Credit Cards
Lower your insurance premiums and pay off in up to 12 interest-free monthly installments!

Our customer service model
Our Insurance Intermediary, will always be there for you 24/7, consistently guiding you through difficult decisions.

Find out more
Back

Personal Data

Briefing of Natural Persons on Personal Data Processing

1. General Information

Allianz European Reliance Single Member Insurance S.A. (hereinafter "the Company") is a comprehensive insurance company, active in all modern sectors of insurance, providing full insurance coverage to individuals and companies. The Company is registered in Greece and its headquarters are in Chalandri, 274 Kifisias Avenue, telephone number +30 2106829601, email info@europisti.gr. Within the framework of its activities, the Company maintains and processes Personal Data and Special Categories of Personal Data, in order to support, promote and enforce contractual relationships with its customers, to protect transactions and inform customers on the provided services. The Company acts mainly as a Data Controller or Joint Controller and, where appropriate, as Data Processor, according to the General Regulation (EU) 2016/679.

2. Types of Personal Data, Sources and Purposes of Personal Data Processing  

Within the framework of your insurance coverage, you need to declare Personal Data / Special Category Personal Data of you, your relatives and/or third parties included in the relative fields of your Insurance Application Form (in printed or electronic form), in any future Application Form (i.e. Form for Amendments, Compensation, Purchase, etc.), as well as in printed forms, electronic forms, portals and applications forms related to your insurance coverage or briefing on the insurance products of the Company. Indicative categories of this data are: identification, communication, transaction, payment, health, etc. 

These data are disclosed to the Company by you or via your Insurance Intermediary and any Insurance Agent that is involved in the issuance of your insurance policy or the third parties that are delegated by you and must be true, accurate and clear. 

These data are maintained and processed by the Company, as they are objectively essential for: a) the estimate of the underwriting risk, b) the calculation of premiums, c) the determination of general and special terms of the insurance policy and d) the fulfillment of the objective and function of the insurance policy. Moreover, this processing contributes to the estimate, audit and settlement of the insurance claim in case of occurrence of the underwriting risk or payment of the provided sum insured (compensation) according to the terms of the insurance policy. Regarding the Products of the Life Insurance Sector, we perform additional individual procedures for the purpose of compliance of the Company with the provisions of the European and Greek legislation:

- Audits for the prevention of the use of the products of European Union for purposes of “money laundering” and or terrorist financing, (L. 4557/2018).
- Audits and dispatch of data for the purpose of compliance of the Company with the national and international regulatory framework for the automatic exchange of financial information in tax matters (L. 4428/2016 and L. 4378/2016).
- Any relevant processing for the purpose of compliance of the Company with FATCA relates only to natural persons with indication of American citizenship / residence for tax purposes (L. 4493/2017). The Company requires and collects for the fulfillment of the objectives mentioned above, the data of its insured and/or third parties involved in the case of occurrence of the underwriting risk (i.e. injured third parties, witnesses etc.) from third parties that cooperate or not with the Company, such as: Insurance intermediaries, claims adjusters, car service stations, road assistance companies, other insurance companies, clinics, diagnostic centers, the IT Division of the Hellenic Association of Insurance Companies, etc. In any case, we would like to inform you that the Company applies a strict Personal Data Protection Policy for the processing of personal data, which has been communicated to the personnel and insurance agents and its implementation is audited regularly.

3. The legal Basis of the Processing 

The processing of Personal Data / Special Categories of Personal Data, other data and information, collected by the Company, within the framework of its operations and for the above purposes, is based on: 

- the performance of the contract (insurance policy) and the actions required in the pre-contractual stage (i.e. filling in the application form, submission of an offer, etc.) 
- your consent (i.e. in case of processing of special categories of personal data, promotional acts, etc.) 
- the compliance of the Company with its legal obligations, that are enforced by the applicable legislative and regulatory framework (i.e. the private insurance legislation, management of complaints, providing information to public and auditing bodies etc.) and 
- service of its legal interests (i.e. the establishment and exercise of its legal rights, the prevention of insurance fraud, the research on the customer satisfaction level, management of its business functions, the operation of the IT systems, the internal audit procedures, etc).

4. Type of processing

Upon receipt of the filled-in application forms, accompanying documents and any other information received by the Company within the framework of its operations, the Company proceeds, for the aforementioned purposes, to an act or series of acts of personal data processing (with or without the use of automated means), such as, the collection, registration, organization, correction, storage, adjustment, modification, retrieval, search for information, use, erasure, or destruction of data. The Company may use these automated means at the stage of preparation of the application form, i.e. for the estimate of the underwriting risk, determination of fair premiums, etc. Moreover, within the framework of protecting its legitimate interests, the Company often performs quality audits and analysis of the losses, through automated means, for the prevention of fraud. In cases of automated processing, the results arising are always audited by the competent employees or insurance agents of the Company and therefore no decision is taken exclusively based on the automated processing.

5. Time period for the Retention of the Personal Data.

The Company will retain (in hard copy and/or electronic form) and will process your personal data for the entire policy period of your contract. If the insurance policy is terminated for any reason, the Company will retain your data for as long as it is required under the current legislation or up to the time of expiration of any relevant claim with maximum time period twenty (20) years. In case of non-conclusion of an insurance policy, the Company may retain the personal data that you declared in the pre-contractual stage for a time period up to five (5) years after their submission, depending on the applicable data destruction policy. All of the above are valid, provided that no legal dispute is pending for a time period longer than the aforementioned and up to its finalization with an irrevocable judicial decision.

6. Rights of Natural Persons

According to the General Regulation (EU) 2016/679, you retain the following rights: 

- The right of access, namely the right to receive a confirmation from the Company as to whether or not your data are processed and, if so, for which purpose, duration and the name of the recipients.
- The right to correct any deficiencies or inaccuracies in your data.
- The right to erasure ("right to be forgotten") of your data from the folders of the Company, provided that the processing is no longer necessary, according to the purposes mentioned above.
- The right to restrict the processing, in the event of proven inaccuracy of the personal data, etc.
- The right of portability, that is the right to receive your data from the Company in a structured and commonly used format, when this is technically possible, so that you may forward it to another data controller.

You may, at any time, object to the processing of Personal Data / Special Category Personal Data. However, your data may continue to be processed by the Company, as on the one hand the insurance contract may not function without the processing of personal data and on the other hand there may be compelling and legal reasons for such processing or it is necessary for the establishment, exercise or support of legal claims and the fulfillment of its legal obligations. If you object to the processing of your personal data during the pre-contractual stage, then the Company has the right to refuse the conclusion of the contract and retain the insurance application you submitted and its accompanying documents. 

It is noted that in case there are reasonable doubts regarding the identity of the data subject submitting the request, the Company may request the provision of additional information to confirm his identity. 

The above rights are exercised free of charge, by sending a relevant letter or via email to the Data Protection Officer (see paragraph 11 of the present document). In case of request of additional actions and copies, the Company may impose the payment of a reasonable fee for administrative expenses. If you exercise any of your aforementioned rights, the Company will forward every possible measure to respond to your request, the latest within thirty (30) days since its receipt, providing you information on its fulfillment, either for objective and legal purposes that prevent its fulfillment. Upon your notification by the Company, this deadline may extend for a time period of two months, if necessary, taking into account the complexity and the number of the requests.

7. Processing of the Personal Data of Children

For minors under 18 years old that participate in the insurance policy with the capacity of the insured or the beneficiary, the processing of the personal data is lawful, only if and to the extent that the consent (when required) is provided or approved by the person with the parental responsibility of the minor. When the minor fills in the 18th year of age, the consent, (when required) for the processing of the personal data by the Company is provided by the adult itself.

8. Transmission of Data to Third Parties

Your data may be transmitted to any business unit of the Company for the proper and smooth operation of the insurance policy. Your data may be forwarded to third parties (legal entities or natural persons) with which the Company retains policies for your proper compensation, according to the terms of the insurance policy, as well as for the estimate of the claim.
 
A. Transmission of data depending on your insurance scheme. 

Within the context of the proper function of your insurance policy and for the purpose of fulfilling its legal obligations, the Company may, in cases needed, depending on your insurance scheme, transmit data to legal entities and/or natural persons, as indicatively:

- Your Insurance Intermediary and any other insurance agent that acts as an interface for the issuance of your insurance policy.
- Insurance Companies (for the needs of the Amicable Settlement System -SAP)
- In Reinsurance Companies, inside and outside the European Union. 
- In Nursing Facilities, Diagnostic Coordination Centers, Doctors, etc.
- Claims Investigators, Loss Adjusters, International Loss Adjusters, Lawyers, Bailiffs, Notaries etc.
- In providers of Road Assistance Companies, Courier companies, Archive and File Management companies, Telephone Service Providers, Providers of IT system support services and hosting services, computing cloud (cloud providers) etc.
- The IT Division of the Hellenic Association of Insurance Policy Companies, the Information Center and the International Insurance Bureau.
- In Car Service Stations.
- In cooperating Banking Institutions (etc. in case of issuance of credit cards for the insurance product, for payment of claims, etc.).
- In Public and Judicial Authorities, Public Organizations and Supervisory Authorities, based on special legislative provisions with which the Company must comply.
- In subsidiaries of the Company.

However, the legal entities and/or natural persons will process your personal data exclusively for the purpose of the provision of services to the Company, acting as data controllers/ joint controllers and having been bound in writing to confidentiality, protection of personal data and information security.

In every transmission, the Company shall take all necessary measures, so that the data transmitted will always be the minimum required and shall ensure that all requirements for legal and appropriate processing are met.

B. Transfer of data outside the EU.

The Company does not transmit your personal data to third countries outside the EU.

In the event that transmission to third countries outside the EU is deemed necessary. The Company will carry out this transmission in order to fulfill its above-mentioned purposes and legal bases and if one of the following conditions is met at the same time:

1.According to a decision of the European Commission, an adequate level of protection of personal data is ensured by the third country, by territory or by one or more specific sectors in said third country,
2.If there is no decision according to the immediately preceding paragraph:

the Company has provided appropriate guarantees for the transfer of personal data to third countries, in accordance with the provisions of Article 46 of the GDPR, or
you have given your explicit consent to this, or
the transmission is necessary for important reasons of public interest, i.e. for the establishment, exercise or support of rights and/or legal claims of the Company, or
the transmission is necessary for the establishment, exercise or support of rights and/or legal claims of the Company.

9. Processing of Personal Data for commercial or research purposes

The Company may process the personal data that are submitted by you, (i.e. telephone number, email, etc.), only upon your discrete consent and in every case for the following purposes:

- To receive, according to the method of your preference, updates on new offers of products or services throughout your policy period and up to 36 months after its expiry. In case of non-conclusion of the insurance policy, the Company will keep your personal data based on your consent for 12 months.
- To receive updates for the promotion of products or the services of the Company or its subsidiaries.
- To perform customer satisfaction surveys for products and services that are provided by the Company and for your insurance intermediary.

Moreover, for the achievement of this purpose, your data may be transferred to cooperating companies for market research and promotional acts. 
 
You may modify and/or revoke at any time, ) your consent on the collection and use of your Personal Data for this purpose in writing or via the Customer Service Department (tel.: +30 210-8119670, email helpcustomer@europisti.gr.

10. Data Security

The security of your personal data is extremely important to us and for this reason we take and implement all appropriate organizational and technical measures to ensure that the data we collect are adequately protected and processed in accordance with the requirements of the applicable legislation. The Company has adopted Information Security Policies and Procedures for the protection of your personal data. The adopted Information Security Policy consists of a set of rules that determine the way with which the Company administers and protects its Information Assets. These rules determine the role of any person involved with the Company, its competences, responsibilities and duties.

The Primary Objectives of the Security Policy are:

- The assurance of the confidentiality, availability and integrity of the information of the Company.
- The assurance of the rights of the natural persons that cooperate with the Company of the employees and the insurance agents.
- The immediate detection of Information Security risks and their effective management.
- The immediate management of the Information Security incidents
- The assurance of the proper function of the information assets
- The constant improvement of the level of Information Security
- The satisfaction of the regulatory and legislative requirements
- The increase in the degree of awareness of the personnel for possible risks that could threaten the Information Security and the constant update of the best practices that must be implemented for their minimization.

The entire text of the Information Security Policy can be found here.

11. How to file a Complaint

For any matter pertinent to the processing of Personal Data, you may contact the Data Protection Officer (DPO) of the Company at +30 210-8119670, or in the email address dpo@europisti.gr). Moreover, you always maintain the right to contact the Hellenic Data Protection Authority (1-3 Kifisias Avenue, P.C. Postal Code 115 23, Athens, tel. +30 210-6475600, e-mail at contact@dpa.gr), that receives relevant complaints. For further information please visit the link https://www.dpa.gr/en/individuals/complaint-to-the-hellenic-dpa.

You always maintain the right to appeal to the Greek Courts.

Read here for information on the rules governing the international transfer of personal data between Allianz Group Companies operating within the European Economic Area (EEA) and Allianz Group Companies operating outside this area.

Last update: June 2023