How does Achmea protect your privacy?

We take great care in looking after your personal data. Below you may find more information on how we protect your privacy.

Looking after personal data

When you apply for an insurance product or for one of our financial services with one of the Achmea brands, we will ask you for your personal data. For instance: your name, date of birth, contact details, bank account number or your vehicle registration. We use this information in processing your application, entering and carrying out the contract, and managing relationships arising from the contract. In addition, we can use this information for marketing purposes. You may indicate whether you wish to receive this information.
Another important purpose of registering personal data, is guaranteeing security and integrity in the financial sector, in our organization, of our employees and customers, and for conducting statistical analysis. Finally, we also use this information to comply with legislation and regulations.

Legislation and regulations

Within the Achmea Group, we process your personal data in accordance with the Dutch Data Protection Act, Wet bescherming persoonsgegevens (Wbp); the Dutch Code of Conduct for the Processing of Personal Data by Financial Institutions; and the Dutch Code of Conduct for the Processing of Personal Data by Health Insurers. As far as banks, insurers and health insurers are concerned, the regulations in the Data Protection Act are elaborated on in these codes of conduct.
Achmea has registered its personal data processing with the Dutch Data Protection Authority, het College Bescherming Persoonsgegevens (CBP). The registration is published on the website of the CBP’s public registry. You may find this here: public registry --> registry registration --> search --> name --> Achmea.

Processing specific personal data

Due to the nature of services rendered (for health insurance), it is sometimes necessary to process specific personal data, for instance when it concerns medical details. These details will only be given to certain employees who have been assigned with processing personal medical data for specific purposes, e.g. processing of authorization applications, acceptance of complementary insurance, and finding healthcare. These employees are bound by a non-disclosure agreement.
Medical details may only be used for the insurance product for which the details were provided. They may not be passed on or used for other products, in any case, not without explicit permission by the persons concerned.

Disclosure to third parties

In some cases, Achmea is legally bound to disclose information to other organizations. For example: the Dutch Revenue & Customs Service, the office of investigations, the police department and the Dutch Ministry of Justice. Information is always disclosed with great care and only when the request for information is based on legal grounds.

Services provided by third parties

In certain cases we engage the services of other organizations, e.g. collection agencies, specialized agencies. Achmea maintains full responsibility for the processing of personal data, and will safeguard your privacy at all times.

Fraud (prevention)

In order to minimize risks, assess applications, and prevent fraud, Achmea is able to request and register data with the Dutch Central Information System Foundation, Stichting Centraal Informatiesysteem (CIS). This foundation keeps insurance data for, among others, insurance companies operating in the Netherlands. CIS will provide this data to participating members, but only under strict conditions. From the information that CIS collects, insurers are able to track down, prevent and combat the abuse of financial products and services, as well as manage risks more effectively.
In the event of fraud being established, say, when drawing up an insurance contract or when a claim is made or is being processed, we will register this. This is also the case when we establish the abuse or improper use of your insurance. We do this in accordance with the Dutch Protocol Insurers and Crime of the Association of Insurers, and the Dutch Protocol Incident Warning System for Financial Institutions. This data is processed thoroughly by a select group of employees who have signed an additional non-disclosure agreement.

Viewing and changing of data

Everyone has the right to inquire as to which personal data Achmea has processed. We will reply to such inquiries within 4 weeks (this is the legal time span). Any errors in the data known to us may be corrected or removed on request. Such requests may be sent to or Risk & Compliance, Postbus 866, 3700 AW Zeist.


Do you have any questions on Achmea and privacy? Send an email to, or write to Achmea privacymanager (Risk & Compliance), Postbus 866, 3700 AW Zeist.