Data protection provisions

Your personal data are processed in accordance with the statutory provisions, specifically the provisions governing data protection and the Insurance Contract Act, and, insofar as this is required, with your consent.

Personal data you have provided to us yourself or we have legitimately received from companies in the AXA Group, from contracting partners such as insurance brokers and other third parties, may be processed by us for the following purposes:

• Processing of the insurance contract
  The conclusion and performance of the insurance contract are not possible without the processing of your personal data. When applying for insurance coverage you will send us personal data; we require these data to assess the risk we are potentially assuming as well as to be able to conclude and subsequently implement the contract, for instance in order to issue a policy or invoice. In the event of a claim you will once again be required to send us information; without this we will be unable to check whether a claim event has occurred or to determine the amount of the claim. In connection with the risk assessment and processing of a claim it is also possible that we will request your consent – for instance in order to set aside patient confidentiality. If you do not issue the necessary consent with your request, or issue only partial consent, this could make it impossible for us to conclude the contract. 
  This processing is necessary for the performance of an insurance contract in accordance with Art. 6 (1) (b) GDPR, for compliance with legal obligations pursuant to Art. 6 (1) (c) GDPR and for obtaining your consent in accordance with Art. 6 (1) (a) GDPR.
  
• Exchange of information within AXA
  To simplify administrative procedures and insofar as necessary, AXA Group companies operating in Switzerland and the Principality of Liechtenstein grant each other access to master data and basic contract data (excluding health data), claims summaries and customer profiles. This processing is necessary for the performance of an insurance contract in accordance with Art. 6 (1) (b) GDPR and for the purposes of pursuing AXA's legitimate interests in accordance with Art. 6 (1) (f) GDPR.
  
• Checking your credit rating
  For the purpose of assessing your creditworthiness, we may use credit rating data from external providers. This processing is necessary in order to take steps prior to entering into a contract in accordance with Art. 6 (1) (b) GDPR and for the purpose of AXA's legitimate interests in accordance with Art. 6 (1) (f) GDPR.
  
• Detecting, preventing and combating fraud
  We also process your data for the purpose of detecting, preventing and combating insurance fraud, money laundering and the financing of terrorism. This processing is necessary for the purposes of pursuing AXA's legitimate interests in accordance with Art. 6 (1) (f) GDPR and for compliance with a legal obligation in accordance with Art. 6 (1) (c) GDPR. 
  
• Statistical analysis
  Personal data may be used by AXA or a third party for statistical analysis purposes. These analyses can involve different subject areas such as road safety, the prevention of accidents in the home, the effectiveness of fire protection measures and potential improvements in contract management. The processing of personal data is necessary for the purposes of pursuing AXA's legitimate interests in accordance with Art. 6 (1) (f) GDPR. 
  
• Direct marketing
  AXA may use personal data for direct marketing purposes. This term includes promotions and personalized advertising. We use this personal data to improve knowledge about our customers – or prospective customers – and ensure they are given information about our activities, products and services, as well as receive offers. Personal data for direct marketing purposes may also be sent to other companies in the AXA Group, insurance brokers and companies connected to AXA.  This processing is necessary for obtaining your consent in accordance with Art. 6 (1) (a) GDPR and for the purposes of pursuing AXA's legitimate interests in accordance with Art. 6 (1) (f) GDPR.
• Data analyses
  So that we can continuously improve our products and services, we analyze the personal data available to us. We may link historical, current and future data, for example to enable us to undertake evaluations in connection with risk profiles. This processing is necessary for the purposes of pursuing AXA's legitimate interests in accordance with Art. 6 (1) (f) GDPR.
  

AXA may send or disclose your personal data to other companies or individuals, but only on the condition that sending or disclosing the information serves one of the above-mentioned purposes or is necessary in connection with the processing of an order. 

The recipients of personal data specifically include lawyers, experts, doctors specialized in occupational health, reinsurers, co-insurers, insurance brokers, service providers, other insurance companies, agents and claims adjusters. These recipients may only process your personal data insofar as this is necessary for the performance of their tasks. 

Where provided for under current legislation, personal data may also be transmitted to the government offices and authorities concerned.

We only transmit personal data to recipients outside of the European Economic Area (EEA) if the third country has been recognized by the European Commission as providing adequate protection of data or if adequate data protection guarantees exist – such as the AXA Group's binding internal data protection rules, EU standard contractual clauses and the EU-US Privacy Shield.

The officers responsible for data processing are domiciled in Switzerland and data processing takes place mainly in Switzerland. Switzerland is recognized by the European Commission as a secure third country providing adequate data protection. 

AXA is part of the AXA Group. Some of the business processes are carried out in centralized service centers and data processing systems. The processing of data outside of the European Economic Area or Switzerland is done on the basis of the AXA Group's Binding Corporate Rules; these Rules were approved by the European Data Protection Authorities. They ensure an adequate level of protection when data are processed by AXA companies domiciled outside of the EU.

The length of time data are kept varies depending on the type of business transaction involved. AXA determines this on the basis of the following criteria: 

• Fulfillment of its purposes
• Legal parameters
• Operational needs
• Safeguarding the interests of the persons affected, e.g. customers, visitors to our websites, prospective customers
• Taking into account internal procedures and data dependencies

Once the set period of time expires your personal data will be deleted. 

In the case of insurance contacts we retain your personal data throughout the life of the contractual relationship or settlement of the claim, in accordance with statutory retention periods. In this case the retention period is up to ten years and may be extended if legal claims are asserted, exercised or defended.

Where AXA processes data about your person, you have the following rights:

• Right of access to information
  You can ask us to confirm whether or not we process data about your person. If that is the case, you have the right to find out more about such data: for example, about which categories of data are involved and the purpose of the data processing. 
  Download:
  - Request for information AXA Insurance Ltd / AXA Life Ltd
  - Request for information AXA-ARAG Legal Protection Ltd
  
  
• Right to rectification
  Where we have stored incorrect information about your person, you can ask us to correct or complete this. 
  Download:
  - Request to rectify AXA Insurance Ltd / AXA Life Ltd
  - Request to rectify AXA-ARAG Legal Protection Ltd
  
  
• Right to erasure and restriction of processing
   You can ask for your personal data to be deleted or for restrictions to be placed on how your data are processed. In some circumstances we will be unable to authorize such a request. For example, erasure is not possible if the data processing is necessary for operating reasons or if the statutory retention period has not yet expired.
  Download:
  - Request to be forgotten AXA Insurance Ltd / AXA Life Ltd
  - Request to be forgotten AXA-ARAG Legal Protection Ltd
  
  
• Right to data portability
  In principle, you are entitled to receive the personal data obtained from you in a structured, standard machine-readable format. 
  Download:
  - Data transfer AXA Insurance Ltd / AXA Life Ltd
  - Data transfer AXA-ARAG Legal Protection Ltd
  
  
• Right to object
  You can refuse to allow your data or profiling to be processed for direct marketing purposes.
  Download:
  - Objection to direct marketing AXA Insurance Ltd / AXA Life Ltd
  - Objection to direct marketing AXA-ARAG Legal Protection Ltd
  
  
• Right to object in relation to automated decision-making
  In some circumstances you have the right not to be subject to a decision based solely on automated data processing – including profiling.
  Download:
  - Right not to be subject to automated decision-making AXA Insurance Ltd / AXA Life Ltd
  - Right not to be subject to automated decision-making AXA-ARAG Legal Protection Ltd
  

The cookies we use are designed to facilitate various functions on our websites. For example, cookies help us store your country and language settings as well as your shopping cart across different pages during an internet session.

By using cookies we can also record and analyze the user behavior of visitors to our internet pages. This enables us to make our internet pages more user-friendly and effective, and your visit to our internet pages as enjoyable an experience as possible. In addition, we can display information tailored to your specific interests.

We also use cookies to optimize our advertising. Cookies enable us to show you advertising and/or specific products and services that may be of particular interest to you based on your use of our website. Our objective is to make our internet service as attractive as possible and to show you advertising that is likely to match your interests.

Cookies record usage information such as the date and time our website was visited, the name of the internet pages visited, the IP address of your device and the operating system used. For example, cookies provide information about which of our internet pages you visit and the website from which you reached our internet page. We also use cookies to track the subjects you are searching for on our internet pages.

The cookies or corresponding technologies stored on your computer or mobile device can also come from other companies in the AXA Group or from independent third parties such as advertising partners and internet service providers.

These cookies enable our partner companies to approach you with individualized advertising and to measure its impact. The cookies from partner companies likewise remain stored on your computer or mobile device for the period of time set by the third-party provider and are automatically deactivated at the end of this period.

Our advertising partners only have access to data based on an identification number (cookie ID). This comprises online usage information such as the internet pages you have visited and the content you have used.

In the case of AXA customers who have registered, the online usage information containing details of the use of AXA products and services as well as demographic data such as age group, location and gender are linked and made usable for advertising partners. Our customers have the right to object to the use of such data by advertising partners by adjusting the settings via the partner company links shown below.

We use web analysis tools to obtain information about the use of our internet pages and to improve our web presence. These tools usually come from a third-party provider. The information obtained for these purposes is transmitted to the third party's server through the use of cookies. These servers may be located abroad, depending on the third-party provider.

IP addresses are shortened when data are transmitted, so as to prevent individual devices from being identified. The IP address sent by your browser as a result of the use of tools from third-party providers is not linked to other data from this third-party provider. This information is only transmitted by third-party providers on the basis of statutory requirements or in connection with the processing of order data.

We also use retargeting technologies on our web pages. This also enables us to target users of our internet pages with advertising on third-party websites. The advertising shown on internet pages is based on cookies in your browser, a cookie ID and an analysis of your previous usage.

When you access our internet pages from the European Economic Area (EEA), we only use the following cookies from third-party providers and tracking technologies to identify traffic from the EEA and to manage the use of tools as well as rectify faults and improve our internet pages:

• AT Internet
• Adobe Text & Targets
• Google Analytics 

If you want to block the use of these tools, you can proceed as described in the following section.

Most internet browsers accept cookies automatically. However, you can instruct your browser not to accept any cookies or to ask every time before a cookie is accepted on a website you visited. You can also delete cookies on your computer or mobile device by using the corresponding function on your browser.

A list of the technologies used, with information about the providers, the purpose of the technologies concerned, the corresponding options for preventing or restricting their use as well as additional information from the relevant providers can be found here:

If you decide not to accept our cookies, or the cookies and tools of our partner companies, you will not see certain information on our websites and will be unable to use some functions.