AXA Insurance Ltd, AXA Life Ltd, and AXA-ARAG Legal Protection Ltd (hereinafter “AXA” or “we”/”us”) enable users to utilize online services (hereinafter “services”) via the AXA online portals (hereinafter “portals”) and/or AXA apps (hereinafter “apps”) under the following terms.
The portals and/or apps allow the user to access the services of AXA and its partners. Depending on the portal/app the following functions are available, for example:
AXA will continue to develop the functions in order to promote electronic business transactions.
AXA rejects all liability arising from the use of a portal/an app by unauthorized third parties. Access to portals/apps does not constitute a right. AXA has the right to discontinue the portals/apps fully or partially at any time without stating the reasons.
The rights of use generally cover the data and services of both “natural persons” and “legal entities”.
2.1 What rights of use apply for natural persons?
A natural person
A natural person may register as a portal/app user and use the respective services. As a user, they may also grant powers of attorney for access to certain portals/apps.
With these powers of attorney, authorized representatives are granted access as users to the natural person’s business and personal data on the portal/app and may also make changes to these data.
Moreover, authorized AXA representatives may submit notifications on the natural person’s behalf. The natural person agrees that further services may be added on an ongoing basis and that the authorized representatives may access these.
Authorized representatives gain access to existing and future documents and services of the natural person, provided this access is possible technically and on data protection grounds.
2.2 What rights of use apply for legal entities?
The legal entity represents a company which
An authorized representative of the company designates one or more administrator(s) within their company who, as portal/app users, will perform tasks relating to the legal entity or the company respectively.
Regarding myAXA, the company’s authorized representative authorizes administrators and requires them to exercise the rights and obligations stipulated in the document setting out the AXA portal contractual conditions for companies when using the services. Depending on the portal/app, administrators are granted, inter alia, access to, for example, payroll data, claims data, and other sensitive personal data in connection with the company’s insurance contracts.
The company’s authorized representative agrees that further documents and services may be added to the portal/app on an ongoing basis and that administrators may access these.
Depending on the portal/app, administrators, in turn, may designate authorized representatives for each insurance quotation/contract or service who, for their part, exercise the rights and obligations as users. The authorized representatives gain right of access only in connection with the insurance quotations/contracts or services in question and – in cases where the quotation changes to a contract or a follow-up contract is concluded – only on the corresponding portal/app.
It is recommended that persons in the company are designated as administrators. If a third party is designated as administrator (e.g. a fiduciary), the company representative authorizing this accepts responsibility for placing the administrator rights outside the company and for the risk this might entail.
AXA must be notified immediately by post or electronically about any changes to the administrators’ authorization, in particular if it is amended or canceled, using the change of administrator template on the portal/app. If users violate their reporting obligation, they shall bear the consequences.
AXA recommends that only trustworthy, adult persons be appointed as administrators or authorized representatives. The authorizer responsible for declaring administrators or authorized representatives accepts responsibility for actions taken by these users. AXA may rely upon a power of attorney granted to administrators or authorized representatives until its revocation.
Users can manage their powers of attorney within the portal/app. The authorizer must check the powers of attorney regularly and update them as necessary. Authorizers who fail to do so will bear any consequences.
AXA makes available various registration processes for setting up an account. In these processes, users must prove their identity using the required data to allow secure identification to take place. Should the identification fail, users will need to provide proof of identity via additional security features or an expanded identification process. Users will be guided through the expanded process in order to guarantee secure registration.
Users log in via a procedure which complies with the current security standards and offers a high level of protection for personal data against unauthorized third-party access.
Anyone having successfully set up an account via an AXA registration process and successfully authenticated themselves is deemed by AXA to be legitimized to access the portal/app. AXA assumes that this person is in fact the respective identified and authorized user. AXA can therefore provide this person with data and information without further verification, and accept binding instructions and notifications from them.
In connection with our pension solutions, AXA Life Ltd is legally obliged to verify the identity of the users before concluding a contract. To do so, we offer the option of video identification by Swisscom (Switzerland) Ltd (hereinafter "Swisscom"). By using this video identification the users accept the following conditions and declare their agreement:
Documents and devices required
Video identification process
The video identification process is carried out by a Swisscom Service Center in Switzerland. Swisscom establishes a connection with the computer, smartphone, or tablet. The users enter their personal data directly on the Swisscom website. The video chat then begins with a specially trained Swisscom employee.
In this real-time audiovisual identification process, photos are taken of the users and their passport or identity card (identification document). A comparison is also made between the data the users entered at the start and the data on their identification document. Finally, the users will be sent a text message with a release code or a transaction number (TAN), which they have to enter on their computer, smartphone, or tablet.
Swisscom sends all the data received from the users to AXA Life Ltd, where it is stored and processed, and deletes it after transmission.
Users who suspect that an unauthorized party has acquired access data must contact AXA's Customer Care Service Center (telephone 0800 800 292) immediately. The Service Center can be reached around the clock.
Users, for their part, may ask AXA to block their access at any time.
In using the portal/app, users accept that, in the future, certain documents and communications relating to AXA might be delivered or made available only in electronic form.
As soon as documents or other communications are made available in the portal/app, users will be informed via the email address stored in the portal/app. Documents and communications are deemed to have been delivered as soon as they can be accessed on the portal/app. Users must download the files independently in order to be able to comply with their contractual obligations in a timely manner.
AXA has the right to continue sending the stored documents by post, especially if this is required by law or is expedient for other reasons, naturally without entailing any additional costs to users.
Generally, AXA does not charge users for using the portals/apps. Users will be notified of any subsequent potential costs at an early stage. Any costs incurred through the use of the Internet are based on the rates applied by users’ Internet providers.
AXA will do everything it can to ensure that the portal/app is available at all times. Despite careful maintenance, malfunctions may nevertheless occur, and it cannot be guaranteed that the portal/app will be accessible at all times. Planned system outages are scheduled during off-peak hours whenever possible. AXA assumes no liability for losses arising from interruptions or malfunctions.
The Access data must be stored securely and protected against misuse. Users are responsible for consequences resulting from misuse of their access data. The user must inform AXA immediately if there is reason to believe that unauthorized third parties have gained access to their login details so that access can be blocked and new login details can be issued.
Users are responsible for ensuring that the data recorded are true and accurate (especially in the event of a claim notification).
Special due diligence obligations for app users
Users of apps shall protect their mobile phone or tablet adequately from unauthorized access. They thereby reduce the risk that their mobile device/tablet is misused to access AXA data. A password that comprises at least six alphanumeric characters to unlock the device is recommended, which should be kept secret. Alternatively, the fingerprint scanner or other biometric sensors of the mobile phone or tablet can be used. In addition, users should keep their operating system and the application up to date and install recommended software and security updates of the relevant provider on an ongoing basis. Moreover, devices that have been subject to a jailbreak (removal of usage restrictions from a device) or software rooting (allocation of additional access rights to the operating systemis should not be used). If a mobile phone or tablet is lost or stolen, a change of password is recommended (for myAXA via www.myaxa.ch).
Access to and processing of personal data will be subject to the provisions of the Swiss Federal Act on Data Protection and, as applicable, of the EU General Data Protection Regulation (GDPR).
11.1 myAXA App
11.1.1 Information about the PIN code and Touch ID, Face ID, or other biometric sensors
After initial login using the MyAXA username, password, and one-off transaction number (TAN) the user is requested to enter a four-digit PIN code that provides additional app protection and should be kept secret. With this PIN code or other biometric sensors the access to the contract data of the user is encrypted on the device. If the system is not used for six months, this easier access via PIN code or other biometric sensors lapses, and login is only possible via username, password, and TAN. For especially strong protection of personal contract data, users can log out after each use of the app. Each follow-on login must then once again be carried out using all three security elements (username, password, TAN).
Using the AXA Sure functionality, any object can be photographed and categorized, and the amount of its insurance coverage queried online. The following special provisions apply:
a) The information on coverage is non-binding.
b) It is determined based only on the categorization carried out and is entirely automated and theoretical. The photo transmitted is not checked and does not establish any entitlement to a (real) substitution of the project portrayed.
c) Coverage is only granted if the registered customer has taken out the household insurance product Box OPTIMA 2010.
d) The information presupposes that the amount of insurance agreed was sufficiently high, that the object is insured in the event of a claim, and that there is no reason for exclusion.
e) We reserve the right to reject or refuse insurance coverage and/or insurance benefits for legal or contractual reasons, especially in the case of misuse or false information.
f) For further information, please contact your advisor.
a) In order to protect personal privacy, no photographs of people are to be uploaded.
b) The user him/herself is responsible for the content of the uploaded photographs.
c) AXA rejects all liability in connection with uploaded photographs.
11.1.3 Insurance contracts from third-party providers
Users have the option of uploading their own insurance contracts from third-party providers (hereinafter “third-party agreement”) onto myAXA and removing them again.
AXA only stores a copy of the third-party agreement. This copy is not a replacement for the original policy.
AXA can perform spot checks to prevent misuses of this function.
11.1.4 Google Firebase
AXA uses Google Firebase, a product of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
This is a platform used for the development of the myAXA app. Here, user data are transmitted to Firebase and Firebase functions are used to ensure a better navigation experience and evaluate errors, as well as to facilitate push messages and user behavior analyses.
a) Firebase modules used
b) Data protection information
Google Firebase can transmit data to third countries; in respect of this, Google applies the EU Standard Contractual Clauses, which ensure a level of protection in third countries that is equivalent to the level of data protection in the EU.
More detailed information in respect of data protection with Google Firebase and Google Analytics for Firebase can be found here: Privacy and Security in Firebase, terms and conditions of use for Google Analytics
c) Revoking consent for data processing
If an app crashes, anonymous information is automatically sent to Google in the form of crash reports. This information does not contain any personal or person-related data. When you use the myAXA app, you can withdraw consent for the forwarding of this data in the operating system settings for the app. With Android apps, when the mobile device is being set up, you can use the settings to deactivate all transmissions of crash messages to Google and/or the app developer.
11.1.5 AT Internet
For web analysis in connection with the myAXA app, we use AT Internet (Piano Company Applied Technologies Internet SAS, 85 avenue Président JF Kennedy, 33700 Mérignac, France).
AT Internet collects your cookie ID and other data such as your mobile ID and IP address on our behalf. We require this data in order to analyze user behavior and ensure a high quality of use. The user behavior data generated via the cookie (including IP address) is stored on an AT Internet server within the European Union. IP addresses are deleted in their entirety after 6 months.
Further information on data protection at AT Internet can be found at: https://www.atinternet.com/en/data-protection/
Via the cookie settings, you can choose whether you wish to participate in the tracking process or not.
Where the GDPR is applicable, the legal basis is your consent (Art. 6 para. 1 (a) GDPR).
Users acknowledge that data are transmitted across borders via a generally accessible network (e.g. the Internet or mobile communications system) and may potentially be lost in the process. Data transmission is protected by means of appropriate encryption procedures. Despite adequate encryption security, it is impossible to exclude residual risks entirely. AXA accepts no liability in connection with proper functioning and security during data transmission via a generally accessible network.
There is a risk that unauthorized third parties may gain access to the user’s computer or data connection undetected during Internet use (e.g. by hacking) and introduce viruses to the computer. Users are responsible for managing their own computer access and internet connection, and must ensure adequate security is in place by installing anti-virus and firewall software, for example.
If portals/apps are accessed from abroad (third country), there is the additional risk that the user data may be inadequately protected. Users are responsible for informing themselves properly about these risks. AXA rejects all liability in this regard.
Users undertake to inform themselves of the relevant country’s statutory provisions and to comply with them. AXA rejects all liability for usage of the portal/app from abroad.
To the extent permitted by applicable laws, AXA accepts no liability for direct, indirect, or consequential loss or damage that may arise to users or to third parties resulting from the use of Internet, the platforms (including the portals and apps), and the information visible there.
This can include, among others, loss or damage resulting from transmission errors, technical defects, or non-availability, malfunctions, network overload, illegal interference or access by third parties, failure to recognize shortcomings in establishing identity, careless use of access data, or blocked access. Furthermore, AXA rejects all liability in connection with the accuracy and completeness of data that is transmitted or displayed electronically.
Further, AXA assumes no warranty for the content of external websites or functions and services offered by third parties, to which there is a link in the portal/app or that can be accessed via the portal/app, and rejects all liability.
The content and structure of the portals/apps are the property of AXA. Any copying of information or data, in particular the use of text, text segments, trademarks, logos, and other visual material, requires prior written approval from AXA.
Users have the right to stop using the respective portal and/or app at any time.
This may result in users losing entitlements to services which go beyond insurance coverage and benefits. Users are responsible for deactivating their portal/app access.
However, insurance coverage and benefits are not dependent upon the user having access to the portal/app.
Version November 2022