered or provided to customers or prospects, in particular for products or services that make it possible to reduce claims or to offer a complementary contract or service.
For commercial prospecting operations related to profiling and based on the
consent of the person concerned by the processing, the latter may withdraw his/her
consent at any time, it being understood that this will not call into question the lawfulness of the processing carried out
prior to such revocation.
- In order to send you promotional messages or advertisements, whether or not personalized, by post or electronically, including mobile notifications, or via any other medium depending on your profile, in compliance with the authorizations that you have given us or for statistical studies. Your refusal or opposition to receiving commercial communications will not prevent the study of your quote or the execution of your insurance contract in accordance with the provisions of this contract.
What data do we collect?
The categories of personal data that we process come from exchanges between you and our distributor partner, of which you are a client and for which you have accepted the transfer to Assurlink in order to take out an insurance policy, and from information collection forms between you and the Assurlink broker, via this website or via an exchange with one of our insurance advisors, regardless of the medium of these exchanges; in particular, the following may be processed according to the purposes
- Those necessary to identify you as a subscriber, i.e. civil status data (surname, first names, gender, civil status, data relating to identity documents, e.g. driving licence, proof of identity, date and place of birth, maiden name, nationality) when you request a quote or subscribe to a contract;
- The persons who are concerned by the contract, for example the persons to be insured, the beneficiaries of the contracts, the beneficiaries' rights, the witnesses (in the event of an automobile accident for example), the guardians, the curators, the drivers, etc., as well as the persons who intervene in the execution of the contract (ex: vehicle repairers, experts, lawyers...) ;
- Contact data, i.e. your telephone numbers, e-mail address, postal address;
- Necessary data relating to your family, economic or financial situation (e.g. the amount of your insurance premium) concerning you or the persons interested in the contract;
- Data relating to risk assessment and the fight against fraud, in accordance with the texts applicable to this type of processing;
- Data necessary for the application of the contract and the management of claims and benefits. This includes data related to the contract (customer identification number, policyholder identification number, claim file, etc.);
- Data relating to the location of people and goods. These data are essential in the context of assistance and insurance guarantees (search for lost or stolen vehicles, eco-driving, assistance to people in difficulty);
- Data related to your personal situation (e.g. family situation, number of children, dependents, etc.);
- We may also, within the strict framework of what the texts authorize us to do, collect and process your registration number (NIR) for the sole purpose of managing health insurance activities or in the event of bodily injury or when concluding a supplementary health insurance or provident or borrower's insurance contract, for the purpose of implementing these guarantees and relations with professionals, or any organization that must intervene in this respect;
- The data necessary for the assessment of damages and the determination of compensation, including medical data, which are subject to specific processing in order to respect medical confidentiality. Indeed, we may have to collect health data concerning you at the time of the conclusion of the insurance contract, or during the management of claims;
- Data related to the management and follow-up of the commercial relationship, identification data, family situation, financial situation and life habits related to the commercial relationship, your professional and non-professional activities, data related to the follow-up of the commercial relationship, location and connection data (date, time, internet address, visitor's protocol, consulted pages);
- Data provided by third parties who are authorized to provide us with information about you.
We may also collect certain information from you during satisfaction surveys, the answers to this type of questionnaire being non-binding.
Why is your personal data processed?
Your data may be processed for one or more of the following reasons:
- The legal basis for the processing of your personal data is the study carried out in order to respond to your search for an insurance solution (for example, by drawing up a quote) or the execution of your insurance contract, or your explicit consent, which may have been obtained at the time of collection of your data. We may also use your data to meet legal or regulatory obligations.
- We may also use your data, with due respect for your interests, freedoms and fundamental rights, because it is necessary to enable us or our partners to pursue legitimate interests such as building customer loyalty, managing our relationship with our customers in an optimal manner, getting to know them better and promoting our products and services to them, or fighting fraud and defending ourselves in the event of litigation.
Limiting the length of time your data is kept
The data collected about you will be kept for the time necessary to achieve the above purposes. We specify you in particular that :
- The data collected and processed within the framework of the conclusion of a contract are kept for the period necessary for the management of the contract, increased by the periods of prescription applicable in particular in civil, commercial and fiscal matters, and those resulting from the Insurance Code. In particular: 6 years for tax documents; 10 years for accounting documents and for the entire duration of the litigation and until the exhaustion of all means of appeal.
- Customer data used for commercial prospecting purposes may be kept for a period of three years from the end of the commercial relationship.
- Data related to non-customer prospects may be retained for 3 years from the time of data collection or last contact from the prospect.
- In the event that data subjects exercise their rights, data relating to identity documents may be kept for the applicable legal limitation periods, i.e. for a maximum period of 3 years.
Who can access your data?
For the purposes described above and within the limits necessary to pursue these purposes, your data may be transmitted to all or part of the following recipients
- Assurlink's internal departments in charge of managing our commercial relationship (all persons in charge of the conclusion, management and execution of contracts),
- The people in charge of the marketing department, the sales department, the departments in charge of customer relations, complaints, prospecting; the administrative departments, the IT departments as well as their line managers;
- Management delegates, insurance intermediaries, our insurance partners;
- Any reinsurers as well as our professional organizations and guarantee funds, as well as the insurance organizations of the persons involved or offering additional benefits;
- Persons involved in the contract such as lawyers, experts, court officers and ministerial officers, guardians, curators, investigators and health professionals;
- The social security bodies when the social security schemes intervene in the settlement of claims or when the insurance bodies offer complementary guarantees to those of the social security schemes;
- If applicable, the persons interested in the contract (the subscribers, the insureds, the members and the beneficiaries of the contracts; if applicable, the person responsible, the victims and their representatives, the witnesses and the third parties interested in the execution of the contract);
- If applicable, victims of fraud or their representatives;
- Organizations directly involved in a fraud case;
- Assurlink's service providers and subcontractors (e.g. IT service providers, service providers in the advertising sector);
- Administrative or judicial authorities to which a dispute may be referred;
- Courts, arbitrators, mediators, supervisory and control authorities entitled to receive such data;
- The departments in charge of control such as the statutory auditors and the auditors as well as the departments in charge of internal control.
Security
We take the necessary technical, physical and organizational measures, taking into account the nature of the personal data and the risks presented by the processing, to preserve the security and confidentiality of your personal data and to prevent it from being distorted, damaged or accessed by unauthorized third parties.
We choose subcontractors or service providers who offer guarantees in terms of quality, security, reliability and resources to ensure the implementation of technical and organizational measures, including security of processing. The subcontractors and service providers undertake to respect levels of confidentiality at least equal to ours.
In case of transfer of your personal data outside the European Union: If a transfer outside the European Union of the personal data collected and processed were to be carried out, guarantees would be taken to legally frame this transfer and ensure a good level of protection of your data.
Reference of the Data Protection Officer
To contact the Data Protection Officer:
- By e-mail: contact@getowen.eu, specifying in the subject line: "DPO Owen
- By mail : Owen AssurLink - Data Protection Officer (DPO), 38 rue François Villon, 91450 Soisy Sur Seine .
What are your rights to the data
In accordance with the regulations on the protection of personal data, you have the right to information on the data we collect concerning you, as well as the right to access, rectify and delete data concerning you, and the right to define directives concerning the fate of your data after your death. It is hereby specified that under the right of access, Assurlink may request payment of a reasonable fee based on administrative costs for any additional copy of the data to that which is communicated to you.
You also have a right to obtain the limitation of a processing and a right to the portability of the data you may have provided, which will apply in certain cases.
Furthermore, you may request to exercise your right to object on grounds relating to your particular situation, to the processing of personal data concerning you where the processing is based on the legitimate interests of the data controller, including profiling. If you exercise your right to object, Assurlink will cease the processing, except where there are compelling legitimate grounds for the processing which override the interests and rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.
You may also object to any processing related to prospecting (including profiling related to such prospecting), or withdraw your consent at any time, in cases where you have been asked for it (the withdrawal of your consent will not affect the lawfulness of the processing carried out before the withdrawal of consent). We reserve the right not to comply with your request if the processing of the data is necessary for the performance of the contract, for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.
Owen informs you that failure to provide or amend your data may affect the processing of certain requests in the performance of your contract and that your requests to exercise your rights will be retained for evidential and follow-up purposes.
To exercise your rights, simply send your request by mail to Owen - Assurlink, Service Consommateurs, 38 rue François VILLON, 91450 Soisy sur Seine, France, indicating your last name, first name, e-mail address and, if possible, your customer reference.
In accordance with the regulations in force, your request must be signed and accompanied by a photocopy of an identity document bearing your signature and specify the address to which the reply should be sent. A reply will be sent to you as soon as possible.
We also inform you that you can object to receiving commercial prospecting by telephone by registering free of charge on the opposition list to telephone canvassing on the website http://bloctel.gouv.fr/ or by post to - Société OPPOSETEL, Service Bloctel, 6 rue Nicolas Siret 10000 Troyes.
This registration prohibits a professional from calling you, except in the case of a pre-existing contractual relationship.
In the event that we are unable to respond to your requests in a manner that satisfies you, you may also file a complaint with a supervisory authority (in France, the CNIL, 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07. Tel: 01 53 73 22 22).