Corporate Individual

Privacy Policy

Indtroduction

DSS Hälsa AB (”DSS Hälsa”, ”we” or ”us”) process personal data about you who:

  • are insured or co-insured under an insurance distributed by us,
  • are a contact person of a company which is a corporate customer of us,
  • visit our web page, app or social medias ("digital channels"), or
  • come in contact with us in any other way, e.g. through our customer service

This privacy policy explains how we process your personal data and your rights under the data protection legislation.  

Personal data and processing of personal data

Personal data is any information that directly, or indirectly together with other information, can be linked to a living person. This means that a range of different types of information, such as name and contact details, IP addresses, purchase history and information related to a matter, is considered personal data.

Processing is any action taken with the personal data, e.g. collection, storing, modification, use for different purposes, altering or deletion of personal data.

Description of processing activites

You who are insured, co-insured or a contact person of a corporate customer

If you are insured or co-insured under an insurance distributed by us, we will process personal data which is necessary to provide and administrate your insurance. Your personal data will be processed in connection with registration of you as an insured, health and insurance coverage assessments and advice, claims handling and analysis and reporting to authorities. Personal data may also be processed about you who are a contact person of a business customer of DSS Hälsa.

You who are insured, co-insured or a contact person of a corporate customer

Categories of personal data

Contact and work information: name, number, address, personal identification, birthday workplace, role, professional industry, phone number and e-mail address.

Insurance information: insurance number, claim number, type of insurance, start date of insurance.

Health information: information about your health and potentially other sensitive data disclosed by you in connection with complaints handling, e.g. sexual orientation (if it is relevant for your specific claim)

Invoicing information: contact information, type of treatment, date, amount, salary-ID.

Purpose of processing
  • - Provide the insurance and administrate our agreement with you or your company
  • - Communicate with you and administrate the insurance, including onboarding, creation of user accounts, claims handling, claims reporting etc.

- Send electronic communication to you, inter alia, e-mail and sms/mms. You can opt-out from further communication by clicking on a link in each message sent through e-mail or sms/mms, or by contacting us via the contact details below.

- Obtain anonymized statistics over the usage of our services and to develop, test and improve our services and measure customer satisfactory

- Fulfilling legal obligations and reporting obligations in relation to authorities 

Legal basis

Performance of an agreement: Fulfil our obligations in the agreement with you and administrate the agreement (e.g. providing insurance)

Establishment, exercise of defence of legal claims: To be able to determine your right to insurance compensation pursuant to the insurance agreement.  

Legal obligation: To fulfil our legal obligations, e.g. accounting and tax legislation.

Legitimate interest: We have a legitimate and compelling interest for processing your personal data, e.g. to obtain statistics of over the usage of our insurance and to communicate with you when it is not a direct result of our agreement. When personal data is processed regarding others than our customers (e.g. co-insured) this is done with the basis of a legitimate interest.

Consent: We will only transfer your personal data to third parties within our network (such as treatment providers) if you have consented to this in advance. We may also receive personal data from our collaboration partner Medhelp if you have consented to this in advance.

You who visit and use our digital channels

Whenever you visit/use our digital channels, we collect information that you choose to submit to us, e.g. name, e-mail address and phone number. We may also collect personal data through cookies. DSS Hälsa's use of cookies is described in our cookie policy.

You who visit and use our digital channels

Categories of personal data

Contact information: name, social security number, phone number and e-mail address

Surfing habits and visiting history: which pages you have visited on our (and others) website and for how long

Demographic information: age, gender, civil status, address and education

Login credentials: e-mail address and password

Profiling- and movement patterns: choices and purchases made, number of clicks, location data, preferences, custom audience and profile

Technical data: technical equipment used, timestamps, metadata, cookie-ID and IP-address.

Purpose

- Provide, maintain, test and improve our digital channels

- Offer you support when facing a problem on our digital channels

- Create reports, review the effect of marketing campaigns and create anonymized statistics regarding the usage of our digital channels

- Management, development and testing of our IT systems in order to secure that our digital channels uphold high quality as well as identifying and preventing security attacks such as viruses

Legal basis

Performance of an agreement: Fulfil our obligations in the agreement with you, e.g. user terms, and administrate the agreement

Legitimate interest: We have a legitimate and compelling interest for processing your personal data, e.g. to provide you with electronic communication if you are an existing customer of DSS Hälsa, review the effects of marketing campaigns, to obtain anonymized statistics, and to and manage, develop, test and improve our IT system.

Consent: We will only send electronic direct communication to you who are not an active customer of DSS Hälsa if you have consented to this in advance. We may also obtain your consent for processing personal data conducted by way of cookies, please see our cookie policy.

You who contact our customer service or otherwise come in contact with us

When you contact us with queries to our customer service or when you otherwise contact us (in other matters than insurance related issues), e.g. in communication on social medias, we process the personal data that you choose to submit to us or which we collect about you in connection with administrating your request.

You who contact our customer service or otherwise come in contact with us

Categories of personal data

Contact information: name, social security number, phone number and e-mail address

Customer service request: customer number, complaints, queries, and other information which you choose to submit to us.

Purpose

- Communicate with you and administer your request through our customer service, e-mail forms and our social media accounts

- Analyse calls and chat conversations in order to improve our communication and for your and our security

- Obtain anonymized statistics regarding the usage of DSS Hälsa's communication channels

- Maintain, develop, test and improve DSS Hälsa's services and the technical platforms on which they are provided

Legal basis

Legitimate interest: We have a legitimate and compelling interest for processing your personal data, e.g. to communicate with you, analyse calls and your use of our communication platforms, and to and manage, develop, test and improve DSS Hälsa's services and technical platforms.

Erasure of personal data

Your personal data is processed only as long as necessary in order to fulfil the purpose of the processing activity or as long as permitted or required according to law. This means that we delete your personal data when such personal data is no longer necessary to e.g. comply with legal obligations or administrate an insurance provided by us. Thereafter, your personal data is erased in accordance with our erasure policy.Erasure of personal data

Security measures for protection of personal data

A high level of security for your personal data is of utmost importance to DSS Hälsa, and we have put in place appropriate technical and organizational security measures to protect your personal data from unauthorised access, modification, dissemination and destruction.

Limitations in the transfer of personal data

DSS Hälsa may engage external partners and suppliers to perform services on behalf of DSS Hälsa, e.g. to provide IT services or assist in communication, analysis or statistics. The performance of these services may entail such parties obtaining access to your personal data. Your personal data will never be transferred outside of EU/EES.

Companies which are processing personal data on behalf of DSS Hälsa, as data processors, are obliged to sign an agreement with DSS Hälsa in order to ensure a high level of protection of personal data.

We may transfer your personal data to a third party, such as the police or other authority, in the course of an investigation or otherwise when so obliged by law or governmental decision, or if you have consented to this in advance. Such third parties may be treatment providers who will help you with your health issue, accountants and lawyers.

Right to information and right to complain

You have certain rights in relation to DSS Hälsa. If you wish to exercise any of these rights, please contact us on the contact information provided below:

  • Right to access (register transcript) – a right to obtain confirmation and information of the processing of your personal data.
  • Right of rectification – a right to have your personal data corrected.
  • Right to object – a right to object against our processing if the legal ground for the processing is based on a balancing of interests or if it is used for direct marketing.
  • Right of erasure – a right to have your personal data erased. This right is limited to data that, by law, requires your consent to be processed, if you withdraw that consent and oppose the processing.
  • Right to restrict data processing – a right to demand that the processing of personal data is restricted, e.g. if you oppose the correctness of the data. While the matter is investigated, DSS Hälsa's access to the data in question is restricted.
  • Right to data portability – a right to request that personal data be sent from one data controller to another. This right is restricted to data, which you have submitted to us.

You are also entitled to, at any point in time, file a complaint with the supervisory authority if you believe that our processing of your personal data is in breach of applicable data protection legislation, here: https://www.imy.se/.

Contact information to the controller

DSS Hälsa AB

Company registration number: 556751-0424

Torshamnsgatan 20

164 40 Kista

E-mail: privacy.gdpr@ds-sundhed.dk

Phone: 08 4000 6121

Cookie settings