In Topdanmark, we want our customers to always trust us. When you supply us personal data, we know that it is our responsibility to protect it. Therefore, we have IT systems, procedures and controls which ensure that we comply to the General Data Protection Regulation (GDPR) and the Data Protection Act, and that your personal data is processed and stored in a way that respects your privacy.
Topdanmark does not sell personal data.
In Topdanmark , we want our customers to always trust us. When you supply us personal data, we know that it is our responsibility to protect it. Therefore, we have IT systems, procedures and controls which ensure that we comply to the General Data Protection Regulation (GDPR) and the Data Protection Act, and that your personal data is processed and stored in a way that respects your privacy.
Topdanmark does not sell personal data.
We only collect personal data, which is necessary for our processing and we process the personal data in compliance with current legislation.The categories of personal data collected depends on the purpose of the processing. In Topdanmark , we process the following categories of personal data:
We only register personal data if it is necessary. When processing your insurance, claim or buying shares, it can be necessary to collect data on the following categories of persons:
Advisers (bank, lawyer, accountant)
Therapists (doctor, psychologist, physiotherapist, etc.)
We collect personal data from you and from third parties such as your former insurance company, your doctor and Topdanmark collaboration partners (for example: Coop, Sydbank, Varelotteriet, suppliers of fertiliser sensors and Leakbot etc.)
We collect data about you e.g. via cookies, telephone calls or chats with you. We receive data if you follow us on Facebook oractively write comments or in other ways communicate with us. We also collect information from your replies, when you participate in surveys or answer questionnaires.
Furthermore, we collect data from public and private registers such as the CPR register, trade unions, the Register of Motor Vehicles, BBR, DFIM, credit reporting agencies and telephone book information.
When using Facebook, Facebook installs a cookie on your computer, telephone or tablet, which collects data about you. The data is collected if you share, comment or like a post. Both Facebook and Topdanmark are responsible for this data collection. Facebook is the data controller, when your personal data is used for marketing and advertising on Facebook. Topdanmark is the data controller, when we receive statistics regarding Facebook users, which we then apply to target our marketing.
Facebook’s policy for processing personal data is available at:
We use your data when processing your insurances and claims, give you advice and keep you up to date on the products we, and our collaboration partners, can offer within insurance and banking. Furthermore, we use the data when processing complaints and lawsuits, as well as for making surveys and analyses to continuously improve our advice, service and technical solutions. If you have an IOT solution (Internet of Things), we will make use of the data to assess whether the data can be used to prevent damages.
Data collected from public and private registers are used for:
If you are a shareholder, the purpose of processing your data is to update the register of shareholders and manage your transactions.
When you call us, we will sometimes ask your permission to record the call. Recording calls requires consent and therefore we never record calls without active acceptance from you. We use the recorded calls in the training of our employees, and to continuously improve our customer service, insurances and pension schemes, and as documentation. A limited circle of employees has access to the recordings. The recordings are deleted or anonymised after 6 months.
When you chat with us, your chat conversation will be saved. Chat conversations are used for writing new policies, claims, policy questions and for training our employees. We do not use the chat for exchange of statements of health. If you are a customer, we will save the chat on your file. If you are not a customer, we save your conversation for 12 months.
When you log on to Mit Topdanmark, we identify you. Data on your use of the website is processed confidentially and in the same way as all customer data.
The legal basis for processing your data is the financial regulations (The Financial Business Act etc.) and other relevant legislation including:
Topdanmark also process your data, if you have entered or are considering entering a contract with us or you have given your consent. cf. the General Data Protection Regulation, article 6, paragraph 1, see paras (a) and (b), or if any other rules for processing according to the General Data Protection Regulation, article 6 or article 9 apply. We only process personal data, which is adequate, relevant and limited to what is necessary in relation to the purpose of the processing.
Moreover, Topdanmark process your data when necessary to pursue legitimate interests. This could be preventive action against abuse and loss, to strengthen our IT security, and for direct marketing etc.
As a financial institution, we are subject to a strict duty of confidentiality according to the Financial Business Act. Therefore, your data is processed confidentially, and we only divulge your personal data if you have given your consent, or if we have a legitimate interest by law.
Topdanmark discloses data to the following recipients:
Persons related to an insurance or pension scheme e.g. policyholder, next-of-kin, claimant, beneficiaries and counterparties
Other insurance companies
Public authorities (police, tax authorities, municipal authorities etc.)
Repairers e.g. skilled workers
Doctors and other therapists
Topdanmark is obliged to erase personal data when no longer relevant. This means that we on an on-going basis erase data for which we no longer have a reasoned purpose, a legal obligation to store, or can be met by a claim.
Topdanmark rules of erasure is based on the absolute limitation period in the Danish limitation act and the storage requirements in the bookkeeping act.
The standard rules of erasure for Topdanmark are as follows:
Your security is important to us. Therefore, we have taken both technical and organisational measures to protect the data we receive. This means that we have:
In Topdanmark , we use profiling and data modelling to provide you the right insurances, fix prices, reveal fraud and risk of fraud/money laundering, assess the probability of breaches, assess assets and for marketing purposes.
We are also working on automating some of the decisions rulings we make. This means that a robot will make the decisions on whether a claim is covered by the insurance, or if we can make an insurance quote. If a decision making is automated, you will be informed hereof in the specific ruling.
In Topdanmark , we have adopted ethical principles for the use of artificial intelligence. You can read the principles here:
Nearly all emails to and from Topdanmark are encrypted by TLS (Transport Layer Security), thus the e-mail is protected during transport. We also encrypt emails, thus we can send and receive emails containing sensitive personal information.
If you want to send emails encrypted with certificate to Topdanmark, please send your emails to firstname.lastname@example.org, after downloading the certificate at: https://service.nemid.nu/dk-da/support/soeg_certifikat/.
Topdanmark may choose to use data processors, including suppliers of software, hosting, security and storage. Therefore, your data can be disclosed to data processors.
All data processors are subject to written authorisation and control to ensure that your personal data is solely used for the specific purpose for which the data was collected.
Topdanmark has chosen to outsource some services to countries outside the EU/EEA; this includes IT technical development and support. When doing so, we ensure your rights by using the EU Commission’s standard contract, binding corporate rules or the so-called “Privacy Shield” approved by the EU Commission.
We have written contracts with all data processors, and we perform on-going audits to ensure that they comply with our instructions on secure processing. As a part of the instructions, we require the data processors to treat your data confidential and take the appropriate technical and organisational measures to prevent your data, unforeseen or illegally, from being destroyed, lost, impaired, abused, divulged to any unauthorised persons, or in any other way processed in contravention of the General Data Protection Regulation.
At any time, you can exercise your rights – however, with certain statutory exemptions.
If you are dissatisfied with how Topdanmark is processing your data, you can send your complaint to Datatilsynet (The Danish Data Protection Agency), Borgergade 28, 5., 1300 Copenhagen K, Tlf. 33 19 32 00, mail email@example.com, website: www.datatilsynet.dk.
Topdanmark A/S, Topdanmark Forsikring A/S og Topdanmark Livsforsikring A/S , Borupvang 4, 2750 Ballerup are data controllers.
If you have any questions regarding the processing of personal data, or if you want to exercise your rights, please contact us at www.topdanmark.dk, or call us at 44 74 31 11. You can also contact our Data Protection Advisor at firstname.lastname@example.org.