Privacy statement 

In order to be able to offer you a good level of service, we work with personal data. The purpose of this privacy statement is to provide you with more explanations about how we process the personal data we have. 

This privacy statement applies to the processing of personal data by the National Union of Neutral health insurance companies. 

It is important to us to process your personal data meticulously, and we therefore do so in accordance with European privacy legislation (the General Data Protection Regulation, GDPR or GDPR for short) and the Member States’ data protection legislation.  


Personal data 

Any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”) (i.e., not an association). An “identifiable natural person” is deemed to be a natural person who can be identified, directly or indirectly, by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to their physical, physiological, genetic, psychological, economic, cultural or social identity. 


Any operation or set of operations carried out or not using automated processes and applied to data or sets of personal data, such as collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, distribution or any other form of making available, alignment or interconnection, limitation, erasure or destruction. 

Processing manager 

The natural or legal person, public authority, department or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. 


The natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. 

Processing manager 

Within the framework of the law of August 6th 1990 relating to health insurance companies and National Unions of health insurance companies, in application of its article 3, national unions of health insurance companies must establish at least one department which aims to: 

  • a) participate in the execution of compulsory health care and compensation insurance, regulated by the coordinated law of July 14th 1994, 
  • b) financially intervene for their policyholders and their dependents, in the costs resulting from the prevention and treatment of illness and disability or the granting of compensation in the event of incapacity for work or when a situation occurs by virtue of which physical, psychological or social well-being can be encouraged, 
  • c) provide help, information, guidance and assistance with a view to promoting physical, psychological and social well-being, among other things by carrying out the missions listed above. 

The departments referred to in points b) or c) must meet the criteria set out in Article 67, paragraph 1, of the law of April 26th2010 laying down various provisions regarding the organisation of supplementary health insurance. 

The National Union of health insurance companies, (hereinafter referred to as the UNMN), located at Chaussée de Charleroi 145, 1060 Brussels, company number 0411.709.768 acts as data controller for compulsory personal insurance data. 

In accordance with the European Regulation of April 27th 2016 on Data Protection (“GDPR”), the UNMN has appointed a Data Protection Officer. He/she can be reached by email at the following address:, or by writing to the following address: Chaussée de Charleroi 145, 1060 Brussels. 

Why is your data processed ? 

As part of compulsory insurance, the UNMN processes all personal data necessary to implement the following main missions and purposes, whether you are a member of neutral health insurance companies or a healthcare provider: 

For the insurability of members: management of refund rights (Supplemented Refunds and Maximum invoice) in healthcare, as a policyholder or dependent; 

For healthcare interventions in Belgium or abroad, as a member or healthcare provider: management of all healthcare, prevention and supply services, refundable or otherwise, granted in Belgium or abroad by approved providers and approved healthcare institutions, and communicated to the UNMN; 

For the medical advisor's agreements for certain healthcare and supplies, including functional rehabilitation files; 

For the management of compensation files: incapacity for work, assessment, socio-professional reintegration process, payment; 

For litigation management: disputes against decisions of the UNMN or INAMI, recovery of undue payments, recovery of healthcare and compensation caused by a responsible third-party; 

For information and support, whether proactive or not, for people, where appropriate via social services, to enable them to fully assert their rights and to promote their physical, psychological and social well-being; 

As part of supplementary insurance, the UNMN processes all the personal data necessary to enable you to benefit from services and benefits, whether you are a member of neutral health insurance companies or a healthcare provider, including: 

The Neutral health insurance company holiday department; 

The rest and convalescence stay department; 

The emergency care abroad department; 

The pre-marital savings department. 


Generally, this data is processed : 

To manage your contacts with our departments regardless of the channel used; 

For the good management and improvement of our services and the social security and public health system, and the repression of fraud, through audits, surveys, scientific, statistical and historical studies and research and security and protection measures for data, property and people; 

To comply with our legal obligations, particularly as an insurer vis-a-vis the health insurance company Control Office, INAMI, and the CBSS. 


What are the legal bases for processing your data? 

As part of the management of compulsory insurance, personal data processed by the UNMN are processed based on articles 6.1. c), e), f), 9.2. b), c), f), g), h), i) and j) as well as 87 of the European Regulation. To do this, we rely in particular on the following specific legislation and its implementing decrees: 

  • Law of August 6th 1990 relating to health insurance companies and national unions of health insurance companies with regard to compulsory insurance and supplementary insurance; 
  • Law relating to compulsory healthcare and compensation insurance coordinated on July 14th 1994, by Royal Decree of July 3rd 1996 and others; 
  • Law of January 15th 1990 aimed at establishing the CBSS, by Royal decree on February 4th 1997 and others; 
  • Law of April 26th 2010 laying down various provisions regarding the organisation of supplementary health insurance; 
  • Law of August 8th 1983 organising a National Register of individuals and the Royal Decree of December 5th 1986 on its use in health and disability insurance; 
  • Law of August 21st 2008 on the eHealth platform; 
  • Law of April 11th 1995 aiming to establish the Social Security Charter; 
  • Law of August 22nd 2002 on patient rights. 

What data is processed? 

Depending on the services you use or the information you provide us with, UNMN may process the following personal data: identification data (names, address, telephone number, etc.), financial particulars, physical data (size, weight, etc.), psychological data (personality, character, etc.), hobbies and interests, consumption habits, education and training, image recordings (via surveillance cameras on our premises), personal characteristics (age, sex, marital status), lifestyle habits, household composition, memberships (health insurance), housing characteristics, profession and employment, audio recordings (via calls to our call centres). 

Depending on the services you use or the information you provide us with, the UNMN may also have knowledge of or process the following specific data: 

  • data from the National Register: national register number and identification data (surname, first names, place and date of birth, sex, nationality, main residence, place and date of death, marital status, household composition, legal cohabitation, type of registration register); 
  • data from the CBSS: social data; 
  • data relating to health: physical health, mental health, dangerous situations and behaviour, data relating to care, genetic data; 
  • judicial data: suspicions and indictments, convictions and sentences, legal measures, administrative sanctions; 
  • sensitive data: racial or ethnic data, political opinions, religious or philosophical beliefs, data relating to sexual life. 

What are our sources of information? 

The data that concerns you essentially comes from: 

  • yourself, your legal representative or any person authorised by you; 
  • healthcare providers (hospitals, doctors, etc.) that you have consulted, in particular via the third-party payment system; 
  • the CBSS and any other public administration active in social security matters; 
  • the INAMI; 
  • of the not-for-profit organisation Neutral health insurance company holidays. 

Who is you data processed by? 

All this data is processed by authorised personnel and contractually subject to an obligation of professional secrecy. IT security measures are also put in place to guarantee the confidentiality, integrity and availability of your data. 

To whom may your data be communicated?

Your personal data may be communicated: 

  • to yourself and/or your legal representatives (including provisional administrator), or to your representative (professional advisor, lawyer, mediator, etc.) in possession of a mandate, directly or through a healthcare professional of your choice, at your request; 
  • to your healthcare professionals, at your request; 
  • to your health insurance company; 
  • to our SMA NEUTRA at your request and MUTAS in the event of urgent care abroad; 
  • to social security organizations: to the National Inter-mutualist College, to the Carrefour Social Security Bank, FEDRIS, ONEM, family allowances in the context of seizures and transfers in application of article 1410 § 4 of the Judicial Code; 
  • to the Mutuality Control Office and INAMI, as part of their legal control missions; 
  • to our Company Auditor, to our external auditors, all bound by an obligation of confidentiality; 
  • to our lawyers and the courts in the event of litigation; 
  • to any institution with a view to granting you a benefit if you have privileged status (see profiling tab); 
  • to Manufast or bpost for sending our letters; 
  • to a duly authorised third party (law, contract, authorisation, consent); 
  • to your creditors as part of the execution procedure. 

Who are our subcontractors?

The UNMN mainly uses the following subcontractors: :

  • MLOZ IT, located route de Lennik 788, 1070 Anderlecht, who is our IT supplier. 

And our health insurance companies, all affiliated to the National Union of Neutral health insurance companies:      

  • Neutraal Ziekenfonds Vlaanderen, located at Statieplein 12, 9300 Aalst 
  • Vlaams & Neutraal Ziekenfonds, located at Hoogstratenplein 1, 2800 Mechelen 
  • La Mutualité Neutre (Neutral health insurance company), located at Rue des Dames Blanches 24, 5000 Namur 
  • Mutualia, located at Place Verte 41, 4800 Verviers 

On a less recurring basis, the UNMN uses the following subcontractors: 

  • our lawyers and bailiffs 
  • Oberthur/Zetes for the isi+ card 
  • Manufast for the management of some of our post 
  • The INAMI 
  • Fedris (Federal Agency for Occupational Risks) 
  • MUTAS, for emergency care abroad 
  • Tempo-team, for the care of sick children 
  • Cegeka 
  • Agresso 

Is your data transferred to countries outside the EEA? 

Your data may be transferred abroad if it is: 

  • provided for as part of compulsory insurance; 
  • necessary for the execution of measures prior to the conclusion of the contract, taken at your request; 
  • necessary to safeguard your vital interests; 
  • necessary for the conclusion or performance of a contract concluded or to be concluded with a third -party, in your interest; 
  • or if you have unquestionably consented to it. 

How long is your data kept? 

Your identification data is kept from your registration with the health insurance company/UNMN until your transfer to a health insurance company other than a neutral health insurance company, your death or your departure abroad. 

In general, your data is kept in accordance with the legislation and according to the INAMI directives and circulars that we receive, the starting point of this period may differ from one legislation to another. 

As an exception, and in accordance with medical ethics, your medical data is always kept 30 years after your last contact with the UNMN/your health insurance company. 

What are your rights ? 

In accordance with the legislation, you have the right to obtain confirmation that your personal data is processed by UNMN and the right to access it. 

Provided that your rights do not conflict with the legal obligations to which the UNMN is subject, you also have the right, for the data which concerns you : 

  • to request the rectification of any inaccurate or incomplete data; 
  • to request the deletion of all data; 
  • to object to the processing of data; 
  • digital oblivion (right of erasure); 
  • to request the limitation of processing of your data; 
  • not to be subject to an automated decision, including profiling (see below). 

In case of disagreement, you always have the possibility to contact the Data Protection Authority, located at rue de la Presse 35, 1000 Brussels or via the website.


Can you withdraw your consent ? 

If the processing of your data is based on your consent, you have the right to withdraw your consent at any time and without justification. 

The UNMN is nevertheless legally required to manage personal data as part of the execution of compulsory insurance. 

Are you subject to automated decisions, including profiling? 

You are subject to an automated decision in the following cases: 

  • allocation of CT1/CT2 policyholder codes which make it possible to determine the rights to which beneficiaries are entitled in terms of the refund of health care. These rights depend on the scheme to which you belong, your status and whether or not you are entitled to Supplemented Refunds. 
  • allocation of Supplemented Refunds: in application of the Royal decree relating to the Supplemented Refunds of the insurance referred to in article 37 § 19 of the law relating to compulsory healthcare and compensation insurance, certain policyholders are entitled to Supplemented Refunds from health insurance for healthcare services. The right to Supplemented Refunds can be granted in two different situations: 
    • automatic right: on the basis of a benefit or situation without any request from the persons concerned and without an income test 
    • after income examination: following the submission of an official request from a person who is part of the Supplemented Refunds household, the health insurance company carries out an income examination on the basis of a sworn declaration completed by all necessary supporting documents and signed by all members of the Supplemented Refunds household. 

Within the framework of health and disability insurance, the right to Supplemented Refunds allows you to claim: 

  • higher refund for healthcare and therefore a reduction in co-payments. 
  • the reduction of the hospitalisation co-payment: the hospitalisation co-payment is the amount that the insured person will have to pay in the price of the hospitalisation day; this share is reduced for beneficiaries of the Supplemented Refunds. 
  • for the benefit of third-party payers: policyholders who are entitled to Supplemented Refunds will be able to benefit from the system of direct payment of healthcare by the health insurance company to the healthcare provider without further formality. The right to third-party payment is mentioned on the isi+ card or on a certificate issued by the health insurance company. 
  • Maximum invoice: certain policyholders who benefit from the Supplemented Refunds will not pay more than a determined ceiling of co-payments per year. 

Apart from the Supplemented Refunds from health care insurance, the beneficiary of the Supplemented Refunds can sometimes claim other financial benefits, reserved for people who meet certain conditions of “social quality” and income: 

  • social fare for public transport (TEC - SNCB - STIB - DE LIJN) 
  • access to intervention from the CPAS fuel social fund 
  • social telephone rate 
  • exemption from Brussels regional tax 
  • advantages granted by certain municipalities (free bin bags or reductions on the waste tax) 


  • Maximum invoice: in principle, the Maximum invoice consists of financial assistance for households facing sometimes significant healthcare expenses. If the co-payment payable by you exceeds a certain ceiling, your health insurance company will automatically refund you 100% of the co-payment that exceeds this ceiling for all services falling within the Maximum invoice. The ceiling that will be allocated to you will depend on your household income (as recorded in the National Register on January 1st and therefore known to your municipal administration), based on the income received three years ago. There is also a specific maximum charge for children and children with disabilities. 


  • accident report: based on the information obtained via the third-party payment system, an accident report document can be sent to you on your own initiative. 


  • treatment/intervention decision following notification by a healthcare provider or institution.  


  • Blocking compensation in the event of coverage notified by a work accident insurer. 

Video surveillance 

As the National Union of Neutral health insurance companies, we provide video surveillance in our buildings, in accordance with the law of March 21st 2007 regulating the installation and use of surveillance cameras. The purpose of these surveillance cameras is to guarantee the security of our property, our buildings, our staff and our visitors. 

The presence of surveillance cameras is always indicated by means of pictograms. When you are in a place where surveillance cameras are present, you may be filmed. Here too, your personal data is processed. 

Only authorised people have access to recorded images. These images are automatically deleted after 10 days if they do not contribute to proving an infringement, damage or nuisance. Otherwise, they may be kept longer for investigation. In this case, the images may also be transferred to the police or judicial authorities. 

How do you exercise your rights ? 

To exercise one or more of your rights, you can send a written, dated and signed request to our Data Protection Officer ( or at the following postal address : Chaussée de Charleroi 145, 1060 Bruxelles), by attaching a front copy of your identity card. 

You can also exercise your rights using this form

In the event of a disagreement, you can always contact the Data Protection Authority (located rue de la Presse 35, 1000 Brussels or by using the website