Privacy Policy

We think it is important for all our clients to be made aware of what information One Health Insurance Agency A/S holds about them, and to have the reassurance of knowing that we will process their personal information fairly and securely. This privacy policy explains how we use any personal information we collect about you when using, or enquiring about, our products and/or services.

Who are we?

We/us/our refers to the insurer MGEN Portugal, VYV International Benefits and One Health Insurance Agency, who is the administrator of this insurance agreement on behalf of the insurer.

One Health Insurance Agency

One Health Insurance Agency is the administrator and the client’s one point of contact. One Health Insurance Agency A/S (CRN 44788365) is the insurance intermediary and is regulated by the Danish Financial Authority (FTID 36975).

One Health Insurance Agency is appointed as underwriter, policy administrator and claims handler by VYV International Benefits who represents the insurance company MGEN Portugal.

One Health Insurance Agency is responsible for the regulated activities, including the issuing of insurance agreement documents and the collection of the premiums of this insurance agreement.

One Health International

One Health International delivers services to One Health Insurance Agency.

One Health International ApS (CVR 43471635) delivers medical concierge service and claims service to medical insurance customers.

MGEN Portugal

MGEN Portugal Companhia de Seguros S.A.is the insurer of your insurance agreement.

MGEN Portugal (CRN 517503131), Rua Duque de Palmela, 11 A 1250-097, Lisbon, Portugal, is regulated by the Portuguese Insurance and Pension Funds Supervisory Authority.

VYV International Benefits

MGEN Portugal is represented by VYV International Benefits, a simplified joint stock company (SAS) registered with the Paris Trade and Companies Register under number Siren 813 361 441, registered as an insurance intermediary with the ORIAS under number 16002500, whose head office is at 3/5/7, square Max-Hymans - 75748 Paris Cedex 15, France.

One Health Insurance Agency A/S, VYV International Benefits and MGEN Portugal are the joint controllers of your personal data.

Equally, One Health Insurance Agency, One Health International ApS, VYV International Benefits and MGEN Portugal are joint processors of your personal data.

What information do we collect?

  • Name, agreement and client number or patient ID, age and date of birth.
  • Contact information i.e. username, address, email address and phone number.
  • Residency: The country you live in and national identifiers such as national insurance or passport number.
  • Communications: Details of any contact we have had with you, including phone calls and written complaints.
  • Financial details; payments and bank account details.
  • Employment details: Your role and the company you work for, if your employer pays for your insurance scheme or treatment.
  • Criminal convictions and offences: Your criminal offences and convictions are collected when carrying out anti-fraud or anti-money-laundering checks, or other background screening checks to prevent crime.
  • Behavioural and usage information: How you use and access our digital services.
  • Technical information: The devices and technology you use and website browser settings.
  • Special category information: Information about your physical or mental health, including genetic or biometric information. We may get this information from: application forms, notes and reports about your health and any treatment and care you have received or need, notes from calls and other communications you have had with us, referrals from your existing insurance provider, quotes, records of medical services and treatment you have received. Your image in photo or video form, and facial scan data extracted from your photo or video (known as ‘biometric data’), to verify your identity during onboarding as part of our Know-Your-Customer (KYC) checks, to authenticate you as an authorised user of our services, or to detect and prevent fraud and money laundering.

What if you do not provide personal data?

Failing to provide the personal information we require in order to provide you a quote, underwrite and administer your insurance agreement, or to process your claims, could result in your claims being rejected or not being fully paid, your insurance agreement being cancelled, or in us being unable to provide you with a quote or offer cover.

Who do we collect information from?

In addition to the information, you provide to us, we may receive information about you from third parties, such as:

  • Your broker or representative (if you have appointed one)
  • The contract holder of your insurance agreement
  • Your employer
  • Your partner, spouse
  • Your parent or legal guardian
  • The medical facility or those involved in your treatment
  • Third parties who provide services to us, including our:
    • Payment service provider
    • Emergency assistance providers
    • Other insurance companies in relation to fraud prevention services
    • Social media channels where you have provided consent to relevant channel to share information.

How we use your personal information

We will only collect information that is necessary to provide you with the services we offer and where we have a legal basis for which to process your information.

Where we have a contractual basis in providing you with our products or services, such as:

  • Providing you with a quote.
  • Underwriting and administering your insurance agreement.
  • Communicating with you about your quote and/or insurance product.
  • Processing claims.

In the event of a claim, we may have to give some information to those involved in your treatment or care, or to your representative (if you have chosen one). This will be done confidentially. Unless specifically instructed, correspondence about all claims (including those made by dependants) will only be addressed to the contract holder. An insured child over the age of 16 has the right to confidentiality in relation to their claims and information.

If you have another insurance product that covers the same costs that you are claiming from us, then we may also disclose your relevant personal information to that other insurer so we can ensure that we only pay our proportion of the costs.

Where we have a legitimate interest in processing your information, such as:

  • Research or statistical analysis to help us improve our services.
  • Informing you of additional products or services available under your insurance product that you may be eligible for.
  • Recording of telephone calls for the purposes of monitoring the quality of our service and for training purposes.
  • Our business processes, such as auditing, business planning, and accounting.
  • Sharing your information with other insurers with the view to identifying and preventing fraud, and to seek contribution towards the cost of a claim.

Where we have legal and regulatory obligations and where you have provided your consent for us to process your information, such as:

  • Marketing to you
  • Keeping you informed about our products and services
  • Sharing insights and information about expat lifestyles
  • When you first visit our website, we ask for your consent for the use of cookies that enable us to track user journeys and allow us to keep on improving the user website experience. For further information on our Cookie policy, please click here www.onehealthinsurance.com/cookies

Profiling and automated decision making

We use profiling and data modelling to offer the customer the appropriate insurance solution, to determine pricing, to detect fraud and risks of fraud/money laundering, to assess the likelihood of default and for marketing purposes.

Usually, we do not make automated decisions regarding the insurance cover. In situations where we use automated decision making including the use of AI, the client will be informed. This could be automated decision-making during claims assessment.

Who we may share information with

We may disclose your personal information to our business partners for the purposes listed above, these third parties include:

  • Our providers of payment services for processing payments.
  • Organisations (such as regulatory authorities) where we have a duty to disclose or share your personal information to comply with legal obligations.
  • Other business partners to enable us to provide services to each other that assist with the administration of insurance policies and claims.
  • The provider of our insurance administration systems and providers of technical support services for those systems.
  • Providers of research and analysis services to help us improve our products and services.
  • Providers of marketing services where we have your consent to market to you.
  • The insurers or reinsurers of your insurance agreement on whose behalf we underwrite our insurance products and handle claims and any of their group companies that can assist us with the administration of your insurance agreement and/or claims.
  • Our emergency assistance service providers so that they can provide an out of hours service for our customers.
  • Your insurance broker or representative (if you have appointed one) in providing quote and policy documentation to share with you.
  • Other parties (such as other insurance companies, claims assessors and investigators) with a view to assisting us to verify coverage, preventing fraudulent or improper claims, and to seek contribution from other insurers towards the cost of a claim.
  • Your employer in relation to a quote or cover provided under a corporate scheme.
  • Your partner, spouse, parent or legal guardian in providing our products or services described above.
  • The medical facility or those involved in your treatment.
  • Cost agents and other third parties who may assist us by managing relations with your medical service providers and by providing payment guarantees for your treatment.
  • The main contract holder of your insurance agreement.

How we keep, store, and dispose of your personal information

We operate an information security management system and have a framework of policies and procedures in place to ensure personal information is processed securely.

We store your information safely in our Microsoft Azure Cloud solution hosted in Europe.

Information may be held for a period after your insurance agreement ends. This will generally be for a period of 6 years from when an insurance agreement lapses and any outstanding claims have been settled, in order to comply with legal obligations and to defend a claim that can be brought against us during this time.

In certain circumstances it may not be possible to determine the period for which personal information will be held, this can include where we hold personal information for the purpose of detecting and preventing fraud, or as we are required to in accordance with legal and regulatory requirements for retaining records.

We will store your personal data to check your identity (as part of our KYC process). This may include facial scan data extracted from any photo or video you submit (known as ‘biometric data’).

When we dispose of your information, we will do so securely. We may continue to keep non-personally identifiable information for the purposes of research and statistical analysis to improve the services we offer.

Where we transfer your personal information

The information we collect from you may be transferred to and stored at a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside of the EEA who work for us or for one of our suppliers.

We will take all steps necessary to ensure that personal information is treated securely and in accordance with this data protection notice. This can include having agreements with suppliers that include approved contractual clauses, requiring suppliers sign up to an approved code of conduct or are certified by an approved certification mechanism.

How we use cookies to improve your website experience

We use cookies and similar technologies on this website. Please see our Cookie-policy on this website for more details. www.onehealthinsurance.com/cookies

Your rights over how your data is processed

You have the following rights with regards to how your personal information is processed. Please note some of these rights do not apply in all circumstances.

  • The right to be informed about how we collect and use your personal information.
  • The right to request access to the information we hold about you.
  • The right to rectification if you believe any information we hold about you is inaccurate or incomplete.
  • The right to erasure, also referred to as the right to be forgotten which applies in certain circumstances, whereby you can request us to delete any information we hold you that we have no valid reason to continue holding or processing the information.
  • The right to restrict processing applies in certain circumstances and allows you to request us to suspend processing your information in certain circumstances.
  • The right to data portability enables you to request a copy of electronic personal information you have provided us, or for it to be transferred to another data controller (e.g., provider) in certain formats where practicable.
  • The right to object to us processing your personal information in certain circumstances. You also have the right to object where we are processing your personal information for marketing purposes.

To exercise any of these rights, please contact:

Data Protection Officer 8, Palaegade, DK-1261 Copenhagen K, Denmark Phone: +45 32 26 88 11 Email: dpo@onehealthint.com

If you believe we are not processing your personal data in accordance with the law, please contact our Data Protection Officer in the first instance who will investigate and attempt to resolve your complaint, alternatively you can complain to The Danish Data Protection Agency.

The Danish Data Protection Agency Carl Jacobsens Vej 35 DK-2500 Valby Denmark Phone:+45 33 19 32 00 Email: dt@datatilsynet.dk Web: datatilsynet.dk/english

Marketing

You have the right to ask us not to process your information for marketing purposes. We will always inform you (before collecting your information) if we intend to use your information for such purposes and seek your consent to do so. You can withdraw your consent for us to use your information in this way at any time.

Changes to our privacy policy

We continuously review and update this privacy policy. This privacy policy was latest updated 27.02.2025