PERSONAL DATA PRIVACY STATEMENT

1. EQISURE INSURANCE BROKERAGE COMPANY LTD (referred to as “EQISURE” or “we” or “us” or “our”) is committed to protecting your privacy and handling your personal data in an open and transparent manner. The personal data that we collect and process will vary depending on the product or service we provide to you. This Personal Data Privacy Statement:

Provides an overview of how EQISURE collects and processes your personal data, including sensitive data, and informs you about your rights under the EU General Data Protection Regulation (“GDPR”) and any law supplementing or implementing the GDPR;

Is directed to natural persons who are:

  1. current or potential customers of EQISURE; and/or
  2. beneficial owners or authorised representatives of legal entities or of natural persons which/who are current or potential customers of EQISURE; and/or
  3. insured persons named under any EQISURE insurance policy; and/or
  4. third party claimants;
  • Is directed to natural persons who had a business relationship with EQISURE in the past;
  • Contains important information about what personal data we collect, what we do with such personal data, who we may share it with and why and your rights in relation to the personal data you have given us;
  • Contains information about when we share your personal data with other banking/financial institutions and other third parties (for example, our service providers or suppliers). For the purposes of this Personal Data Privacy Statement:
  • When we refer to “personal data” we mean data which identifies or may identify you and which may include, for example, your name, address, identification number, telephone number, date of birth, occupation and family status;
  • When we refer to “sensitive data” we mean special categories of personal data which identify or may identify you and which may reveal, inter alia, details about your past or current physical or mental health status, including data on any physical or mental disease or disability; and  When we refer to “processing” we mean the handling of your personal data by us, including collecting, protecting and storing your personal data.

2. Who we are

EQISURE INSURANCE BROKERAGE COMPANY LTD is a licensed insurance company, registered in the Republic of Cyprus under registration number HE437599 as a limited liability company having its registered office and head offices at 24 Piraeus Street, Strovolos, 2023 Nicosia Cyprus. If you have any questions about our Personal Data Privacy Statement or wish to obtain more details in relation to the personal data we process about you, please contact our Data Protection Officer in writing at the following addresses:

  1. via post at: 24 Piraeus Street, Strovolos, 2023 Nicosia Cyprus or
  2. via email at: [email protected]

3. How we collect your personal data

We obtain your personal data mainly through any information you provide directly to us or through information provided by third parties. Below is a list of ways in which we collect your personal data:

  1. Personal data collected directly from you, including:
    •  When you visit our website or social media or submit written questions or comments to our website or social media;
    • When you complete our insurance policy proposal forms;
    • Via requests for online quotations or sales (through our mobile applications, via phone , through our sales representatives as well as our corporate website and portal in the future);
    • Via claim forms and/or through accident and damage notifications;
    • When you request an alteration to your policy;
    • When you contact us for an enquiry, complaint or for any other reason.
  2. Personal data collected from other sources, including:
    • Directly from an individual or legal entity who has a policy with us under which you are insured, for example when you are a named driver on another person’s motor insurance policy or from your employer who has an employer’s liability insurance policy with us under which you are insured;
    • Via third parties, including: o our agents who have passed on your personal data to us; o your authorized representative when you may be incapacitated or unable to provide information; o in the event of a claim, other parties involved, witnesses, medical professionals, assessors, loss adjusters, other experts and lawyers; o other insurance companies for underwriting and claims handling purposes; o other service providers, including road assistance and accident care, home assistance and travel assistance; o public authorities.
  3. Publicly available sources, including:
    • Department of Registrar of Companies and Official Receiver;
    • The press and media;
    • Website search engines or from the social media;
    • Road Transport Department;
    • The Motor Insurers’ Fund;
    • Cyprus Hire and Rejected Risks Pool.

4. What personal data we collect

    1. Personal data

We may collect the following personal data from you depending on the product or service we provide to you:

      • Contact details such as your name, address, telephone number, e-mail address and fax number;
      • Identification details such as your identification or passport number, driving license details and social security number;
      • Biographical and demographic data such as your date of birth, age, gender and occupation;
      • Financial information such as your bank account number and account details and other financial information;
      • Information relevant to your insurance policy such as details about your vehicle and property, other policies with EQISURE or with other insurance companies, policy and claim numbers, coverage/peril details and valuation reports;
      • Information about previous and current claims (including claims relating to policies with other insurance companies) such as details of an incident giving rise to the claim, including its extent and impact;
      • Details of your visit to EQISURE website and information collected through cookies and other tracking technologies including your IP address and domain name, your browser version and operating system and your location data;
      • Details of transactions you may carry out through our website when this functionality is launched in the future, including the quotations obtained for insurance policies;
      • Information about your activities and habits that may expose you to increased insurance risk (for example under the personal accident policy);
      • Your marketing preferences.
    2. Sensitive data

We may collect the following sensitive data from you depending on the product or service we provide to you:

      • details in relation to your past and present physical or mental health including any injury or disability information; and
      • habits that may expose you to increased health risks.
    2. Children’s data

We understand the importance of protecting children’s privacy. We may collect personal data in relation to children only provided that we have first obtained their parent’s or legal guardian’s consent or unless otherwise permitted under law. Our website is not designed for use by children nor do we provide any online services to children. For the purposes of this privacy statement, “children” are individuals under the age of sixteen (16).

5. Why we need your personal data

5.1 Personal Data

We will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  1. Where we need to perform the contract we have entered with you or in order to take certain steps prior to entering into a contract with you Processing is necessary for us in order to provide you with an insurance policy and any related services, and more specifically in order to:
    • Review the insurance policy proposal form and provide you with a quotation;
    • Evaluate the risks to be covered for underwriting purposes;
    • Administer, provide and service your insurance policy;
    • Communicate with you, other insured persons under your insurance policy and/or claimants in order to service the insurance policy;
    • Communicate with you and resolve any complaints and/or enquiries you may have;
    • Notify you about any changes to our insurance products and/or services;
    • Recover any payment due to us in respect of the insurance products and/or services we have provided to you. The purpose of processing personal data depends on the requirements for each product and/or service. Τhe insurance policy terms and conditions provide more details of the relevant purposes. If you do not provide the personal data requested from you, we may be unable to offer you an insurance policy, service your insurance policy, or process your claim.
  2. Where we need to comply with a legal obligation As an insurance company, we are required to comply with certain legal and regulatory obligations which may involve the processing of personal data. Such obligations and requirements impose on us necessary personal data processing activities for identity verification, compliance with court orders, tax law or other reporting obligations, anti-money laundering controls and compliance with the Sanctions/Restrictive Measures, that are decided and imposed by the United Nations’ Security Council and the European Union.
  3. Where we have appropriate legitimate interests to use your personal data In some cases, we may process your personal data to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights are not overridden by our interests. More specifically, we may process your personal data in order to:
    • Maintain our accounts and records;
    • Enhance the security of our network and information systems;
    • Identify, prevent and investigate fraud and other unlawful activities, unauthorised transactions, claims and other liabilities, and manage risk exposure and quality;
    • Safeguard the security of our people, premises and assets (via CCTV cameras, access control system);
    • Manage our infrastructure, business operations and comply with internal policies and procedures;
    • Modify, personalise or otherwise improve our services and communication methods;
    • Defend, investigate or prosecute legal claims;
    • Receive professional advice (e.g. tax or legal advice);
    • Perform data analytics (such as market research, trend analysis, financial analysis and customer segmentation);
    • Preparation of internal reports within EQISURE in order to facilitate strategic, management, risk, operational and other decisions that need to be taken in order to evaluate, monitor and enhance the performance of EQISURE in meeting its obligations and providing its services;
    • Enable outsourcing to third party service providers, communication methods such as calls and/or posting to and/or email communication, mail printing and enveloping with customers on behalf of EQISURE;
    • Perform enhanced due diligence of new, existing or potential customers where there is a suspicion that their country of origin or residence is a country subject to sanctions;
    • Collect photographs of movable and/or immovable property and vehicles from assessors in the context of investigation and assessment of damages.
  4. Where you have given us your consent Provided that you have given us your specific consent for processing of your personal data (other than for the reasons set out hereinabove) the lawfulness of such processing is based on that consent. You have the right to revoke consent at any time. However, any processing of personal data prior to the receipt of your revocation will not be affected.
  5. Where we need to process your personal data in order to protect your vital interests or those of another person We will only process your personal data on this basis in very rare circumstances, such as where you or a third person is physically or legally incapable of giving consent and only provided that your life, or a third person’s life, is in jeopardy.

5.2 Sensitive Data

We will only process your sensitive data under the following circumstances:

  1. When we have your explicit consent to do so When the insurance policy you wish to purchase or the claim you wish to submit requires the provision of your sensitive data (such as data in relation to your health), we may only collect and process such data with your explicit consent. We will make this clear to you at the point of collection of your sensitive data. You may withdraw your consent to such processing at any time. However, if you withdraw your consent in relation to your insurance cover or to a claim you wish us to process, then this is likely to impact our ability to provide the relevant insurance services or insurance cover or process any claims under such cover.
  2. Where we need to process your sensitive data in order to protect your vital interests or those of another person We will only process your personal data on this basis in very rare circumstances, such as where you or a third person is physically or legally incapable of giving consent and only provided that your life, or a third person’s life, is in jeopardy.
  3. Where processing of your sensitive data is necessary for the establishment, exercise or defense of legal claims which may be related to your insurance policy and/or any claim submitted by you, an insured person or a third party.
  4. Where we need to use your sensitive data for reasons of substantial public interest, such as investigating fraudulent claims and carrying out fraud and anti-money laundering checks.

6. Who receives your personal data

In the course of the performance of our contractual and statutory obligations your personal data may be provided to various departments within EQISURE. Various service providers, insurance partners and suppliers may also receive your personal data so that we may perform our obligations and provide our service. Such service providers, insurance partners and suppliers enter into contractual arrangements with EQISURE by which they observe confidentiality and take technical and organizational measures to protect your data according to the data protection law and GDPR. It must be noted that we may disclose data about you for any of the reasons set out hereinabove, or if we are legally required to do so, or if we are authorized under our contractual and statutory obligations or you have given your consent. All data processors appointed by us to process personal data on our behalf are bound by contract to comply with the GDPR provisions.

Under the circumstances referred to above, recipients of personal data may be, for example:

  • Service providers we have chosen to support us in the effective provision of our products and services to you by offering technological expertise, solutions and support;
  • Internal and external Auditors;
  • Accountants;
  • External legal consultants;
  • File storage companies, archiving and/or records management companies, and cloud storage companies;
  • Financial and business advisors;
  • Medical professionals;
  • Claims handling experts, such as investigators, assessors and loss adjusters, repairers;
  • Valuators and surveyors;
  • Third party claimants, their legal representatives and lawyers who seek indemnification under your policy;
  • External expert consultants whose assistance is required with respect to specialized investigations conducted for internal audit purposes;
  • Payment processing companies.
  • Accident care and emergency assistance service providers (in relation to motor, home, personal accident and travel policies) including overseas assistance;
  • Governmental and regulatory bodies, including law enforcement authorities, in connection with enquiries, proceedings or investigations by such parties or in order to enable EQISURE to comply with its legal and regulatory requirements;
  • Other banking/financial Institutions in the event of the assignment by you of an insurance policy as collateral for a credit granted to you or to a third party/company (mortgagee);
  • Insurance companies, reinsurers and reinsurance brokers;
  • Website and advertising agencies;
  • Marketing companies and market research companies including companies which support us in performing customer satisfaction surveys by phone or via the internet and social media;
  • Call centers and/or other services providers which may assist us with large scale and urgent campaigns and/or correspondence relating either for marketing or other obligations of EQISURE. Some of the recipients of your personal data may be located in third countries (i.e. countries outside the European Economic Area). Processors in third countries are obligated to comply with the European data protection standards and to provide appropriate safeguards in relation to the transfer of your data in accordance with GDPR.

7. How we treat your personal data for

Marketing activities including profiling We may process your personal data to tell you about products, services and offers that may be of interest to you or your business. The personal data that we process for this purpose consists of information you provide to us and data we collect and/or infer when you use our services. We study all such information to form a view on what we think you may need or what may interest you. In some cases, profiling is used, i.e. we process your data automatically with the aim of evaluating certain personal aspects in order to provide you with targeted marketing information on products. We can only use your personal data to promote our products and services to you if we have your explicit consent to do so. You have the right to object at any time to the processing of your personal data for marketing purposes, which includes profiling, by contacting EQISURE office, either in person or in writing or by contacting our Data Protection Officer using the contact details set out in Section 2 of this privacy statement. Even if you inform us that you no longer wish to receive marketing material, you will still receive other important information from us from time to time, such as changes to your existing products or services. We may ask you to confirm or update your choices, if you purchase any new products or services from us in the future. If you change your mind, you can update your choices at any time by contacting us either in person or in writing or by contacting our Data Protection Officer using the contact details set out in Section 2 of this privacy statement.

8. How long we keep your personal data for

We will keep your personal data for as long as we have a business relationship with you. Once our business relationship with you has ended, we may keep your personal data for the longest of the following periods:

  1. any retention period set out in which is in line with regulatory requirements relating to retention; or
  2. the end of the period in which legal action or investigations might arise in respect of the products and services provided, including your insurance policies and any claims arising in relation thereto. We may keep your data for longer period if we cannot delete it for legal, regulatory or technical reasons. If we do, we will make sure that your privacy is protected and that your data are only used for those purposes. We shall keep your personal data as a prospective customer for twelve (12) months from the date that the quotation was provided to you, assuming no insurance policies arose in relation to the quotation provided.

9. Your data protection rights

You have the following rights in terms of the personal data we hold about you:

  • Receive access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction (rectification) of the personal data we hold about you. This enables you to have any incomplete, inaccurate or out of date information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to erase your personal data where there is no good reason for us continuing to process it.
  • Object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interest, rights and freedoms.
  • You also have the right to object where we are processing your personal data for direct marketing purposes. This also includes profiling in as much as it is related to direct marketing.
  • If you object to processing for direct marketing purposes, then we shall stop the processing of your personal data for such purposes.
  • Request the restriction of processing of your personal data. This enables you to ask us to restrict the processing of your personal data if:
    • it is not accurate;
    • it has been used unlawfully but you do not wish for us to delete it;
    • it is not relevant anymore, but you want us to keep it for use in possible legal claims;
    • you have already asked us to stop using your personal data, but you are waiting for us to confirm if we have legitimate grounds to use your data.
  • Request to receive a copy of the personal data concerning you in a format that is structured and commonly used and transmit such data to other organisations. You also have the right to have your personal data transmitted directly by ourselves to other organisations you will name.
  • Withdraw the consent you gave us with regard to the processing of your personal data for certain purposes, such as to allow us to promote our products and services to you and/or to process your sensitive data. In some cases, if you withdraw your consent, we may not be able to process your insurance policy or claim. To exercise any of your rights, or if you have any other questions about our use of your personal data, please visit us or contact our Data Protection Officer using the contact details set out in Section 2 of this privacy statement. We endeavour to address all of your requests promptly.

10. Right to complain

If you have exercised any or all of your data protection rights, or otherwise still feel that your concerns about the use of your personal data have not been adequately addressed by us, you have the right to complain in writing at the following addresses:

(a) via post at: 24 Piraeus Street, Strovolos, 2023 Nicosia Cyprus

(b) via email at: [email protected], or

(c) by completing our online contact form (www.eqisure.com). You also have the right to complain to the Office of the Commissioner for Personal Data Protection. You can visit their website to find out how to submit a complaint (www.dataprotection.gov.cy).

11. Changes to this Privacy Statement

We may modify or amend this Privacy Statement from time to time. We will reasonably endeavour to notify you appropriately when we make changes to this Privacy Statement and we will amend the revision date at the bottom of this page. The new version of this notice will be available on our website. We do encourage you to review this statement periodically on our website (www.eqisure.com) so as to always be informed about how we are processing and protecting your personal information.

12. Cookies

Our website uses small files known as cookies to make it work better in order to improve your experience. To find out more about how we use cookies, please see our cookies policy.

To view EQISURE INSURANCE BROKERAGE COMPANY LTD Cookies Policy please click here.

Scroll to Top