Privacy Policy

Data Controller Information

sharpvisionary B.V. is the data controller responsible for your personal data. We are registered in the Netherlands with registration number KvK62134875 and our registered office is located at Dorpsstraat 122, 3041 MH Rotterdam, South Holland, Netherlands.

Data We Collect

The data we collect includes personal information you provide directly to us and information automatically collected when you use our services. This may include:

• Personal details such as name, address, email address, and telephone number
• Health information relevant to vision insurance coverage
• Financial information for premium payments and claims processing
• Website usage data including IP addresses, browser information, and page views
• Communication records including emails, phone calls, and support interactions
• Marketing preferences and consent records

How We Use Your Information

We use of your data is based on legitimate business interests, contractual necessity, and your consent where required. We use your information to:

• Provide vision insurance services and process your applications
• Process premium payments and insurance claims
• Communicate with you about your policy and services
• Improve our services and develop new products
• Comply with legal and regulatory requirements
• Prevent fraud and ensure security of our services
• Send marketing communications where you have consented

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Contractual necessity: To provide insurance services and fulfil our contractual obligations
• Legitimate interests: For business operations, fraud prevention, and service improvement
• Legal compliance: To meet regulatory and legal requirements
• Consent: For marketing communications and non-essential cookies

Data Sharing and Disclosure

We may share your personal data with:

• Healthcare providers in our network for claims processing
• Third-party service providers who assist with our operations
• Regulatory authorities and law enforcement when required by law
• Professional advisers including lawyers and accountants
• Insurance partners and reinsurers as necessary for coverage

Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Insurance records are typically retained for seven years after policy termination, whilst marketing data is retained until you withdraw consent. We regularly review our retention periods and securely delete data when it is no longer needed.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Request copies of your personal data
• Right to rectification: Correct inaccurate personal data
• Right to erasure: Request deletion of your personal data in certain circumstances
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a portable format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for marketing and cookies

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption, access controls, regular security assessments, and staff training on data protection practices.

International Data Transfers

Your personal data is primarily processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, including adequacy decisions or standard contractual clauses approved by the European Commission.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or the supervisory authority in your country of residence.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date above.