Aon Privacy Statement
Aon is a leading risk management, employee benefits and insurance consultant. We use personal data in order to provide our services. We also work with other organisations or companies including, in any event, insurers. We believe it is very important to handle personal data with care. Therefore, we carefully process and secure personal data, having due regard for privacy legislation.
Use of personal data
For the provision of our services, Aon uses personal data (data that can be traced back to a private individual), such as:
- name, address, contact details, date of birth, gender, nationality and marital status;
- financial details such as bank account numbers and card details, data on credit history and status as regards bankruptcy or suspension of payments;
- demographic data, such as information about lifestyle and insurance needs;
- data on driving behaviour and details concerning driver’s licence, insurance history and claims history;
- marketing preferences.
We may also process special data such as criminal data or health data in order, for example, to arrange accident, medical expenses or professional liability insurance and deal with claims. We will only process the data necessary for the provision of our services. If certain data are not provided, this may prevent us from providing the requested services or processing or paying out a claim. If you provide us with data on third parties (your partner, children, co-insured or data on emergency contacts), we assume that you inform them about the processing of their data by Aon and make them aware of this privacy statement.
Besides the information that you personally provide, Aon may obtain information from third parties. For example, data are processed to prevent fraud against financial institutions and Aon also consults third parties for data on fraud (FRISS) and creditworthiness (Focum). These data may be requested both during and before the provision of our services. In these situations, Aon has a legitimate interest in processing your data. You may object to this processing.
Aon processes the data as part of its business operations, including:
- the provision of the services requested by you
- brokering insurance
- claims handling
- investigating claims or complaints in connection with insurance policies or the services provided
- consultancy in the field of risk management
- consultancy on pensions and absenteeism support
- researching customer satisfaction
- internal reporting, statistical analysis, marketing Aon products and services and improving products and services
- investigating creditworthiness and credit control policy
- investigating sanctions imposed, validating data, facilitating prevention, detecting and/or investigating criminal actions
- fulfilling legal obligations
- the provision of other products that may be of interest to you
The information may be stored on internal and external systems, including customer relationship management applications. Through these systems, the Aon employees concerned have access to these data, which they may use solely for the purposes for which Aon processes the data.
Aon bases its processing on the following principles:
Performance of the agreement: in connection with the services we provide and the establishment of agreements, we obtain and use the personal data necessary to make an offer, establish and perform the agreement.
Compliance with a legal obligation: it may be necessary to process data in order to comply with legal obligations. For example, Aon is required under the Financial Supervision Act to hold a licence and is supervised by DNB. Aon has a duty to abide by the applicable rules.
The collection and use of certain data is necessary in order to exercise legitimate commercial interests, such as offering products that might be of interest to you or engaging in market research to improve our products and services. When we process your data on this basis, we will make sure that the necessary steps are taken to ensure that the processing does not infringe your rights and freedoms under privacy laws.
We process data on the basis of consent when we process special data in conjunction with activities such as profiling. You are free to withhold or withdraw your consent at any time. However, without your consent, we may not be able to provide our services. Whenever special data are needed and you wish to use our services, you agree to the collection and use of those special data.
Disclosure to third parties
We engage third parties for the performance of our services. In this context, we may share data with:
- insurers and brokers, when necessary in order to arrange insurance and provide our services;
- assessment offices, lawyers and research companies for work relating to claims and the required reports;
- investigation authorities, where necessary in order to prevent or investigate fraud and criminal acts;
- government authorities, where necessary in order for Aon to fulfil its legal obligations. In connection with motor vehicle insurance, data are shared with the Rijksdienst voor het Wegverkeer (Dutch National Road Authority);
- third parties when work is outsourced. This work will be done under Aon’s responsibility, in accordance with our security standards and on our instructions;
- legal successors, in the event that the services are sold to another organisation or of the takeover or sale of (part of) Aon. If personal data are shared in this situation, the data will continue to be used in accordance with this statement;
- medical experts, e.g. in the case of services relating to medical expenses insurance and claims handling;
- research companies whose services are engaged in connection with research into creditworthiness, criminal past, fraud (and the issue of certificates of good conduct) in order to detect and prevent fraud in the insurance industry.
Processing outside the EU
Aon is a global organisation with business processes, management structures and technical systems that extend beyond geographical borders. In light of the global nature of the services provided by Aon, personal data may be transmitted to and used, stored and otherwise processed in countries other than the country in which the information was obtained. In all cases, Aon will ensure an adequate level of security by means of the standard EU agreements or a licence.
It is our practice to ensure the most extensive protection possible for the personal data we process against loss or unauthorised use. We take adequate security measures to guarantee the security and accuracy of those data. If, despite these measures, a data breach were to occur, Aon has a procedure in place for the proper reporting of the breach.
We will use your personal data for direct marketing for other services and products which we believe may be of interest to you. However, we will give you the opportunity to indicate that your data may not be used for direct marketing purposes.
Automatic data collection
Automated processing and decision-making procedures may be used for applications for certain (common) types of insurance. This means that acceptance or rejection will, for example, be determined by a computer system, without any human intervention, based on the data completed by you on a website or application form. Both data of which we already have knowledge and data from third parties may be used as a decision-making basis. This may include checking credit data, claims history and fraud prevention checks. If a decision is made purely on the basis of automated processing, you will also be offered the option of human intervention.
You have the facility to object to automated processing. To do this, contact Aon’s Data Protection Officer (see the contact details further on in this Statement).
Third party websites
Data of minors
Our websites are not aimed at children aged under 16 years.
Accuracy of data
In order to properly provide our services, we rely on the accuracy of the data available to us. Therefore, you must inform us of changes to your data.
Right of access/rectification/objection/data portability and freezing
You have the following rights with regard to your data that we process:
- right of access with regard to the processing of your personal data by Aon;
- the right to have data rectified, frozen and/or deleted, particularly if it is no longer necessary to process the data;
- right to object to the use of data for marketing purposes;
- right to the further processing of your personal data;
- you may also ask us to transfer your data to another party.
Some of these rights may only be exercised in specific situations. If we are not able to comply with a request, we will notify you accordingly.
To exercise these rights and obtain further information about this Privacy Statement, please contact the Global Corporate Compliance department by sending an e-mail to firstname.lastname@example.org.
Aon keeps your data for as long as is necessary for the purposes for which the data are processed. Aon must also keep data in order to fulfil the duty to keep records and the duty of care, for the purposes of providing evidence and to comply with laws and regulations. After the end of the retention periods, Aon will delete the data.
We reserve the right to delete defamatory, libellous and unlawful posts on the Internet and social media, as well as spam.
If you decide to respond to our content via social media, we may investigate the sender. If it is necessary for us to report such posts, we may also investigate the sender for that purpose.
We value your opinion. If you have any comments or questions about our privacy statement, please send them to email@example.com or write to us at the following address:
Aon Groep Nederland B.V.
Attn. Legal & Compliance department
P.O. Box 518
3000 AM Rotterdam
You can also contact one of our Data Protection Officers:
|Ms. W.A. van Oosten-Hartman
||+31 10 447 72 81
|Ms. I.J. Mulleneers-Huibers
||+31 62 508 60 94
Dutch Data Protection Authority (DPA)
If you have any complaints about the processing of your personal data by Aon, please inform us so that we can work with you to find a solution. You have the right to submit a complaint to the privacy supervisor, the Dutch Data Protection Authority.
This privacy statement is not an agreement and we may update this privacy statement. The date of the change will be updated as soon as we make changes. We will inform you of changes in various ways, including by publishing the revised privacy statement on our website, after which the revised statement will take immediate effect. You should consult this statement from time to time to ensure that you are aware of how Aon handles your personal data.
This privacy statement was updated on 26 March 2018.