Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
Access to the full documentation: it is not a privacy question: heir vs third beneficiary.

Access to the full documentation: it is not a privacy question: heir vs third beneficiary.

Mr. G discovers that Mrs. D.D., who was the legitim heir, has signed a life policy by pouring a bonus of 76.500,00, a number totally higher than all the goods involved into the succession, by designing as a third beneficiary a third subject, who has collected the prize. 

He asked the insurance company I.S.V. a copy of the entire insurance contract as well as a copy of the next declarations of the beneficiaries designation. 

The material required reached him but it was obscurate in the sections related to personal data of the third beneficiary. 

Seised the Marsala Court and obtained the injunction for the delivery of the whole documentation, the opposition of the company has been incardinated and it has been established the lawsuit. 

The judgement – The two opposite decisions can be resumed. 

The insurance society said that the third beneficiary bought a right according to the article 1920, co 3. c.c, in which the relative credit did not fall under the inheritance; moreover according to the privacy legislation, the access to the act would be allowed only to who should be a stakeholder, only in relation to personal data about dead people and not to additional thirds ones. 

The other one affirmed that the question did not cover the right of access to act according to the article 15 of the GDPR even if it was a contractual action according to the article 1888, co. 2 c.c, for which the injunction party was merely in breach of contract.

The comment – The judgement of the Marsala Court refers to a problem which is common. 

The heir and the third beneficiary have opposite interests. One has the need to know the name of the other in order to react. The other, after having gained the prize, desires to be unknown in order to be brought to the trial. 

Between the two interests there is the work of the insurance company. Is the insurance company that receives the instances of the heir and it should find it. 

Should it have to obscurate the data of the third beneficiary or not?

Already in the past (the heir and the access to third data relative to life policies: is it a privacy problem?) during a criticism of another thing like that, I indicate how is important to not confuse the scope of the operation of the GDPR and its relative access right when in reality the protection instruments are others. 

Mind you, it is not being claimed that in the contrast between heir and third party beneficiary, the insurance company does not have to worry about processing the data correctly. Quite the contrary! It is being affirmed, reiterating what has already been indicated above, that trying to protect the rights of the heir by referring to the instruments of protection available to the “data subject” (article 15 et seq. Gdpr) is completely out of place.

The heir, as a universal successor of the dead, has the possibility to protect its rights (and receive the copy of the insurance contract) by asserting the rights based on the negotiating title. By applying the legislations (article 1888 c.c, 1375 c.c and 1175 c.c.) the heir has in its legal heritage the right to have a copy of the insuring contract without that the references of the third beneficiary shall be obscured. 

On the other hand, if despite this, the heir presents an instance of access to personal data according to the Articles 15 and ss. of the GDPR, the insurance company will give only the data subject rights and not the data of the third beneficiary. 

By applying these concepts, the Marsala Court, the Doctor Francesca Bellafiore, by distinguishing the two scopes, those one contractual from the policy one, has established that the heir has exercitated not the right of access according to article 15 of the GDPR but of the right to delivery of the contract pursuant to, among other things, Art. 1888 para. 2 of the Civil Code, according to which “the insurer shall also be obliged to issue, at the request and expense of the policyholder, duplicates or copies of the policy” … “the right of the insured/contractor without limit as to the data of the third-party beneficiary”.

SOURCE: FEDERPRIVACY

Recommended to you

Advanced Research