Offering of products and services of Swiss Life
Swiss Life only offers its products and services to customers whose head office or residence is in Switzerland and only within Switzerland. Further restrictions may also apply within Switzerland for individual products.
Should you be interested in our products as a person domiciled outside Switzerland, we recommend you contact a representative of the Swiss Life Group near where you are based or one of our branches or subsidiaries via the website (www.swisslife.com)
Responsible controller, data protection officer
Responsibility for the data collection and processing described here lies with
Swiss Life Ltd
For queries concerning data protection law you can contact us at the following address for all business areas of the Swiss market of Swiss Life:
The collection and processing of personal data
Swiss Life takes the protection of the privacy and confidentiality of the data of its customers and visitors to its websites very seriously.
When processing your personal data, we comply with the applicable provisions of Switzerland, the EU and other applicable local laws governing the storage, processing, accessing and transmission of personal data. In order to protect our customers’ data, Swiss Life applies strict internal data protection policies and ensures their compliance by means of intensive staff training and continuous supervision.
The processing of your personal data is indispensable for offering you insurance, pension and/or financial consulting that is tailored to your needs. Conclusion and/or implementation of an insurance contract is not possible without processing your data. We primarily process the personal data that we receive within the scope of our business relationship with our customers and other business partners from these and other persons involved or that we collect from users during the operation of our websites, apps and other programmes. Your data are at all times only used for the purpose, specified for instance at collection, to which you have consented, that is evident from the circumstances or required by law.
The personal data processed by Swiss Life comprise personal data communicated by you and such data that are publicly accessible. The data categories are:
- Personal data and contact information: These particularly include but are not restricted to first name and last name, gender, date of birth, age, marital status, languages, nationality, e-mail address, telephone number, health data, family members etc.;
- Data from applications including any supplementary questionnaires (such as details provided by the applicant concerning the insured risk, answers to questions, expert reports, details of the previous insurer concerning claims experience to date);
- Data from contracts (such as contract term, type of insurance and cover, insured risks, benefits, data from existing contracts);
- Payment collection data (such as date and amount of premium payments, outstanding amounts, reminders, credit balances, payment method data, entry and departure date);
- Data in connection with any claims or benefit processing (such as claims notifications, doctor’s reports, diagnoses, clarification reports, invoice receipts, data concerning damaged third parties);
- Data in connection with the premium calculation and collection: These include the insurance premium, premium invoicing, payment collection data;
- Data in connection with legal disputes: These in particular include data concerning complaints and disagreements about benefits and/or the contracts concluded for these;
- Data in connection with online communication with Swiss Life;
- Data in connection with the marketing of products and services: These include details such as newsletter registrations/cancellations, received documents and special activities, personal preferences and interests etc.;
- To the extent permitted, we also obtain certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, the press, internet) or receive such data from other companies within the Swiss Life Group, from authorities or other third parties.
The processing of your personal data is primarily carried out by employees of Swiss Life and the General Agencies. Such employees in each case have access to the data required for fulfilling the task at hand.
Scope and purpose of the collection, processing and use of personal data
We use the personal data collected by us primarily to conclude and process our insurance contracts with our customers and business partners, in particular within the framework of private pension provision, occupational provisions, the mortgage and investment business and other services for our customers. Data processing can also be necessary in order to fulfil our statutory / regulatory obligations in Switzerland and abroad.
We furthermore process personal data to the extent that we are permitted to do so and/or consider it advisable for the following purposes in which we and any third parties commissioned by us have a legitimate interest:
- Inquiries submitted via contact forms, chats, e-mails, telephone calls;
- Registrations for newsletters, portals and the like;
- Enhancement of the internet presence (adjustment of the website to your needs);
- Prevention and recording of hacker attacks;
- Processing of offers and contracts and fundamental processing operations in connection with our services (conclusion, management, fostering and development of the customer relationship), customer service and support, claims and benefits, assessment of duty to pay and calculation of benefits, coordination with benefits of other (social) insurance schemes and invoicing;
- General pension and financial consulting (needs-based consulting and support) including acquisition and application support;
- Premium calculation and collection, risk assessment and the assertion of rights of recourse;
- Management of the customer relationship and customer contracts (policies);
- Responding to your questions and concerns;
- Mandates in the real estate sector;
- Compilation of usage statistics;
- Records and management information and other reports about customers, transactions and activities, offers and other business aspects of Swiss Life for the purposes of management and development of the company, its product and service range and its activities, and project management;
- In this connection Swiss Life also processes your personal data for quality controls, for advertising purposes, for market and opinion research (including the evaluation of data using profiles and automated decisions) such as customer satisfaction surveys, the staging of events, general customer communication and personalised adjustment of Swiss Life’s products and services as well as for the creation of customer profiles. Also for the management of statistics;
- Evaluation, offering, improvement and new and further development of our products, services and websites, apps and other platforms on which we are present;
- Communication with third parties and processing of their inquiries (e.g. applications, media inquiries);
- Assertion and/or defence of legal claims in connection with legal disputes and official proceedings;
- Compliance with legal and regulatory requirements and internal regulations of Swiss Life, pursuit and implementation of various rights;
- Prevention and investigation of criminal offences and other misconduct and conducting of internal investigations, protection against insurance fraud, data analyses for combating fraud etc.;
- Guaranteeing of business operations, particularly information technology, our websites, apps, systems and other platforms;
- Video surveillance to uphold domiciliary rights and other measures geared towards IT, building and investment security, protection of our employees, other persons and assets entrusted to us (e.g. access controls, visitor lists, network and mail scanners), protection of customers, employees and other persons in particular in the event of risks to employees and the protection of data, the secrets and assets entrusted to Swiss Life, security of systems and buildings.
Swiss Life undertakes to protect the data that we receive from you against accidental or deliberate manipulation, full or partial loss, destruction or unauthorised third-party access by means of technical and organisational security measures. The controls deployed for this are based on the globally recognised information security standard ISO/IEC 27001. We thereby protect your rights and guarantee compliance with the applicable provisions under data protection law. Our established measures guarantee the confidentiality and integrity of your data and safeguard the long-term availability and resilience of our systems and services for the processing of your data.
We also deploy specific further technical and organisational measures to safeguard the rapid recovery and availability of your data and access thereto in the event of a physical or technical incident. Our data processing and security measures are continuously further developed and enhanced in accordance with technological developments.
You can find further valuable information in connection with the use of e-mail and internet for the collaboration between you and Swiss Life and the handling of associated suspicious or fraudulent online activities at the “security information” link.
Products and services of Swiss Life
the special provisions of occupational provisions, the Federal Law on Insurance Contracts, Swiss insurance supervision legislation and the corresponding regulatory requirements. This includes adequately protecting the data of our customers and consistently upholding the requirements pertaining to the confidentiality, integrity and proportionality of the processing of personal data.
We aim to achieve a high level of protection in close collaboration with our cooperation partners such as hosting providers in order to protect your data against unauthorised access, loss or misuse and in doing so to safeguard the confidentiality, integrity and availability of your data.
(Limitation on) use of the data of our customers
Your data are processed at Swiss Life only for the purpose for which you have made them available to us or that you have (additionally) consented to. If we use your data for other purposes than the original one, we will obtain further consent from you for this or inform you accordingly.
Data protection for occupational provisions / group life insurance
Personal data are processed within the framework of occupational provisions and group life insurance. Data processing takes place for the purpose of the tasks conferred upon Swiss Life in connection with the implementation of occupational provisions and/or group life insurance.
The entire data processing chain from the collection of the data to its storage and destruction takes place at Swiss Life or at the premises of authorised third parties in accordance with the legal provisions of the Federal Act on Data Protection (DSG) and the special provisions on data protection contained in the Swiss Federal Law on Occupational Retirement, Survivors' and Disability Pension Plans (BVG).
Swiss Life is authorised to disclose data to authorised third parties (see chapter below entitled “Disclosure and transmission of data”). Where required for fulfilment of the tasks conferred upon Swiss Life, data can be transmitted to the extent necessary to co-insurers and re-insurers. The transmission and disclosure of data to third parties otherwise takes place in compliance with the special provisions on data protection contained in the BVG. No data are disclosed for other purposes without the consent of the person affected.
Swiss Life carries out appropriate technical measures to ensure that only the offices or persons entrusted with the implementation of occupational provisions and/or group life insurance have access to the data (need-to-know principle). Health-related data are treated in strict confidentiality and can only be viewed by a restricted group of persons.
The general remarks in the chapter governing the period of retention for the use of personal data apply to the retention of data. Swiss Life retains personal data for as long as it is legally obliged to do so or this is necessary for the purpose for which the data were collected.
Data protection for private pension provision and other services
Swiss Life processes your data for private pension provision and other services for application review and processing purposes and for further contract processing and administration. To this end it may be necessary for Swiss Life – on a case-by-case basis or to the extent required for contract processing and/or administration – also to forward your data to companies of the Swiss Life Group and to previous insurers and reinsurers in Switzerland and abroad or to obtain from them or from public authorities specific data about your person.
Swiss Life processes your data for statistical evaluations and for marketing purposes of the Swiss Life Group and its companies. Should we identify a potential gap in coverage, we will wherever possible contact you and inform you of this.
We endeavour to ensure that our data are always kept accurate, complete and up to date in accordance with the prevailing statutory provisions. It may therefore be necessary in certain cases (e.g. where data are missing or no longer up to date) for Swiss Life to obtain data from third parties (e.g. communications service providers) or to the extent required from information bureaux. In order to optimise its processes, Swiss Life may partially or fully outsource certain business areas and services (e.g. contract administration, payment transactions, IT) and the processing of (personal) data to third parties in Switzerland and abroad. This may also involve the use of modern IT applications (e.g. the use of IT infrastructure and IT services of third parties, such as housing, hosting and cloud-computing).
Disclosure and transmission of data
Should Swiss Life partially or fully outsource certain business areas and services to third parties in Switzerland and abroad as specified in the above provisions, this shall comprise so-called contract data processing. If we transfer data to a country without adequate statutory data protection, we will ensure an adequate level of protection through the deployment of appropriate contractual arrangements (e.g. on the basis of standard contractual clauses of the European Commission) or based on so-called binding corporate rules or fall back on legal exceptions such as consent, contract processing, establishment, exercise or enforcement of legal claims and an overriding public interest in disclosed personal data.
We collaborate with the following contract data processors or third parties:
- Service providers (internal and external) including contract data processors;
- External printers (partially by way of outsourcing);
- IT software providers and hosting partners;
- InventX AG as a provider of private cloud services (headquartered in Chur, Switzerland);
- Microsoft Ltd. as a provider of public cloud services (headquartered in Redmond, USA);
- In-house outsourcing partners such as Swiss Life Pension Services (headquartered in Zurich, Switzerland); aXenta AG (headquartered in Baden, Switzerland), Lake Solutions AG (headquartered in Wallisellen, Switzerland);
- Other companies of the Swiss Life Group;
- Previous, co- and reinsurers;
- Avobis AG as our outsourcing partner for services in the mortgage segment (headquartered in Zurich, Switzerland);
- HR Diagnostics, headquartered in Germany, for the procurement of data from applicants;
- Data may be exchanged with selected partners (e.g. Swisscom or Swiss Post Solutions AG) to ensure the correctness of your delivery address;
- Employee benefits institutions;
- Other partners within the scope of potential or actual official or judicial proceedings or in the event of claims;
- Data may be exchanged with headhunters, cooperation partners, experts, external lawyers, recruitment agencies, brokers, agents/insurance intermediaries and the like for collaboration purposes (normally with your consent);
- Acquirers or potential acquirers of business areas, companies or other parts of Swiss Life;
- Industry organisations, associations, organisations and other bodies;
- Finally, we may be obliged by law to submit personal data to public, local, national or foreign offices (e.g. the Federal Tax Administration), authorities in Switzerland and abroad, public authorities, courts, associations or to our external auditors.
This list contains the main sources of contract data processing. However, in view of the complexity and variety of tasks within Swiss Life, it cannot be considered exhaustive.
Data may also be disclosed for the purpose of uncovering or preventing insurance fraud, in particular to insurers in Switzerland and abroad as well as to the criminal prosecution authorities.
Automated individual decisions and profiling
Profiling enables Swiss Life to create customer segments so that we can provide you with customised advertising and offers that are better tailored to your needs. Swiss Life gains additional statistical information through the deployment of data analysis procedures. We process your personal data on a partially automated basis with the aim of assessing specific personal aspects (profiling) or compiling a preselection for your inquiry about a product. We particularly make use of profiling in order to be able to inform you about products in a targeted manner and advise you according to your needs. To do so we deploy evaluation tools that facilitate corresponding communication and advertising including market and opinion research.
We will notify you about all further forms of profiling according to the statutory requirements. We will ensure at your explicit request that the automated decision is reviewed by a natural person.
We may refrain from notification on the basis of corresponding statutory provisions if the decision
- is necessary for the conclusion or fulfilment of a contract between you and Swiss Life;
- is carried out with your express approval.
Examples of such decisions can include the establishment or termination of a contract, possible risk exclusions or the amount of insurance premium to be paid. Swiss Life can also make a fully automated decision on its duty to pay benefits based on your details of a claim. The fully automated decisions are based on rules defined in advance by Swiss Life for the weighting of information.
Period of retention for use of personal data
We process and store your personal data as long as this is required for the fulfilment of our contractual and statutory obligations or otherwise necessary for the purposes pursued by processing, for example for the entire duration of the business relationship (from initiation and conclusion through to termination of a contract). We also process and store such data in accordance with the statutory retention and documentation obligations or due to specific proof requirements where applicable. It may therefore be that personal data are also retained during the period in which claims are asserted against Swiss Life and to the extent that we are otherwise legally or officially required to do so or this is necessitated by legitimate business interests. As soon as your personal data are no longer required for the aforementioned purposes, they will generally be deleted or anonymised to the extent that this is technically feasible. Shorter retention periods normally apply to operational data (e.g. system protocols, logs) than to personal data.
Data processing on the Swiss Life portals
The Swiss Life myWorld offering serves as a pension and financial portal for private customers and beneficiaries. We only process personal data to the extent that they are necessary for the provision of corresponding services.
Swiss Life myLife is the Swiss Life self-service portal for SMEs where information and specific functions pertaining to pension and insurance benefits are made available to the employees of the applicable SME. Personal data are only collected where they are relevant for the functioning of the portal.
The VPP distribution partner network serves as a distribution platform for pension and financial solutions for brokers, partners and independent insurance consultants engaging in a distribution partnership with Swiss Life. Personal data are only collected on the VPP where they are relevant for the functioning of the portal.
Swiss Life Business Direct is a web-based offer system for occupational pension and accident insurance solutions for SMEs. Swiss Life collects and processes personal data about the employer and insured persons or beneficiaries for the purpose of their identification and for the correct evaluation of the risks to be insured.
Your rights (rights of persons affected)
We are happy to provide you with information about which personal data about you we process and how we actually handle them (e.g. purposes of processing; categories of personal data; categories of recipients to whom your data have been or are disclosed; planned storage duration; existence of a right of correction, deletion, restriction of processing or origin of your data).
You also have the right to revoke any consent granted to the use of your personal data (however, this is only possible as long as the data are not required for processing and handling, for instance in connection with contractual obligations). However, any revocation of your consent shall not affect the legality of the processing carried out up to that point.
You have the right at any time for reasons arising out of your particular situation to register an objection to the processing of the personal data concerning you; this also applies to any profiling based on these provisions. After receiving the objection, Swiss Life will no longer process the personal data concerning you unless we are able to provide evidence of compelling contractual, statutory or other legitimate interests for such processing, or such processing serves the assertion, exercise or defence of legal claims.
You also have a right to the deletion of your personal data as long as this is not obstructed by any contractual or legal rights or deletion proves technically impossible or entails a disproportionate outlay.
You have a right towards Swiss Life of correction and/or completion of your personal data if the processed personal data concerning you are incorrect or incomplete.
Should your rights be infringed, you have the option of lodging a complaint with the responsible data protection authority.
The exercise of your rights generally requires you to provide clear evidence of your identity (e.g. with a copy of your ID card if your identity is not otherwise clear or verifiable). You can contact us at the address stated in section 1 to assert your rights.
As well as the handling of your personal data for consultation purposes or for the processing of your policy, we also make use of your personal data on the basis of your consent or any legitimate interest of Swiss Life for the following purposes: to permanently improve your shopping experience and design it in a customer-friendly and individual manner for you and to communicate about specific products or marketing activities and recommend products and services that might be of interest to you.
Duty to provide personal data
The following applies if you wish to conclude a contract with Swiss Life: Within the scope of our business relationship you must provide the personal data that are required for initiating and implementing a business relationship and fulfilling the associated contractual obligations. Without these data we will normally be unable to conclude or process a contract with you and provide you with services. The website also cannot be used if certain data are not disclosed for safeguarding the flow of data.
Legal basis for the processing of personal data
- Swiss Life makes use of the personal data on the basis of the following legal provisions:
- Contract fulfilment;
- Fulfilment of a legal obligation;
- Consent of customer;
Legitimate interests of Swiss Life, e.g.:
- Efficient and effective protection of customers, employees and other persons;
- Protection of data, secrets and assets;
- Security of systems and buildings;
- Compliance with legal and regulatory requirements and internal regulations;
- Efficient and effective customer care, maintenance of contact and other communication with customers also outside contract processing;
- Upholding of safe, efficient and effective organisation of business operations including safe, efficient and effective operation and successful further development of the website and other IT systems;
- Sale and delivery of products and services also with respect to persons who are not direct contracting partners (such as beneficiaries);
- Sensible corporate management and development;
- Tracking of customer behaviour, activities, presence and needs, market research;
- Efficient and effective improvement of existing products and services and development of new products and services;
- Conduct of advertising and marketing;
- Successful sale or purchase of business areas, companies or parts of companies and other corporate transactions;
- Interest in the prevention of fraud, crimes and wrongdoing and in investigations in connection with such offences and other inappropriate behaviour, handling of legal claims and proceedings;
- Participation in legal proceedings and cooperation with authorities;
- Assertion, exercise or defence of legal claims.
By using our websites you declare your consent to the processing of data collected about you in the manner described and for the purposes mentioned.
You can revoke the collection and storage of data at any time with future effect.
If you wish to deactivate Google Analytics, you will find the applicable browser add-on at https://tools.google.com/dlpage/gaoptout?hl=en.
Should you wish to delete all your cookies in the browser, you must repeat the procedure for all technologies. As already mentioned, you can also completely prevent the installation of cookies by configuring your browser accordingly.
Personal data are all details that relate to a specific or identifiable natural person. These include, for instance, name, postal address, date of birth, e-mail address and telephone number. Personal data can also include data about personal preferences such as hobbies or memberships.
Particularly sensitive personal data
These include, for instance, data about religious, ideological, political or trade union-related opinions or activities; health data and any details of administrative or criminal proceedings or penalties. Even greater requirements concerning confidentiality and the handling of such data apply at Swiss Life to the processing of particularly sensitive data than is already the case.
Profiling is the assessment of specific features of a person on the basis of automatically processed personal data, among other things in order to analyse and predict work performance, financial circumstances, health, behaviour, preferences, whereabouts or mobility. Swiss Life will notify you in advance about all kinds of profiling.
In some cases we anonymise the data disclosed by you and use them in aggregated, anonymised form. We occasionally combine such data with other data to enable us to compile anonymous statistics (e.g. about visitor numbers or the domain name or internet provider from which our websites are accessed). This serves to improve our products and services.
© Swiss Life, May 2018
In this document we inform you about how your personal data are processed when you submit an application.
Who is responsible for data processing?
When an application is submitted for a position at Swiss Life Ltd, Swiss Life Ltd is responsible for data processing:
Swiss Life Ltd
The Data Protection Officer at Swiss Life Ltd can be reached at the above address or via e-mail at firstname.lastname@example.org.
General information about the processing of your personal data at Swiss Life Ltd and when you visit the swisslife.ch website can be found here: https://www.swisslife.ch/en/privacypolicy
Your application to Swiss Life Holding Ltd is processed by Swiss Life Ltd on behalf of Swiss Life Holding Ltd, which you can contact if you have any questions related to data protection.
When an application for a position at Swiss Life Asset Managers is submitted the data are processed by Swiss Life Investment Management Holding AG:
Swiss Life Investment Management Holding AG
You can also submit questions about data processing via the following e-mail address: dataprotectionAM@swisslife.ch.
General information about the processing of your personal data at Swiss Life Investment Management Holding AG and when you visit the swisslife-am.com website can be found here: www.swisslife-am.com/en/home/footer/privacy-statement.html
Data protection and the confidentiality of the data of our applicants are very important to us. We process your personal data in accordance with the applicable and prevailing provisions of the relevant laws and regulations (in particular, the Swiss Data Protection Act [DSG] and, where applicable, the European Union’s General Data Protection Regulation [EU-GDPR] for applications for positions in Luxembourg and Liechtenstein [see additional information below in this document]).
Below we describe for you in detail how we process your personal data as part of the application process.
Which categories of data do we use and where do these data come from?
As part of the application process, we process personal data in the following categories:
- For an application submitted via our career site, we process the data you enter, including, in particular, your form of address, first and last name, street address, e-mail address, telephone number, date of birth and the position for which you are applying. Information related to gender, languages spoken, education and employment permit status in Switzerland will also be processed. You will also be asked to load your application documents (covering letter, references, CV etc.) in the system online.
- When you register for “Job Notifications”, we process your e-mail address in order to send you information about open positions in accordance with your selection.
- When appropriate, we will invite you to complete an online assessment at a later stage.
As part of this assessment, you will be asked to answer questions about your professional behaviour and complete numerical and/or verbal tasks. This information will be used to compile a personality profile for you, an abbreviated version of which you will be able to access.
In general, your personal data will be provided during the hiring process directly by you or by a recruitment agency designated by you.
For which purposes are data processed?
The data are only processed for the purpose of the application process and to assess the extent to which the candidate is qualified for the relevant position. It is necessary to process your application data in order to be able to determine whether there are grounds for establishing an employment relationship.
We reserve the right to prepare statistics. We only do so for internal purposes and never using personalised data, but rather only with anonymised data.
Your application data will be handled confidentially at all times. If we want to process your personal data for a purpose that is not listed above, we will inform you of this in advance and, if necessary, obtain a separate declaration of consent from you.
Are you obliged to provide your data?
As part of your application, you will be asked to provide the personal data necessary to carry out the application process and the assessment of your qualification for the position. Without such data we will not be able to carry out the application process and decide whether there are grounds for establishing an employment relationship.
Who receives your data?
The only people and units that will receive your personal data are those that need these data to decide on the appointment and to meet our (pre)contractual and legal obligations (e.g. HR, specialist department).
We use Workday Ltd, Dublin, Ireland for the job posting and application process. The e-mails containing the job notifications are also sent by this service provider. You can change or cancel job notifications yourself at any time.
If you are invited to an online assessment, this assessment will be carried out by Papilio AG, Zurich, in collaboration with Aon Assessment GmbH in Hamburg, Germany.
How long do we process and store your data?
We process your personal data for the duration of the application process. If you are hired, we will continue to process your personal data in this connection. Otherwise, we will delete (electronic files) or destroy (physical documents) your data no later than six months after the end of your application process. This does not apply if there is justification for further processing, for example statutory provisions prevent deletion or further storage is necessary for the purposes of proof or if you have consented to longer storage.
If, without being asked to do so, you send application documents by post or share your interest in a position by telephone, we will not process and store your personal data further, but will instead make you aware of the option of applying online. We will destroy any documents submitted in this manner and not store them.
Which data rights can you, as a data subject, assert?
You have the right to receive information about your processed personal data from the relevant person, provided you verify your identity sufficiently. In addition, you have the right, taking account of the statutory provisions, to correct inaccurate personal data or to request that your personal data be deleted. If you would like to have all of your application data deleted, you can request this via the “Account Settings” on our career site. Deletion is not possible if we are obliged or entitled to store the personal data on the basis of applicable legal provisions. You also have the right to object to the data processing and, in cases in which the processing is based on consent, to revoke such consent with future effect.
For applications for positions in Luxembourg and Liechtenstein, the following additional information also applies (in accordance with the EU GDPR):
What is the legal basis for processing your data?
We process your personal data in accordance with the provisions of the EU GDPR. The data are mainly processed for the purpose of carrying out and completing the application process and to assess the extent to which the candidate is qualified for the relevant position. It is necessary to process your application data in order to be able to determine whether there are grounds for establishing an employment relationship. The primary legal basis in this connection is Art. 6, para. 1(b) of the EU GDPR. We also process your data in order to be able to meet our legal obligations as a potential employer. These include, for example, obligations on the basis of supervisory regulations or legal provisions to combat terrorism (e.g. EU Regulations 2580/2001 and 881/2002), which require a comparison of your data with so-called sanctions lists. This is carried out on the basis of Art. 6, para. 1(c) EU GDPR. In addition, we also use your data for statistical purposes (e.g. analysis of applicant behaviour). Statistics are only created for internal purposes and the results of the analysis of such statistics are never personalised, but rather anonymised. If we want to process your personal data for a purpose that is not listed above, we will inform you of this in advance.
Who receives your data and how do we transmit data to countries outside of Europe (third countries)?
We may forward your personal data to other recipients within the Swiss Life Group, provided this is necessary to justify the employment relationship. For vacancies advertised in Luxembourg and Liechtenstein the application process is carried out by the central HR department in Zurich (Switzerland). This department is involved in the decision-making process and receives the application data.
We only provide your personal data to service providers or Group companies outside the European Economic Area (EEA) if the relevant third country has been confirmed by the EU Commission as having an appropriate level of data protection or other appropriate data protection guarantees, e.g. binding internal data protection requirements or an agreement containing the EU Commission’s standard contractual clauses. A resolution of the EU Commission confirmed that Switzerland has an appropriate level of data protection.
Which additional data protection rights can you, as a data subject, assert if your data fall under the EU GDPR?
In addition to the above-mentioned rights, you can also assert your right to data portability with the data controller. If you believe that our data processing does not comply with the EU GDPR, you are also entitled to lodge a complaint with the competent local supervisory authority, although we hope to be able to resolve such problems together with you.
Swiss Life reserves the right to modify this data protection information at any time without prior announcement, especially in line with current statutory provisions or changed business procedures. The version published here applies in every case.
© Swiss Life, January 2020
Scope of application
In this data protection consent form we would like to inform you how we process your personal data when you use our customer portal. General data protection principles can also be found at the following link: https://www.swisslife.ch/en/privacypolicy
Responsible for data processing
Swiss Life Ltd
If you have any questions or concerns regarding data protection law, you can contact us and our data protection officer at the above address or by e-mail:
Description of purpose of processing
You can view and save your insurance and contractual relationships with Swiss Life and other (insurance) companies in the Swiss Life customer portal. The data required for this are displayed in a domain only accessible to the applicable user (user account). Swiss Life takes the necessary technical and organisational measures to ensure compliance with data protection and data security. We store the personal and contract data entered by you and process your login data to enable you to use the customer portal functions described above.
Users receive support with system errors, problems in user guidance, etc. Support can be provided by phone or remote access (co-browsing). In the case of co-browsing, the user grants the support team permission to gain access exclusively to the contents of Swiss Life customer portal; the support team cannot view any other screen contents. The co-browsing can be stopped by the user at any time.
If the user sends a support request, the Swiss Life customer portal records data and/or information connected with the support request (hereinafter referred to as support data). The support data comprise information about the user’s hardware and software as well as further details of the support case, such as contact and authentication information, information about the status of the Swiss Life customer portal at the time the error occurred and/or during diagnosis and files for error tracking. Support data are protected by Swiss Life in the same way as personal data. Furthermore, Swiss Life makes use of anonymous support data to prepare lists of FAQs and for internal training purposes.
With the consent of the user, Swiss Life can conduct a survey on the quality of the support.
As part of accessing the Swiss Life customer portal, the data are entered in a session cookie and log file. This makes it possible to determine which user accessed the customer portal at what time. This data will only be stored to the extent that this is necessary for improvements to the customer portal as well as for an analysis of performance, error or misuse (further information in the Terms and Conditions of Use in the section "Web analysis/cookies" in our general data protection consent form).
The customer can place an account deletion order via the portal. Personal data held in connection with Swiss Life contracts and contracts with other insurance companies under management by Swiss Life, in particular contract data, are stored by Swiss Life in accordance with legal or other provisions. Details on the processing of your contract data can be found via the following link: https://www.swisslife.ch/en/privacypolicy. The data stored for the user in the Swiss Life administration and partner systems remain unaffected by this (see the explanations above for storage).
Disclosure of data and cloud computing/public cloud
Data and information from the customer portal are treated in strict confidence by Swiss Life and not made accessible or disclosed to unauthorised third parties. In particular, Swiss Life does not pass on users' data to third parties without their consent if they are not based on agreements made to initiate and conclude the contract or to process the contract or for legal reasons of consent or an overriding interest on the part of Swiss Life.
Swiss Life reserves the right to commission the Service Provider ("Provider") to perform tasks for the customer portal and to forward the data required for the provision of the services to the latter. Swiss Life concludes corresponding contracts with the providers for that purpose and ensures that these personal data are only processed in the manner that Swiss Life itself would do. When transferring to the Provider, Swiss Life ensures that they are in a position to guarantee data security.
The infrastructure and applications used to operate the customer portal meet high safety standards. Swiss Life and its providers employ the latest technology to protect users' personal data.
Swiss Life customer portal is also based on the public cloud solution of Microsoft Corporation, Redmond, Washington, USA / Microsoft Ireland Operation Limited, Dublin, Ireland (hereinafter referred to as "Microsoft").
The technologies used in cloud computing enable IT services to be distributed dynamically across multiple locations. The Microsoft solution deployed by Swiss Life is located in the Netherlands (Amsterdam), which is basically also where the data are stored. Microsoft is entitled to transfer client data to Ireland (Dublin) for reasons of data redundancy or for other reasons. For example, data between these locations can be replicated within the Western Europe region in order to offer additional consistency in the event of disasters.
Microsoft also reserves the right to carry out data storage outside the Western Europe region if this is necessary for reasons of client support or to solve a technical problem.
Despite the location of the Microsoft public cloud in the Western Europe region, despite relevant government agreements and principles, and despite comprehensive security precautions and corresponding contractual agreements, it is not possible to rule out entirely the possibility that a provider such as Microsoft that is headquartered in the United States of America might be obliged by that country's legislation, authorities and courts to disclose or hand over data to the authorities and/or courts, for instance for the purpose of combating terrorism and crime.
Rights of affected persons
Affected persons have different rights regarding the processing of their personal data. You have the right to information, rectification, deletion, restriction of your personal data and, if applicable, the right to object and transfer data. Use of the Swiss Life customer portal lies in the entire discretion of the user and can be permanently terminated by him at any time. Termination of use entails the deletion of the user's data saved in the customer portal and in the Public Cloud. This takes place after 48 hours at the latest.
Right of modification to the provision
Swiss Life reserves the right to modify this data protection information at any time without prior announcement, especially in line with current statutory provisions and changed business procedures.
You will find the latest version of the data protection consent form at the place where you found the data protection consent form.
The Terms and Conditions of Use of the Swiss Life customer portal apply additionally.
© Swiss Life, March 2020