Privacy

Eurocross Assistance Netherlands B.V. has been leading the way in global assistance since 1982. Millions of people can count on medical and travel assistance, anywhere in the world. Eurocross also helps insurers and healthcare organisations in various ways to make ‘remote care’ possible. The Eurocross subsidiary ‘Eurocross Medisch Service Centre B.V.’ takes care of this. Both companies are jointly referred to below as ‘Eurocross’. This statement sets out how Eurocross discharges its responsibility with regard to the processing of your personal data.

Eurocross is responsible.
Eurocross is a subsidiary of Zilveren Kruis Health Services N.V. and is part of the Achmea group. Eurocross is responsible for the proper processing of your personal data. 

Your data in reliable hands.
If you request assistance from we will need certain information. It is important to us that you know what we do with your personal data and what rights you have. We want you to be confident that your data is in good hands with us.

What personal data do we process?

Clients
If you ask Eurocross for assistance, we may process the following personal data. Which data is processed will depend on the situation:

  • name, address and town/city
  • other similar data required for communication
  • email address
  • family composition
  • names of your partner and any children
  • date of birth of your partner and/or any children
  • date of death
  • gender
  • nationality
  • internal numbers used by Achmea to identify you (e.g. client number or policy number)
  • other insurance details
  • health data
  • mail code
  • data on the incident for which assistance is requested, for example, the reason for the request for assistance and/or the nature or extent of the damage and/or the location, date or time of the incident
  • client's or clients’ current location and duration of stay
  • registration number of the vehicle involved
  • name of the lease company involved, if the vehicle is a lease car.
  • other data required to enable assistance to be provided

Relations of clients
By relations we mean family members, but also assistance providers. We process the following data of those people:

  • name, address and town/city
  • other similar data required for communication
  • internal numbers used by Achmea to identify you, such as client number or policy number
  • other insurance details
  • data on the assistance provider, such as information from the Individual Healthcare Professionals Register (BIG) register
  • data on the incident for which assistance is requested, such as current location and duration of stay

What do we use your data for?
We use your data for the following purposes:

  • to provide the support and/or services to which you are entitled under your conditions of insurance and/or your agreement with Eurocross’s customer and/or your own agreement with Eurocross in an adequate and efficient way.
  • to assist Eurocross employees in the performance of their duties.
  • to train, coach and assess Eurocross employees.
  • for the registration and management of data resulting from the provision of assistance.
  • to be able to deal with the financial aspect of cases correctly.
  • to comply with the statutory obligations applicable to our activities.
  • to enable us to analyse, assess and, where necessary, improve our work processes, our services and our products.
  • to provide clients with insight into the scope and quality of the services offered
  • for archiving purposes. 
  • to share with the parties we engage for the services we provide.
  • to monitor how and when we have been in contact with you.
  • to deal with complaints and disputes.

Who will receive the data?
In some situations, Eurocross will share personal data with other parties. Recipients of that data may include:

  • Eurocross customers, such as insurance companies, lease companies or home care organisations.
  • assistance providers deployed directly or indirectly by Eurocross, for example, roadside assistance or healthcare providers.
  • subsidiaries of Eurocross and/or other members of the group to which Eurocross belongs.
  • business units of related companies of Achmea B.V., such as the Risk & Compliance department of Zilveren Kruis Zorgverzekeringen N.V., for example.

Is the recipient outside the EU?
Eurocross operates worldwide. This means that in some cases personal data will be transferred outside the EU. This can sometimes be to countries with an ‘adequacy decision’, meaning that your privacy interests are protected. However, personal data may also be transferred to countries without an adequacy decision. These are known as third countries. Since the location where a client or one of their travel companions falls ill or requires assistance is not known beforehand, it is impossible for Eurocross to conclude agreements in advance with all parties providing assistance in a third country.  In cases where no such agreement exists, personal data are transferred on the basis of Art. 49(1) of the GDPR.

What external sources do we use for personal data?
In some cases, we will process personal data that we have not received directly from you. We receive that data from our customers, from external sources (such as the Netherlands Vehicle Authority (RDW)) and from the assistance providers we engage.

Why are we permitted to use personal data?
The law provides ‘grounds’ permitting the use of personal data in certain situations. Which ‘ground’ is applicable will depend on the situation. At least one of those situations must always apply.

  • you have given consent to the use of the data (Art. 6(1)(b) or Art. 9(2)(a) of the GDPR).
  • use of the data is necessary for the performance of an agreement concluded with you or to enable such an agreement to be concluded with you (Art. 6(1)(b) of the GDPR).
  • use of the personal data is necessary for compliance with a legal obligation (Art. 6(1)(c) of the GDPR).
  • use of the data is necessary to protect vital interests, for example if you have had an accident abroad and are unable to talk to us yourself (Art. 6(1)(d) of the GDPR).
  • use of the data is necessary for the purposes of our legitimate interests (Art. 6(1)(f) of the GDPR).
  • use of the health or other data is necessary for the management of health or social care systems and services on the basis of Union or Member State law (Art. 9(2)(h) of the GDPR).

If you have given consent to the processing of your personal data, you may withdraw that consent at any time. However, this will not affect the processing that already taken place at that time.

Eurocross has a ‘legitimate interest’ in analysing its service provision and its reports to customers (Art. 14(2)(b) of the GDPR).

Does Eurocross use an automated decision-making system?
No. All decisions that may affect you are made by staff members. 

What interaction do we record?
We record what we have agreed with you. And we use our interactions to improve our communication. Examples of interactions we record include:

  • letters and emails we send and receive from you.
  • phone calls.
  • information we receive from you through web forms and web applications.
  • messages we send to you or receive from you through our web apps.
  • what you do and view on our websites and in our web apps.

How do we ensure your data is safe with us?
Our websites, apps, web apps and IT systems are well-protected. And we continually take extra measures to prevent the misuse of your data. Our employees have received clear instruction on how to handle your data. For instance, they are obliged to comply with Achmea’s Privacy Policy and General Code of Conduct, and every employee has signed a confidentiality agreement.

We are extra careful with sensitive data.
Sensitive data includes:

  • your Citizen Service Number (BSN) and bank details;
  • your medical details.

Medical data is stored separately. Only specially authorised employees have access to that data. A medical consultant is always responsible for the use of medical health data. This will be a BIG-registered doctor or nurse. Employees who have access to medical data have signed a confidentiality agreement. Medical consultants are always ultimately responsible.

How long do we store your data?
We store your data for as long as we need it. This means that most data is stored for seven years or as long as required by law.

Your rights.
Your rights are provided for by law. You have the right to:

  • request your data from us.
  • have your data changed if it is incorrect.
  • have your data deleted.
  • object to certain uses of your data.
  • terminate your consent.
  • transfer your data.
  • temporarily restrict the use of your data.

Let us know if you wish to exercise your rights.
Send us a letter and include a copy of your passport or ID card with it. Please block out your Citizen Service Number (BSN) and passport photograph. We will respond within one month of receipt of your letter. Send the letter to:

Eurocross Assistance B.V.

Compliance & Operational Risk Management Department

P.O. Box 175

2300 AD Leiden

If you have any questions, tips or complaints concerning privacy.
Please send an email to Eurocross: riskmanagement@eurocross.nl

or the Achmea Data Protection Officer: privacymanager@achmea.nl

You can also send a letter to

Eurocross Assistance B.V.

Compliance & Operational Risk Management Department

P.O. Box 175

2300 AD Leiden

If you have a complaint, you may also submit it to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). Complaints may be submitted using their website (www.autoriteitpersoonsgegevens.nl) or by letter:

Autoriteit Persoonsgegevens

P.O. Box 93374

2509 AJ THE HAGUE.

We may change this Privacy Policy at any time.
For example if anything changes in the laws or regulations, or if we develop new products or services. The most up-to-date version is always published on our website. This most up-to-date version is dated 27 May 2025.

Do you want to know more about what we can do for your company?

Please contact us

Directly to

Need help?

Eurocross