Privacy Statement

We are aware that, in advising on and contracting financial products or services, we ask customers to provide quite a lot of confidential information. Every customer of Kuiper Verzekeringen and Kuiper Assuradeuren should rest assured that we handle the information provided by them to us with due care, and that such information will not be shared with others without the customer's express consent. The information is processed in compliance with the General Data Protection Regulation (GDPR) and the Code of Conduct for the Processing of Personal Data by the Dutch Insurance Industry ("Gedragscode Verwerking Persoonsgegevens Verzekeringsbedrijf").

In this context, careful handling of the recording and exchanging of personal data is a prerequisite for providing financial services in a careful manner. Confidentiality is an important aspect for our company as well as for the mindset of the professionals working within our company.

For us to carry out our work effectively, we need to exchange personal data with service providers and, for example, bodyshops and counterparties, as this touches on the core of our tasks as a financial services provider. We may also be required by law to provide information to authorities such as the Dutch tax authorities or the Netherlands Authority for the Financial Markets (AFM).

We have mapped out the personal records kept by us and processed these into our internally maintained processing register. Upon request customers and other stakeholders can receive these records, which contain information on the data we process and the parties that we can exchange such data with.

We are keen on transparency about the processing of personal data. We will inform you about this in this Privacy Statement. If you have any questions after reading this document, please feel free to get in touch with us. Our contact details can be found below. If you would like more information about our privacy policy, you can also request a copy of our Privacy Regulations and/or our Processing Register.

Contact details

Company name:
Kuiper Verzekeringen B.V.

+31 513 614444



Postal address:
PO Box 116, 8440 AC Heerenveen, the Netherlands

1. Definitions 

In these Regulations,

  • 'law' shall mean the General Data Protection Regulation (GDPR) and the Dutch GDPR Implementation Act;
  • 'personal data' shall mean any information relating to an identified or identifiable natural person;
  • 'processing of personal data' ('processing') shall mean any operation or set of operations which is performed on
  • personal data or on sets of personal data, whether or not by automated means,
  • such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval,
  • consultation, use, disclosure by transmission, dissemination or otherwise
    making available, alignment
  • or combination, restriction, erasure or destruction;
  • 'file' shall mean any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis;
  • 'controller' shall mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
  • 'processor' shall mean the person who processes personal data on behalf of the controller without being under the latter's direct authority;
  • 'data subject' shall mean the person to whom personal data relate;
  • 'third party' shall mean any party other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the data;
  • 'recipient' shall mean the party to whom personal data are disclosed;
  • 'the data subject's consent' shall mean any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed;
  • 'supervisory authority' shall mean the Dutch Data Protection Authority (Autoriteit Persoonsgegevens);
  • 'disclosure of personal data' shall mean making personal data public or available;
  • 'collection of personal data' shall mean obtaining personal data.

2. Types of data 

We process or may process the following of your personal details:

  • Contact details, such as name, address, place of residence, telephone number and email address;
  • Age, gender and marital status;
  • Data relating to a passport, driver's license or other identity document (in some cases we may ask for a copy of the ID);
  • Data on employment, income, profession and employer;
  • Data on financial situation, assets and debts, if any;
  • Data on current financial products, such as bank accounts or insurance policies;
  • Special personal data, e.g. health information (in some cases);
  • Information on any criminal offences, fraud aspects, if relevant;
  • Data relating to claims submitted and claims history;

a. When processing health or criminal data, we do so with the utmost care and usually only with your prior consent.

3. Purposes of data processing 

We process your personal data for, among other things, the following activities within our company:

  • Assessing and accepting customers or prospective customers;
  • Managing our relationship with customers, prospective customers, and visitors;
  • Managing and expanding our customer base;
  • Concluding and performing agreements;
  • Performing analyses of personal data for statistical purposes and the use of an archival destination;
  • Carrying out (targeted) marketing and promotional activities to establish, maintain or expand the relationship with a customer or prospective customer;
  • Complying with legal obligations;
  • Sending newsletters or information of a specific nature.

4. Lawful processing of data

We will use at least one of the following grounds for processing your personal data if:

  • You have granted your unequivocal consent to the processing;
  • The data processing is necessary for the execution of an agreement to which you are a party (for example, an agreement for contracting a financial product or service, or an employment contract with the data subject) or for any actions requested by you and necessary for concluding – or assisting in the management of – an agreement;
  • The data processing is necessary for us to fulfil some legal obligation;
  • The data processing is necessary in connection with a vital interest of our organization;
  • The data processing is necessary in view of an interest of our or a third party's business operations. In doing so, we will always weigh up your interests against ours. Our interests include the careful execution of agreements with you and maintaining and, where possible, expanding our customer relationship through direct marketing and/or profiling aimed at marketing.

5. Processing of personal data

a. Processing is carried out by employees of our company or by other individuals engaged in providing financial services under our responsibility.

b. In general, processing takes place in connection with the execution of an agreement, i.e., the contract for services. Where no execution of such a contract is concerned, processing will take place with the explicit consent of the data subject.

c. The processing is done to enable us to perform our activities as an advisor and/or an intermediary and/or an authorized underwriting agent in financial products and services.

6. Disclosure of personal data to third parties

We will not disclose your personal data to others without good reason.

a. Personal data will in principle not be disclosed to any third party unless and only after you give your permission, except where required by law or in a state of emergency.

b. An exception to this rule is the exchange of information with parties we need for the execution of the agreement, such as insurance companies, banks, lenders or parties involved in claims handling, such as bodyshops and loss adjustment agencies.

c. Finally, we may disclose personal data in order to comply with legal obligations, such as obligations to the Dutch tax authorities and the Netherlands Authority for the Financial Markets (AFM).

d. External parties processing personal data under our responsibility do so only for purposes and under conditions agreed with them, which we lay down in written agreements.

e. The foundation CIS (Central Information System) for the detection of possible fraud (FISH database; FISH: Fraud and Information System Holland).

f. The foundation EPS (Stichting Efficiënte Processen Schadeverzekeraars) for processing certificates of no claims bonus (Roy-data) or recovering damages (Clearinghuis Regres).

g. MarketScan to perform portfolio analyses and provide data to our principals or proxies.

7. Right of rectification, supplementation, erasure, portability

You have rights with regard to the processing of your personal data. You can contact us about these rights at any time.

a. You may submit a written request for rectification, supplementation, erasure and/or restriction of the processed personal data, if and insofar as such data are factually inaccurate, for the purpose of processing incomplete, irrelevant or include more information than necessary for the purpose of registration or are otherwise processed in violation of a statutory provision. The request shall contain the contemplated changes.

b. You may submit a written request to transfer your personal data to you or another organisation (right of portability).

c. We will inform you in writing as soon as possible, but no later than four weeks following receipt of your request, whether your request is granted. If not or not fully granted, your request will be rejected, stating reasons. You will then have the right to turn to our complaints committee.

d. We will ensure that a decision to rectify, supplement, erase and/or restrict data is implemented within 14 working days or, should this not be reasonably possible, as soon as possible thereafter.

8. Data retention

We will only retain your personal data for as long as and to the extent that we need it. We will in any case retain any data that we necessarily need for the duration of our relationship or agreement. If our relationship or agreement ends, we will retain the data for the statutory retention periods that apply to us.

Our retention periods for policy files are:

  • 7 years following termination for motor insurance policies.
  • 10 years following termination for commercial fire insurance policies.
  • 30 years following termination for commercial liability insurance policies based on loss occurrence.
  • For all other non-life insurance policies, 5 years following the termination of the insurance.

Our retention periods for claim files are:

  • 10 years following closure of a personal injury claim file.
  • For all other claim files, 5 years following closure of the claim file.

9. Processing register

a. Fully or partially automated personal-data processing intended to achieve a purpose or related purposes has been mapped out by us and processed into an internally maintained processing register before data processing is started.

b. In situations where, in view of the nature and context of the personal data held, an automated process used by us for processing personal data would pose a high risk to the data subject, we will carry out a data protection impact assessment prior to starting such processing, and ensure that we sufficiently control the corresponding risks in order to safeguard the rights of data subjects in an adequate manner.

c. The internally maintained processing register includes:

  • The name and address of the controller;
  • The purpose(s) of the processing;
  • A description of the data subject categories and the related data (categories);
  • The recipients or categories of recipients to whom the data may be disclosed;
  • The respective retention periods.

10. Data leaks

a. If we are faced with a data leak, we will investigate whether any personal data have been lost or whether any unlawful processing is not to be ruled out.

b. Should such investigation reveal that personal data of a sensitive nature have been leaked, or there are adverse effects – or a significant risk of adverse effects – for any other reason, to the protection of the processed personal data, we will inform the Dutch Data Protection Authority about the data leak.

11. Complaints procedure

If you believe that we are not processing or handling your personal data properly, you can contact:

  • Kuiper Verzekeringen B.V. – If you are not satisfied with the handling of the complaint, you can turn to the Financial Services Complaints Tribunal (Kifid) of The Hague;
  • the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) – You can request this authority to mediate and advise in the dispute between you and us;
  • the competent court.

12. Contact details

Company name:
Kuiper Verzekeringen B.V.

+31 513 614444



Postal address:
PO Box 116, 8440 AC Heerenveen, the Netherlands

13. Changes to the Privacy Statement

We may make changes to this Privacy Statement in the future. On our website you can always find the latest version of the Privacy Statement.

14. Privacy Regulations

This Privacy Statement is part of our Privacy Regulations. You can access these Regulations at one of our offices. If you so wish, you can obtain a copy of these Regulations at cost.

15. Unforeseen situations

In situations not covered by these Regulations, the controller shall decide the matter, with due observance of the provisions of the law and the purpose and tenor of these Regulations.

Source information on the General Data Protection Regulation:

16. Cookie statement

We use cookies to give you the best possible experience of our website. See our cookie policy for more information on cookies and how to manage them.

What are cookies?
Cookies are text files stored on your computer, and accessible only to the websites which create them. Our website may from time to time use cookies and log files for statistical analysis, to understand user behavior, to administer the site, to tailor the information presented to a user based on their preferences, and to improve user experience. Any information gathered by our use of cookies is compiled on an aggregate, anonymous basis. Most web browsers automatically accept cookies, however, you may delete, or disable cookies by following these instructions. Please note that you may not be able to take full advantage of a website if you disable cookies. Our website uses cookies to keep you logged in, so disabling cookies may impair your experience of the service. Further information about cookies can be found on the Interactive Advertising Bureau’s website.

Summary of cookies

1. Functional cookies (necessary cookies)
These are cookies that are necessary for the site of Kuiper Verzekeringen. to function. Our website will not function optimally without these functional cookies. According to the Cookie Law, permission is not required for this category of cookies.

2. Analytical cookies
Our website works with statistics tools and uses these analytical cookies so that we can measure where our visitors come from, what operating system they use, how many people read certain articles, etc. This information is of great importance to us – we can optimize the website and make it more user-friendly based on this measurement data. Our website uses cookies from the following analytics, measurement and optimization tools: Google Analytics, Google Tag Manager and Hotjar.

  • Google Analytics
    We use Google Analytics to analyse the usage of our website. Cookies are placed in order to gain a better insight into the behaviours of visitors to our website. This will enable us to improve the user experience across the website. We ensure that the data is stored anonymously and that the sharing of this data within Google Analytics is disabled.

  • Google Tag Manager
    Google Tag Manager is an extension of Google Analytics and provides Kuiper Verzekeringen with more detailed data on how users move through the website (events). We use Google Tag Manager to measure the outgoing clicks, the general clicks, the accessing and submitting of forms, etc.

  • Hotjar
    We use Hotjar to identify improvements to our website. Hotjar provides us with detailed information about how users move through the site by registering the clicks, mouse movements and scrolling behaviour. Within Hotjar, all user recordings, heat maps, funnels and forms are stored anonymously. As a result, it will not be visible within Hotjar what information is entered in the forms. Hotjar will only be activated on our website if you have given us permission to use cookies.

3. Advertising cookies
In some cases, when advertisements, promotional content, etc. are used on websites, a web beacon is placed that keeps track of how often the promotional content has been viewed. We assure you that these beacons never collect privacy-sensitive information. Our website currently makes use of such services. For the use of advertising cookies we ask explicit permission through our cookie notice.

Our website may use videos that have been placed with third parties, such as YouTube or any other online video partner. These parties use cookies to enable the correct operation of these videos. We have no influence on the possible use of marketing cookies by such third parties when a video is being played. By visiting our website you agree to this.

Social Media
If you share our content through social media, for example by following us on LinkedIn or tweeting about us on Twitter, or giving us a '+1' via Google Plus, those social networks will record that you have done so and may set a cookie for this purpose. In some cases, where a page on our website includes content from a social network, such as a Twitter feed, or Facebook comments box, those services may set a cookie even where you do not click a button. As is the case for all cookies, we cannot access those set by social networks, just as those social networks cannot access cookies we set ourselves. We do not host 3rd party social media cookies ourselves on our website.

Log files
Our systems automatically gather some anonymous information about visitors, including IP addresses, browser type, language, and the times and dates of webpage visits. The data collected does not include personally identifiable information and is used, as described above, for statistical analysis, to understand user behavior, and to administer the site.

Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Go to their website for further information about Google’s privacy policy.

On our website, users have the option to submit a premium request, report damage or contact us directly. In order to make this possible, this means our website uses forms in which it is required to fill in personal data. This data is stored in a secured CMS database, hosted by our third-party web partner Van der Let & Partners. This data will, under any circumstance, never be shared outside Kuiper Verzekeringen or Van der Let & Partners. In all online forms, users are given the option to give explicit consent to sharing their data with us and our web partner or choose not to.

The internet is not a secure medium. However, we take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information. We have put in place various security procedures as set out in this policy. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorized personnel have access to user information. We use secure server software (SSL) to encrypt visitor data and personal/financial information you input before it is sent to us, and our database is hosted in a secure data center. Whilst we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we use our best efforts to prevent this.

We may make changes to this privacy policy from time to time. If we change our privacy policy, we will post the changes on this page. If the change in our privacy policy affects the use of your personal information, we will use our best endeavors to contact you by email to seek your consent to the use. Continued use of the service will signify that you agree to any such changes.

Your acceptance of this privacy policy
If you do not agree to this privacy policy, please do not use our site. By using our site, you consent to the collection and use of information by us. Owing to the global nature of the internet infrastructure, the information you provide may be transferred in transit to countries outside the European Economic Area that do not have similar protections in place regarding your data and its use as set out in this policy. However, we have taken the steps outlined above to try to improve the security of your information. By submitting your information you consent to these transfers.