Terms of use for AXA online services and apps

The portals and/or apps allow the user to access the services of AXA and its partners. Depending on the portal/app the following functions are available, for example:

• Overview of contracts and contract-related documents;
• Contact details of the customer care team and their personal insurance and pension advisors;
• Entry of claims notifications and service inquiries;
• News, notifications when new documents arrive, and links to insurance offers.

AXA will continue to develop the functions in order to promote electronic business transactions.

These terms of use define the rights and obligations between AXA and the users in connection with the portals/apps. Users may only utilize the portals/apps in accordance with the following terms of use. They are regarded as a contract or an integral part of a contract.

Special terms of use for individual portals and apps are contained in para. 11.

AXA rejects all liability arising from the use of a portal/an app by unauthorized third parties. Access to portals/apps does not constitute a right. AXA has the right to discontinue the portals/apps fully or partially at any time without stating the reasons.

The rights of use generally cover the data and services of both “natural persons” and “legal entities”.

2.1 What rights of use apply for natural persons?

A natural person 

• has/had a direct contractual relationship with AXA (e.g. holder of a motor vehicle insurance policy);
• has/had an indirect contractual relationship with AXA (e.g. insured member of a pension fund);
• is interested in a contractual relationship with AXA;
• or wishes to use AXA services in a different form.

A natural person may register as a portal/app user and use the respective services. As a user, they may also grant powers of attorney for access to certain portals/apps.

With these powers of attorney, authorized representatives are granted access as users to the natural person’s business and personal data on the portal/app and may also make changes to these data.

Moreover, authorized AXA representatives may submit notifications on the natural person’s behalf. The natural person agrees that further services may be added on an ongoing basis and that the authorized representatives may access these.

Authorized representatives gain access to existing and future documents and services of the natural person, provided this access is possible technically and on data protection grounds.

2.2 What rights of use apply for legal entities?

The legal entity represents a company which

• has/had a direct or indirect contractual relationship with AXA;
• is showing an interest in a contractual relationship with AXA; 
• or wishes to use AXA services in a different form. 

An authorized representative of the company designates one or more administrator(s) within their company who, as portal/app users, will perform tasks relating to the legal entity or the company respectively.

Regarding myAXA, the company’s authorized representative authorizes administrators and requires them to exercise the rights and obligations stipulated in the document setting out the AXA portal contractual conditions for companies when using the services. Depending on the portal/app, administrators are granted, inter alia, access to, for example, payroll data, claims data, and other sensitive personal data in connection with the company’s insurance contracts.

The company’s authorized representative agrees that further documents and services may be added to the portal/app on an ongoing basis and that administrators may access these.

Depending on the portal/app, administrators, in turn, may designate authorized representatives for each insurance quotation/contract or service who, for their part, exercise the rights and obligations as users. The authorized representatives gain right of access only in connection with the insurance quotations/contracts or services in question and – in cases where the quotation changes to a contract or a follow-up contract is concluded – only on the corresponding portal/app.

It is recommended that persons in the company are designated as administrators. If a third party is designated as administrator (e.g. a fiduciary), the company representative authorizing this accepts responsibility for placing the administrator rights outside the company and for the risk this might entail.

AXA must be notified immediately by post or electronically about any changes to the administrators’ authorization, in particular if it is amended or canceled, using the change of administrator template on the portal/app. If users violate their reporting obligation, they shall bear the consequences.

AXA recommends that only trustworthy, adult persons be appointed as administrators or authorized representatives. The authorizer responsible for declaring administrators or authorized representatives accepts responsibility for actions taken by these users. AXA may rely upon a power of attorney granted to administrators or authorized representatives until its revocation.

Users can manage their powers of attorney within the portal/app. The authorizer must check the powers of attorney regularly and update them as necessary. Authorizers who fail to do so will bear any consequences.

AXA makes available various registration processes for setting up an account. In these processes, users must prove their identity using the required data to allow secure identification to take place. Should the identification fail, users will need to provide proof of identity via additional security features or an expanded identification process. Users will be guided through the expanded process in order to guarantee secure registration.

Users log in via a procedure which complies with the current security standards and offers a high level of protection for personal data against unauthorized third-party access.

Anyone having successfully set up an account via an AXA registration process and successfully authenticated themselves is deemed by AXA to be legitimized to access the portal/app. AXA assumes that this person is in fact the respective identified and authorized user. AXA can therefore provide this person with data and information without further verification, and accept binding instructions and notifications from them.

In connection with our pension solutions, AXA Life Ltd is legally obliged to verify the identity of the users before concluding a contract. To do so, we offer the option of video identification by Swisscom (Switzerland) Ltd (hereinafter "Swisscom"). By using this video identification the users accept the following conditions and declare their agreement:

• The users have read the terms of use.
• The video identification process is carried out by Swisscom. Accordingly, the users enter their data directly on the Swisscom website. The video chat is recorded and stored. Once the video identification is complete, Swisscom will forward the data to AXA Life Ltd electronically.
• AXA Life Ltd does not assume any liability for the conduct of Swisscom and its employees.
• AXA Life Ltd reserves the right to amend these terms of use at any time.

Documents and devices required

• A valid passport or identity card
• A computer with camera and microphone or a smartphone or tablet with Android or iOS operating system. The image and sound quality of your device must permit clear identification.

Video identification process

The video identification process is carried out by a Swisscom Service Center in Switzerland. Swisscom establishes a connection with the computer, smartphone, or tablet. The users enter their personal data directly on the Swisscom website. The video chat then begins with a specially trained Swisscom employee.

In this real-time audiovisual identification process, photos are taken of the users and their passport or identity card (identification document). A comparison is also made between the data the users entered at the start and the data on their identification document. Finally, the users will be sent a text message with a release code or a transaction number (TAN), which they have to enter on their computer, smartphone, or tablet.

Swisscom sends all the data received from the users to AXA Life Ltd, where it is stored and processed, and deletes it after transmission.

Users who suspect that an unauthorized party has acquired access data must contact AXA's Customer Care Service Center (telephone 0800 800 292) immediately. The Service Center can be reached around the clock.

Users, for their part, may ask AXA to block their access at any time.

Where there is valid reason, e.g. a violation of the terms of use such as through a breach of duty of care (see para. 9) or data security requirements (para. 12) or on suspicion of misuse by an unauthorized third party, AXA has the right to block access to the portal/app fully or partially without notice. AXA rejects all liability for loss or damage that occurs in connection with blocked access.

In using the portal/app, users accept that, in the future, certain documents and communications relating to AXA might be delivered or made available only in electronic form.

As soon as documents or other communications are made available in the portal/app, users will be informed via the email address stored in the portal/app. Documents and communications are deemed to have been delivered as soon as they can be accessed on the portal/app. Users must download the files independently in order to be able to comply with their contractual obligations in a timely manner.

AXA has the right to continue sending the stored documents by post, especially if this is required by law or is expedient for other reasons, naturally without entailing any additional costs to users.

Generally, AXA does not charge users for using the portals/apps. Users will be notified of any subsequent potential costs at an early stage. Any costs incurred through the use of the Internet are based on the rates applied by users’ Internet providers.

AXA will do everything it can to ensure that the portal/app is available at all times. Despite careful maintenance, malfunctions may nevertheless occur, and it cannot be guaranteed that the portal/app will be accessible at all times. Planned system outages are scheduled during off-peak hours whenever possible. AXA assumes no liability for losses arising from interruptions or malfunctions.

The Access data must be stored securely and protected against misuse. Users are responsible for consequences resulting from misuse of their access data. The user must inform AXA immediately if there is reason to believe that unauthorized third parties have gained access to their login details so that access can be blocked and new login details can be issued.

Users are responsible for ensuring that the data recorded are true and accurate (especially in the event of a claim notification).

Special due diligence obligations for app users  

Users of apps shall protect their mobile phone or tablet adequately from unauthorized access. They thereby reduce the risk that their mobile device/tablet is misused to access AXA data. A password that comprises at least six alphanumeric characters to unlock the device is recommended, which should be kept secret. Alternatively, the fingerprint scanner or other biometric sensors of the mobile phone or tablet can be used. In addition, users should keep their operating system and the application up to date and install recommended software and security updates of the relevant provider on an ongoing basis. Moreover, devices that have been subject to a jailbreak (removal of usage restrictions from a device) or software rooting (allocation of additional access rights to the operating systemis should not be used). If a mobile phone or tablet is lost or stolen, a change of password is recommended (for myAXA via www.myaxa.ch).

Access to and processing of personal data will be subject to the provisions of the Swiss Federal Act on Data Protection and, as applicable, of the EU General Data Protection Regulation (GDPR).

For the use of the portals/apps, the Privacy Policy shall apply in addition.

11.1 myAXA App

11.1.1 Information about the PIN code and Touch ID, Face ID, or other biometric sensors

After initial login using the MyAXA username, password, and one-off transaction number (TAN) the user is requested to enter a four-digit PIN code that provides additional app protection and should be kept secret. With this PIN code or other biometric sensors the access to the contract data of the user is encrypted on the device. If the system is not used for six months, this easier access via PIN code or other biometric sensors lapses, and login is only possible via username, password, and TAN. For especially strong protection of personal contract data, users can log out after each use of the app. Each follow-on login must then once again be carried out using all three security elements (username, password, TAN).

11.1.2 Special terms of use for the AXA Sure functionality 

Using the AXA Sure functionality, any object can be photographed and categorized, and the amount of its insurance coverage queried online. The following special provisions apply:

Coverage

a) The information on coverage is non-binding.

b) It is determined based only on the categorization carried out and is entirely automated and theoretical. The photo transmitted is not checked and does not establish any entitlement to a (real) substitution of the project portrayed. 

c) Coverage is only granted if the registered customer has taken out the household insurance product Box OPTIMA 2010.

d) The information presupposes that the amount of insurance agreed was sufficiently high, that the object is insured in the event of a claim, and that there is no reason for exclusion. 

e) We reserve the right to reject or refuse insurance coverage and/or insurance benefits for legal or contractual reasons, especially in the case of misuse or false information.

f) For further information, please contact your advisor. 

Photograph upload

a) In order to protect personal privacy, no photographs of people are to be uploaded.

b) The user him/herself is responsible for the content of the uploaded photographs.

c) AXA rejects all liability in connection with uploaded photographs. 

11.1.3 Insurance contracts from third-party providers  

Users have the option of uploading their own insurance contracts from third-party providers (hereinafter “third-party agreement”) onto myAXA and removing them again.

AXA only stores a copy of the third-party agreement. This copy is not a replacement for the original policy.

AXA can perform spot checks to prevent misuses of this function.

11.1.4 Google Firebase

AXA uses Google Firebase, a product of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 

This is a platform used for the development of the myAXA app. Here, user data are transmitted to Firebase and Firebase functions are used to ensure a better navigation experience and evaluate errors, as well as to facilitate push messages and user behavior analyses.

a) Firebase modules used

• Dynamic links
• Crashlytics
• Cloud and in-app messaging
• Remote configuration
• Google Analytics for Firebase

b) Data protection information

Google Firebase can transmit data to third countries; in respect of this, Google applies the EU Standard Contractual Clauses, which ensure a level of protection in third countries that is equivalent to the level of data protection in the EU. 

More detailed information in respect of data protection with Google Firebase and Google Analytics for Firebase can be found here: Privacy and Security in Firebase, terms and conditions of use for Google Analytics

c) Revoking consent for data processing

If an app crashes, anonymous information is automatically sent to Google in the form of crash reports. This information does not contain any personal or person-related data. When you use the myAXA app, you can withdraw consent for the forwarding of this data in the operating system settings for the app. With Android apps, when the mobile device is being set up, you can use the settings to deactivate all transmissions of crash messages to Google and/or the app developer.

11.1.5 AT Internet

For web analysis in connection with the myAXA app, we use AT Internet (Piano Company Applied Technologies Internet SAS, 85 avenue Président JF Kennedy, 33700 Mérignac, France).

AT Internet collects your cookie ID and other data such as your mobile ID and IP address on our behalf. We require this data in order to analyze user behavior and ensure a high quality of use. The user behavior data generated via the cookie (including IP address) is stored on an AT Internet server within the European Union. IP addresses are deleted in their entirety after 6 months.

Further information on data protection at AT Internet can be found at: https://www.atinternet.com/en/data-protection/

Via the cookie settings, you can choose whether you wish to participate in the tracking process or not.

Where the GDPR is applicable, the legal basis is your consent (Art. 6 para. 1 (a) GDPR).

Users acknowledge that data are transmitted across borders via a generally accessible network (e.g. the Internet or mobile communications system) and may potentially be lost in the process. Data transmission is protected by means of appropriate encryption procedures. Despite adequate encryption security, it is impossible to exclude residual risks entirely. AXA accepts no liability in connection with proper functioning and security during data transmission via a generally accessible network.

There is a risk that unauthorized third parties may gain access to the user’s computer or data connection undetected during Internet use (e.g. by hacking) and introduce viruses to the computer. Users are responsible for managing their own computer access and internet connection, and must ensure adequate security is in place by installing anti-virus and firewall software, for example.

If portals/apps are accessed from abroad (third country), there is the additional risk that the user data may be inadequately protected. Users are responsible for informing themselves properly about these risks. AXA rejects all liability in this regard.

Users undertake to inform themselves of the relevant country’s statutory provisions and to comply with them. AXA rejects all liability for usage of the portal/app from abroad.

To the extent permitted by applicable laws, AXA accepts no liability for direct, indirect, or consequential loss or damage that may arise to users or to third parties resulting from the use of Internet, the platforms (including the portals and apps), and the information visible there.

This can include, among others, loss or damage resulting from transmission errors, technical defects, or non-availability, malfunctions, network overload, illegal interference or access by third parties, failure to recognize shortcomings in establishing identity, careless use of access data, or blocked access. Furthermore, AXA rejects all liability in connection with the accuracy and completeness of data that is transmitted or displayed electronically.

Further, AXA assumes no warranty for the content of external websites or functions and services offered by third parties, to which there is a link in the portal/app or that can be accessed via the portal/app, and rejects all liability.

The content and structure of the portals/apps are the property of AXA. Any copying of information or data, in particular the use of text, text segments, trademarks, logos, and other visual material, requires prior written approval from AXA.

Users have the right to stop using the respective portal and/or app at any time.

This may result in users losing entitlements to services which go beyond insurance coverage and benefits. Users are responsible for deactivating their portal/app access.

However, insurance coverage and benefits are not dependent upon the user having access to the portal/app.

A reserves the right to amend the terms of use for AXA online services and apps at any time and to adapt them to reflect relevant technical or legal developments. The services can be extended, restricted, or modified at any time. Changes will be communicated in the portals/apps. By using the portals/apps, users accept the currently applicable terms of use. If these are rejected, the portals/apps can no longer be used.

Should any part of these terms of use become void or unenforceable, the remaining provisions shall be unaffected. AXA and the users must apply and implement these terms of use in such a way that the purpose of any void or unenforceable parts continues to be served to the extent possible.

These terms of use are subject to Swiss law. The place of jurisdiction is Winterthur. AXA is also entitled to institute proceedings against users at a competent court at their place of residence/registered office, or at any other competent court.