Last updated 17/02/2022
Erika Insurance Ltd./Erika Försäkringsaktiebolag (publ) (“Erika”) is committed to protecting the privacy of our customers and beneficiaries. The Erika privacy policy (the “Privacy Policy”) applies to all Personal Data (as defined below) processed by Erika in our capacity as the data controller, including Personal Data collected or submitted through our website (the “Website”), web applications or through other channels online and offline as further described below.
If you cannot, or will not, provide us with the personal information we reasonably require, we may be unable to provide you with the information or services you have requested. Erika will never use your Personal Data for purposes other than providing the information or services necessary to fulfill our obligations towards you.
“Personal Data” is information or pieces of information that could allow you to be identified. For example:
How do we collect Personal Data?
We collect Personal Data in a variety of ways:
How do we use Personal Data?
Your Personal Data will be processed by Erika for the purposes of providing you with travel insurance coverage, including checking your insurance eligibility, administering medical assistance and processing insurance claims; for customer service; administrative services or as otherwise necessary to fulfil our obligations towards you.
How do we share Personal Data?
We share your Personal Data with our corporate affiliates, claims agents and assistance providers, business partners, policy holders and insurance and reinsurance companies both within and outside the EEA/Switzerland. Such service providers are contracted by Erika or our corporate affiliates and subject to the same data protection provisions as Erika itself.
On what do we base our right to collect and use Personal Data?
We base our right to collect and use your Personal Data on the need to do so in order to provide you with the information and service necessary to fulfil our insurance obligations towards you and to fulfil our legal obligations. We also process sensitive data. The lawfulness of processing sensitive data is based on our obligations towards you or to fulfil our legal obligations in accordance with Article 9, 2 b) of the Data Protection Regulation (EU 2016/679). Read more under “6. Sensitive data”.
For the purpose of a secure identification Erika has to process your personal identity number. A secure identification is such significant reason on which we base our processing according to Chapter 3, section 10-11 of the Swedish Act containing supplementary provisions to the EU General Data Protection Regulation (SFS2018:218).
We use appropriate organizational, technical and administrative measures to keep the Personal Data under our control accurate and up-to-date, as well as to protect the Personal Data against unauthorized or unlawful processing and the accidental loss, destruction or damage of the Personal Data.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contact Us” section.
This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site to which the Website contain a link. The inclusion of a link on the Website does not imply endorsement of the linked site by us or by our affiliates.
We will only keep your Personal Data for as long as it is necessary for the purposes for which it has been collected or in accordance with time limits stipulated by law and market practice, unless further retention is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims or unless a specific time period has been communicated.
We will keep limited parts of your Personal Data which are necessary until you withdraw your consent, but in no event for longer than 10 years after your last completed service.
If you are under the age of 16, you should review this text together with your parent or guardian to make sure you both understand them. We are not responsible for checking your age but sometimes we still do verification checks. If we learn that you are under the age of 16 and that we have collected information about you without consent from your parent or guardian, we will delete the information as soon as possible.
We may collect and use sensitive Personal Data regarding your health or medical conditions necessary to fulfil our insurance obligations towards you or to fulfil our legal obligations as a normal part of our operations. We do not generally seek to collect any sensitive Personal Data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, criminal background or trade union membership. In certain situations, this might however be necessary (for example in order to provide you with the services in relation to your insurance). We will make sure that we receive your explicit consent to such processing and treat this information securely.
Our Privacy Policy may change from time to time. We will not significantly reduce your rights under this Privacy Policy without informing you. We will post any Privacy Policy changes on this page and, prior to implementing such changes, we will provide a more prominent notice. Where required by law, we will seek your prior consent to any change.
You have a right to, once per calendar year, contact us and without cost find out which information about you that is being used. You have a right to receive your Personal Data in a machine readable format and you have a right to transfer your personal to another data controller if this is technically possible.
You have the right to, at any time, withdraw your consent or object to us using your Personal Data and you may at any time request that the use of your Personal Data is restricted or that we shall delete your Personal Data. Note however that a restriction or deletion could mean that we are not able to provide you with information, services or fulfil our obligations towards you as you have requested. Upon your request, we are also obliged to correct Personal Data about you that is incorrect, incomplete or misleading.
If you would like to have a copy of the information Erika holds about you; a copy of the standard data protection clauses or would like to exercise any of your rights, please contact us at the address Erika Försäkringsaktiebolag (publ), Swedish registration number No 516401-8581, P.O. Box 55569, SE-102 04 Stockholm, Sweden or call +46-8-58793220 or e-mail our data protection officer at dataskyddsombud@erikainsurance.com.
If you have complaints about our handling of your Personal Data, you have a right to contact the Swedish Authority for Privacy Protection (IMY), Box 8114, SE-114 20 Stockholm, Sweden or the supervisory authority in the country where you live.