Privacy Policy
A privacy policy is often a big, intimidating block of text that is supposed to reassure you but you don't read.
We have written ours to be as clear and accessible as possible, so that you understand exactly how your personal data is used by Alan.
Enjoy your reading.
Table of contents
Why a privacy policy?
In the course of its activity as an health insurer and as a health and management services provider, Alan is required to process your personal data, including sensitive data. We attach the utmost importance to the security and confidentiality of the data of Alan's services’ users, whether on the alan.com website or on the mobile application made available to them.
The purpose of this privacy policy is to help you understand how we treat the personal data you provide us with, in accordance with the GDPR.
This privacy policy may be updated regularly, to enrich it, according to Alan's needs, circumstances or if required by law. We therefore invite you to check for updates on a regular basis, although we will always notify you of any significant changes affecting the way your data is processed.
Version dated November 4th, 2024
Key principles
Above all, we have set ourselves two key principles which are also included in our contracts:
Alan will never sell the data collected about its members in connection with the services offered. We make our living by building and managing insurance products and services around health, not by reselling our users' data. Users remain in control of their data.
As a health insurer, Alan will never use health data to apply differentiated rates based on a member's situation or history. We strongly believe in the strength of solidarity and risk sharing between insured members.
Furthermore, in accordance with the regulations and particularly the GDPR, we undertake to collect and process only the data that is strictly necessary for their purpose. Similarly, we undertake to ensure that the data collected is kept in a form that allows your identification for a period that does not exceed the time required for the purposes for which the data is collected and processed.
Who is responsible for collecting your personal data ?
Alan, including all of its affiliates (Alan Insurance, Alan Services, Alan Tech, Alan CA, Marmot BE and Marmot Iberia) is a health insurer and does not mainly act as a data processor for our clients but as a data controller in the sense of article 4 of the GDPR on all operations relating to its insurance and health services described in this policy :
Alan determines the means and purposes of data processing necessary for the implementation of the complementary health protection of employees. In practice, only employees' professional email addresses are transmitted by the company to Alan. Other information is directly communicated by the employee or his beneficiary;
The operations carried out on the data by Alan are necessary for its own activity as a health insurer and not for that of the companies that choose Alan as insurer for their employees. The criteria mentioned in the data processor’s guide issued in September 2017 by the CNIL exclude Alan's qualification as a subcontractor.
However, Alan can also process personal data on behalf of its client companies, within the scope of certain services provided on the Alan platform, in particular administrative management assistance services for human resources. Alan acts as a "data processor" of the company, and the processing of personal data is done under the responsibility of the company, which then acts as the data controller. The General Conditions governing the relationship between Alan and the client companies include a data processing agreement (DPA) reflecting this distribution. You can take a look at the privacy policies of the client companies directly for more details on how they process your personal data. If your insurance contract is with a third party insurer who gives you access to Alan's applications, Alan may also act as a management agent.
In this case, the insurance operations carried out on the data by Alan are carried out on behalf of and for the account of the insurer, which retains a right of supervision, Alan acting as a management service provider and subcontractor. The data processed is the same as described in this policy.
Alan still manages access to the application and non-insurance services under its own responsibility.
I have a question or request or I want to exercise my rights
If you have any questions regarding security and personal data, or to exercise your rights of access, correction, deletion, withdrawal of consent, limitation of processing, opposition to processing or portability, you may contact us and our Data Protection Officer (DPO) at [email protected]. Alan will ensure that you receive a response promptly.
For any complaint concerning your personal data, you can either contact our DPO or contact the Commission Nationale Informatique et Liberté (CNIL) directly at https://www.cnil.fr.
Personal data
Management of company contracts
Administrators
When registering for a company contract, we collect the following personal data for each administrator:
Name and surname
Professional email address
Messages to our customer service department
ID document
On what legal basis?
Pre-contractual measures and performance of the insurance contract as well as, in the absence of a signature, Alan's legitimate interest in following his prospects.
We also have a legal obligation to ask you for this information in order to comply with the regulations that apply to our insurance activities.
What do you do with it?
This data is used for the electronic signature of the contract, any communication with the company's representatives, and for access to the account used to manage the contract. In the case of delegated contracts, this data is also received from the contract insurer.
We use your ID to perform consistency check between the ID document and the signatory of the company contract.
How long do you keep this data?
5 years after the end of the contract for health insurance contracts
10 years after the end of the contract for prévoyance contracts
2 years after the last connection if the contract has not been signed
How can I consult or modify this data?
From the Alan dashboard.
Can I ask to have my data deleted?
Only if the contract has not been signed. Otherwise we are required to keep the data.
Employees
The company contract administrators are led to send us data concerning their employees, including those who have left the company for less than a year ( as part of the portability of health insurance rights):
Name, surname and social security number
Employees' professional email address
Personal e-mail address of former employees and employees without a professional email address
Dates of arrival and departure from the company
Reason for leaving if applicable (for maintaining or not maintaining rights)
Bank details when billing of dependants (partners or children) option is triggered
This is a legal obligation of the employer from which employees cannot escape, even when they do not wish to benefit from health coverage (exemption mechanism).
Certain data is automatically sent to us every month by URSSAF and its partners in the context of the déclaration sociale nominative (DSN), in particular:
Employee’s name and surname
Social security number
Data relating to the employment contract (company of affiliation, dates of arrival and departure from the company, etc.).
Contribution bases relating to the insurance (lump sum, payroll)
Insurance contribution
On what legal basis?
Alan processes this data on the basis of pre-contractual measures and the execution of the insurance contract between Alan and its members.
What do you do with it?
This data is used in order to invite (by email) employees to register on alan.com or on our mobile application and choose to be insured or exempted.
How long do you keep this data?
5 years after the end of the contract for health insurance contracts
10 years after the end of the contract for prévoyance contracts
2 years after the last connection if the contract has not been signed
How can I consult or modify this data?
Contract administrators can do this directly from their Alan dashboard. In some cases, an intervention of our customer service is necessary (for example for certain retroactive modifications).
Can I ask to have my data deleted?
No, Alan has to keep it for 5 years after the end of the cover.
Management of individual contracts
When registering for an individual contract, we collect the following personal data for the signatory:
Name, surname and social security number
Email address
Bank details
Messages to our customer service department
ID document
On what legal basis?
Pre-contractual measures and execution of the contract binding them to Alan, as well as, in the absence of a signature, Alan's legitimate interest in following his prospects.
We also have a legal obligation to ask you for this information in order to comply with the regulations that apply to our insurance activities.
What do you do with it?
This data is used for the electronic signature of the contract, any communication with the contract holder, and for access to the account allowing to manage the contract. The list of individual members is also shared with the subscribing association to which the individual members automatically adhere by virtue of their contract.
We use your ID to perform consistency check between the ID document and the signatory of the contract.
How long do you keep this data?
5 years after the end of the contract for health insurance contracts
10 years after the end of the contract for prévoyance contracts
2 years after the last connection if the contract has not been signed
How can I consult or modify this data?
From the Alan Dashboard.
Can I ask to have my data deleted?
Only if the contract has not been signed. Otherwise we are obliged to keep the data.
Health insurance and prévoyance
Personal data is transmitted to us directly by or on behalf of the insured members with their explicit consent (e.g. to automate the retrieval of receipts from a third party site), in particular :
Name and surname
Personal email address
Insurance policy number
Date of birth
Social security number
Carte vitale certificate
Postal address
Name, surname and social security number of the spouse and/or children where applicable
Bank details (for payments and reimbursements including when available for direct billing by credit card for beneficiaries)
Documents required for reimbursement of care acts
Messages to our customer service department
Professional situation, Pôle Emploi certificate and last pay slip if applicable
Beneficiary clause
Proof of exemption where applicable
Certain data are transmitted to us directly by the Social Security and its partners within the framework of télétransmission, in particular :
Date of care acts
Data required for reimbursement (date of care acts, code acte, amount paid, droits ouverts, etc.)
We also generate individual policy numbers.
On what legal basis?
This data is required for the execution of the contract concluded with Alan (or with your insurer that delegates your contract to Alan), either by your employer or by you as an insured member. They are therefore not subject to prior consent. We also have a legal obligation to ask you for this information in order to comply with the regulations that apply to our insurance activities and to our health and management service providers activities.
In addition, we use it for some of the secondary purposes listed below on the basis of our legitimate interest in managing our insurance activities.
What do you do with it?
We use this data mainly to process requests for reimbursement of expenses according to the guarantees of the contract (health and/or prévoyance) which covers the insured members and any declared beneficiaries. In particular, this involves receiving and processing the health documents and information provided to justify the care received, determine coverage, generate payments and manage the recovery of undue payments.
Your documents are analyzed within the European Union and, as part of a test, in Tunisia. These transfers are adequately covered by binding corporate rules (BCR) validated by the CNIL and its European counterparts. They are also used for :
the execution of legal, regulatory and administrative provisions
management of complaints and disputes
the prevention of money laundering and the financing of terrorism
the drawing of statistics and actuarial studies, the development and management of insurance products
management of financial aspects, performance and risk
management of Alan's websites and applications (including bug and error management) customer relationship management and service improvement
user research and surveys
How long do you keep this data?
5 years after the end of the contract for health insurance contracts
10 years after the end of the contract for prévoyance contracts
Can I ask to have my data deleted?
No, because we are obliged to keep this data. However, you have the possibility to ask us not to use them for purposes based on our legitimate interest, by sending an email to [email protected].
Beneficiary data
I have been added as a beneficiary
When the possibility is offered to him/her and an insured member declares a beneficiary (spouse or child) to his/her contract, he/she vouches that the beneficiary agrees to become a party to its insurance contract (or gives consent as a parent of a minor). Alan treats the personal data of the beneficiaries in the same way as those of any other user insured member in this capacity.
Account sharing
Our insured members and their beneficiaries share a single Alan account. By default, both the insured members and the beneficiaries (if they are of legal age and choose to access Alan's online insurance or management services themselves) will be able to view all account information related to the insurance services, without separation. Information about health services (such as private chat as part of Alan Clinic) is not shared. Members with an Alan account can also choose to restrict visibility of their care acts to other members covered under the same policy.
How can I have access to this privacy setting?
Through the "Privacy and security" section on your member profile.
Fraud fighting
We use personal information you provide us with in the context of our health insurance and prévoyance services (including your health data) in order to detect and fight insurance fraud. We may also use the following connexion data to identify fraudulent behavior:
IP address and service provider;
information about your equipment, for example: type of internet connection, type of device used, browser used and version, etc.
On what legal basis?
On the basis of our legitimate interest in preventing and fighting against fraud.
What do you do with it?
We use this data for the prevention of fraud, in particular to detect suspicious patterns or activities and to manage alerts and procedures following a case of fraud.
How long do you keep this data?
6 months from the issuance of the fraud alert.
5 years from the closure of the fraud case if the fraud alert is considered relevant.
Can I ask to have my data deleted?
Data you provide us in the context of your health insurance serves multiple purposes. If there is a specific reason you would like to oppose Alan processing your personal data for the purpose of fraud fighting, you can send an email to [email protected], we will consider your request and balance your rights with Alan’s legitimate interest.
Care and support
Messages and chat
In order to answer questions or resolve problems raised by our members, admins or prospects when they contact Alan we collect the following information:
Messages and attachments sent to our customer service;
Voice notes;
Any data related to your insurance contract required to answer your question or resolve your problem
Customer satisfaction surveys.
We may thus collect the following personal data:
identification data,
financial or payment data,
health data.
On what legal basis?
We use it on the basis of the performance of the contract entered into with Alan, either by your employer or by you as an insured member, or pre-contractual steps to enter it. We also have a legal obligation to store this information in order to comply with the regulations that apply to our insurance and health and management service providers activities. In addition, we use it on the basis of our legitimate interest in assessing and improving the quality of our customer and support services.
What do you do with it?
We use your data to analyze and answer your questions, provide guidance, manage complaints and disputes, and improve our services and products. In order to do so we:
automatically classify your message to assign the most relevant agent to meet your needs;
provide you immediate automatically generated answers when possible;
review your message and our responses to ensure the quality of our service;
use your message to keep track of your instructions.
In addition, your data will also be anonymized to enable research and statistical learning.
How long do you keep this data?
5 years after the end of the contract for health insurance contracts
10 years after the end of the contract for prévoyance contract
2 years after the last connection if the contract has not been signed
90 days for voice recordings.
Can I ask to have my data deleted?
We are obliged to keep the data relating to your insurance contract and demonstrating legal compliance. However, you can request the deletion of data collected for our legitimate interest by emailing [email protected].
Members call-back and hotline
When we provide a hotline in the context of our insurance contract, or in the exceptional case a member, administrator or healthcare professional can be called back, we collect the following data (that may be transmitted to us directly by your employer):
Telephone number
We may record the telephone conversation unless you object. However, if you give us instructions entailing changes on your contract or member profile, we are required to record the conversation for probationary purposes. As part of the recording of this exchange, we may collect personal data about you in order to answer your questions or solve a problem you are experiencing.
We may thus process the following personal data:
identification data,
financial or payment data,
health data.
On what legal basis?
Depending on the nature of the request, we may process personal data for purposes and legal bases relating to the execution of your request such as:
the execution of your insurance contract,
compliance with a legal obligation,
your consent to share health data, as described in the sections corresponding to the nature of your request within our privacy policy.
We record the call only when you do not object to it or when we are required to for probationary purposes. We process this data on the basis of your contract and on our legitimate interests in order to keep track of your instructions as well as for training and quality purposes.
What do you do with it?
This data is used for the following purposes:
to train the User Care Experts who perform the calls,
to control the quality of service provided by the User Care Experts,
to understand, assess and improve our process and user experience.
How long do you keep this data?
Records can be kept for up to six months. Analysis documents can be kept for up to one year.
Phone numbers provided for call-back are kept for 7 days.
Can I ask to have my data deleted?
We are obliged to keep the data relating to your insurance contract and demonstrating legal compliance. However, you can request the deletion of data collected for our legitimate interest by emailing [email protected].
Health services
To speak to a doctor by video
In the context of a consultation with a doctor or psychologist, we collect information such as:
your first and last name; and
date and duration of the consultation or session.
In addition, for doctor consultations we also collect your social security number and phone number as well as the information whether a prescription was issued (but not its content). Also, for sessions with our psychologists we also collect information regarding your time zone, the name of the consulted expert, your country location and your language preferences. We never collect your communication with the Practitioner. We have implemented safeguards, such as end-to-end encryption to fully secure your communication and ensure your privacy is respected.
Note that the Alan attributed e-mail address of the Practitioner is solely for communicating on administrative matters with you and/or your employer. This emailing address shall not contain any health related information. We collect the full name, photo, specialty details of the health expert as well as access to their Google calendar, in order to facilitate communication with the Member.
On what legal basis?
On the basis of the contract we have with you (you ask us to provide a service, which we pay for) as well as on the basis of our legitimate interest in measuring the use of these services or for as long as the health expert is employed with Alan.
What do you do with it?
This data is used to enable the processing of reimbursements related to doctor consultations as well as improving the service. It is also used to schedule and enable sessions with our psychologists, as well as improving the service.
How long do you keep this data?
2 years for doctor consultations. For as long as you benefit from Alan services and meet legal retention requirements for health professionals for mental health sessions.
Can I ask to have my data deleted?
Absolutely, on the part based on legitimate interest. You just have to send a request to [email protected].
Personnalisations and recommendations
In some situations, we may use personal information you knowingly provide to recommend features, products, and services that might be of interest to you, identify your preferences, and personalize your experience. In short, we may take information you provide to tailor the services further to your needs. To give some examples, answers you provide in the daily check-in impact the recommended exercises you will receive and answers you provide in the prevention assessment give place to personalisation of content, health check-up reminders, specific programs etc.”
On what legal basis?
We collect such data only on the basis of either contract performance, our legitimate interest and/or your explicit consent.
What do you do with it?
We keep your data for as long as you benefit from Alan services, to meet legal retention requirements for health professionals medical responsibility and/or until you withdraw your consent.
Bear in mind that if you do not want to receive personalized recommendations you simply have to skip answering such questionnaires.
To speak to the Alan health team by private message within the Alan Clinic
When you exchange messages with Alan health team members for a question relating to your health (excluding video consultation), we use the following data:
first name, surname, date of birth, and gender (that we deduce from your insurance profile);
phone number for emergency situation;
messages and attachments exchanged with the health team member.
To deliver more personalized and contextualized care to members, health team members will also have access to:
your company's vertical, the number of employees, and your start date with the company;
the gender and age of your children beneficiaries;
your city of residence;
some usage data of our health services.
Health team members will not have your full name or access to your history as an insured member without your consent.
On what legal basis?
Your consent is collected before the access to the service from the Alan mobile app.
What do you do with it?
Secure message exchange between you and the health team members
Access to archived messages
Anonymization to enable research and statistical learning on non-identifying data
Alan respects medical secrecy: the content of your exchanges within the Alan Clinic is accessible only to members of the Alan medical team, they many not be consulted or used by anyone else at Alan. The Alan medical team is composed of the health professionals and employees of Alan strictly necessary for the proper running of the Clinic, in accordance with the recommendations of the French Medical Council (Conseil de l'Ordre des Médecins) and other applicable codes of ethics. Alan medical team’s access is specific, dedicated and segregated from the usual access of Alan's employees to our tools.
Medical conversations and documents are encrypted under the sole control of health professionals, who are the only ones with access to the content of encrypted information. This enables us to guarantee that medical confidentiality is respected where applicable, and that Alan will never re-use this information for its health insurance services. In addition, when you have had an inspiring health experience with the Alan Clinic, we may contact you to create a fully anonymized educational health story for the benefit of as many people as possible. These health stories will only be created with your prior and specific consent, and in a non-identifying manner.
How long do you keep this data?
During the duration of the limitation period for medical responsibility of health professionals.
Can I ask to have my data deleted?
You can request the erasure of messages from your interface, simply send a request to [email protected]. This will erase the messages for your messaging space. However, we will keep a secure archive of them on our side, in accordance with the recommendations of the French Medical Council (Conseil de l'Ordre des Médecins).
To speak with Mo medical assistant within the Alan Clinic
When you interact with our AI powered medical assistant Mo in the Alan Clinic, we process the following data:
messages within the conversation
medical team review of the conversation
On what legal basis?
Your consent is required before interacting with Mo. In any case, interacting with Mo is optional and on a voluntary basis.
What do you do with it?
The content of your messages is analyzed to provide initial answers and guidance, as well as to evaluate the context of your health questions using artificial intelligence. For this exclusive purpose, your data is transferred and stored within the European Union on HDS certified infrastructures of Azure and Google Cloud Platform. Alan Clinic general practitioners review every message sent by Mo within 15 minutes and conduct a in-depth review of terminated conversations. General practitioners can take over the conversation at any time, including in hiding the response proposed by Mo. The AI medical assistant Mo operates under the same conditions for maintaining medical secrecy as outlined for all message exchanged with the Alan medical team within the Alan Clinic. All interactions conducted through Mo are encrypted and accessible solely to the authorized medical team. This ensures that the confidentiality of your health information is preserved, preventing any unauthorized access or usage by other Alan employees. Conversations with Mo, like the rest of the Alan Clinic, adhere to the recommendations of the French Medical Council and other applicable ethical codes, ensuring that your medical information is never used for Alan's insurance services.
How long do you keep this data?
Conversation and general practician review of the conversations are retained for the duration of the healthcare professionals' liability prescription, which is ten years from the stabilization of the damage. Once this period expires, only anonymized data is archived. They are stored in an encrypted manner on servers certified for health data hosting and are accessible only by our medical team and the concerned member. Mo does not retain memory of previous conversations.
Can I ask to have my data deleted?
You can request the deletion of messages from your interface directly within the application or by sending a request to [email protected]. This will erase the messages from your space. However, we will keep a secure archive of them, in accordance with the recommendations of the French Medical Council.
Your health reminders
Alan allows you to benefit from preventive reminders concerning your health (such as an annual reminder to make a dental appointment). When you consent, Alan uses information about your health care to issue its prevention recommendations.
On what legal basis?
Alan provides you with prevention recommendations only upon your explicit consent. To withdraw it, simply go to your application or request it at [email protected].
What do you do with it?
This data is used to provide personalized preventive reminders concerning your health.
How long do you keep this data?
As long as our member benefit from this service, or until they withdraw their consent.
Can I ask to have my data deleted?
Yes, you just have to send a request to [email protected] or choose to delete your history when withdrawing your consent from your member profile.
For your personalised health and well-being plan
Alan allows you to evaluate your health and well-being with a survey composed by our team of health professionals. Based on your answers, we compose a health and wellbeing score, provide you with customised advice, and put you in contact with the most relevant health professionals to accompany you.
On what legal basis?
Alan provides you with a personalised health and wellbeing plan only upon your explicit consent. To withdraw it, request it at [email protected].
What do you do with it?
This data is used to provide a personalized experience for each user by calculating a wellness score, displaying personalized messages and proposing a contact with a health professional whose specialty depends on the result of the survey.
How long do you keep this data?
As long as the service is useful to our members or until they withdraw their consent. We update them regularly.
Can I ask to have my data deleted?
Yes, you just have to send a request to [email protected]
Alan Features
Finding a health professional
Alan processes the data of health professionals to provide its members with the ability to find a doctor's contact details, estimate their health expenses and the reimbursement to which they will be entitled, and book an appointment. Alan also allows its members to build up an address book of their doctors to make it easier to find them.
On what legal basis?
Alan processes doctors' contact data on the basis of its legitimate interests in facilitating access to the health care system and predictability of its members' expenses.
What do you do with it?
The identification and contact data, the rates charged per act, and the level of conventionnement of health professionals are obtained from the health directory provided by Ameli.fr. Contact details and online appointment booking are enriched directly through a classic search engine (Bing).
How long do you keep this data?
As long as the service is useful to our members. We update them regularly.
Can I ask to have my data deleted?
Yes, health professionals can request this at [email protected].
Health Pratician Review/ Recommanding a Health Pratician
To enable its members to recommend doctors, Alan processes the data of health professionals as well as the personal data of members. For members :
content of the review (the text is never published),
date of your treatment by a health professional.
For health professionals :
name and professional contact details.
On what legal basis?
Alan uses your assessments and recommendations only on a voluntary basis, with your consent, and without revealing your identity. To withdraw your consent, simply go to the mobile application or request it at [email protected]. For healthcare professionals, it is on the basis of our legitimate interest to allow our members to share their opinions and feedback in order to enrich the services provided.
What do you do with it?
Recommendation of Health Praticians to other Alan members
Your review will be anonymized, and we will not publish the free text you enter.
How long do you keep this data?
We keep this data for 2 years.
Can I ask to have my data deleted?
Yes, health professionals can request this at [email protected].
To purshase glasses on the Alan app
Alan offers a service which allow you to easily order glasses.
Alan processes the following data:
Last name, first name, address, phone number, email, date of birth, gender
Social security number
Vision correction data (correction, prescribing doctor, date of prescription) as well as the prescription itself.
Our provider FittingBox offers a virtual try on solution, so you can try your future glasses on you directly online. Your image is not retained by FittingBox and only temporarily used to position the virtual glasses. More information here.
On what legal basis?
We only collect your vision correction data with your consent. Then, the data is processed to enable you to obtain the contractual service you have requested, and in accordance with our legal obligations as an insurer in this respect.
In addition, we use it for some of the secondary purposes listed in this policy, based on our legitimate interest in running our insurance business.
What do you do with it?
This data is used for :
preparing the order: this allows us to prepare glasses in accordance with the information on your prescription document;
shipping: this allows us to deliver your glasses to your home and allows you to track the packag
insurance: this allows us to pay the treatment directly to the optician
How long do you keep this data?
For the same length of time as your other insurance data, i.e., 5 years after the end of your health insurance contract, except for the shipping details (address, phone numer and email, which are retained from 3 months since the last order.
Can I ask to have my data deleted?
Absolutely, simply send a request to [email protected]
Eye care
Alan offers its members optional in-app prevention features to empower them managing their eye care, notably an eyesight survey and a visual acuity test.
Eyesight survey
The in-app eyesight survey collects information from the member about their eyesight and conditions related to eyesight.
The survey collects members information concerning their eyecare medical history and condition. Such data is securily stored on HDS certified servers as for other health data.
On what legal basis?
Completion of the question is subject to your prior consent.
What do you do with it?
The purpose of this survey is to provide tailored proactive care notifications (PCN) around eye care (i.e. reminders to see the ophtalmologist) and to identify members for future eyesight services.
How long do you keep this data?
We keep the data collected until PCN are scheduled or consent is withdrawn.
Can I ask to have my data deleted?
Yes, simply send a request to [email protected].
Visual acuity test
Alan offer insured members an in-app visual acuity test. The visual acuity test is an optional feature offered to Members who want to check their eye sight and whether their visual correction is up to date. During the course of a visual acuity test, Alan collect the following data:
the content of your test,
the audio data of your spoken attempts,
the date of your test
On what legal basis?
The visual acuity test is purely optional and its completion is offered on a voluntary basis. Alan also process this data to pursue its legitimate interests for auditing purposes in order to assess the performance and quality of the test and to improve it.
It is in Alan's legitimate interest to process the aforementioned data. Alan uses the data in order to evaluate if the visual acuity test is performing within acceptable levels of accuracy and ultimately to ensure the test is providing a safe and effective outcomes for its members. Alan processes such data only when you consented in taking the test. Alan also uses the data to identity future quality improvements to the test.
What do you do with it?
Alan uses the visual acuity test data so you can check if your visual acuity evolved and whether your current visual corrections is up to date.
In addition, Alan uses the audio data to audit the performance of the voice recognition software as well as to assess and improve its design and implementation.
How long do you keep this data?
1 year.
Can I ask to have my data deleted?
Yes, simply send a request to [email protected].
Alan Shop
When you purchase a product on the Alan online shop, we process the following data:
Name and surname
Personal email address
Postal address
Phone number
Payment information
We send our suppliers your name and surname, postal addresse and phone number in order to process your order.
On what legal basis?
This data is required for the execution of the sale contract concluded with Alan.
What do you do with it?
We use this data to process your order, ship the purchase and process the payment.
How long do you keep this data?
We keep them according to durations provided for by the law. Invoices are kept for 10 years.
Can I ask to have my data deleted?
We are required to keep the data.
Workshops
Workshops are interactive training sessions on a specific mental health topic, involving one of our psychologists and administrators and/or managers. Alan collects information gathered during a pre-workshop briefing held between the psychologist and administrator. Alan later sends invites to administrators and/or managers. After the workshop, Alan sends feedback forms as well as related follow-up content to the participants.
On what legal basis?
Participants may consent to participating in the workshop or be obliged to participate in the context of mandatory workshops organized by their employer.
What do you do with it?
This allows us to tailor the workshops as much as possible to the company’s needs and to send feedback forms to the participants.
How long do you keep this data?
For as long as you benefit from Alan services.
Can I ask to have my data deleted?
Yes, you just have to send a request to [email protected]
Alan Walk
The Alan Walk feature uses step count data to display your step statistics, allow participation in weekly leaderboards with your friends and colleagues, and provide rewards based on your step count.
On what legal basis?
Your consent is requested to share with Alan your step count collected from the Apple Health (HealthKit) app on iOS or from the sensors on your Android device. Your consent is also requested to allow participation with your colleagues and friends in the weekly leaderboards.
What do you do with it?
This allows us to:
Display your daily, weekly, monthly, and total step count
Allow participation in weekly leaderboards with your colleagues, with your consent
Earn rewards based on your step count
We may also draw statistics from anonymized and aggregated usage data, and share these non-identifying usage statistics with our customers.
How long do you keep this data?
Your step data is retained for 6 months from the termination of the service usage (withdrawal of your consent or termination of your participation) to allow reactivated users to benefit from the experience. Aggregated and anonymized usage data may be retained longer for statistical study and research purposes.
Can I ask to have my data deleted?
Yes, you just have to send a request to [email protected]
Alan Pay
Alan offers a payment card to advance health expenses to our members. In order to provide this service, we require the following data:
IBAN and SEPA mandate
phone number
email address
date of birth
transactional data
On what legal basis?
This data is required for the execution of the Alan Pay's terms and conditions concluded with Alan. We also have a legal obligation to ask you for this information in order to comply with the regulations that apply to our payment card service.
What do you do with it?
We use:
banking information (IBAN) to debit the amount owed, authorized with the signature of a SEPA Mandate;
phone number for strong customer authentification (SCA);
email to transparently warn the user of the debit amount and time;
date of birth to activate the card.
We can also use your data for:
the execution of legal, regulatory and administrative provisions;
management of complaints and disputes;
the prevention of money laundering and the financing of terrorism.
How long do you keep this data?
We keep this data for 5 years from the termination of the Alan Pay services or from the end of your relationship with Alan.
Can I ask to have my data deleted?
No, because we are obliged to keep this data.
Statistics and performance
Measuring our members’ satisfaction
Because it is important for us to build a tailored service for our members, we measure their satisfaction over time through a rating system that our members can choose to enter in the application. This is the "Net Promoter Score" or "NPS".
On what legal basis?
It is in Alan's legitimate interest to improve its services based on member satisfaction.
What do you do with it?
We use the NPS to monitor our performance with our members, through the Metabase tool. In concrete terms, this allows us to identify factors of dissatisfaction that may allow us to improve our services or, conversely, things that need to be reinforced because they are highly appreciated.
How long do you keep this data?
We keep them for the time needed to carry out analyses and measure their evolution over several development cycles. We then anonymise or delete them.
Can I ask to have my data deleted?
Yes, simply send a request to [email protected].
Product monitoring and feedback
We monitor product usage and collect member, admins and prospect feedback to improve our services, features and user experience.
On what legal basis?
On the basis of Alan’s legitimate interest to assess and improve our products based on product usage analysis and feedback.
What do you do with it?
We track and analyze user interactions with our products to understand user usage and identify improvements. We collect and assess user and member feedback to manage opinions or recommendations for improvement of the products, services or contents shared on our app and website.
How long do you keep this data?
We keep them for two years. We then anonymize or delete them.
Can I ask to have my data deleted?
Yes, simply send a request to [email protected].
Audience measurement (analytics) and technical data
Certain data is collected automatically when you visit alan.com (including other websites published by Alan such as blog.alan.com and map.alan.com) and when you use our mobile app. The data collected includes :
IP address and service provider;
user ID;
information about your equipment, for example: type of internet connection, type of device used, browser used and version, etc;
time stamp information and length of visit;
pages visited;
clicks and other interactions on individual pages;
possible errors (on the browser, the mobile application or our servers).
On what legal basis?
Where applicable, the collection is subject to the explicit consent of the user (cookie banner). This consent is valid for 13 months from the date of registration. Otherwise, it is in our legitimate interest to analyse the use of our site in order to improve it.
What do you do with it?
This data is used for the following purposes:
to comply with legal, regulatory and administrative provisions (connection logs, etc.);
customer knowledge and customer relationship management;
operations relating to canvassing and the compilation of commercial statistics;
identification of customers or prospects to improve service by offering products or services to reduce the number of claims, or to offer a complementary contract or a service;
analysing the use made of the product and improving the product;
management of people's opinions on products, services or content.
How long do you keep this data?
2 years
3 years for data relating to prospects
13 months for cookies
Can I ask to have my data deleted?
Absolutely (with the exception of data collected in the framework of a legal obligation), simply make a request to [email protected].
Marketing and Ad targeting
To build our audience and client basis, Alan may reach out to prospects by emails and organize online advertising campaigns before sending them mails or emails. In this context, Alan handles email addresses available online (such as on Linkedin) but also from providers already used by Alan (Societeinfo.com, Kaspr) for audience-building purposes on social networks.
On what legal basis?
On the basis of Alan legitimate interests to fulfill our marketing and growth needs, in compliance with direct marketing regulatory requirements.
What do you do with it?
We are reaching prospects via online ads before sending mails or emails. To do so, we import prospects database into the audience of different platforms. The email addresses is the only data import on the ads platform. We import only prospect data and we do not bring in any customer data or leads who have unsubscribed from any previous campaign. To do so, we ensure and remove our customers data in our ads audience before any data import. In addition, users can opt-out and unsubscribe from seeing Alan’s ads directly on the ads platform.
When reaching out by email, Alan provides easy-way to opt-out notably through unsubscription links in each communication and honor prospects opt-out in the future.
How long do you keep this data?
We keep this data for 2 years, in line with CNIL’s recommendation.
A purge of the database to remove any inaccurate is carried out on a monthly basis.
Can I ask to have my data deleted?
Yes, you can opt-out from marketing communications at any time. You can exercise any of your rights simply in making a request to [email protected].
Statistics and scientific research
Data collected by Alan in the performance of our services, may be further used in a way compatible with the original purpose for which it was collected. Only aggregated and/or anonymized data may become subject to scientific research and/or for statistical studies, including for statistical learning. It could for instance be used in the selection and creation of relevant health stories to improve our services and Members' health, create aggregated usage reports or to streamline and improve the management of exchanges with Alan medical team.
Referral contact forms
We use a referral system via a contact form that allows us to contact prospects for our services.
On what legal basis?
On the basis of our legitimate interest.
What do you do with it?
Contact the referred prospect for an intro on our products.
How long do you keep the data?
We keep this data for 3 years from the last contact with the prospect, in line with CNIL’s recommendation. A purge of the database to remove any inaccurate data is carried out on a monthly basis.
Can I have my data deleted?
Yes, simply send a request to [email protected].
Cold Call recording
We may record some calls with clients and prospects for internal training, quality control and product improvement purposes.
As part of the recording of this exchange, we collect the following personal data:
name and surname;
job title and company;
voice recording
On what legal basis?
We record the call only when you do not object to it. We process this data on the basis of our legitimate interests for training and quality purposes.
What do you do with it?
This data is used for the following purposes:
to train the User Care Experts who perform the calls,
to control the quality of service provided by the User Care Experts,
to understand, assess and improve our process and user experience.
How long do you keep this data?
Records are kept for up to six months.
Can I ask to have my data deleted?
Yes, just send a request to [email protected].
How is my data protected?
Data security is an extremely important issue for Alan: we do our utmost to be worthy of the trust you place in us. Here are a few examples of the measures we have taken. If you have any questions on a specific point, we will be happy to answer them at [email protected].
Application security
We use Datadog App Security (previously Sqreen. com) to detect and block in real time attacks such as XSS, SQL injection, account theft, etc.
We also use Cloudflare.com to protect us from Distributed Denial of Service (DDoS) attacks.
Encryption of data in transit
All HTTP traffic to and from alan.com and api.alan.com is encrypted (HTTPS / TLS). You can evaluate our configuration here.
The first time a user logs on, we tell their browser (via the HSTS mechanism) that all subsequent connections must be encrypted (HTTPS), including when a link to alan.com starts with http:// instead of https://.
Additional encryption for medical data
When using the Alan Clinic services, your questions to our medical team, answers and attached documents are secured by an additional layer of application encryption entirely and exclusively under the control of our medical team. No one other than the Alan medical team is technically able to consult these exchanges.
Hosting and database
For data hosting and processing, Alan uses AWS, which is HDS-certified. Our entire infrastructure is located in the Frankfurt region, in Germany. You can find more information on data privacy with AWS security here, and our blog post on the subject here.
Encryption of data at rest
We use PostgreSQL databases. The data is encrypted using the AES-256 standard and the encryption keys are managed by AWS.
The backup archives are also encrypted.
Password policy and storage
We use the open-source zxcvbn library to let users know the strength of the password they choose. The minimum size is 9 characters, and the minimum score is 3.
We do not store these passwords: we only store a non-reversible hash calculated by the open-source bcrypt library, with the following parameters :
a cost of 12 (i.e. 4096 iterations) to limit brute force type attacks
one random salt per user to protect against rainbow tables
Organisational measures
All Alan employees receive mandatory training in security (including social engineering) and data privacy. They use complex and unique passwords and strong authentication (2FA) whenever possible. The use of a password manager such as 1Password is also mandatory.
Our computers are automatically updated and have their hard disk encrypted (in case of theft). Our screens lock automatically.
Access to our internal administration tools requires individual access from an authorised IP address and all data modifications (by an Alan employee or by a user himself) are audited.
We organise intrusion tests by independent companies.
All Alan services and applications are developed in-house. Our code is validated by automated tools (static analysis, security, etc.) and manually by a second pair of eyes.
What can I do on my side?
In order to protect your data on your computer or mobile phone, you can take a few simple measures:
apply regular system updates to benefit from security patches;
use antivirus software to detect the presence of malware or spyware, or to disable security features;
protect your passwords well (your Alan account password, your mailbox password...);
enable Privacy mode in the mobile application. You will then be prompted for biometric authentication (Face ID/TouchID) or a PIN every time you open the application.
enable two-step authentication in the mobile application. After entering your email and password at login, you will receive an email with a unique code to enter the application.
You can also consult the official recommendations on good IT security practices.
Who else besides Alan has access to my data?
The data collected may be communicated as required to Alan's partners, reinsurers, subcontractors, legal and financial advisors, and service providers. These data transfers are carried out solely within the framework of the operations mentioned above and to the extent necessary for the performance of the tasks we entrust to third parties. These third parties are fully informed by Alan of the confidentiality of the data communicated to them in this context, and these partners have an obligation to ensure the protection of this data. They are also bound by their own confidentiality and privacy policies, which can be consulted on their websites. When the nature of the operation carried out allows it, the data is subject to prior anonymisation before being communicated to third parties.
The main persons and tools that receive the data in the context of our processing operations include:
Insurance and prévoyance data
Tessi (delegated management company)
Filassistance (assistance contract)
CNP (prévoyance contract, reinsurance)
Swiss Re (reinsurance)
Hannover (reinsurance)
GenRé (reinsurance)
Alan and affiliated health professionals (your health conversations)
Amazon Web Services (hosting and storage)
Stripe.com (payment)
Revolut.com (refunds)
Intercom.com (online chat and customer service)
Google Vision (document recognition)
FittingBox (glasses virtual try-on)
Livi (consultation with a doctor by video)
Aircall (Cloud-based telephony)
Sendgrid.com (emails)
Rollbar.com (monitoring)
Typeform (forms)
Linear (ticket management)
3MA (third party payment cards)
Customer.Io (emails)
Hubspot (CRM)
Outreach (CRM)
Salesforce (CRM)
Snowflake (data warehouse solution)
Datadog (monitoring and analytics)
Lamie (prévoyance & health risk carrier)
Kerialis (health risk carrier)
Vonage (video consultation)
Microsoft Azure (Azure OpenAI GPT for document parsing)
INOcx (phone support platform)
Onfido (identity authentification)
Concentrix (care support)
Audience and usage measurement data
Segment.com (audience analysis)
Amplitude.com (audience analysis)
Google Ads (targeted advertising)
Google Maps (Alan Map)
Google Speech-To-Text (voice recognition)
Google Calendar (calendar)
Meta Pixel (audience analysis and targeted advertising)
X Ads (targeted advertising)
LinkedIn Insights (targeted advertising)
Customer.io (e-mails)
Bing (audience analysis and targeted advertising)
Datadog App Security (security)
Cloudflare.com (network, security and audience analysis)
Hubspot (CRM)
Piwik (audience analysis)
Lifen (GP shift management system)
Hotjar (user surveys & navigation analysis)
Modjo (cold call recording)
Furthermore, in order to meet legal and regulatory obligations, we may be required to communicate personal information to administrative or judicial authorities at their request. In this case, we ensure that only the data strictly required by the authorities is transmitted.
Transfers outside of the European Union
In order to fulfill all the purposes for which we collect your data, we may transfer some of your data to third parties, who host it in data centers located outside the European Union. In this case, we make sure that hosting is subject to European data protection standards (for example, by including standard contractual clauses in our contracts with such third parties). To ensure transparency, we have provided a summary of potential data transfers below:
Processor | Purpose | Data hosting location | Measures to cover non-EU transfers |
|---|---|---|---|
Stripe | Online payment | US | Standard contractual clauses (SCC) Data Privacy Framework |
Aircall | Cloud-based telephony | Call recordings and voicemails are only stored in AWS in the European Union Only Metadata is transferred to the US, Vietnam, Australia (intra-group), Inde (intra-group) | Standard contractual clauses (SCC) |
Tessi | Delegated claims | Tunisia | Binding Corporate Rules |
Hubspot | Customer relationship management | US | Standard contractual clauses (SCC) |
Outreach | Customer relationship management | US | Standard contractual clauses (SCC) |
Salesforce | Customer relationship management | US | Binding Corporate Rules Standard contractual clauses (SCC) |
Google (GSuite) | Internal workspace tool | Servers are located in the EU Only metadata is transferred to the US | Standard contractual clauses (SCC) |
Typeform | Online forms | US | Standard contractual clauses (SCC) |
Linear | Internal ticketing system | US | Standard contractual clauses (SCC) |
Microsoft Azure | Document parsing | UK | Adequacy decision |
Google Ads | Targeted advertising | US | Standard contractual clauses (SCC) Data privacy framework |
Meta pixel | Targeted advertising | US | Standard contractual clauses (SCC) Data privacy framework |
X ads | Targeted advertising | US | Standard contractual clauses (SCC) Data privacy framework |
Linkedin Insights | Targeted advertising | US | Standard contractual clauses (SCC) |
Bing ads (Microsoft) | Audience analysis and targeted advertising | US | Standard contractual clauses (SCC) Data privacy framework |
Cloudfare | Network, security and audience analysis | US | Standard contractual clauses (SCC) |
Concentrix | Delegated claims | Morocco | Binding Corporate Rules |
Sendgrid | E-mails | US | Binding Corporate Rules Standard contractual clauses (SCC) |
Amplitude | Audience analytics | US | Standard contractual clauses (SCC) |
Segment | Audience analytics | US | Standard contractual clauses (SCC) |
What about cookies ?
What's a cookie?
In addition to being a delicious biscuit, a cookie is a file on your device that contains data. You can delete or limit the storage of these files at any time in the settings of your internet browser (see below).
What's it for?
First of all to identify yourself once you are connected to the application.
Some cookies also allow us to reply to you in the online chat, in the window that opens at the bottom of your screen when you visit our website.
Audience measurement cookies enable us to know the use and performance of our website, to establish statistics, traffic volumes and use of the various elements of our website (content visited, paths) enabling us to improve the interest and ergonomics of our services. The data collected is analysed solely by Alan and its subcontractors, and used solely by Alan.
Cookies linked to targeted advertising operations enable us to measure the effectiveness of our advertising campaigns and to limit the number of times an advertisement for Alan is offered to you. None of these advertising cookies are used by Alan when members are authenticated.
Can I refuse?
Of course you can! During your first visit (or if you use your browser's private or incognito browsing), a banner (called a cookie banner) will be displayed asking you for permission to use cookies. Simply refuse and no cookies (other than those we need to operate the site and allow you to use our online chat) will be set. If you accept, your consent will be valid for 13 months from the date of registration.
Are you going to bother me with e-mails and other notifications?
Simply put, no.
You will receive emails from us, but in the vast majority of cases it will be in the context of the execution of our contract, for example to invite you to register, to ask you for additional information to enable a refund or to inform you of contractual modifications or changes related to your account. There is no escaping this, but it is for your own good.
A small minority of emails are not directly related to our contract with you or your employer, but are still for a legitimate interest (e.g. to offer to sponsor a relative with a financial reward, to send you a quote, or to announce new services similar to those you currently enjoy).
If you are an administrator, you may also receive commercial offers from us. In these cases, you always have the possibility of unsubscribing from this type of message by following the link in each of our emails (opt-out).
You can also choose to subscribe to our newsletter or to our waiting lists to be notified of the availability of our new services (opt-in).
As for push notifications, we will ask for your permission directly in the mobile application and you will be able to deactivate or reactivate them from your phone.