Background and purpose of Söderberg & Partners’ data protection policy
The General Data Protection Regulation is the EU's common basis for the processing of personal data. The purpose of the legislation is to strengthen the protection of personal data. It is important for us at Söderberg & Partners to protect personal data; thus, we have a data protection policy intended to clarify which personal data we have collected and how we process the data.
The Söderberg & Partners organisation considers the General Data Protection Regulation a very serious matter; everyone within the organisation is trained regularly, and follow-ups are conducted.
Who is Söderberg & Partners?
Söderberg & Partners Danmark I Forsikringsmæglervirksomhed A/S and Söderberg & Partners Danmark II Forsikringsmæglervirksomhed A/S as well as associated companies (hereafter ‘Söderberg & Partners’) are part of the Söderberg & Partners Danmark. Söderberg & Partners and your broker are responsible for the personal data we process. You can find all companies under Söderberg & Partners Denmark through this link.
We strive to protect the personal data we process when providing our services to our customers. Söderberg & Partners' services primarily consist of insurance brokerage, where we advise our customers on their insurance program and its administration and assist with claims management and events related to pensions.
We must have a legal basis (legitimate basis) for all processing (i.e., use) of ordinary personal data. In most cases, this basis is that:
- The processing is necessary to perform a contract or to enter into a contract in which you are or will become a party.
- The processing is necessary to comply with a legal obligation (e.g., collecting tax information for reporting to the tax authorities).
- The processing is in our legitimate interests unless your fundamental rights and freedoms override our legitimate interests.
Before we collect and possibly process sensitive personal data, information on a criminal record certificate, or Danish Personal Identification number (CPR-nummer), we ensure the existence of a legal basis. In most cases, this basis is:
- your explicit consent;
- that the processing is necessary to defend or exercise a legal claim;
- that the processing is necessary to ensure unique identification; or
- it follows from EU law or national law.
Collection and registration of personal data
We only collect personal data that is necessary for us, and we always process personal data in accordance with applicable data protection legislation. We use the data to provide advice to our customers and our customers' employees. The personal data required depends on the purpose for which the data is to be used. At Söderberg & Partners, we process the following categories of personal data, where relevant:
Ordinary personal data: e.g., name, address, email address, telephone number, position, title, date of employment and resignation, date of birth, salary and other compensation, relatives, registration number, marital status, the customer's insurance company, seniority, history of claims, coverage
National identification number: Danish Personal Identification number (CPR-nummer)
Data related to criminal convictions: Criminal record certificate
Special categories of personal data: Data concerning health
We collect personal data from:
- Our customers
- Our customers' employees
- Third parties
- Public authorities
Categories of recipients
Everyone at Söderberg and Partners is subject to the obligation of professional secrecy, and we only disclose your data to others as necessary and in accordance with the applicable legislation. In order for us to provide you with insurance brokerage services, personal data will be disclosed to relevant insurance companies, business partners and data processors. Also, we may disclose personal data when we are obliged to do so under applicable legislation.
Söderberg & Partners and your broker share your data among themselves to be able to provide consulting services. We may disclose your personal data to others within the organisation to the extent it is relevant and there is a legal basis in the data protection legislation.
Storage of personal data
We will store all personal data as long as we find it objectively relevant. We are obliged to delete personal data when they are no longer relevant. Under normal circumstances, 11 years after our advisory relationship with you is completed, there will no longer be any objectively relevant purpose of continuing the storage of personal data. However, on a case by case basis, we may decide on a longer storage time if we consider that this is necessary for us to establish, exercise or defend ourselves against legal claims.
Processing at data processors
We have agreements with all our data processors, and we verify that they comply with our instructions for safe processing. As part of these instructions, we require that these data processors process personal data confidentially and take appropriate technical and organisational measures to protect personal data.
Data protection is important to us, as it may have severe consequences for the persons concerned. Therefore, we have taken reasonable technical and organisational measures to protect the personal data we process. This means that we have, among other things, introduced procedures, policies and IT-technical security measures.
If we process personal data about you, you have certain rights. Below is a list of your rights:
Right of access
You have the right to get access to the data concerning you that we process, as well as some additional information.
Right to rectification
You have the right to have personal data concerning you rectified if the data is inaccurate or not up to date
Right to erasure
In certain cases, you have the right to have data about yourself erased before the time of our regular routine erasure. However, we will only delete your data if you are no longer a customer with us and only when claims can no longer be made against us.
Right to restriction of processing
In some cases, you have the right to restrict the processing of your personal data. If you have the right to restrict the processing, in future, we may only process the data – with the exception of storage – with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another person or for reasons of important public interest.
Right to object
In some cases, you have the right to object to our otherwise legal processing of your personal data.
Right to data portability
In some cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have this personal data transmitted from one data controller to another without hindrance.
Right to withdraw consent
If you have given your consent, you have the right to withdraw your consent at any time
To use your rights, use the contact information at the bottom of this policy.
If you are dissatisfied with Söderberg & Partners' processing of your data, you may lodge a complaint with the Danish Data Protection Agency, Borgergade 28, 5th, 1300 Copenhagen K, Phone 33193200, email firstname.lastname@example.org, website www.datatilsynet.dk.
Contact Söderberg & Partners
If you have any questions regarding the processing of your personal data, want to withdraw your consent or wish to exercise your rights, feel free to contact your broker or Söderberg & Partners main office. You can always learn who your broker is by contacting Söderberg & Partners’ main office.
Our Danish main office
Life and pension: Söderberg & Partners Danmark I Forsikringsmæglervirksomhed A/S
Amaliegade 3, 1st floor, 1256 Copenhagen K
phone: +45 33 13 33 30
CVR no.: 35836160
Non-life: Söderberg & Partners Danmark II Forsikringsmæglervirksomhed A/S
Amaliegade 3, 1st floor, 1256 Copenhagen K
phone: +45 33 13 33 30
CVR no.: 36413190