Legal notice
Privacy Policy
Information on the processing of personal data by PK INSURANCE BROKERS INSURANCE BROKING SINGLE MEMBER P.C.
1. Introduction — Responsible legal entity
Our Company, under the name "PK INSURANCE BROKERS INSURANCE BROKING SINGLE MEMBER P.C." (hereinafter "PK insurance"), has been established and operates lawfully under Greek law, with Tax ID (Α.Φ.Μ.) 997864151 / Athens Tax Office, and is based at 14 Ermou Street, Athens. It is duly registered in the Registry of the Professional Chamber of Athens as an Insurance Broker and provides insurance intermediation services.
In the course of our activity as insurance intermediaries, we process "Personal Data" relating to you (hereinafter "PD") — that is, any information referring to an identified or identifiable natural person ("data subject") that may directly or indirectly identify them — in accordance with the General Data Protection Regulation 2016/679/EU and Greek legislation, as in force.
What personal data we collect and how
For our activity in providing insurance intermediation services for the conclusion of insurance contracts, we process the data of clients or prospective clients. Through this Privacy Policy you accept, declare and warrant, among other things, that you submit only accurate and truthful information wherever required, at every stage of the process, and you accept that the provision of inaccurate, untruthful or incomplete information at any stage of the initial issuance or renewal of an insurance product or service constitutes grounds for cancellation of your insurance policy, and may entail any other consequence provided by law. As clients or prospective clients of PK insurance, you need to disclose to us certain personal information in order to access specific services offered by PK insurance (for example, to receive an insurance quote, to subscribe to newsletters, or to process an order).
We likewise collect PD if you choose the company's call centre as a means of remote service, subject to compliance with the legal formalities for remote sales. We also collect PD during your physical presence at our offices.
Furthermore, we may collect PD at any stage in which you use our services by any of the above means — for example, we collect data from insurance applications and supporting documents, claims notifications, telephone calls, emails or any other communication with us.
We may also receive personal information from insurance companies, service providers cooperating with us, partner insurance intermediaries, as well as the software applications we maintain on computers, smartphones and other mobile devices.
The data we collect includes identification and contact information, such as first and last name, home address, date of birth, email, telephone, consumer preferences, and possibly also "Special Category Personal Data" (hereinafter "SCPD"), such as health data and family history, as well as other information required under insurance legislation or for the completion of insurance applications and other necessary policy documents (e.g. needs form) per insurance line and product.
If you provide us with information for the insurance of a third natural person, you must inform that third party of the content of this Privacy Policy and obtain their permission to disclose such information to us.
Finally, during your navigation on our website, data not necessarily linked to the identity of a natural person may be collected, such as IP addresses, cookies, etc.
2. Minors
Our services are not intended for persons under the age of eighteen (18), and we ask that you do not provide PD through the website or physically to us if you are under eighteen (18) years of age.
3. For what purposes we process your personal data
We process personal data that you provide of your own free will and after we have obtained your prior explicit consent, or where processing is necessary for the performance of the contract between us or to take measures at your request prior to the conclusion of the contract, and more specifically:
A. To provide insurance intermediation services: We process personal data that is objectively essential and necessary for performing the work of the insurance intermediary — i.e. acting within the framework of providing and performing the insurance intermediation services we have undertaken towards our clients or prospective clients, the insurance companies cooperating with us, and the insurance intermediaries cooperating with us.
B. To serve you as a client and to manage complaints: We process personal data that is objectively essential and necessary to serve you, at your request.
C. In addition, we process PD for the following purposes, for which your consent is required (note that you have the right to withdraw your consent at any time; once we receive notice that you have withdrawn your consent, we will cease processing your data for the purpose(s) you originally agreed to, unless there is another legal basis to do so lawfully):
- For advertising and promotional activities we may carry out in the future, as well as for sending offers, saving tips and useful newsletters. Once we obtain your consent, we may use and process — including transmitting — your PD, excluding SCPD, for informational, advertising and promotional activities we carry out as a business.
- To improve and personalise your customer experience in general.
- For data analysis — consumer behaviour.
- For statistical purposes and customer satisfaction surveys regarding the products and services provided.
5. With whom we share your data
As insurance intermediaries, we reserve the right to transmit PD and possibly SCPD to the respective cooperating insurance company or insurance intermediary that supplies the insurance product or service, for the purpose of obtaining an insurance quote, processing the insurance application, and operating and performing the insurance contract, etc.
Any further retention, processing or transmission of PD to third parties within or outside the EU by the insurance companies cooperating with us that supply the insurance product is governed by the respective Privacy Policy of each cooperating insurance company and the provisions and terms of the relevant insurance policies.
Within the operation of your insurance contract, PD may be transmitted to various hospitals, doctors, reinsurers and the Statistical Service of Insurance Companies.
Your PD may also be made accessible, within the operation of our business, to our employees (issuing department, claims department, etc.) and to our external partners — legal and natural persons, service providers who meet the legal requirements and maintain cooperation agreements with us — such as partner insurance intermediaries, providers of online insurance systems, email and SMS messaging providers, telephone service providers, e-banking and online transaction providers, courier service providers, etc.
In the event of consent to the processing of PD, excluding SCPD, for advertising and promotional purposes, data may be transmitted to and made accessible by legal or natural persons with whom we maintain agreements from time to time and who undertake to carry out such activity.
Finally, PD relating to you may be transmitted to Public Authorities pursuant to legal requirements or court decisions, etc.
6. Non-disclosure of data for other purposes
We will not transmit your PD to any third party for any purpose other than the transmissions referred to above. We will not sell your PD to third-party companies that may be interested in promoting their products and services to you.
7. For how long is my personal data kept on file?
We retain your PD for as long as necessary to fulfil the purposes described in this Privacy Policy. This means that we process your data during our contractual relationship and until the limitation period for any related claims has elapsed.
8. Automated decision-making
We do not make automated decisions. We clarify that significant decisions concerning your insurance are made by the insurance companies in accordance with their applicable Privacy Policies and the general and specific terms of the insurance policies.
9. Technical and organisational measures
We have taken all modern and appropriate organisational and technical measures for the security of your personal data and its protection against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access, and any other form of unlawful processing.
Nevertheless, absolute security cannot be guaranteed during the transmission of data over the internet or other data storage systems. If you become aware that the security of your personal data has been compromised, you should notify us immediately at info@pkinsurance.gr.
10. What are my rights regarding the processing of my personal data?
The General Data Protection Regulation establishes certain rights in relation to the processing of your personal data, which you may exercise at any time. Specifically:
- Right to transparent information (Article 12 GDPR), to information (Articles 13 & 14 GDPR) and of access (Article 15 GDPR) to your personal data. You may ask whether we hold personal data about you and what it is, the reasons we retain/use it, its recipients, and to receive a copy of it.
- Right to rectification (Article 16 GDPR) of the personal data we hold.
- Right to erasure — right to be forgotten (Article 17 GDPR) of your personal data, where its processing is no longer necessary.
- Right to object (Article 21 GDPR) to the processing of your personal data (e.g. for direct marketing purposes, including profiling).
- Right to object to automated decision-making, such as profiling (Article 22 GDPR).
- Right to restriction of processing (Article 18 GDPR) of your personal data.
- Right to data portability (Article 20 GDPR) — to request the transmission of your personal data to you or another party in electronic and structured form.
- Right to withdraw your consent at any time, in cases where processing is based on it.
You will not have to pay any fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is manifestly unfounded, frequently repeated, excessive, or requires significant administrative cost on our part to satisfy.
If you exercise any of your rights, we will take every possible measure to satisfy it within thirty (30) days of receiving the relevant request, after informing you either of its satisfaction or of the objective reasons preventing it.
If you wish to exercise any of the above rights, you should submit a request to info@pkinsurance.gr or contact our company by post (14 Ermou Street, Athens).
11. How can I submit a complaint?
For any matter concerning the processing of your data, you may contact us by email at info@pkinsurance.gr or by post at our company (14 Ermou Street, Athens).
You also retain the right to address the Hellenic Data Protection Authority, which may accept the submission of relevant complaints either in writing to its registry (1-3 Kifisias Ave., 115 23, Athens) or electronically (www.dpa.gr).
13. Changes to this Privacy Policy
This Privacy Policy came into effect on 23 May 2018, may be amended from time to time, and any changes will be communicated to you via notice on our website. Visitors and users should check the content of this page frequently in order to stay informed of the policy at all times.
