At Generali Employee Benefits, we understand the importance of respecting your fundamental rights and freedoms regarding your privacy and the protection of your personal data. We are committed to ensure the confidentiality and security of the personal data we collect and process.
This section of our dedicated privacy page aims at informing you about our practices regarding collection, use and disclosure of personal data in relation to our professional business contacts (e.g. contact persons working at our clients, consultants, brokers, network partner contact points etc.). It further informs professional contacts on their privacy-related rights with regards to their personal data GEB processes.
For these processing activities, GEB is to be considered the responsible data controller as we determine both the why (purpose) and the how (means) of processing:
If you have any questions related to your privacy or to the protection of your personal data at GEB, please contact us via:
|Generali Employee Benefits (“GEB”)
Avenue Louise 149
Telephone: +32 2 537 27 60
Our privacy page was last updated on 31/05/2018
For the purpose of our privacy page, the following definition apply:
Generali Employee Benefits, “GEB” or “we”
Assicurazioni Generali S.p.A en Belgique (the Belgian representative office of Assicurazioni Generali S.p.A), with registered office at Avenue Louise 149, 1050 Brussels, Belgium
The General Data Protection Regulation meaning EU Regulation 2016/679 of the European Union and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
Sensitive personal data
Sensitive personal data is any information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Controller means the natural or legal person which alone or jointly with others determines the purposes and means of the processing of personal data
Processor is the natural or legal person, which processes data on behalf of the controller
Data subject or “you”
Data subject means a natural person whose personal data is being processed
How does GEB collect your personal data?
GEB collects your personal data in the following ways:
- When you offer your business card or contact details during an event, webinar, workshop or conference
When you offer your business card or other contact details to GEB employees, we collect the details you provided.
- When we have a contractual relationship with you or your organisation
When we have a contractual relationship with you, or with your employer, it may occur that we receive and collect personal data via the systems we use to provide our services (e.g. GEB.re) or by reference (e.g. emails, telephone calls, etc.).
- When you contact us via our website or social media (LinkedIn, Twitter)
When you contact us via the dedicated sections on our website (www.geb.com) or via social media such as LinkedIn or Twitter, we collect your personal data. Further information on the processing activities we carry out on our website can be found in the “I am a user of this website”-section.
- Third party databases
Some personal data we obtain via third party purchased databases.
Which personal data does GEB collect?
We collect the following types of personal data:
- Name and surname;
- Email address;
- Telephone number;
- The name of the company you are working for;
- Login details and credentials for systems we use to provide our services;
- Any other information that may be indicated on a business card (e.g. function) or which you may provide to us on conferences, events, webinars or workshops.
For which purposes does GEB process your personal data?
We collect personal data in a fair and lawful manner for the reasons and purposes as set out below.
- Organization of conferences, events, webinars and workshop, provision of information (e.g. newsletters), discovering of new business opportunities, sending of advertisements and commercial communications
Based on your consent, we collect and process your name, surname, email address, telephone number, the company you work for or any other information which may be indicated on a business card. We do this in order to organize conferences, events, webinars and workshops, to provide you with information such as internal or external newsletters, to bring in or discover new business opportunities or to send you advertising or commercial communications. You are under no obligation to provide this personal data. However, if you willingly provide this data, you are giving us your consent to process it for the purposes outlined in this section of our privacy page. For newsletters, you can withdraw your consent at any time by clicking on the unsubscribe link indicated in our emails or sending an email to email@example.com.
- Developing GEB business, offering of services and performance of agreements we have entered into
Based on our legitimate interest in developing our business, offering our services and performing the agreements we have entered into, we collect and process your name, surname, email address, telephone number, login details or credentials and the company you work for. We do this in order to run our day-to-day business and provide our services to our clients and network partners.
With which parties does GEB share your personal data and why?
We share your personal data with the following parties:
- Law enforcement, government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation
Within the limits of the applicable laws, we share your personal data with authorities, law enforcement and government agencies upon their request in order to prevent criminal activities, meet national security requirements or respect law enforcement injunctions.
- Third parties that provide applications & systems
When necessary, we share your personal data with third parties whose services we are using (e.g. hosting services such as cloud providers, security service providers). Such providers include, but are not limited to:
- Our CRM, SalesForce: to manage our contact details and information (https://www.salesforce.com/uk/company/privacy/)
- LinkedIn Sales Navigator: to manage our prospecting activities (https://www.linkedin.com/legal/privacy-policy)
We may transfer personal data to countries that are not in the European Economic Area (EEA). However, if such transfer occurs and the country does not fall under a Commission adequacy decision, GEB will ensure that appropriate safeguards are in place that provide sufficient protection for your fundamental privacy rights and freedoms. Such safeguards include, but are not limited to, Standard Contractual Clauses, as approved by the European Commission.
Which rights do you have and how can you exercise them?
GEB respects to the fullest extent the rights you have as a data subject. These rights include:
- The right of access
If you can prove your identity, you have the right to access all the information GEB has on you. This includes whether or not we have any data on you, the purposes for which we process your data, the types of personal data concerned, the recipients to whom your personal data will be disclosed and the rights you have under the GDPR.
You can exercise you right of access by sending an e-mail to firstname.lastname@example.org. We will provide you with one copy free of charge. For any additional copies, we may charge an administrative fee.
- The right of rectification
You have the right to rectify inaccurate, incorrect or outdated personal data we may have on you. Where personal data is incomplete, you have the right to complete it, including by means of providing a supplementary statement.
You can exercise your right of rectification by sending an e-mail to email@example.com.
- The right of erasure
You have the right to have your personal data erased without undue delay if one of the following conditions applies:
- The personal data is no longer necessary for the purpose for which it was collected;
- You withdraw your consent, if the legal basis for processing is consent;
- You exercise your right to object and we have no overriding legitimate grounds to continue the processing;
- The personal data has been unlawfully processed;
- We have to erase your personal data to be in compliance with a legal obligation under EU or Member State law.
You can exercise your right of erasure by sending an e-mail to firstname.lastname@example.org. It is up to GEB to assess the presence of the abovementioned criteria.
- The right of restriction
You have the right to obtain from us restriction to processing your personal data if one of the following conditions applies:
- For the period enabling us to verify the accuracy of your personal data, if you have contested the accuracy of the personal data;
- The processing is unlawfully and you request the restriction of processing instead of the erasure of the data concerned;
- We no longer need the personal data for the purposes for which it was collected but you need it for the establishment, exercise or defence of legal claims;
- When you exercised your right to object, for the period we need to verify whether the legitimate grounds we rely upon override yours.
You can exercise your right of restriction by sending an e-mail to email@example.com. It is up to GEB to assess the presence of the abovementioned criteria.
- The right to data portability
You have the right to receive the personal data you directly provided to us in a structured, commonly used and machine-readable format and transfer it to another data controller. We will not hinder you if you exercise this right.
You can exercise your right to data portability by sending an e-mail to firstname.lastname@example.org.
- The right to object and not be subject to automated individual decision making (including profiling)
You have the right to object, at any time and on grounds specifically related to your particular situation, to the processing of your personal data provided that we process the data concerned based on our legitimate interest. In such case we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is necessary for the establishment, exercise or defence of legal claims.
Furthermore you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you.
You can exercise your right to object and not be subject to automated decision making by sending an e-mail to email@example.com.
- The right to withdraw your consent
You have the right to withdraw your consent at any time for the processing activities for which we requested your consent. Any processing of your personal data we may have performed before your withdrawal shall remain lawful.
You can exercise your right to withdraw consent by clicking on the unsubscribe link indicated in our emails or by sending an e-mail to firstname.lastname@example.org.
- The right to lodge a complaint with the supervisory authority
You have the right to lodge a complaint with a competent supervisory authority such as, but not limited to: the Belgian Data Protection Authority (formerly known as the Privacy Commission) (https://www.privacycommission.be/), the Italian Garante per la Protezioni dei Dati Personali (http://www.garanteprivacy.it/home_en), the UK’s Information Commissioner’s Office (https://ico.org.uk/), etc.
We will duly address all your privacy related requests. Furthermore, within a period of one month, we will provide you either with a comprehensive answer or with clear reasons why the request will take longer than anticipated.
How long will GEB retain your personal data?
GEB will only retain your personal data for as long as is necessary to fulfil the purpose for which we collected it.