If's Privacy notice

Personal data that we collect is dependent on each individual relationship and/or the insurance product concerned.

Don't worry – we do not have all below listed information about you. Below you can find information categories and examples of information pieces to help you understand, what kind of data we collect:

General information

General information is collected to identify you as a customer, to serve you better in different channels, to communicate with you or to do different type of transactions such as pay out a claim to you (financial information).

Personal information

Name, contact information, family status, date of birth, employment and employer, marketing preferences.

Identification numbers issued by government

Social security number, driver’s or other license number.

Financial information and account details

Bank account number and account details, credit information and other financial information.

Insurance and claims information

Insurance and claims information is collected to create an insurance contract or to handle a claim. We could need for example property information for your house insurance contract and medical information to handle your personal injury.

Property information

Location, property qualities and constructions, age of the property, equipment and machinery, forest information, security and surveillance, occupants, photographs.

Vehicle information

Registration number, vehicle type and qualities, driving history, bonus information, photographs.

Travel information

Hotel bookings, plane tickets, information about trips and other events.

Accident and loss history in If

Prior loss history (insurers commonly share information about their previous dealings with policyholders and claimants).

Loss information from other insurers

Information from shared loss registers (GSR).

Information about activities or animals

Sport activities, extreme sports or competitive sports, dogs, horses or other animals.

Sensitive information

Medical information

Current or former medical condition, health status, injury or disability information, medical procedures performed, personal habits (i.e. alcohol or drugs), prescription information, pregnancy, imaging results.

Legal procedure, fraud and crime information

Information about legal procedures, frauds or crimes related to you, for example, as part of liability claims or as part of physical injuries handled due to a crime. We also collect data about Anti-money laundry investigated claims and insurance frauds. We also collect data to investigate unclear insurance cases.

Trade union membership

Information about being a member of a trade union, when your insurance solution (content, price) is depending on your membership.

Other

Telephone and video recordings

Recordings of telephone and video held with our representatives, including recordings of telephone calls to our representatives and call centres as well as recordings of phone calls to you.

Interactions with us and customer contacts

E-mails, chats, online meetings, contact history, letters, information gathered during your visits on our webpage.

Social media information

Information posted on social media (i.e. customer feedback from Facebook) and made public.

Information from external sources

We may supplement information provided by you with external information sources, such as publicly available information, commercially available sources and information from our affiliates or business partners.

We collect data about you from different sources depending on your relationship with us.

Directly from you or policy holder

Example: We obtain data from you, when you interact with us through our contact channels (i.e. our homepage, phone, e-mail) and show interest in buying an insurance, buy an insurance or file a claim.

Use of services

Example: In cooperation with partners we might offer assistance on the road services to our motor insurance customers, and we collect data from such partners.

Use of our websites where we use online identifiers (like cookies)

Read more about the use of online identifiers  here.

Example: we collect personal identifiers (such as social security numbers) when you perform insurance price calculations, report claims or log in to self-service platforms.

Information published by you on social media

Example: You have made publicly available information on Linkedin about your profession.

Directly from your employer, collective or other organization

Example: List of employees insured by a specific insurance policy or validation of your collective membership can be retrieved from your employer or your collective.

Directly from car partners, manufacturers, concessionaires or financial institutions

Example: We use information to administrate car manufacturers guarantee issues, present you offers tailored to your car and payment options.

Directly from car partner, other insurer, police or other public institute

Example: in collision between cars the customer insured at If can be liable for the collision and we receive information from another insurer that If is responsible for the personal injury of their customer. In collision cases we might receive contact details for the injured from another insurer, police report of the collision from the police, car repairment information from repairshop and medical information about the injury from healthcare provider.

Registers maintained by authorities, credit companies, insurers or other external parties

Example: We verify information about your car from public registers.

We use personal data in almost everything we do as that enables us to provide the best service possible. Here you can read about different ways of us using personal data.

Selling and administration of insurances

We need information to provide you insurances, to define your specific risks and to determine insurability of the risk. We use this information to give a pricing based on your risk, to determine right type of insured amounts and to tailor your coverage to suit your needs. Also we use this information for administration and to provide service in relation to your insurance.

Handling insurance claims

We use personal data to handle insurance claims, or any other claim.

Managing your relationship with you

We use personal data to identify you as a customer, to communicate with you and to send you relevant messages about our services.

Reinsurance

We can in limited cases make a reinsurance for certain risks and use personal data to reinsure those risks or file a claim to the reinsurer.

Providing services through partners

We also use your personal data to provide additional If’s partner’s services in relation to your insurance.

Developing

We use personal data, e.g. telephone recordings, to develop our business and products, to carry out market research and analysis, including satisfaction surveys.

Investigating and anti-money laundering

We use personal data to prevent, detect and investigate crime, including fraud and anti-money laundering, and to analyze and manage other commercial risks.

Reporting to public authorities

We use personal data to comply with applicable laws and regulatory obligations, and respond to requests from the public and governmental authorities.

Integrity and safety of services

We process Personal Data to ensure the integrity and security of the insurance services provided by us and of the insurance sector, e.g. through carrying out internal audits, setting up incidents registers and possible participation in other warning systems.

Making statistics

We use your personal data to create statistics based on e.g. location of property.

Tracking errors on customer service channels

We use personal data, which also includes online behavioral data, to make sure our systems and services work as expected and intended.

We collect and analyze personal data, such as your web behavior or location, to send insurance related communication and other messages that you might find useful. If you are our customer or a potential customer, you might receive insurance related communication that we assume is relevant and useful for you.

This might be for example telemarketing calls, e-mails, SMS, targeted advertising, traditional paper letters or product recommendations on our websites. At the same time, we try to avoid sending or displaying irrelevant communication. We never sell personal data to third parties.

We collect statistical figures on aggregated level using web behavioral data alone, or together with other information we have about you, in order to understand how our digital services perform or function. When doing statistical analyses on aggregated level, it is done in a way that individual persons cannot be identified.

Better customer experience

We also perform online behavioral analyses to develop our services and thus provide you with better experiences. An example of such experience is making the content of our websites more relevant based on data about how visitors interact with our logged-in self-service pages together with data we already have about the visitors.

As part of our quality assurance and proactive customer service processes, we may contact you by either e-mail or by calling when you calculate the price of an insurance in our webshop but do not complete the purchase. The contact channel depends on what contact information you have provided earlier to be used for contacting you. We do this as part of ensuring that we fulfill our obligations to provide smooth digital services and ensure that you are correctly insured.

You can always opt-out from this activity. We may also use contact information from other sources, such as public registers, for conducting phone calls – even if you would not have filled in your contact details in the webshop. In case you have indicated in a potentially existing state-maintained register or non-governmental official register that you do not want to be contacted for marketing purposes, we respect your will.

Read more in Automated decision-making and profiling section.

When we use personal data to determine personal features, for analysis or to predict expected behavior, it is called profiling. If you do not want us to handle your personal data or do profiling, for direct marketing purposes, please notify us. You will still receive information related to any insurances, as we are obliged to give you that.

We rely on legitimate interest for performing statistics and analytics, and for activities that ensure our customers or potential customers are being correctly insured. Meanwhile, when doing Advanced analytics & Targeting by combining online behavioral data with other information we have about you, we do it based on your consent.

Advertising & Targeting Cookies and Advanced Analytics & Targeting

How consenting affects your experience

When visitors enter our websites, we may display a notification and offer you the possibility consenting to Advertising & Targeting Cookies and Advanced Analytics & Targeting. For more information about such consents and how to manage your consent settings, please read our Cookie Policy.

This chapter describes the effects of consenting to Advanced Analytics and Targeting. We may combine data about your behavior on our website with other information we have about you for performing analyses of individual persons’ behavior and interests. We may also personalize the content of channels we serve you based on information we have about you.

Online behavioral data can be connected to data we have about you for example when you have logged in to self-service interfaces (such as MyPages / MyBusiness). These kinds of connections are based on the possibility to connect a browser to a person with other information that you have provided us and can be done for all your visits where a connection is available depending on the information that you have provided at any time when using our services.

Information you have provided us using different devices like desktop computer or mobile phone, enables also connecting multiple devices and channels into your user profile. For example, if we observe that you have bought a certain type of insurance by calling our customer service, we may stop showing sales related online ads for that type of product. We may also stitch information about you with the information third party advertisers have, for example by matching e-mail addresses, to provide you with more relevant and targeted ads.

When handling data about you, when possible, we anonymize or pseudonymize the information so that individual persons cannot be identified solely based on the stored information. For more information, please read “Data storing and security” later in this document.

Depending on the purpose and nature of information, your personal data is processed lawfully based on one of these legal grounds:

• Processing is necessary either for conclusion or for performance of an insurance contract. For instance, information about the insured property and your belongings, risk related information, provided prior contract is concluded, as well as any information provided during the claims handling process is processed lawfully based on this legal ground
• You as an individual have given us consent to process your data, such as that pertaining to health claims, or you have consented to Advanced Analytics and Targeting. You have rights to withdraw such consent for further processing at any time. However, such withdrawal may affect validity of your insurance coverage and your availability to use our services.
• Processing is necessary for the purposes of legitimate interest of us or other third parties, and your privacy is sufficiently safeguarded. Processing based on this ground takes place when we process your data to prevent fraud or to send to you as our customer direct marketing communication or to maintain security of our IT systems; or when it is necessary to cooperate with our partners
• Processing is necessary to protect your or another person's vital interest. An example would be for travel insurance in case of accident, when we exchange information with hospitals to proceed with necessary medical manipulations
• Processing is necessary for compliance with a legal obligation to which the controller is subject. For instance, we are required to submit data about your Compulsory Motor Third Party Liability insurance to the Motor Insurance Bureau.

Automated decision-making and profiling means that we can make decisions with no manual interference. For example, it can mean automatic pricing in our sales system based on the information inserted to the system or it can be automatically paying out a webclaim based on the information given by you as you fill in our webclaims form. In this way, we can offer our customers better and smoother service. We inform our customers about fully automated decision-making in advance, if those automated decisions can affect you significantly.

Insurance claims handling

We use automated decision-making in our claims handling process as part of our webclaims service and other claims handling. Automated decisions are based on the information given to us, and can be used to i.e. automatically calculate right amount of compensation. You cannot object to such automated decision making, however, you can contact us and ask as to review the claim’s decision.

Insurance sales process

We use automated decision-making in our insurance sales process as part of our webshop and other channels. Automated decisions are based on the information given to us, and our systems then automatically calculate the price based on information such as vehicle model, claims history, age, region or other factors. This is mandatory when buying insurance; when buying insurance, you cannot object to such automated decision making. If you have any questions regarding your offer you can contact us.

Direct marketing

Profiling means predicting your expected behavior based on information about you. In marketing, we use profiles to send communication that we believe is most relevant to you and avoid sending or displaying irrelevant communication. You have the right to object to profiling related direct marketing.

We ensure your privacy with good information management and careful processing of personal data. We keep your personal data as long as necessary, to fulfil the purposes outlined in this privacy notice unless a longer retention period is required or permitted by law.

The retention period of your personal data is dependent on the law for the particular type of potential claim, accounting law requirements and other factors. If holding your personal data is not mandatory for us, you can request us to delete the data. Unnecessary or irrelevant personal data is deleted or made anonymous.

We always take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Any service providers acting as data processors are selected carefully and are required to use appropriate measures to protect the confidentiality and security of your personal data.

For example, when required from a security perspective, before storing personally identifiable information (such as social security numbers or vehicle registration numbers), we anonymize or pseudonymize the information so that individual persons cannot be identified solely based on the stored information.

As an insurance company, we are obliged by law to maintain secrecy about personal customer information, and other personal data. We can disclose personal data to others, but only when we are allowed to do so by law or by your prior consent. Use of suppliers that we control with data processing agreements is not regarded as disclosure.

Depending on the insurance product concerned and nature of the information, your personal data can be disclosed to:

Bank or leasing company

If relevant institution is indicated as a beneficiary in the policy – the information about the status of the policy and possible claim can be shared.

To intermediary

Agent, tied agent or broker) who has mediated the insurance contract – the information about the policy and the claim; it is only shared in extent that it is necessary for performance of the contract.

Claims partner

Such as repair shop or constructor, in case of the claim – information about validity of the policy as well as claims information can be shared in extent that it is necessary to handle the claim.

Motor insurance bureau

We register information about concluded compulsory motor third party liability insurance policies and reported traffic accident claims.

Medical institution and doctor

In case of health claim, health evaluation or personal injury we may share your information with health centers or doctors.

Other insurers

We provide information to other insurers in claims handling in case it is necessary to handle the claim.

Governmental institutions

We may be required to share your personal data with other governmental institutions or third parties, if that is required based on the law or to fulfil the contract.

Service partners

We may share your data with our service partners to provide you additional services such as help in a claims situation or to provide you an additional service.

Your personal data is primarily stored within territory of European Union and European Economic Area. Due to the global nature of our business and to technological solutions, for the purposes set out above, in certain cases we may transfer personal data to parties located in other countries.

For example, we may transfer personal data to a data processor providing online cloud services located in United States. Any such transfer is performed according to the applicable privacy rules for such international data transfers.

We want to be transparent regarding the information we hold about you and we want to make sure it is accurately updated. 

As a private customer you may access your own information through our national online service (e.g. Mypages) and in case you need more information, you have the right to request a copy of the personal information we have about you by e-mailing (registerutdrag@if.se) or sending a letter to If Skadeförsäkring AB, Registerutdrag, 106 80 Stockholm.

We always identify our customers before enabling access to their information. This enables you to receive information on how we process your personal data and a copy of the personal data we hold about you.

You may ask us to correct or remove information you think is inaccurate. You may also ask us to delete information about you if there is no legal basis for further processing.

Since under insurance and accounting laws we as an insurer are under obligation to store policies, claims and other information for strictly defined periods, please take into account that large part of your information may be excepted from correction and deletion rights.

You may under certain circumstances request restriction of or object to processing of your personal data. Upon your request, a copy of your personal data can also be transmitted directly to another company, if it is technically feasible.

Please see more about your rights as a customer from your country's Data Privacy Notice

• Denmark
• Finland
• Norway
• Sweden

If you have any questions concerning our handling of your personal data you may contact our DPO and the DPO team on DPO@if.se or please contact our local representatives.

We are your data controller and you can write to us:
If Skadeförsäkring AB, registration number 516401-8102
Address: 106 80 Stockholm, Sweden

We are under the supervision of the Swedish Authority for Privacy Protection (IMY) and you have the right to contact IMY or your national corresponding personal data protection authority directly with complaints, but we encourage you to contact us in the first instance to handle your complaints.