Verisk Online Privacy Notice

Last updated: April 1, 2026

Controller
Verisk Analytics AB
Box 164 03
111 57 Stockholm, Sweden
Email: dataskyddsombud.nordics@verisk.com

Verisk Analytics AB is the sole data controller for the personal data processed through this website. Verisk Analytics, Inc. as a parent company acts solely as a recipient within the Verisk group and does not determine the purposes or means of processing in this context. This Privacy Notice (the “Notice”) applies to personal data we collect on www.verisk.com/da-dk/, www.verisk.com/nb-no/, www.verisk.com/en-se/, www.verisk.com/en-dk/, www.verisk.com/en-no/ and www.verisk.com/sv-se/, during the account sign-up or account access process, and during the course of establishing an account with your organization. The Notice describes the types of personal data we obtain, how we use it, and with whom we share it. We also describe the rights you may have and how you can contact us about our privacy practices.

What is your personal data and when do we process it

Personal data is any information that can be directly, or indirectly through other data, linked to a living natural person. Information such as name and contact information, IP addresses, and any action taken that is linked to a person constitute personal data.

Information that you provide to us

Verisk Analytics AB processes personal data when you:

sign up for newsletters or other direct marketing communications,
sign up for or obtaining access to our products and services,
establish an account between Verisk and your organization,
fill out interest forms for our products or services,
attend events that we organise,
apply for work,
sign up for one of our education trainings or webinars,
download materials,
contact our support department or when you are otherwise in contact with Verisk Analytics AB and provide information about yourself.

Categories of personal data

Depending on the interaction, we process the following categories of personal data:

a) Information that you provide to us

- First and last name
- Organisation or company name
- Job title
- Email address and telephone number
- Country and region
- Application data (including CVs, qualifications and professional experience, where applicable)
- Any information you voluntarily provide when communicating with us

b) Information that we collect automatically

- IP address
- Unique device identifiers
- Browser type and system settings
- Language preferences, country and time zone
- Usage and interaction data

Further details are available in our Cookie Policy.

c) Information that we obtain from third parties

- Social media interaction data (e.g. LinkedIn)
- Data collected via embedded social media features and tracking pixels

Your interactions with social media functions are governed by the privacy policies of the respective providers.

Information that we collect from you

When you visit our website, we may also collect certain information by automated means using technologies such as cookies, non-cookie-based tokens, web server logs, tracking pixels, and web beacons. Cookies are files that websites send to your computer or other Internet-connected device to identify your browser uniquely or to store information or settings in your browser. Your browser may tell you when you receive certain types of cookies and how to restrict or disable them. Please note, however, that without cookies, you may not be able to use all of the features of our website. Non-cookie-based tokens are encoded URL-based identifiers that track e-mail clickthrough activity or time-sensitive password reset keys and will work in scenarios where cookies are disabled or a session has not been initiated.

We collect this information to offer the service and functionality that is expected. Please read Verisk Analytics AB’s Cookie Policy.

Information that we obtain from third parties

If you visit or communicate with us via our social media accounts (LinkedIn, Facebook or Instagram), Verisk Analytics AB may receive information regarding your profile and your interactions on the third-party platform from the provider of the same.

The website includes social media functions such as LinkedIn widgets. These widgets collect information about which pages you visit on the website and the IP address of the device you use to connect to the Internet. The widgets also set a cookie to ensure the features are functioning properly.

Social media functions and widgets are hosted either by a third party or directly on the website. Your interactions with the social media functions and widgets located on the website are governed by the privacy policies of the companies that provide them. If you use any of the social media functions or widgets on our website, we strongly suggest you review the privacy policies of the companies that provide those functions and features.

If you are a LinkedIn member and you visit our website from LinkedIn, our website may use tracking pixels —transparent graphic images placed on web pages —which, in combination with cookies, collect information contained within your LinkedIn profile as well as your access of and interaction with the web pages that contain the pixels. Verisk Analytics AB works with LinkedIn to provide Sponsored Updates and advertisements to your LinkedIn news feed. If you complete a form on our Site you may receive Sponsored InMails in your LinkedIn email account based on your visits to the Site and your perceived interests. To learn how to opt-out of Sponsored InMail, navigate to Privacy & Settings in your LinkedIn account, choose the “Communications” tab, and then click “Turn on/off Partner InMail” to disable Sponsored InMails.

What personal data do we process?

According to our data policy, we save and handle as little of your information as possible; we use only the information necessary to maintain communication with you. Personal information we may collect is as follows:

First name
Last name
Organization or company name
Job title
Email address
Phone number
Country and Region
About the application as a medical advisor: information regarding your profession such as medical specialist area, licensing year, possible course in insurance medicine, experience in insurance medicine, current employment, CV and company information
Other information that you volunteer when communicating with us
Technical data about the devices you use to access Verisk Analytics AB’s digital channels, such as IP address, unique device ID, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. Please read Verisk Analytics AB’s Cookie Policy.

Purpose and legal basis for the processing of your personal data

Verisk Analytics AB always processes your personal data in accordance with applicable law. Whenever we process your personal data for our legitimate interests, such interests consist in particular of ensuring the efficient technical operation of our systems, the administration of business and marketing activities and the provision of customer support. We have assessed that such processing is necessary and that our legitimate interests are not overridden by your interests or fundamental rights and freedoms. You may object to such processing at any time in accordance with Art. 21 GDPR. If you want more information about how we have conducted this assessment please contact us via the contact details below.

Purpose	Legal basis	Categories of personal data	Storage time
Newsletter subscription	Consent	E-mail address	Until you unsubscribe from the newsletter.
Registration of interest regarding our products or services	Legitimate interest responding to enquiries and business development	Name, e-mail address, telephone number, workplace, job title.	Stored for three (3) years since your last communication with us.
Sign up for or access to products or services	Contract / pre‑contractual measures	Name, e-mail address, telephone number, workplace, job title.	Stored for the duration of your contract with us and for three (3) years thereafter.
Process your enquiries and support requests, develop and evaluate products and services	Legitimate interest for customer support and service improvement	Use of the Decision Support System, information contained in email correspondence such as enquiries or support requests.	Support tickets are stored for three (3) years. Email correspondence is stored three (3) years.
Process your application as a medical advisor	Contract (pre‑contractual measures)	First name, last name, e-mail address, date of birth, telephone number, country, region, clinically active, language, medical specialist area, licensing year, course in insurance medicine, experience in insurance medicine, current employment, CV, company information, organization number, address.	Stored for the duration of your contract with us. If we are not currently able to enter into an agreement with you, we will retain your application for three (3) years in case we might request your services in the future.
Process your work application	Contract (pre‑contractual measures)	First name, last name, e-mail address, any information volunteered in your personal letter or CV such as job experience, education, qualifications or references.	Your personal data will be processed during the application process. When the application process has been closed, we will store your personal data for another two (2) years in order to exercise, establish or defend against legal claims, unless legislation in your country of employment provides for another retention period, in which case the shorter retention period shall apply.
Registration for webinars, education trainings or events	Consent	First name, last name, e-mail address, workplace.	Stored for three (3) years since your last communication with us.
Website operation and security	Legitimate interest for secure and stable website operation	IP addresses, unique device ID, browser type.	Stored for one (1) year.
Display personalized content on the website	Consent	Site preferences and cookie ID.	Typically six (6) months. Detailed information on individual cookies can be found in the cookie notice.
Understand how you interact with the website	Consent	Pages visited, interactions on site.	Typically six (6) months. Detailed information on individual cookies can be found in the cookie notice.
Determine the effectiveness of our advertising and marketing	Consent	Pages visited, interactions on site.	Typically six (6) months. Detailed information on individual cookies can be found in the cookie notice.
Video content delivery and webinar recording (via Kaltura, Inc.)	Consent	Name, email address, device ID, viewing behaviour and duration	Typically six (6) months after the event; recordings retained for as long as they are publicly available.
Online meetings, webinars and remote support (via GoTo Technologies USA, Inc. (GoTo / LogMeIn))	Legitimate interest / Consent	Name, email address, IP address, meeting participation and interaction data	Duration of the meeting; metadata stored for three (3) years
Customer relationship management and contact management (via Salesforce, Inc.)	Legitimate interest for managing business relationships	Name, email address, telephone number, job title, organisation name, interaction history	Duration of the business relationship and three (3) years thereafter
Marketing automation and email campaign management (via Oracle Eloqua- Oracle Corporation)	Consent for the sending of marketing communications / Legitimate interests for the technical operation and administration of marketing campaigns Please note: Where processing is based on our legitimate interests, such interests consist of the efficient technical operation and administration of marketing campaigns. The provision of our products and services is not conditional upon your consent to receive marketing communications.	Name, email address, interaction data, click behaviour	Three (3) years since your last communication with us
Customer support ticketing (via Freshworks, Inc. (Freshdesk))	Legitimate interest for handling and responding to customer support enquiries	Name, email address, content of support enquiries	Duration of the support relationship and three (3) years thereafter

Information we share

We do not sell personal data that you provide to us or that we collect on our website. We may share personal data with:

Other companies in the Verisk group
eService providers that perform services on our behalf

We may share personal data with our affiliates for a number of reasons, including because: You have requested information about our affiliates’ products and services. Details of the other companies in the Verisk group, including the countries in which they are located, can be found on the www.verisk.com website.

We may share personal data with service providers that perform services on our behalf such as analytics providers, hosting providers and advisers. All service providers have entered into legally binding agreements requiring them to use or disclose personal data only as necessary to perform services on our behalf or comply with applicable legal requirements.

In addition, we may disclose personal data about you to public authorities, parties to a civil or criminal proceeding, or potential buyers: (a) if we are required or permitted to do so by law or legal process, for example due to a court order or a request from a law enforcement agency; (b) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss; (c) in connection with an investigation of suspected or actual fraudulent or other illegal activity; and (d) in the event we divest, merge or transfer all or a portion of our business or assets (including in the event of a reorganizsation, dissolution, or liquidation).

In operating our website and delivering our services, we use the following third-party tools and service providers that may process personal data on our behalf. All third-party service providers have entered into data processing agreements with Verisk Analytics AB in accordance with Art. 28 GDPR and are required to process personal data only for the purposes specified and in accordance with applicable data protection law. Read more about the tools and how they use cookies.

Google LLC (Google Analytics): website analytics; cookies, IP addresses and interaction data. To learn how to opt-out of Google Analytics, visit: https://tools.google.com/dlpage/gaoptout
HubSpot, Inc.: marketing automation, contact management and newsletter distribution
Oracle Eloqua (Oracle Corporation): marketing automation and email campaign management. Personal data processed: name, email address, click and interaction data
Kaltura, Inc.: video platform for webinars and educational training content. Personal data processed: name, email address, viewing behaviour, device identifiers
GoTo Technologies USA, Inc. (GoTo / LogMeIn): online meetings, webinars and remote support. Personal data processed: name, email address, IP address, participation and interaction data
Freshworks, Inc. (Freshdesk): customer support ticketing system. Personal data processed: name, email address, content of support enquiries
Salesforce, Inc.: customer relationship management (CRM), contact and account management. Personal data processed: name, email address, telephone number, workplace, job title, interaction history

Cross-border transfers of your personal data

Your personal data may be disclosed to Verisk’s affiliates or third parties either within or outside of the country from which it was collected. Some of your personal data may be transferred to a country (including the U.S.) that does not afford statutory protections for personal data equivalent to those within the country in which it was collected.

We also transfer your personal data to IT suppliers. These recipients of personal data are based both within and outside the EU/EEA and may transfer your personal data onwards to countries outside the EU/EEA. Upon your request, you may receive a complete list of all recipients.

In all such cases Verisk Analytics AB will take steps designed to comply with applicable data protection law, such as:

The country to which the personal data will be transferred has been granted a European Commission adequacy decision
We have put in place appropriate safeguards in respect of the transfer, for example the EU Model Contracts

You may request more information and a copy of the safeguards that Verisk Analytics AB has put in place in respect of transfers of personal data by contacting us.

Recipient of personal data	Country of destination	Transfer mechanism	Additional safeguards
Verisk entities	US	EU Standard Contractual Clauses	As deemed necessary regarding the transfer in question.
Hubspot, Inc.	US	EU Standard Contractual Clauses	See HubSpot’s data processing agreement.
Google LLC (Analytics)	US	EU Standard Contractual Clauses	Anonymisation.
Freshdesk Inc. (Email enquiries)	EU/EEA, potential access from US	EU Standard Contractual Clauses	See additional safeguards here.
Oracle Eloqua (Oracle Corporation)	US	EU Standard Contractual Clauses	See Oracle’s data processing agreement
Kaltura, Inc.	US	EU Standard Contractual Clauses	See Kaltura’s data processing agreement and privacy notice
GoTo Technologies USA, Inc. (GoTo / LogMeIn)	US	EU Standard Contractual Clauses	See GoTo’s data processing agreement
Salesforce, Inc.	US	EU Standard Contractual Clauses	See Salesforce’s data processing agreement

External links

This privacy notice applies to information that Verisk Analytics AB processes about you within the framework of our digital channels. Verisk Analytics AB’s digital channels may sometimes contain links to external websites or services that we do not control. If you follow a link to an external website, we encourage you to take note of privacy notice and information about cookies that apply to that page.

Your rights

Under the GDPR you have the following rights related to our processing of your personal data:

You have the right to object at any time to the processing of your personal data where that processing is based on our legitimate interests (Art. 6(1)(f) GDPR). This applies in particular to processing for direct marketing purposes, including any profiling carried out for such purposes. Where you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes. You may exercise this right at any time by contacting us using the contact details set out below.
You have the right to request information about the processing and a copy of your personal data.
You have the right to get incorrect or outdated personal data corrected, updated or completed.
You have the right to obtain a restriction of processing of your personal data provided that we do not have a legal right to continue the processing.
You have the right to have your personal data deleted if it is no longer necessary for the purposes for which it was collected, if you have withdrawn the consent on which the processing was based, if you object to the processing and there are no overriding legitimate grounds for the processing, if the personal data has been processed unlawfully, or if the personal data must be deleted in order to fulfil a legal obligation.
You have the right to obtain the personal data that you have provided to us in a structured, commonly used and machine-readable format and to transfer this data to another controller if the processing is based on your consent or an agreement between us (“data portability”).
You have the right to withdraw your consent at any time by contacting us (contact details below).

Automated decision-making and profiling

Verisk Analytics AB does not make decisions based solely on automated processing, including profiling, that produce legal effects or similarly significantly affect you within the meaning of Art. 22 GDPR. We do, however, use automated tools — including tracking pixels, cookies, and marketing automation software — to analyse your interactions with our website and communications in order to personalise content and assess the effectiveness of our marketing campaigns. This processing constitutes profiling within the meaning of Art. 4(4) GDPR. The legal basis for this processing is your consent (Art. 6(1)(a) GDPR), which you may withdraw at any time via our cookie settings or by contacting us at the address below.

If you have questions regarding how we process personal data about you, you are most welcome to contact us. If you have any objections or complaints about the way we process your personal data, you have the right to file a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten or “IMY”) or your national data protection authority.

Contact information

If you have any questions regarding how Verisk Analytics AB processes your personal data, you are welcome to contact Verisk Analytics AB’s data protection representative by email or by post:

Verisk Analytics AB
Dataskyddsombud
Box 164 03
111 57 Stockholm
dataskyddsombud.nordics@verisk.com

Changes to this Notice

Verisk Analytics AB may update this Notice periodically and without prior notice to you to reflect changes in our personal data practices or relevant laws. We will post the updated version and indicate at the top of the notice when it was most recently updated.

We may also use the information above to protect against and prevent fraud, claims, and other liabilities and to comply with or enforce applicable legal requirements, industry standards, and our policies and terms. We use personal data for these purposes when it is necessary to protect, exercise, or defend our legal rights, or when we are required to do so by applicable law.

In addition to the uses described above, we may use personal data that you provide to us or that we collect for other purposes. Where that is the case, we will provide an additional privacy notice to you that describes the purposes for which we will use the personal data and our legal basis for doing so.