3. Communication

Our website gives you various options for contacting AXA. 

The personal data you transmit is protected by encryption mechanisms incorporating the latest security standards. Despite extensive technical and organizational security measures, there is a possibility of data being lost or intercepted and/or manipulated by unauthorized persons. 

The security of your data is important to us and we therefore take appropriate technical and organizational security measures to protect this within our systems. 

Your computer is outside the security zone that can be controlled by AXA. It is therefore up to you – as the user – to obtain information on the necessary security precautions and take appropriate measures. Under no circumstances will AXA be liable for any damage you suffer as a result of the loss or manipulation of data. The internet is an open, worldwide network. If you send personal data via the internet, you do so in all cases at your own risk. In the case of unencrypted electronic communications, data may be intercepted and manipulated by third parties or lost.

If you wish to send an email containing confidential content to AXA, it should be encrypted in order to prevent unauthorized access and/or falsification in the course of transmission. 

To proceed, please use our web-based encryption portal AXA Secure Reader. Information about the use of AXA Secure Reader or alternatives to secure email communication with AXA can be found on our page on the topic of secure communication. 

It is not possible to guarantee data security in relation to unencrypted emails sent to AXA, and for that reason AXA does not give any warranty or accept any liability. As an alternative to encrypted email communication, we therefore recommend that you contact us directly using the contact forms  provided.

When processing your request (such as a claim), we will – in addition to other channels – also communicate with you via SMS in order to keep you informed about the processing status. 

You can you use the Ada chatbot on our website for certain claims and services. The chatbot interprets and responds to your chat messages independently on a 24/7 basis.

We recommend that – unless prompted – you do not submit any personal data when communicating with our Ada chatbot. In relation to certain claims and services, the chatbot will ask you for personal or contractual details such as your first and last name, date of birth, and policy number for identification purposes. If we are able to identify you clearly in these cases, your session with the Ada chatbot can continue. In the case of claims in particular, authorized AXA employees will undertake processing and reviewing as part of the payment process and the data may be viewed for the purpose of optimizing service and process quality. These employees are also able to view the chat content. 

In the case of certain claims and services, the chatbot will ask you to upload certain files, such as photographs following a claim. Communications are encrypted at all times. Your data will be communicated via secure HTTPS line, stored in Switzerland or the EEA and at AXA, and protected against unauthorized access using state-of-the-art technology.

In connection with the chat function, we use the Azure Bot Service provided by Microsoft Ireland Operations Limited, One Microsoft Place, Dublin 18, Ireland.

In live chats you will be conversing with AXA employees. If you contact us in this way, the data you submit will be collected and processed by our service provider RingCentral, Rue Saint-Georges, 75009 Paris, France. The data will be collected for the purpose of processing the request and with a view to follow-up questions. In addition, chat content is recorded by us internally for training and optimization purposes, and will be deleted automatically after 90 days.

You can contact us by sending a private message via WhatsApp, Apple iMessage, Facebook Messenger, or X. Please note that we will not and cannot send you certain types of information via the same communication service provider and that other means of communication can be chosen for this purpose. 

If you contact us via external communication providers, data from the chat concerned can be collected and used by these providers. We have no influence on the processing of data by these providers. 

Please also note section 2.1.4 General information on Google and Facebook services.

We offer various products and services online. To that end, we use premium calculators, quotation forms (e.g. online quotation for household contents insurance, online conclusion of motor vehicle insurance contract), and service forms (e.g. notification of claim, requesting an adjustment to your contract, ordering a certificate of insurance, requests for a consultation, notification of change of address). For information on how we process your personal data in general, please see Part 1. Information on data protection. Below you will also find some specific information on online forms. 

The data you entered online will be used specifically for managing the contract and handling claims, processing your requests and, if applicable, for marketing purposes within the AXA Group. If you are not yet an AXA customer, we will collect your details in our address management system. We will normally contact you after providing you with a quotation. 

Any confidential, personal data you send to us via the forms on our website will be transmitted on an encrypted basis in accordance with the latest technical standards to ensure it cannot be viewed by third parties. 

When you use our online forms, your access and use may be recorded, stored, and analyzed; this is primarily for the purpose of improving our online services as well as for marketing reasons. Your details may be linked to data about your use of the pages on our website (e.g. login data, access records, transactions, changes, and movements), your insurance contract data, as well as data on the use of third-party websites. Further information can be found in section 2.1.2 Server and application log files and section 2.1.3 Data processing if you are a registered/identified user. We also install cookies for our online forms and use Google Analytics. 

We use quotation and service forms to collect the data we require in order to provide an online service. In particular, this includes personal information and contact data (e.g. first and last name, gender, date of birth, age, civil status, language, nationality, email address, telephone number, profession). Depending on the type of online service, additional data such as application data (e.g. information from the applicant about the insured risk, responses to questions) may be collected. If required for the provision of an online service, payment data (e.g. mortgage information, credit rating information for deciding on contract conclusion) and any information on claims/benefits/legal cases (e.g. data regarding injured third parties) may be collected. Furthermore, it may be the case that sensitive personal data requiring particular protection (e.g. reply to questions regarding revocation of a driver’s license in relation to a motor insurance application) is collected.  

The information requested in relation to premium calculators as well as quotation and service forms is required in order to continue the relevant request and in particular to receive information about rates and level of premiums, use a service, and, if applicable, conclude an insurance contract or submit an application for the conclusion of an insurance contract. Full use of the premium calculators and quotation and service forms is not possible if you do not provide us with these personal details. 

If required for the provision of an online service, the information you have provided may be disclosed to the relevant recipients for the performance of the relevant service (e.g. risk assessment when you purchase a policy online). If necessary, you will be notified of this separately and/or we will obtain your consent accordingly. Such recipients may be in Switzerland, and within or outside of the EEA. 

Where the GDPR is applicable, the legal basis is normally the initiation or performance of a contract (Art. 6 para. 1 (b) GDPR). Furthermore, the possible processing of special categories of personal data takes place on the basis of your consent (Art. 6 para. 1 (a) GDPR). 

During phone calls with AXA, your call may be recorded, transcribed, or analyzed for quality purposes as well as documentation.

Depending on the nature of your request, we use traditional customer telephony services – that is, one-to-one telephone calls – and/or use new technology including interactive voice response systems, voice recording, and voicebots. With interactive voice response systems, your call is received automatically and you are passed on to the relevant department. The interactive voice response system can be recognized from its computer-controlled dialog. Voicebots enable your request to be processed automatically. 

To ensure you can contact our qualified customer advisors from the comfort of your home or while on the move, we offer advisory consultations via a video channel as an alternative to visiting one of our agencies in person. This enables you to use your personal device to connect to a video conference (Microsoft Teams) in a fast, straightforward way via an up-to-date compatible browser. 

The content of these meetings is not stored on your device. The data transmitted are encrypted while in transit. Recordings may be made internally for training and optimization purposes. Use of the applications required for the video consultation is analyzed using Google Analytics and Google Tag Manager. 

We use dedicated video tools to process your requests and claims (e.g. motor vehicle expertise), enabling our experts to assess the situation or claim quickly and easily using video. 

When you visit our premises, we will make video recordings in correspondingly designated areas for security and evidence purposes. The recordings are accessible to selected AXA employees within the framework of their responsibilities. We only analyze the recordings if necessary (cases subject to criminal law) and delete them between 7 and 30 days later. 

Furthermore, it is possible that you will use the wi-fi provided by an external service provider. This requires you to register directly with the service provider using your mobile telephone number, whereby the data protection provisions of the service provider will apply. 

Where the GDPR is applicable, the legal basis is our legitimate interest (Art. 6 para. 1 (f) GDPR) in ensuring the security of our buildings and systems. 

You can subscribe to our newsletter (in German) via our website by providing us with your contact data (first and last name, email address). For verification purposes, we will send you a confirmation email immediately after the registration process has been concluded. The data collected in the course of your registration will be used for the sending of our newsletter and may be processed, merged, and used with other data relating to you. We may pass this personal data onto our Marketing department, which will only process the data in accordance with our instructions. Where permitted under applicable data protection law, we may insert coding in our newsletter to enable us to identify whether the recipient opens the email and downloads the pictures it contains. 

You can unsubscribe to our newsletter by clicking on the link at the end of the newsletter. 

Where the GDPR is applicable, the legal basis is your consent (Art. 6 para. 1 (a) GDPR). 

Feedback from our customers is very important to us. Only in that way can we improve and develop our products, services, and web presence. Please do not hesitate to give us honest feedback. A general feedback form is available. In addition, we use service providers Medallia and eKomi for our customer surveys. We employ cookies and web analysis services on the survey platforms. We use your data in relation to the survey and assessment to improve our services. 

Where the GDPR is applicable, the legal basis is your consent (Art. 6 para. 1 (a) GDPR) and our legitimate interest (Art. 6 para. 1 (f) GDPR) in finding out how satisfied you are and obtaining suggestions on ways to improve our services. 

Customer surveys with Medallia

For the purpose of the survey, we forward customer contact data in relation to some customer touchpoints (e.g. new applications, telephony, and notification of claims) to Medallia (Medallia, Inc., 575 Market Street, Suite 1850, San Francisco, CA 94105, USA). Medallia will then email you to request your voluntary participation in an internet-based survey and will provide us with the responses. The Medallia survey tool is operated by the platform provider on our behalf. Medallia has given us a contractual undertaking that it will maintain data confidentiality and security in compliance with the applicable legal data protection provisions. The data processed in the survey tool include your contact details, details of the contact we’ve had with you, customer feedback, data you’ve provided to us in the course of surveys, as well as log data for accessing the platform (e.g. IP address, time information). We will view the data collected, with the aim of optimizing our services. We will only store your data for as long as is required for processing purposes. The data with Medallia will be stored on Medallia’s data servers in the UK. 

Further information on data protection at Medallia can be found at: 
https://www.medallia.com/privacy-policy

Customer feedback with eKomi 

If you decide in the course of a customer survey with Medallia that your feedback may be posted on our website on an anonymized basis, eKomi (eKomi Holding GmbH, Zimmerstrasse 11, 10969 Berlin, Germany) will anonymize your responses for us and incorporate them into our rating site. The latest feedback will thus always be visible at the top, on an unfiltered, authentic basis, as entered by our customers. Thanks to administration by eKomi, you can be sure that the customer opinions are genuine. Neither your name (optional) or email address will be published. We will store the details from your feedback until such time as you revoke your consent to the use of your feedback data, or it is no longer required for processing purposes. 

Further information on data protection at eKomi can be found at: 
https://www.ekomi.co.uk/uk/privacy

Customer feedback with Google MyBusiness

In the case of AXA-ARAG Legal Protection Ltd, your feedback is processed not only by eKomi but also by Google MyBusiness. Your feedback is therefore visible on Google Maps under “Reviews”.

Market research and AXA customer panel 

In some cases, we work with market research institutions; in others, we conduct interviews/tests ourselves. Surveys that are carried out with external partners on our behalf are subject to confidentiality and we will ensure that your data is not passed on to third parties. We do not analyze the data collected by external partners on a personalized basis and in addition it is deleted after a maximum of two years. 

If you are a member of the AXA customer panel and agree to participate in surveys or workshops on specific AXA topics, we will request your data (primarily your first and last name, email address, company, role at work). These registration details can be matched against and supplemented by existing data in our customer files. We use this data in order to create, select, and contact specific target groups for planned surveys.

You will be notified about the processing of your data individually in the surveys and as part of the AXA customer panel.