Many thanks for visiting our website and for your interest in Chubb. Protecting your data – both on our website and elsewhere – is extremely important to us.
Below we have provided comprehensive information relating to data protection at Chubb.
Data Protection: Legal background and definitions
Data protection in Austria is primarily governed by the Austrian Data Protection Act 2000 (DSG). The purpose of this act is to ensure that individuals’ personal rights are protected when their personal data are being handled.
The Austrian Criminal Code (Strafgesetzbuch, StGB) imposes penalties for the disclosure of confidential personal information. Such confidential personal information includes, for example, any information relating to private health, accident or life assurance. Other laws, such as the Telecommunication Act (Telekommunikationsgesetz, §§ 96 ff TKG), also incorporate data protection components.
The general rule that applies is that companies may only collect, process and use the data that they actually require. In many cases, the consent of the person affected is required to collect (i.e., procure), process and use their data. Such processing comprises the storing, altering, transfer, blocking and deletion of personal data.
What are personal data?
Personal data, within the meaning of the DSG, relates to specific information concerning personal or factual issues for a specific, or identifiable, natural person. Examples of personal data include the following: name, address, date of birth, nationality, telephone number, occupation, bank details; information about your health (in doctors’ opinions, insurance applications etc.), your income (e.g. the so-called "scoring" of credit enquiry agencies, etc.) and financial credit history. Pursuant to the DSG, special protections govern all of this information.
When will we collect, process and use your personal data?
Anonymous browsing, cookies, statistical analyses from the Internet
You can visit our website without notifying us of who you are. We will only obtain anonymous information about the name of the Internet provider, the website from which you are visiting us and the pages of our website that you view. This information is evaluated for statistical purposes. You remain anonymous as an individual user.
Encryption/secure web pages
Where you input your data through our web pages, these data are retrieved and processed in a secure area using Secure Socket Layer (SSL protocol) technology or a similar technology. This ensures that the data that are passed back and forth between your PC and the website are encrypted. You need an SSL-enabled Internet browser in order to fully benefit from this technology. This will activate SSL automatically.
If you are using Internet Explorer or Netscape Navigator, you can check if you are in a secure area. You will see a key or padlock symbol in the bottom-right corner of your browser screen. A complete key or a closed padlock indicates that you are in a secure area.
If you are on a secure page, the network address will be preceded by "https".
Personal data in emails, for online applications, conclusion of a contract, etc.
If you send us an email, the data that are transferred (the email address and data that you provide us with, e.g. first name/surname) will be stored in our email systems and may also be stored in other systems.
Should you apply for, or conclude, an insurance agreement on our product pages, the necessary data will be collected. When we collect this data, we will ask you for your consent so that we can collect, process and use it. If you do not give your consent, you cannot conclude an agreement.
Above and beyond this, personal data are only collected if you have given your consent for this. When a claim is being processed, your consent will be sought if, for example, we wish to question a doctor in relation to your health. From time to time, we may perform online surveys of customers and visitors in order to better understand customer needs and experiences. Participation in these surveys is voluntary.
Other data collection
Aside from the Internet, we also collect personal data during applications, when agreements are concluded, for insured events and during job applications. Once again, we will seek the consent of the person involved here. The data will be deleted if they are no longer required or if a statutory retention obligation period has elapsed.
Processing of the data
Your health data and additional data protected under Section 203 StGB are stored in the Chubb Group’s special secure IT systems.
Your data are exclusively read and processed for the purposes for which you have provided it to us. These usually include examining your application, preparation of your insurance certificate, the collection of insurance premiums, consultation and the provision of insurance services.
Your health data are only accessible to a limited group of people within Chubb European Group Limited. Your other data (e.g., commencement of insurance, your address) can be viewed by other Chubb employees, e.g., in order to process your policy
Our employees are not authorised to pass personal data on to unauthorised third parties. They are obliged to only use data for specific purposes and to treat data in the strictest confidence. This non-disclosure obligation remains in force beyond the term of our employees’ employment relationship.
Non-disclosure agreements are in force in cases where we exchange personal data with third parties, e.g., Our intermediaries and subsidiaries. Personal data are also only exchanged with intermediaries or subsidiaries following your explicit consent. Companies that provide services to us are obliged to meet our strict data protection requirements. These companies may also only process personal data in the context of their services or in conjunction with your assignment.
Examples for such service providers include incident managers who provide services in an emergency, for instance in relation to a travel insurance policy, or a print shop printing insurance certificates.
Any other transfer of personal data and other information will only occur:
in order to meet statutory requirements or to follow legal process;
in order to register or collect receivables to which the company is entitled, or in order to protect our rights and our property;
in order to prevent fraud.
What rights do you have in respect of the data you provide to us?
Under § 26 Data Protection Act (DSG), you have a right to free and prompt information about the personal data held by Chubb. This information will be supplied to you at your request.You also have the right to the correction of inaccurate information and to the blocking or deletion of data (§ 27 DSG) and the right, to object against the use of your data due to violation of predominant worthy of protection and defense of confidentaly interests, resulting from a particular situation, to except, provided that the use of data is not required by law (§ 28 DSG)
Where you have consented to us using your personal data, you may revoke this consent at any time.
Declarations of release from professional secrecy
Chubb’s declarations of release from professional secrecy were prepared according to the Austrian legal system.