PRIVACY POLICY
1. GENERAL
This Policy is a privacy statement and aims to inform you on how I collect, use, and disclose your personal data, the purpose for processing, and your legal rights as data subjects pursuant to the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Protection of the Personal Data Processing Act 2018.
In accordance with the mentioned Regulation, ‘personal data’ means any information that can identify (directly or indirectly) a natural person e.g. full name and an address or an ID number.
2. WHO AM I
Adriana Voronianu is a licensed insurance intermediary registered in the Registrar of Insurance Intermediaries of Cyprus under license number 5178. Her office is at 5, Thessaloniki Avenue, Thalia Court, shop 5B, 6035 Larnaca.
3. HOW I PROCESS YOUR PERSONAL DATA
I collect and process different types of personal data which I obtain from you through the ‘Proposal Form’ and/or other insurance forms in accordance with the explicitly and freely given consent that you have given me. I may also collect personal data from other publicly available sources (e.g., the Internet) which I lawfully obtain and am permitted to use.
4. WHAT PERSONAL DATA I COLLECT
If you are a client, a prospective client, an insured person, or a beneficiary in an insurance policy, the personal data I collect may include:
- Full name
- Home address
- Contact details
- Date of birth
- ID or passport number
- Profession
- Marital status
- Number of family members
- Personal income and expenses
- Assets
- Bank account number
- Height
- Weight
- Health conditions
5. WHY I PROCESS YOUR PERSONAL DATA AND ON WHAT LEGAL BASIS
I am committed to protecting your privacy and handling your data in a transparent manner, and as such, I process your personal data in accordance with the GDPR and the data protection statute law for one or more of the following reasons:
- A. Contract necessity: I process personal data on behalf of the insurance companies: Metlife and Trust as well as the insurance intermediary company Soeasy Insurance Brokers Ltd, in order to enter into a contract, to amend a policy, to handle a claim, or any other contract performance.
- B. Legal obligation: There are some legal obligations arising from relevant laws and statutory requirements. In addition, there are various supervisory authorities like the Insurance Companies Control Service which may impose on us necessary personal data processing e.g. the insurance analysis.
- C. Legitimate interest: I process personal data to safeguard legitimate interests pursued by myself or by a third party. Legitimate interest occurs when I have a business or commercial justifiable reason to process your personal data, as long as this is necessary and is not unfair for you.
- D. Consent: Provided you have given me your written specific consent, then the lawfulness of such processing is based on that consent. You have the right to withdraw or restrict your consent at any moment. Concerning the separate consent you may have given to the insurance company, you should contact the insurance company directly.
6. WHO RECEIVES YOUR PERSONAL DATA
As a processor, I share your personal data with the insurance companies that you contract with, so that they can provide cover for you.
7. COMMERCIAL PURPOSES
Provided you have given me your specific consent, I may process your personal data in order to inform you about products, services, and offers that may be of interest to you.
8. HOW LONG I KEEP YOUR PERSONAL DATA FOR
I shall keep your personal data for as long as you remain my client. When this relationship ends, I erase all relevant information within 13 months, unless there is a justifiable reason not to do so.
Personal data of prospective clients are kept for a period of 6 months.
9. YOUR DATA PROTECTION RIGHTS
- Right to be informed: You have the right to be informed about the collection and use of your personal data.
- Right of access: You may ask for a free copy of your personal data that is being used.
- Right of rectification: You may ask to erase or rectify inaccurate or incomplete personal data.
- Right to erasure (right to be forgotten): You may ask me to erase your personal data, as long as there is no justifiable reason for me to continue to do so.
- Right to restrict processing: You can ask me to restrict the purposes of your personal data processing.
- Right to object to processing: You have the right to object to processing when I rely on a legitimate interest. In such a case, I shall stop processing your personal data unless we prove that compelling legitimate grounds override your rights and freedoms.
- Right to data portability: You can also ask me to transfer your personal data directly to another business.
- Right to withdraw consent: You may withdraw the consent you have given me at any time.
- Right to report a complaint: If you have concerns about the way I use your personal data, you may contact my Data Protection Officer (DPO). You also have the right to report us to the Commissioner of Personal Data Protection through the website http://www.dataprotection.gov.cy.
10. HOW TO COMMUNICATE WITH ME
If you wish to exercise any of the above rights, ask any question, and/or request any clarifications concerning the way I use your personal data, you may contact my DPO by email at dpo@cv-insurancelaw.com or by post: 5, Thessaloniki Avenue, Thalia Court, shop 5B, 6035 Larnaca.