Carglass GmbH proved that its IT-based service “Interfaces To Insurance Companies” complies with EU data protection law. Customers of Carglass (i.e., vehicle owners) can be sure that processing of their personal data by Carglass when communicating with vehicle insurance companies on the occasion of an insurance event relating to the breakage of glass is in line with the high requirements of EU data protection law.
Product/Version
Interfaces To Insurance Companies
Function as provided in November 2014
Qualification: IT-based service
View the Carglass Interfaces to Insurance Companies Certificate
Cert. No.
EP-S-8V636C
Validity
13/01/2015 – 31/01/2017
Monitoring
09/2015 (O.K.)
05/2016 (O.K.)
Public report
Interfaces To Insurance Companies Short Public Report 
Manufacturer/Provider
Carglass GmbH
Godorfer Hauptstr. 175
50997 Köln
Germany
BEST
Employees of insurance companies who use the web portal www.carglass4partners.de are informed about relevant data protection requirements concerning the transfer of personal data on vehicle owners to Carglass by means of a detailed and comprehensible data protection leaflet. The leaflet is available at www.carglass4partners.de/datenschutz/merkblatt.html.
ATTENTION:
n.a.
Summary
The focus of the services that are provided by Carglass GmbH is on the repair or replacement of car windows. Providing the services, Carglass aims at assisting its customers in the overall process which involves communication with vehicle insurance companies. The main purpose of this communication is to clarify whether in a given case the relevant vehicle insurance company will accept the cost of repair.
Details
The target of evaluation comprises the interfaces between Carglass GmbH and vehicle insurance companies. The data exchance that is made over these interfaces serves the following purposes:
- Clarification whether the relevant insurance company will accept the cost of repair (if not, customers will have to pay for Carglass’ services themselves),
- Transmission of notice of damage of glass (to be signed by the customer – vehicle owner) from Carglass to the relevant insurance company,
- Billing between Carglass and insurance company after the repair of a glass damage,
- Transmission of personal data about prospective customers from insurance companies to Carglass (employees of insurance companies may receive a commission when advising vehicle owners to rely on Carglass).
The ToE includes:
- Technical interfaces between Carglass and insurance companies for the purpose of sending requests for acceptance of cost of repair and receiving answers to these requests;
- The web portal www.carglass4partners.de, if it is used by employees of insurance companies to communicate personal data about prospective customers to Carglass;
- Procedures that are used by Carglass to obtain the consent of the (prospective) customers for exchange of personal data with insurance companies (if applicable).
Technical Evaluator
Hans-Joachim Bickenbach
2B Advice GmbH – the privacy benchmark
Joseph-Schumpeter-Alle 25
53227 Bonn
Germany
Legal Evaluator
Marco Schröder
2B Advice GmbH – the privacy benchmarkJoseph-Schumpeter-Alle 25
53227 Bonn
Germany
Formerly Certified Versions
n.a.