É«¶à¶àÊÓƵ

 
É«¶à¶àÊÓƵ
É«¶à¶àÊÓƵ
Product Family
Product Family
Industries
Industries
Reinsurance
Reinsurance
Explore our offerings
Explore our offerings
Claims
Claims
Risk Consulting
Risk Consulting
Resources & Tools
Resources & Tools
Resources and Tools
Resources and Tools
About AXA XL
About AXA XL
About AXA XL
About AXA XL
Media Center
Media Center
Careers
Careers
Get In Touch
Get In Touch

Privacy Notice - É«¶à¶àÊÓƵSweden

É«¶à¶àÊÓƵ together with other members of its group, including but not limited to those listed at /insurance/our-companies and /reinsurance/our-companies (É«¶à¶àÊÓƵor we or us) are committed to compliance with data protection laws.

This Privacy Notice describes how É«¶à¶àÊÓƵcollects, uses, shares and secures your personal information and non-personal confidential information when we provide our services as an insurance and reinsurance business. It also describes your choices regarding use, access and correction of your personal information. Personal information is information, or a combination of pieces of information that could reasonably allow you to be identified.

As an insurance and reinsurance business, we need to obtain information about the individuals covered under an insurance policy, or individuals that are beneficiaries of, or have made claims under, an insurance policy, or individuals who are involved in an incident giving rise to an insurance claim. This is so that we can properly assess the risks associated with providing insurance or reinsuring the policies issued by another insurer and administer and manage our products and services. This privacy notice applies to any individual whose personal information we process in the course of providing the services including any third parties (each a data subject or you).

If you provide us with information about someone else, we will process their personal information in line with this privacy notice. Please ensure you provide them with this notice and encourage them to read it as it describes how we collect, use, share and secure personal information when we provide our services as an insurance and reinsurance business.

To understand how your personal data is processed please read the relevant section below.

The relevant É«¶à¶àÊÓƵcompany that is acting as controller of your personal data will be set out in our correspondence or documentation that we provide to you.

In some circumstances, the relevant controller will be a joint controller with another É«¶à¶àÊÓƵgroup company. This means that one or more of our group companies jointly determine how your personal data will be processed and you may be able to exercise your rights in respect of one or more companies. If you have any questions about the joint controller relationship of these É«¶à¶àÊÓƵgroup companies, please contact us via the details below.

1. Data Controller responsible for the Processing of your Personal Data

XL CATLIN SERVICES SE - Svensk Filial
Kungsgatan 5, 2nd floor
111 43 Stockholm
Sweden

XL É«¶à¶àÊÓƵ Company Services SE – Svensk Filial
Kungsgatan 5, 2nd floor
111 43 Stockholm
Sweden

2. Personal information we use

As an insurance and reinsurance business, we need to obtain information about the individuals covered in an insurance policy, or individuals that are beneficiaries of, or have made claims under, an insurance policy, or individuals who are involved in an incident giving rise to an insurance claim. This is so that we can properly assess the risks associated with providing insurance or reinsuring a particular block of insurance policies and administer and manage our products and services. This privacy notice applies to any individual whose personal information we process in the course of providing the services (each a "data subject" or "you").

We may be required by law to collect certain personal information about you, or as a consequence of any contractual relationship we have with you. Failure to provide this information may prevent or delay the fulfilment of these obligations. We will inform you at the time your information is collected whether certain data is compulsory and the consequences of the failure to provide such data.

2.1 Information we collect about you

The type of information we may collect and process about you will depend upon the type of insurance we are offering or underwriting. It may include any of the below (where permitted by law):

Personal information collected Details
Personal Details Name, Age, Gender, Date of birth, Photographs, Martials Status, Nationality, Leisure activities and Interests
Contact Information Postal Address, Phone Number and Email Address
Family and Home Information Number of Children and Name, Age and Gender of your children, Household Demographic
Employment and Experience Information Employment History, Job Role, Salary, Employment Benefit options, Educational Background and any Professional qualifications
Financial Information Bank Account details, Annual Income, Tax Payer ID
Business Conduct Information Information related to Underwriting É«¶à¶àÊÓƵ Products, Previous É«¶à¶àÊÓƵ Records, Claims Histories, Information about your history with us
Identification Information Government ID, Driving License, Social Security Number
Cookies and IP Information You can find more information about this in our cookies policy which can be found at Cookie Policy É«¶à¶àÊÓƵ| AXA XL

From the information we collect about you, we may also derive or generate further information such as risk ratings. Some of this information is generated through profiling (see the section below on "Do we use personal information for profiling and automated decision making?").


2.2 Special categories of personal data

Some of the categories of information we collect are special categories of personal information (sometimes referred to as "sensitive personal information”).
These include:

  • Health records (such as your medical history, prescription history and reports on medical diagnoses, sick leaves).
  • Family medical history.

2.3 Sources of the information we collect

We collect personal information from you directly when you voluntarily provide it to us, for instance if you submit application forms to be considered for insurance products or contact us.

We also collect your personal information from a variety of sources:

  • From other insurance companies that we work with
  • From other reinsurers and retrocessionaries
  • From third party claims handlers who are involved in a claim or assist us in investigating or processing claims, including witnesses and external claims data collectors and verifiers
  • From our business partners with whom we work to provide insurance products
  • From public sources, such as public databases (where permitted by law)
  • From coverholders, insurance brokers or other intermediaries
  • From third party evidence providers
  • From healthcare service providers
  • From financial institutions
  • From pension processing platforms
  • From individuals that you may be associated with (e.g. joint account holders, company employees or directors, family members, etc.)

Occasionally we may collect your personal information from a third party, in particular from authorized, regulatory, public sources such as government regulators, industry self-governing bodies and other publicly available records. This will be most common when we are complying with our legal obligations regarding money laundering and other financial crimes. If appropriate, in these circumstances we will either notify you of our sources or seek your consent to their use.

3.How we use your personal information and the basis on which we use it

We use your personal information to:

  • to provide our services and fulfil our contractual obligations to you and other third parties
  • to review, process and manage claims
  • to conduct data analysis, which helps us assess risks, price our products appropriately and improve our services
  • to help us prevent and detect fraud, money laundering, terrorism and other crimes
  • to help develop new, and improve existing, services
  • to operate and expand our business activities
  • to carry out background checks, where lawful
  • to perform administrative activities in connection with our services
  • to exercise, defend and protect our legal rights or the rights of third parties
  • to comply with legal obligations and to cooperate with regulatory bodies to which we are subject
  • for research and development of new insurance products
  • to audit our business
  • for marketing purposes.

We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:

  • to complete necessary pre-contractual checks to ensure that we can assess your suitability for the insurance products we offer
  • to fulfil our contractual obligations to you, for example to provide the services you request and to ensure that invoices are paid correctly. Failure to provide this information may prevent or delay the fulfilment of these contractual obligations
  • to comply with our legal obligations, such as due diligence and reporting obligations, and responding to binding requests from regulators, law enforcement authorities or other government authorities
  • to meet our legitimate interests, for example for example to improve our services, to ensure we price our products appropriately, to manage risk, to manage our business efficiently, to perform audits, and to maintain accurate records. When we process personal information to meet our legitimate interests, we always balance these against your fundamental rights and freedoms and put in place robust safeguards to ensure that your privacy is protected
  • to exercise our legal rights where it is necessary to do so, for example to detect, prevent and respond to fraud claims, intellectual property infringement claims or violations of law.

If it is necessary that we process your sensitive personal information for one of the purposes listed above, we will only do so where one of the following applies:

  • We have obtained your explicit consent
  • We need to process your sensitive personal information to establish, exercise or defend a legal claim
  • We need to process your sensitive personal information for reasons of substantial public interest, for example to prevent or detect unlawful acts or fraud or for an insurance purpose
  • We are otherwise authorized by local law to process your sensitive personal information.

We may obtain your consent to collect and use certain types of personal information when we are required to do so by law (for example, in relation to our direct marketing activities, cookies and tracking technologies or when we process sensitive personal information). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this Privacy Notice.

4. Artificial Intelligence

Artificial Intelligence is an umbrella term for a range of technologies that replace manual processes and solve complex tasks by carrying out functions that previously required human action or input. Certain tasks are increasingly being supported by AI. AI can be used for a number of different functions, for example, grouping data (identifying common characteristics or properties), classifying or labelling data, or using data to come to or recommend a decision or determine an action.

'Generative AI’ is a particular type of AI involving systems or models that are capable of creating new content (based on the data that they have been trained on) when given an instruction or input prompt by the user. The difference between generative AI and other AI technologies is that generative AI creates or generates ‘net-new’ outputs, which could be text or graphics. Generative AI analyses the data that it has been trained on (using machine learning algorithms) in order to create something entirely new based on the instruction that it has been given and its analysis, mimicking human creativity and intelligence.

We may use AI systems and tools (including generative AI) to support our activities and for different purposes which we explain in more detail below.

I. Business process improvement and efficiency, information security

We use AI to improve our business processes with a particular focus on simplifying complex processes, ensuring consistent standards and driving efficiencies. For example, we use AI to help triage, organise and compile documents, extract data for entry into the relevant systems and translate or summarise text. We also use AI to support our business management and development initiatives with activities such as idea generation and trends prediction, the creation of content and for research tasks, including internal and external communications. We also use AI to support our information security practices (for example, by automatically detecting potential data loss).

II. Training AI

We may use personal information (for example where it is not possible to use anonymised data) as part of the development and training phase of an AI solution to be used in the provision of our insurance services. Where we use personal information for such training the lawful basis we will rely on is that it is necessary for the purposes of our legitimate interest in using an AI tool to assist in improving the efficiency and accuracy of our services, managing our business efficiently and maintaining accurate records.
When we process personal information on the basis that we have a legitimate interest to do so, we always balance this against your fundamental rights and freedoms and put in place robust safeguards to ensure that your privacy is protected.

When we process personal information on the basis that we have a legitimate interest to do so, we always balance this against your fundamental rights and freedoms and put in place robust safeguards to ensure that your privacy is protected.

5. Your rights over your personal information

You have certain rights regarding your personal information, subject to local law. These include the following rights to:

  • access your personal information
  • rectify the information we hold about you
  • erase your personal information
  • restrict our use of your personal information
  • object to our use of your personal information
  • receive your personal information in a usable electronic format and transmit it to a third party (right to data portability)
  • lodge a complaint with your local data protection authority.

To exercise any of these rights contact us by email at dataprivacy@axaxl.com.

We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate.

We will contact you if we need additional information from you to honor your requests.


6. Automated decisions about you

The way we analyze personal information for the purposes of e.g. risk assessment or fraud prevention may involve profiling, which means that we may process your personal information using software that is able to evaluate your personal aspects and predict risks or outcomes.

We may also use profiling, or otherwise employ solely automated means, to make decisions about you that relate to the basis on which we provide insurance to you. This is known as "automated decision-making" and is only permitted when we have a legal basis for this type of decision-making.

We may make automated decisions about you:

  • Where such decisions are necessary for entering into a contract. For example, we may decide not to offer insurance to you, or we may decide on the types of insurance that are suitable for you, or how much to charge you for our products based on your credit history and other financial information we have collected about you
  • Where such decisions are required or authorized by law, for example for fraud prevention purposes
  • Where you give your consent to us carrying out automated decision-making.

Subject to local legal requirements and limitations, you can contact us to request further information about automated decision-making, object to our use of automated decision-making, or request an automated decision to be reviewed by a human being.

7. Information Sharing

We may share your personal information with third parties under the following circumstances:


  • É«¶à¶àÊÓƵgroup companies. We operate as a global business, so we may share your personal information with group companies who may use this information for the purposes described in this privacy notice.
  • É«¶à¶àÊÓƵ companies, cover holders, intermediaries, financial institutions, retrocessionaires and business partners. We may share your personal information with insurance companies, intermediaries, financial institutions, retrocessionaires and business partners that use your personal information in connection with the provision of insurance and processing of claims. For example, we may share your personal information with other reinsurance businesses for the purposes of settling claims.
  • Service providers. We may share your personal information with service providers that perform services and other business operations for us, for example, IT and analytics providers, actuarial service entities, auditors, and advisers.
  • Any law enforcement agency, court, regulator, government authority or professional body. We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.
  • Asset purchasers. We may share your personal information with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this privacy notice.
  • Customer companies. We may share our personal information with your company or employer in certain circumstances, for example, if your company has a corporate insurance product with us and you make a claim under that product.

Because we operate as part of a global business, the recipients referred to above may be located outside the jurisdiction in which you are located (or in which we provide the services). See the section on "International Data Transfer" below for more information.


8. Information Security and Storage

We implement technical and organizational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the on-going integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing.

We will keep your personal information for as long as we have a relationship with you, and for a period thereafter, in line with our Global Records Management Policy.

9. International Data Transfer

Your personal information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union law or by the European Commission. Where we transfer personal data to AXA companies and service providers outside the European Economic Area (EEA), we provide safeguards to ensure the security and the confidentiality of your personal data, by framing the transfer through either (i) the or (ii) through when your personal data is transferred to other entities of the AXA Group.

10. Non Personal Confidential Information

The provisions of sections 5 and 6 of this Privacy Policy also apply to any non-personal confidential information we hold about you.

11. Contact us

If you have questions about your rights or concerns regarding the way in which your personal information has been used, please contact our Data Protection Officer at dataprivacy@axaxl.com.

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority.

12.Changes to the Privacy Policy

You may request a copy of this Privacy Notice from us using the contact details set out above. We may modify or update this Privacy Notice from time to time.

If we change this Privacy Notice, we will notify you of the changes. Where changes to this Privacy Notice will have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you, we will give you sufficient advance notice so that you can exercise your rights (e.g. to object to the processing).

Last Update: December 2024

Privacy Pages
THIS AXA WEBSITE USES COOKIES

É«¶à¶àÊÓƵ as a controller, uses cookies to provide its services, improve user experience, measure audience engagement, and interact with users’ social network accounts among others. Some of these cookies are optional and we won't set optional cookies unless you enable them by clicking the "ACCEPT ALL" button. You can disable these cookies at any time via the "How to manage your cookie settings" section in our cookie policy.

Find Out More About the Cookie Policy Privacy Notice
Accept All
Refuse All
Cookie Settings