We only collect your personal data when we carry out an assignment for you or our clients, or when you visit our office or our website. Our primary use of personal data is in the execution of assignments on your behalf. Examples of such data are your contact details and data necessary for claims handling, loss adjustment or damage repair. We also process images from the security cameras on our premises when you visit our offices.
- We will always tell you what we do with your data and how you can exercise your rights, for example those of inspection and objection.
- We only use the data for the purpose for which we have collected it (such as order execution, customer relationship management and marketing).
- We do not collect, use or store more data than that needed to achieve the purpose for which we obtained the data and only if there is no other way to achieve the same purpose.
- We only use data insofar as such use is legally permitted.
- We take appropriate security measures against loss of or unauthorized access to personal data.
- We will only provide your personal data to third parties if we receive sufficient guarantees for the protection of your data.
What type of personal data do we process?
- Contact details (such as first name, last name, address, place of residence, telephone number, email address).
- Data relevant to the processing of an claim or repair (such as vehicle ownership and registration data, data concerning the counterparty and ownership details, or the location of the property concerned).
- Identification numbers (such as ID numbers and insurance policy numbers).
- Pictures of a damaged property (for example a house or an office building) or vehicle. Location details of the insured party (for carrying out video expertise).
- Financial details (such as bank account numbers).
Medical data (relevant to emergency medical assistance, treatment of injury or a claim).
Selection of elements of the above personal data for processing depends on the service to be provided to you.
Purposes for which we process your personal data:
Client services are services performed by us for companies in the insurance sector, real estate companies, housing corporations, leasing companies, healthcare providers and government bodies, among others.
In order to protect your own security and that of our customers such as insurance companies, we process personal data for the prevention and combating of fraud.
Relationship management (e.g. those subscribing to our newsletter via our website)
Relationship management covers areas such as marketing, client administration and client service (such as informing you of the latest news about CED and relevant services; marketing and measuring response to our marketing campaigns and improving the functioning of our website).You can revoke your consent at any time by using the unsubscribe option included in each message.
Registering visitors to CED offices
We may need to process personal data in order to verify visitors to our offices and maintain the security of our offices and staff.
Why we may use your data:
The use of your personal data is necessary for:
- The processing of our agreements/contracts concerning a natural person, directly with a person contracting our expertise services or through an insurance company or other third party such as an intermediary;
- The fulfilment of our legal obligations, e.g. to comply with the Money Laundering and Terrorist Financing (Prevention) Act (Wwft);
- Exercising our legitimate interests in being able to (continue to) provide our services to our clients as efficiently as possible; and
- giving consent in providing or continuing to provide our services as efficiently as possible to visitors to our website and to optimise use of our website.
- Internal verification of visitors to our offices and company security
Who has access to your personal data?
- CED uses various systems for processing your personal data and the suppliers of these systems may, as a result, also process your personal data. There are data processors on behalf of CED.
- Only employees of CED or certified contracted experts who need your personal data to perform their work have direct access to your data stored in CED’s systems.
Period of retention of your personal data
We delete the data after the retention period has expired in terms of the applicable rules of conduct and professional practice, or – in the absence of such rules – no later than five years after completion of the assignment, unless we are required by law to retain your data for a longer period or if longer retention is essential for the performance of our activities.
Visitors to CED offices
We will keep your contact details for a maximum of 6 months after your visit to our offices. We keep the camera images for a maximum of 4 weeks, unless we are required by law to keep data for a longer period of time or if longer storage is essential for our operations.
Do I have to provide personal data to CED?
Clients (for example, insured persons)
- The processing of personal data is necessary to allow us to provide our services to our clients. Without these data, we would not be able to properly provide our products and/or services.
Visitors to CED offices
The processing of personal data is necessary to provide you with access to the CED building. Without these data, we cannot grant you access.
Who is the data controller responsible for processing your personal data?
CED is data controller and responsible for the processing of your personal data. When CED is the data processor, you will have been informed accordingly by the party who has contracted CED to processes data on their behalf.
Who can I contact if I have questions about the use of my personal data?
If you have any questions, please contact:
Attn. Data Protection Officer
2908 LP Capelle aan den IJssel
Tel. +31 (0)10-2843434
What about the use of my personal data by third parties?
- CED has made agreements (so-called Data Processing Agreements) with parties to which it may transfer your personal data (depending on the processing activity), for processing your personal data on behalf of CED, so that there are sufficient privacy and security measures in place to ensure that your data is processed in accordance with the law, with CED’s own policies and with this CED Privacy Statement.
- If we do give third parties access to your data, we will only do so once we are certain that such third party will only use the data in a way and for a purpose related to the purpose for which the data was obtained, and only in accordance with CED’s instructions. Further, the confidentiality obligations and security measures required by law to prevent your personal data from being disclosed to other parties are always applicable.
- In some cases, a legal obligation may also require us to provide data to third parties, such as judicial authorities. In such cases we will always respect your right to privacy according to the law.
- If we wish to transfer your data outside the European Economic Area because, for example, a data center or our supplier is located there, we will only do so under the conditions required by law.
How do we secure your personal data?
- We take all reasonable and appropriate security measures to protect our visitors and clients from unauthorized access or alteration, disclosure or destruction of their personal data. In so doing we comply with the applicable security standards.
- If there is a security incident that may adversely affect your privacy, we will inform you of the incident as soon as possible. In such case we will also inform you of the measures we have taken to limit the consequences of and prevent future recurrence of such an incident.
What rights do you have with respect to the use of personal data (and how can you exercise them)?
- You may object to the use of your personal data if, for example, you believe that such use is not necessary for the operation of our business or to comply with a legal requirement.
- You have the right of access to your personal data. This means that you can inquire as to which personal data has been registered and for what purposes that data will be used.
- If you believe that we have incorrect personal data concerning yourself, you can have this personal data corrected. You may also ask us to limit the processing of your personal data, including during the period of time we require to review your requests or objections.
- You may ask us to remove your personal data from our systems.
- You may ask us to arrange for your personal data to be transferred to another party.
- You may submit the aforementioned requests or objections by sending a letter with your name, address, telephone number to CED or emailing such letter to firstname.lastname@example.org. You will receive an answer within one month.
- You may also lodge a complaint concerning the use of your personal data. Such complaints may be lodged with the Dutch Data Protection Authority as CED’s headquarters are located in the Netherlands.
We will comply with your request, unless we have an overriding, legitimate interest in not deleting the data and the interest of CED outweighs your privacy interests. Once we have deleted the data, technical reasons may prevent us from immediately removing all copies of the data from our systems and backup systems. We may refuse to comply with the foregoing requests if they are unreasonably frequent, involve unreasonably excessive technical effort or have unreasonably severe technical consequences for our systems or endanger the privacy of others.
Will you use my data in order to send newsletters?
- We use our clients’ address data to send service emails and sales information in the form, for instance, of newsletters and event invitations. You can unsubscribe from emails containing sales information at any time or set your preferences by using the unsubscribe option included in all messages.
Amendments to privacy statement
We reserve the right to amend our privacy statement at any time. Amendments will be published on our website (www.cedgroup.eu)