No data processing agreement required between the insurer and the policyholder
In this message we explain why we as an insurer do not need to have a data processing agreement with our policyholders.
A data processing agreement is legally required when a party (the controller) wants to outsource the processing of personal data to another party (the processor).
You provide us with (personal) data that is necessary for the execution of activities for the insurances that you have taken out with us, such as assessing new applications or handling a claim. These activities are executed ourselves; there is no outsourcing of the processing of the personal data as referred to in the GDPR. For this reason, we do not have to set up a data processing agreement with you as policyholder.
In our previous message European privacy legislation General Data Protection Regulation we informed you about the GDPR and the accountability that we have on the basis of the GDPR. Without any doubt, we will handle your personal data carefully and we will take measures to comply with the GDPR.
If you have any questions you can always contact us!