Privacy Statement Advice & Mediation.
1. Who are we?
Your data will be processed by Alpina. We are an independent financial advisor to whom you can turn for independent and objective advice on insurance, mortgages, pensions and other financial products.
We are part of the Alpina Group B.V., one of the largest nationwide financial advisory companies in the Netherlands. The Alpina Group B.V. advises on financial risks and non-life, life and health insurance.
The protection of privacy is very important to us and Alpina therefore ensures that any personal information we process is treated with the utmost confidentiality. This privacy statement tells you how we handle personal data and how we fulfill the rights and obligations arising from this.
We handle the personal data of, among others, prospects, customers, former customers and users of this website with great care and act in accordance with standards as included in the General Data Protection Regulation ("AVG") and other relevant privacy laws and regulations, including guidelines and protocols that apply within the industry in which we operate.
Attn: Data Protection Officer
2. General definitions
Unless otherwise expressly provided below, terms in this Privacy Statement are used in the sense ascribed to them by the AVG.
- Personal data: any information relating to an identified or identifiable natural person.
- Data subject: the person to whom the personal data relates.
- Processing of personal data: any operation or set of operations involving personal data, whether or not performed through automatic processes, including in any case the collection, recording, organization, storage, updating, modification, retrieval, consultation, use, provision by means of transmission, dissemination or any other form of making available, bringing together, interconnection, as well as the blocking, erasure and destruction of data.
- Controller: the organization that determines the purpose and means of data processing.
- Processor: the organization that processes personal data on behalf of the Controller, without having control over the purposes and means of processing such personal data.
- Provision of data: the disclosure or making available of personal data.
- Third party means a natural or legal person, public authority, agency or other body, other than the data subject, nor the controller, nor the processor, nor the persons authorized under the direct authority of the controller or processor to process personal data.
- Consent of data subject: any freely given, specific, informed and unambiguous expression of will by which the data subject accepts, by means of a statement or an unambiguous active action, processing of personal data concerning him.
3. What personal data do we process?
We process personal data within the framework of our services and/or for the execution of the pension and administration agreement which you have concluded with us or with the pension administrator. In addition, we are obliged by law and regulations to process certain personal data about you. As soon as we start providing our services to you and you provide us with (personal) data, we will process these in our systems. We also process your data when you contact us or visit the website. We receive most of the personal data we process from you. In addition, we may obtain information from external parties that we consider reliable.
We respect your privacy and therefore your data is processed with the utmost care in compliance with applicable laws and regulations on the protection of personal data. We ensure that only personal data is processed that is accurate, adequate, relevant and not excessive.
Depending on the nature of our services , we may process the following data from you:
- contact information such as name, address, place of residence, telephone number and e-mail address;
- age, gender, marital status, family status and partner information;
- data relating to passport, driver's license or other proof of identity;
- Data on employment, income, excerpt from the Chamber of Commerce, occupation and (former) employer;
- data on financial situation, citizen service number, assets and any debts;
- Data on current financial products, such as bank accounts and insurance;
- data we receive through your employer, such as illness or disability;
- details of your pension from current and previous employers
If necessary, we process special personal data such as data about your health or criminal data. We process special personal data with extra care. This data may be necessary for assessing an application.
For some financial products, we ask for your Citizen Service Number (BSN) on behalf of the financial service provider or insurer. We remove the BSN as soon as it has been provided by us to the financial service provider or insurer as part of the application.
4. What do we process your data for?
Within the framework of the agreement we have concluded with you and/or in order to perform our services, we ask for and store personal and other data. We use this data for the following purposes:
- Performing a contract of engagement to advise, broker and/or manage a financial product or financial service;
- Making a comparison, requesting quotes and submitting applications for financial products or services;
- Responding to contact requests and/or sending requested information;
- Performing analyses to improve our products and services and to better respond to your personal situation in the product range and services;
- Providing relevant information to customers, as well as engaging in marketing activities to expand our customer base;
Providing a personalized experience on our website and/or apps;
- Exchanging information with other parties who require information from us in connection with the performance of the agreement or service, such as reinsurers, insurers, stockbrokers, banks, authorized agents, mortgage lenders, insurance brokers, accountants, service providers, collection agencies, appraisal firms, payroll administrators, occupational health and safety service providers, appraisal and survey firms;
- Informing you about our services and products by e-mail and/or newsletters. You are free to subscribe and unsubscribe;
Ensuring the controlled and honest exercise of financial services within the framework of the Financial Supervision Act, as well as complying with other legal requirements, such as the Money Laundering and Terrorist Financing (Prevention) Act and the Sanctions Act of 1977;
- Preventing fraud against us or other financial institutions (such as money laundering or identity fraud).
- Being able to meet legal obligations.
5. What is the legal basis for processing personal data?
We may process your data on at least one of the following grounds:
- If this is necessary for the performance of the insurance contract concluded with you. This also includes assessing whether, and if so under what conditions, we wish to enter into an agreement with you;
- If necessary for us to comply with legal obligations. There are various legal obligations on us as a financial service provider. For example, we are obliged to identify you if you wish to become our client. If you fail to do so, we may not enter into an agreement or make a payment to you;
- If necessary to protect vital interests of you or another person;
- If this serves our legitimate interest, in which we naturally also consider your interest. This includes processing data of you as an injured party or beneficiary. The processing of your data for investigation of possible fraud also takes place on this basis;
- If you have given us express consent to do so. If processing on the four first mentioned bases is not permitted then we need your consent. If we process data on the basis of consent, you may withdraw it at any time.
6. To whom may we provide your information?
To carry out the purposes described above under 4 'what do we process your data for', your data may also be shared with third parties.
External service providers
For our services, we also use other companies such as postal companies, collection agencies and appraisers. We share only the data these external service providers need to perform the work. They themselves are responsible for the processing of your data and, where necessary, we record agreements by contract to protect your privacy. External service providers also include companies that provide us with IT support. We conclude processing agreements with these IT service providers because they are usually not themselves responsible for processing the personal data we have provided.
Financial service providers
We may share personal data - depending on the nature of the service - with financial service providers such as insurers, mortgage lenders and banks.
We do so as long as you have an agreement with that financial service provider. We also work with service providers who may make offers on behalf of financial service providers. Incidentally, these financial service providers are themselves responsible for processing your personal data.
These financial service providers may consult external sources such as the National Road Administration (RDW) and Foundation Central Information System (CIS) to make a decision on underwriting and/or benefits.
Among other things, the database of Stichting CIS records claims and information related to intentional deception (fraud) of a financial institution. Through CIS, insurers and authorized agents share the information they deem important for assessing a claim and/or a request for payment.
Claims recovery agency
Under certain circumstances and conditions, we may forward your information to a claims-recovery agency if you do not have coverage for damages you suffered for which someone else is responsible. We will do this only with your permission and if we expect that the damage can be recovered from the person responsible. The bureau will assess whether there is a possibility for you to recover the damage from the perpetrator.
Sometimes we are required to provide your data to the government. This may include the tax authorities, police/judiciary and regulators such as the Financial Markets Authority or the Personal Data Authority.
Organizations belonging to Alpina Group B.V.
Within Alpina Group, your personal data may be exchanged between the various company and group divisions that, like us, are also subsidiaries of Alpina Group. Alpina Group sees to it that the obligations of privacy laws and regulations (including the AVG) are observed within these divisions. Where Alpina Group is legally obliged to do so, processing agreements are drawn up between company and group divisions for the purpose of exchanging personal data.
We exchange personal data in order to provide you with the best possible service. For example, we may exchange data to answer your questions and to get an overview of what products and services you have with the Alpina Group. The exchange also takes place for the purpose of fulfilling legal obligations, the assessment when entering into a relationship, the conclusion of a contract and/or its execution. In addition, personal data may be exchanged within Alpina Group for the following justified purposes:
- Centralized, coordinated or efficient management of customers, relationships, third parties and/or support thereof;
- Analyses (for risk management and marketing purposes, among others) and creating statistics;
- The exercise and defense of the rights of Alpina Group and its business and group entities;
- Monitoring the security and integrity of the individual business and group units and that of Alpina Group as a whole;
- Making offers or informing clients about products and services of (parts of) Alpina Group.
We can only exchange data within the group if this fits the nature of the service and the purposes as described above and under 4 'What do we process your data for'. No exchange takes place if this is blocked by laws and regulations or by contractual agreements with business relations and stakeholders.
This privacy statement does not apply to the processing of your data by third parties. Information regarding the processing of your data by third parties can be found on the websites of the relevant third party. Upon your request, we will inform you which parties we have provided your data to.
We process your data primarily within the EEA. We transfer data to parties based outside the EEA only if this is in full compliance with laws and regulations. To safeguard your privacy, we record arrangements with these parties in written agreements.
7. How long do we keep your data?
How long we keep data depends on the purpose for which the data is processed. This may vary from one situation to another. We do not keep data longer than necessary for the purpose for which it was processed.
How long we need to keep data depends entirely on the agreement you entered into with us and the products you purchased through us. After the statutory retention period expires, we destroy your data. Under the law, you have the right to ask us to destroy your data.
We may retain data longer if we are required to do so by law as well as for the purpose of providing evidence in complaint and legal proceedings. We may retain your data anonymously for a longer period at archive level for historical, statistical or scientific purposes and/or for the development of products and services. The data can then no longer be traced back to you as an individual.
8. Visiting our website
When you visit our website, we record general visitor data. This may include the most visited pages so that we know what you find interesting. This enables us to improve our services. We process the data on an aggregated level (not traceable to an individual).
In order to get to know you better as a (potential) customer, we may use so-called Enhanced Conversions when you visit our website. When visiting our website, you may leave behind data such as an e-mail address, residential address and/or telephone number. We save this data and transmit it to Google in hashed (pseudonymized) form. Google can link this data to existing Google accounts. The information we then receive from Google enables us to measure the effectiveness of our website and/or our advertisements. When using Enhanced Conversions, your privacy is guaranteed because no concrete personal data is shared.
9. Social media platforms
If you contact us via social media platforms such as Facebook, LinkedIn or Twitter, we process your personal data. Our processing of this data is subject to this privacy statement. This privacy statement does not apply to how the social media platforms themselves handle your data.
10. Phone calls
To improve the quality of our services and to combat fraud, we may record our telephone conversations. Conversations can be listened back to in order to train our staff and, if necessary, to verify the agreements made with you. You will be informed about the recording prior to the call. The conversations are not kept longer than necessary and are not accessible to unauthorized persons.
11. In what ways do we secure your data?
We take appropriate technical and organizational measures to protect your personal data. We make every effort to keep your data accurate, complete and confidential and protect it from misuse and unauthorized access. Our systems are appropriately secured against unauthorized access, destruction, falsification, dissemination and any other form of unlawful processing. Security measures are continuously monitored by our Security Officers.
Our employees have a duty of confidentiality and only have access to your data if this is necessary from their jobs. In addition, we require our business associates to observe the same security standards.
12. What privacy rights do you have?
You have a number of rights when it comes to your personal data. These rights are set out in the law. You can make use of the following rights:
- The right to information: concerns the right to be informed (in advance) about what data is recorded and for what purpose. One way we do this is with this statement;
- The right of inspection: concerns the right to inspect the personal data being processed or to receive a copy thereof;
The right to rectification: concerns the right to change the personal data being processed or the right to complete or correct incorrect data;
- The right to oblivion: concerns the right to have data deleted. In the event of a request to delete data, we will test whether this is possible. In this test, we adhere to the legal requirements and consider, for example, whether we do not have a legal obligation to retain the data or whether deletion may pose a danger to yourself or other persons;
- The right to restriction of a processing: concerns the right to have less data processed. Here too we check whether this is possible whereby we comply with the legal requirements;
- The right to data portability: concerns the right to transfer (or have transferred) personal data. You have the right to have the data, which we process and have received from you, transferred to you or transferred to another organization at your request. This can happen, for example, if you transfer to another employer or want to give another healthcare provider access to your file;
- The right to object (objection): concerns the right to object to the processing of your data and/or to withdraw a previously given consent. For example, you can object to processing based on legitimate interest.
You can submit your request, question or complaint regarding the processing of your personal data by e-mail to our Data Protection Officer. Please send an e-mail to firstname.lastname@example.org, attn the Data Protection Officer. We will respond to the request within four weeks.
Please send a copy of an ID so we can be sure the request was made by you. Make your passport photo and BSN black in the copy to protect your privacy. We are not allowed to process your BSN.
It may happen that we cannot honor your request. Naturally, we will then try to find a solution together with you. Unfortunately, this is not always possible. If you do not agree with our position on the request you have submitted or with the solution we have proposed, you can file a complaint with the Dutch Data Protection Authority.
13. Can we change this statement?
We may modify the text of this privacy statement, in part because of new developments in our business activities or changes in laws and regulations. The most recent version will then apply. On the website you will find the most current version of our privacy statement.
For questions or suggestions regarding this privacy statement, please contact our Data Protection Officer.
We can be reached via Chat, Whatsapp, phone or email
Please feel free to contact us if you would like to know more.
We are available from Monday to Friday from 08:00 to 18:00.