Privacy Statement

What does Corins use your personal data for?

Corins only uses your personal data for the purpose for which it is collected. We collect your personal data for the following purposes:

• Offering, evaluating, and accepting (potential) clients
• Entering into and executing agreements with a client
• Managing the client relationship
• Collecting, passing on, and managing necessary data to insurers/pension providers/financiers and inspection and expertise agencies for entering into and executing (insurance) agreements
• Settling and recording claims
• Complying with laws and regulations
• Conducting customer research
• Ensuring the security and integrity of the sector
• Combating, preventing, and detecting (attempts at) (criminal) behavior directed against the industry of which Corins is a part, the a.s.r. group to which Corins belongs (Corins is a subsidiary of ASR Nederland N.V.), Corins itself, and its clients and employees
• As an employee of Corins, being able to execute the employment agreement

With whom does Corins share your personal data?

We will never sell your personal data. We only share your personal data if this is permitted by law and necessary for one of the purposes described in the previous section. These may include the following parties:

• Insurance companies
• Advisors, intermediaries, and agents
• Financial institutions
• (Damage) Experts
• Inspection agencies
• Netherlands Vehicle Authority (RDW)
• Collection agencies
• The government
• Supervisors
• In the employment relationship with Corins, business relations, and competent government authorities (e.g., UWV, Tax Authorities)

How does Corins handle your personal data?

We handle your personal data with care and ensure that it is properly secured. Additionally, we adhere to the following rules:

• We train our staff well so that they know how to process your data as securely as possible
• We do not retain data longer than necessary. We monitor the legal retention periods. We have established a data retention policy for this. Policy and claim files are retained for 7 years after termination. Policy files for insurance with a liability component are retained for 20 years. For more information about specific retention periods, you can contact us
• Your data is mostly processed within the European Economic Area (EEA). If we share data with parties located in a country outside the EEA or when personal data is processed outside the EEA, we ensure that the protection of your personal data is sufficiently guaranteed
• a.s.r. employs a Data Protection Officer. The Data Protection Officer is an internal supervisor and ensures that we comply with privacy laws and regulations

What rights do you have?

You have certain rights regarding the use of your personal data. Below we describe your rights:

• Right of access: you may ask us which personal data we process about you. You do not need to provide a reason for the access request. The right of access only pertains to access to your own data
• Right to rectification: if your personal data is incorrect or incomplete, you may request us to correct or supplement the relevant personal data
• Right to erasure: In certain cases and under conditions, you have the right to have the personal data we process about you erased. For example, when there is no (longer) a basis for processing your data
• Right to object: if special personal circumstances justify the objection to the processing of personal data, you can ask us to delete or anonymize your personal data
• Right to data portability: if the personal data provided by you is processed automatically and based on your consent or an agreement, you have the right to receive a copy in a structured, commonly used, and readable format. The personal data will be sent directly to a new party at your request
• Right to restriction of processing: if you believe that we are processing your personal data unlawfully, you can request a restriction of processing. This means that the data will not be processed by us for a certain period
• Right to object: You have the right to object to the processing of your personal data, which takes place based on our legitimate interest or the legitimate interest of a third party. In that case, we will no longer process your data, unless there are compelling legitimate grounds for the processing that override your interests or that are related to the establishment, exercise, or defense of legal claims
• If you wish to exercise any of your rights, you can contact our Data Protection Officer. The contact details are provided below. Your request will be processed within 4 weeks.

Automated decision-making and profiling

We do not use automated decision-making or profiling in the processing of your personal data. This means that we do not make decisions solely based on automated processes, such as algorithms or artificial intelligence (AI).

Questions, comments, or complaints?

If you have any questions or comments about the processing of your personal data or this statement, you can contact our Risk Manager. You can also contact the Risk Manager if you have complaints about the processing of your personal data or if you want to exercise any of your rights.

You can reach the Risk Manager by email at info@corins.nl or by post at:

Corins B.V.
Attn: Risk Manager
Gatwickstraat 19
1043 GL  Amsterdam

If we cannot resolve the matter together, you can submit your complaint to the supervisory authority, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). Telephone: 070-888 8500.

We may amend the Privacy Statement. For example, if privacy laws change or if there are changes in the way we handle your data. We therefore recommend that you regularly review this Privacy Statement. If there is a significant change in this Privacy Statement, a clear notification will follow.

This Privacy Statement was last amended on January 24, 2025.