Privacy Statement Collaborating with Achmea

Your data in safe hands

Are you using the Microsoft Office 365 environment of Achmea B.V. as an employee, external worker or external user? Then we need some of your personal details. We think it is important that you know what we do with your personal data and what your rights are. This way you can rest assured that your data are in good hands with us.The Privacy Policy and procedures as described on Achmeanet apply to employees and external workers of Achmea.The Privacy statement below applies specifically to external users of Achmea's Microsoft 365 environment.

What data do we use?

Usually we ask for your name (first and last name) and e-mail address. Sometimes we also ask for other information such as your telephone number or you may choose to add a photo. We use this personal data so that you – as an external user – can collaborate with people within Achmea B.V. on the Microsoft Office 365 environment. If you add a photo yourself in the Microsoft Office 365 environment, it will be visible to other participants. We will not use your photo in any other way.
Achmea and Microsoft also process data about the use of Microsoft Office 365, such as log data and metrics.

What do we use your data for?
We use your data to:

  • Create your guest account;
  • Be able to identify you, for authentication and authorization purposes;
  • Register access information;
  • Manage facility and IT processes;
  • Analyze external use of Microsoft Office 365 for improvement purposes;
  • Comply with the law;
  • Carry out internal auditing and business security checks;
  • Handle (legal) complaints and support tickets.

Achmea B.V. is responsible

Achmea B.V. is responsible for the proper processing of your personal data for all Achmea brands.

Who do we share you personal data with?

Sometimes we pass on your data. We may exchange diagnostic data (meta data) with Microsoft. We store the contents of your files associated with your Microsoft products in the Microsoft Azure environment within the EEA.
We never sell your data.
If it is necessary to transfer data to recipients outside the European Economic Area (EEA), we do so very carefully. Within the EEA, the same privacy rules apply.

How do we make sure that your data are safe with us?

Our IT systems are well secured. And we continually take measures to prevent misuse of your data. In addition, our employees have also received clear instructions on how to handle personal data.

We are extra careful with sensitive data

By sensitive data we mean, for example, personal data showing your racial or ethnic origin.

How long do we keep your data?

We keep your data as long as you use Achmea's Microsoft Office 365 environment or as long as it is required by law. After that, we will delete or anonymize your data.

Privacy laws and regulations

We comply with the applicable privacy laws and regulations. These are, inter alia:

  • The General Data Protection Regulation (GDPR);
  • De Uitvoeringswet Algemene Verordening Gegevensbescherming. Dutch General Data Protection Regulation Implementing Act;
  • De Telecommunicatiewet. Dutch Telecommunications Act.

Your rights

Your rights are also regulated by law. You may:

  • Withdraw your consent to the use of your personal data;
  • Request your personal data from us;
  • Have errors corrected and have your personal data supplemented if they are incorrect or incomplete;
  • Have your personal data deleted;
  • Object to certain uses of your data;
  • Transfer your data;

Limit specific processing operations

Let us know when you wish to exercise your rightsYou can find our contact details on the Achmea B.V. website. Please send us a letter or an e-mail if you wish to exercise your rights. In the interests of preventing misuse and fraud, we may ask that you provide proper identification. We will reply within one month of receipt of your message.

Do you have a question, tip or complaint?

Send an email to Achmea's Data Protection Officer at You can also send a letter to:
Achmea B.V.
Attn. Privacy Manager
Compliance & Operational Risk Management
Postbus 866
3700 AW Zeist

Did we not find a solution together? Under the GDPR, you are also entitled to lodge a complaint with the Dutch Data Protection Authority. To do so, please contact them.

We can change this Privacy Statement

For example, we can do this if something changes in the laws or regulations. You can always find the most recent version on our website. This most recent version is of 16 August 2021.