Claimflow Logo
Dutch English German

Privacy Policy

Claimflow is a digital platform for managing automotive damage claims. This privacy policy describes which personal data we process, why we do so, and how we comply with the GDPR and other applicable data-protection laws.

Information We Collect

Identification and contact details: name, role, organisation, email address, phone number, user IDs.

Claim and vehicle data: license plates, VIN numbers, photos, audio/video files, calculations, inspection reports and workflow updates provided by you or your organisation.

Transaction and usage data: log events, IP addresses, device and browser information, preferred language, timestamps of actions and notifications.

Communication data: messages sent via the platform, emails, call notes and support tickets.

Compliance data: user permissions, access logs, audit trails and information required to prevent fraud, abuse or legal disputes.

How We Use Information

Registering, assessing and settling damage claims, including communication between carriers, adjusters, insurers and principals.

Managing user accounts, roles and permissions, and providing customer support.

Analysing trends, reports and quality metrics (e.g. throughput times, loss ratios, fraud indicators) using aggregated, pseudonymised or anonymised data.

Meeting legal obligations such as audit requirements, statutory retention duties and requests from competent authorities.

Protecting the platform, monitoring abuse and testing new functionality.

Legal Bases

Performance of a contract when we process claim files on behalf of you or your organisation.

Legitimate interests in securing our services, improving functionality and sharing management information within the contractual ecosystem.

Compliance with legal obligations that require us to retain or disclose certain data to regulators or law-enforcement agencies.

Consent where required by law (e.g. optional marketing communications). Consent may be withdrawn at any time.

Sharing and Disclosure

Authorised stakeholders such as adjusters, transport companies, principals, insurers and repair shops that need access to a claim.

IT service providers for hosting, cloud storage, notifications, support and analytics that act as processors under confidentiality and security obligations.

Legal advisors and regulatory or investigative authorities when required to comply with the law or to investigate fraud.

We do not sell personal data; sharing only occurs when necessary for the purposes described.

Data Retention

Claim files are generally retained for 7 years after closure, aligned with industry-specific limitation periods and fiscal rules.

Security and log data are stored for up to 24 months unless needed for an investigation.

Longer retention may apply where statutory obligations require it (e.g. insurance, tax or compliance rules).

Data that is no longer needed will be securely deleted or irreversibly anonymised.

Security

We apply technical and organisational measures such as TLS encryption, encrypted storage of sensitive documents, logging, role-based access control and regular penetration testing.

Employees and processors receive access strictly on a need-to-know basis and are bound by confidentiality obligations.

Security incidents are handled through a dedicated response process and reported to authorities and individuals whenever legally required.

Your Rights

You may exercise your rights of access, rectification, erasure, restriction, portability or objection by contacting us via the details below.

Where processing is based on consent, you may withdraw that consent without affecting prior processing.

You have the right to lodge a complaint with your local supervisory authority if you believe we handle data improperly.

International Transfers

Primary data hosting takes place within the European Economic Area.

If we engage suppliers outside the EEA, we use EU Standard Contractual Clauses or ensure another legally recognised safeguard is in place.

Cookies and Similar Technologies

The platform uses functional cookies for session management, security and language preferences.

Analytics or performance cookies are only activated after consent has been provided. Consult the in-app cookie notice for details.

Contact

For questions, requests or complaints about this privacy policy, please contact Claimflow:

Oude Apeldoornseweg 41-45

7333 NR Apeldoorn

The Netherlands

Email: [email protected]

Telephone: +31 (0)79 750 5740