Insurely, with the registered name of Insurely AB, org. no. 559103-5646, a company registered in Sweden at the registered address Drottninggatan 71C, 111 34 Stockholm, Sweden (“Insurely”, “we”, or “us”), cares about your privacy and wants you to understand how we collect and use your personal data.
This privacy policy explains how we collect, share, and use personal information about you, and how you can exercise your privacy rights.
This policy only applies to personal data that we handle in connection with you using our website or insurance-related services:
Usage of Insurely via partner services.
When you use Insurely through one of our partners, for example through your bank or insurance company that uses Insurely as a technical provider for the purpose of retrieving insurance, pension, investment, loan and/or mortgage data from a third party, the respective partner is the main data controller for the processing of personal data that takes place in connection with the use of the service you have requested. Insurely then processes the personal data as a data processor on the written instructions of the respective partner, which is directly linked to the performance of the service.
In addition, Insurely, as data controller, may anonymise certain user data and insurance, pension, investment, loan and/or mortgage data related to use of the services, in order to improve our products and services. This processing is authorized by our partners and has been deemed compatible with the original purpose of the data processing. We take several measures to ensure that the data we use for this purpose is anonymized, e.g. by deleting all direct identifiers, converting values into ranges (e.g. regarding age or postal code), applying hash algorithms, etc.
We base our anonymisation process on our legitimate interest to improve our products and services, as it benefits you as a user. Once the data has been anonymised, there is no longer a link to you and the data is no longer considered personal data. If you want to know more about our anonymisation process or what we use the anonymised data for, please contact us at privacy@insurely.com
Website and Marketing.
Scope of processing of your personal data.
We collect information about you that constitutes personal data, i.e, information that alone or in combination with other information identifies you or can reasonably lead to your identification.
We collect personal data directly from you when you: (i) fill in any contact form on our website https://www.insurely.com/ (“Website”) or otherwise send an inquiry to us about our Services, (ii) register for and/or attend Insurely-hosted or -sponsored webinars or events, (iii) request copies of Insurely’s reports or publications, (iv) create an account to access our API documentation or (v) subscribe to our newsletters, or when we reach out to you to market our Services.
We also collect information about you from other sources. When you interact with us through the Website, we place cookies on your device, which will collect and share information with us. We also collect and process personal data that is publicly available, for example information on your employer’s website.
Why does the company process your personal data and on what legal basis?
To respond to your inquiries
When you send an inquiry to us about our Services, for example when you fill in a contact form on the Website or request a demo of our Services, we will ask you to provide the following information about yourself:
-
First and last name
-
Work email address
-
Company name
-
Information on how you heard about us
-
Job title
If you wish, you can also disclose:
-
Your phone number (you are free to choose whether to provide your personal or work phone number)
-
Any information related to your request in the free text field
We will process the personal data described above to respond to your inquiries on the basis that it is necessary for our legitimate interest in operating our business and to answer questions from potential customers and partners that are interested in our business. We will store this personal data for 12 months after our last communication.
To market our Services
Normally our customers and partners are other companies. If you are a staff member of an existing or prospective customer or partner, we may contact you by email or phone to market our Services if we believe that you may be interested in them on behalf of your organisation, in particular, if you send us inquiries, subscribe to our newsletters, register for an event or download our materials. For this purpose, we will process the following information about you:
-
First and last name
-
Work email address
-
Work phone number
-
Company name
-
Your LinkedIn profile
-
Job title
We will process the personal data described above on the basis that it is necessary for our legitimate interest in marketing our Services. We will store your personal data for direct marketing purposes for 2 years after the organisation of which you are a staff member has stopped being a customer or partner of ours or 12 months after our last communication if such organisation is a prospective customer or partner. Note that you can always object to receiving marketing communications from us.
To register you for an event or enable you to download our informational materials
We want you to be on top of what is happening within the insurance industry. From time to time, we organise events and webinars that you can attend. We also prepare informational material (such as white papers) that you can download by filling in the registration form on our Website. In order to register for our events or download these materials, we will ask you to provide the following information about yourself:
-
First and last name
-
Work email address
-
Company name
-
Job title
-
The industry within which your company operates
We will process the personal data described above for this purpose on the basis that it is necessary for our legitimate interest in organizing informative events and webinars, managing the registration process for such events and/or providing you with material about the insurance industry that we think will be interesting to you. We store this personal data for 12 months after the event / webinar, after your request to download the material or after our last communication unless the organisation you work for is an existing or prospective customer or partner (in which case we will store your personal data for direct marketing purposes).
To subscribe you to our newsletters
When you subscribe to our newsletter, we will ask you to provide us with your email address so that we can send you the newsletter via email.
We process your email address for this purpose on the basis that it is necessary for our legitimate interest in marketing our Services and informing you about news within the Insurtech field. We store this personal data until you let us know that you want to stop receiving the newsletters (which you can do by selecting the unsubscribe link in any of our newsletter emails or by contacting us at privacy @insurely.com).
To request your feedback on our events and materials and to discuss our Services
When you attend one of our events or request informational material from us, we may contact you to ask for your feedback about the event you participated in or about the material you have downloaded, and/or to discuss Insurely’s Services and how we can support your organisation.
For this purpose, we use the following information about you:
-
First and last name
-
Work email address
-
Company name
-
Job title
-
The industry within which your company operates
-
Information about the event you have attended or the material you have downloaded
-
The feedback that you provide
For this purpose, we will process the personal data described above on the basis that it is necessary for our legitimate interest in measuring your satisfaction with, and improving the quality of, our events and material, and our legitimate interest in marketing our Services to potential and existing customers or partners that we think will find them interesting. We will store your personal data for 12 months after you request to attend our event and/or submit your download request or after our last communication with you unless the organisation you work for is an existing or prospective customer or partner (in which case we will store your personal data for direct marketing purposes in accordance with section 3.2).
To make recordings and take photographs during events or webinars
We will be recording our webinars so if, during the webinar, you have spoken, turned on your camera, or commented on the chat function, this information is personal data and will be available to other people who have requested to view the webinar on-demand. We will process this personal data on the basis that it is necessary for our legitimate interest in having our webinars available on demand to potential customers or partners. We will let you know that we will be recording before we start the webinar.
At some of our in-person events, we sometimes take photographs that we post on our Website or social media channels. We will process this personal data on the basis that it is necessary for our legitimate interest in promoting our business and raising our brand awareness. If you do not wish to be photographed, or if you do not wish us to publish any photograph of you, please let us know when you register for the event. If you want us to remove a photograph that you appear in on our Website or social media channel, please contact us at privacy@insurely.com.
To manage our relationship with you
We process your personal data in order to manage our relationship with you and retain this in our CRM systems. For this purpose, we use the following information about you:
-
First and last name
-
Work email address
-
Company name
-
Job title
-
The industry within which your company operates
-
Date on which we last contacted you
-
The content of any email communications between us
-
Any relevant notes about our communications and business relationship
Our CRM systems support our marketing operations. We will process the personal data described above on the basis that it is necessary for our legitimate interest to operate and administer our business, to manage our relationship with our customers and partners, and potential customers and partners, and to support our marketing activities.
Where the organisation you work for is an existing customer or partner of ours, we will store your personal data in our CRM systems for 2 years after such organisation has stopped being a customer or partner of ours. Where the organisation you work for is a prospective customer or partner of ours, we will store your personal data in our CRM systems for 12 months after our last communication with you.
When you register an account to access API documentation
Should you wish to access our technical documentation, you need to request to register for a user account. The request is subject to approval by Insurely. For this purpose, we use the following information about you:
-
Email Address
-
Password
We will process the personal data described above on the basis that it is necessary for our legitimate interest to control the access to our API documentation, which is business critical. We will retain the data for this purpose as long as it is necessary for you to access our API documentation or until you request your account to be deleted.
Cookies and similar tracking technologies (“Cookies”)
When you interact with us through our Website, we place cookies on your device which will collect and share with us technical information, including your IP address and the type of browser that you are using. For more information about the types of Cookies we use, what we use them for, and how you can control Cookies, please read our Cookie notice available here.
Recipients of personal data, and transfer of personal data.
We disclose the personal data described above to the following categories of recipients:
-
Courts and similar judicial entities and/or authorities, if we are required to do so by law.
-
Our marketing partners.
-
Service providers upon which we rely for our core marketing activities (such as providers of data management services, digital infrastructure, and marketing services).
-
If there is a change of ownership of our business, the new owners so that they can continue to operate our business, provided that the new owners will only process personal data as we have set out in this Notice.
We store and process your personal data described above within the EU/EEA. If, in the future, we make a change to the service providers we currently use and this involves a transfer of your personal data outside the EU/EEA, then Insurely will ensure adequate safeguards are in place to require that your personal data will remain protected in accordance with this Notice and applicable data protection laws. We will do this through one of the following measures:
-
The country of destination is on the European Commission’s list of countries with an adequate level of protection, or;
-
By implementing controller-to-controller or controller-to-processor standard contractual clauses that have been approved by the European Commission (as applicable) for the transfer of personal data to third countries.
If a standard contract is deemed ineffective due to national law of the country of destination, Insurely will take additional technical, organisational, or contractual measures to ensure an adequate level of protection when transferring personal data to countries covered by paragraph (ii) above.
You can find out more information about the transfers and the safeguards we implement to protect your personal data by contacting us at privacy@insurely.com.
How long we store your personal data.
We retain the personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with information you have requested or to comply with applicable legal requirements or to exercise, or defend legal claims). See the section above for information on the particular retention periods we apply for the specific purposes described above. These specific periods apply to the extent there is no other ongoing legitimate business need or legal reason to process your personal data.
When we have no ongoing legitimate business need or legal reason to process your personal data, we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
Your rights.
You have certain rights in relation to how we process your personal data. You can contact us at privacy@insurely.com at any time to exercise your rights as set out below. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Right of access
You have the right to access and receive a copy of the information that we process about you, as well as other supplementary information.
Right to rectification
You have the right to have inaccurate personal data rectified and, depending on the purpose of the processing, have incomplete personal data completed.
Right to erasure
In certain cases, you have the right to request the erasure of your personal data, such as in cases where the personal data is no longer needed for the purpose for which it was collected, or if we no longer have a legal basis to continue processing it.
Right to restriction of processing
In certain cases, such as when you have contested the accuracy of your personal data, you have the right to request that we restrict the processing of your personal data. In such a case, we will only store your personal data or further process it if permitted to do so by law.
Right to data portability
You have the right to data portability, which means that in certain cases you can receive the personal data you have shared with us in a structured, commonly used and machine-readable format and you can request that we transfer this data to other data controllers where this is technically possible.
Right to withdraw consent
If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Right to object
You have the right to object to the processing of your personal data based on our legitimate interest as a legal basis for processing your personal data. You also have the right to opt-out at any time of receiving any marketing communications we send you. You can exercise this right by clicking on the "unsubscribe" link in any marketing emails we send you (or by contacting us at the email address set out above).
Right to lodge a complaint
If you believe that we have mistreated your personal data you also have the right to contact and lodge a complaint with the Swedish Authority for Data Protection Authority (“IMY”), which is the supervisory authority for the processing of personal data. The IMY can be reached at:
Integritetsskyddsmyndigheten
Box 8114, 104 20 Stockholm
Email: imy@imy.se
Phone number: 08-657 61 00
IMY’s website: imy.se
Informing you of changes to the notice.
If we make changes to this Notice, we will notify you on our Website. You can see when this Notice was last updated by checking the “last updated” date displayed at the top of this Notice. Significant changes to how we collect or process your personal data will be notified to you via email.
Contact information.
If you have any comments or complaints regarding Insurely’s processing of your personal data, please feel free to contact us at privacy@insurely.com. We would be happy to assist you.