Privacy Policy 

Trust International Insurance Company (Cyprus) Limited Data Protection Policy

Trust International Insurance Company (Cyprus) Limited («Trust Cyprus», «we», «us», «our») is a limited liability company with shares, with registration number HE 42182, and has its registered office at 284 Archiepiskopou Makariou III, 3105 Limassol, Cyprus. However, its main operations are conducted at the premises located in Nicosia, specifically at 79 Limassol Avenue, 1&3 Kosti Palama Corner, 2121 Aglantzia.

Being a member of a diversified international business group operating across more than 20 countries in North America, Europe, Africa, Middle East and Asia Pacific, Trust Cyprus is active in the General Sector of Insurance in Cyprus since 2009 offering a full range of personal and corporate insurance products.

THE PURPOSE OF THIS DOCUMENT

Trust Cyprus is committed to protecting the privacy and security of the personal information of its clients, potential clients, insurance policy holders, authorised parties, vendors, business associates, third party claimants, third parties (non-claimants) and guarantors (the «data subjects», «you»).

This data protection policy describes how we collect and use personal information about you during and after the contractual, commercial or any other relationship you have with us, in accordance with the General Data Protection Regulation («GDPR»), any national implementing laws, regulations and secondary legislation.

Trust Cyprus is a «data controller». This means that we are responsible for deciding how we hold and use personal information about you. In compliance with data protection legislation, we are providing you with the information outlined in this data protection policy.

This data protection policy applies to current and former clients, potential clients, insurance policy holders, authorised parties, vendors, business associates, third party claimants, third parties (non-claimants) and guarantors. We may update this data protection policy at any time.

It is important that you carefully go through and review this data protection policy, along with any other data protection policy or notice we may provide on specific occasions when collecting or processing personal information about you, in order for you to be informed on how and why we are using such information.

DATA PROTECTION PRINCIPLES

In accordance with data protection legislation the personal information we hold about you must be:

  1. Used lawfully, fairly and in a transparent manner.
  2. Collected only for legitimate purposes, as detailed herein below, and not used in any way that is incompatible with those purposes.
  3. Relevant and necessary for the purposes for which we collect this information and limited only to those purposes.
  4. Accurate and kept up to date.
  5. Kept only as long as necessary for the purposes detailed herein below.
  6. Kept securely.

CATEGORIES OF PERSONAL INFORMATION WE HOLD ABOUT YOU

Personal data, or personal information, refers to any information about an individual through which that person can be identified. This does not include data through which the identity cannot be determined (anonymous data).

We will collect, store, and process the following categories of personal information about you, ensuring appropriate access levels to the competent department and personnel:

Contact Information: Name, Surname, Email, Address, Telephone Number, Fax

Other Information: Age, Marital Status, Gender, Date of Birth, Occupation, Country of Residence, Vehicle Registration Number, Telephone Recordings, Nationality

Identification Information: ID, Passport Number, Driving License Details (i.e. Number, License Category, etc.) Photograph, Signature Specimen, Social Insurance Number, National Tax ID

Insurance Policy related Information: Policy and claim identifiers, insured items, travel plans, date and cause of event relevant to the insurance claim (traffic accident, fire, theft etc.), previous insurance claims (prior disputes, prior accidents, traffic records etc.), valuation report

Financial and Credit Information: Bank Account Number and IBAN Certificate, Assets (movable and immovable), Income/Gross Earnings, Fees for Services, Financial Turnover Credit Reference information and Credit Score

We will hold certain sensitive personal information about you, specifically:

Medical Information and Health Condition: health (physical and mental) status, current and previous injuries, disabilities, medical diagnoses, medical and medicinal treatments, unhealthy personal habits that may expose you to increased health risks (such as alcohol consumption or smoking) and any other information related to medical history

Other Sensitive Information: certificate of clean criminal record where necessary, pending criminal or civil litigation against you, history of bankruptcy, Police Reports and Governmental Authorities Reports and any other reports, such as accident reports

CHILDREN’S DATA

We understand the importance of protecting children’s privacy. We may collect personal data in relation to children provided that we have first obtained their parents’ or legal guardian’s consent or unless otherwise provided by law. Our website is not designed for use by children nor do we provide any online services to children. For the purposes of this privacy policy, “children” refer to individuals under the age of sixteen (16).

HOW IS YOUR PERSONAL INFORMATION COLLECTED

We collect personal information about the data subjects:

  1. Directly from you during:
    a. Completion of insurance policy forms for quotation in hard copy, electronically, by phone, online via our website
    b. Completion of insurance policy proposal forms in hard copy, electronically, by phone, online via our website
    c. Submission of a claim as an insured or as a third party (directly or via authorised legal representatives)
    d. Submission of a complaint in relation to insurance policy
    e. Submission of general queries in hard copy, electronically, by phone, online via our website
  1. Through other sources:
    a. Our vendors/service providers (e.g. Road Assistance companies, accident care, home assistance, travel assistance, Garages)
    b. Insurance Agents/Consultants/Brokers
    c. The insured and/or policy holder (in cases you are a named driver, or employee under an employer’s liability insurance or next of kin or a beneficiary under a public liability insurance etc.)
    d. Third Party Insurance Companies
    e. Authorised legal representatives
    f. Publicly available sources e.g. Department of Registrar of Companies and Intellectual Property, Road Transport Department, Press and Media, Internet
    g. Authorised Representatives e.g. Family Members, Financial Institutions, Doctors and other medical service providers
    h. Liaison Officers (Group Medical Policies)
    i. Credit Reference Agencies & Credit Bureaus
    j. In the event of a claim, other parties involved, witnesses, medical professionals, assessors, loss adjusters, other experts.
    k. Police and other Governmental Authorities which are responsible in preparing relevant reports, such as accident reports

HOW AND FOR WHAT PURPOSES WE WILL USE INFORMATION ABOUT YOU

We will only use personal information about you as permitted by law. Most commonly, we will use personal information about you in the following circumstances:

  1. Where it is necessary for the performance of the contract we have entered into with you.
    a. Provide insurance and other assistance services, including quotations, risk and claim assessment, credit control, and engage with you in settlement negotiations and/or dispute resolution
    b. Communicate with you in relation to any queries/complaints with respect to your insurance policy
    c. Manage our internal business operations in relation to finance and accounting, billing, recovery and collection of debts, records management and auditing
    d. Perform any other type of contract with non-policy holders (e.g. insurance brokers/ agents, third party vendors etc.)
    e. Make payments in relation to claims, premiums, invoices, etc.
    f. Make collections in relation to your premiums
    g. Verification and/or Update of Identity and/or contact details via usual communication channels
  1. Where we need to comply with a legal obligation.
    a. Keep necessary data to comply with Tax, Anti-Money Laundering and Insurance Laws (including applicable laws outside your country of residence).
    b. Comply with court orders
    c. Comply with requests from Supervisory Authorities
  1. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override these interests.
    a. Records Management
    b. Claims assessment, settlement and dispute resolution, either with you or with third-party claimants (i.e. parties that are not insured with us and have a claim against our insured)
    c. Improve the quality of our services (for this purpose we record and monitor our phone calls)
    d. Provision of Training to our insurance brokers/agents, which necessitates the processing of their data.
    e. Establish, enforce and defend legal rights to protect our business operations
    f. Payment reminders when you are in arrears
    g. Identify, prevent and investigate fraud and other unlawful activities, unauthorised transactions, claims and other liabilities, and manage risk exposure and quality
    h. Safeguard the security of our people, premises and assets and prevent trespassing, through video surveillance
    i. Manage our infrastructure, business operations and comply with internal policies and procedures
    j. Modify, personalise or otherwise improve our services/communications
    k. Defend, investigate or forward legal claims
    l. Receive professional advice (e.g. tax or legal advice)
    m. Perform data analytics (such as market research, trend analysis, financial analysis and customer segmentation)
    n. Enhance the security of our network and information systems
    o. Register relevant legal charges over your assets in case you are classified as bad debtor
  1. Where we have obtained your consent.
    a. Direct Marketing
    b. Where you have provided sensitive personal information in order for us to provide insurance and other assistance services, including quotations, risk and claim assessment, credit control, and engage with you in settlement negotiations and/or dispute resolution.
  1. Where we need to process your personal data in order to protect your vital interests or those of another person.
    a. We will only process your personal data on this basis in very rare circumstances, such as where you or a third person is physically or legally incapable of giving consent and only provided that your life, or a third person’s life, is in jeopardy.
If you fail to provide personal information

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you and for instance we may not be able to satisfy your claim, or we may be prevented from complying with our legal obligations or otherwise not be able to enter into or carry out any contractual relationship with you.

Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

HOW WE USE PARTICULARLY SENSITIVE PERSONAL INFORMATION

«Special categories» of particularly sensitive personal information require a higher level of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy and safeguards which we are required by law to maintain when processing such data. We may process special categories of personal information in the following circumstances:

  1. With your explicit written consent where you have provided sensitive personal information in order for us to provide insurance and other assistance services, including quotations, risk and claim assessment, credit control, and engage with you in settlement negotiations and/or dispute resolution.
  2. We may process this type of information where it is needed in relation to any legal claims against us during civil or administrative court proceedings or during out-of-court settlement negotiations.
  3. Where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent.
  4. For reasons of substantial public interest, such as investigating fraudulent claims and commitment of fraud.

INFORMATION ABOUT CRIMINAL CONVICTIONS

Our Marketing Department may use your personal information to communicate via direct marketing channels and update you about our services that we feel you may be interested in. Our direct marketing channels involve: telephone calls, SMS, email, postal mail, or display advertising that you may view on our website, third party websites or social media.

In particular this is done:

  1. When recruiting insurance intermediaries, in accordance with the relevant legislation
  2. For a client assessment in terms of insurance, if and when this is deemed necessary

DIRECT MARKETING

Our Marketing Department may use your personal information to communicate via direct marketing channels and update you about our services that we feel you may be interested. Our direct marketing channels involve: telephone calls, SMS, email, post or display advertising that you may see on our website, third party websites or social media.

In many occasions we will seek your prior consent, either when requesting an insurance quotation from us or when entering into an insurance-related contract with us, in order to allow us to communicate with you in order to promote our services and send you offers that we think you might be interested in based on the information we hold about you. When consent is required and obtained, then in every direct marketing communication you will always be given the right to ‘opt out’ of receiving future direct marketing information via unsubscribe links in emails or stop instructions in text messages, or you can choose to ‘opt-out’ by contacting us directly.

Moreover, and only with your consent, we may share your personal information with our group companies or third-party partners for their own marketing purposes. In case you no longer wish for your personal information to be shared within our group or with our business partners, you may ‘opt-out’ by contacting us.

Any requests to unsubscribe, stop instructions, or general ‘opt-outs’ will be handled within a reasonable time.

It must be noted that even if you choose to ‘opt-out’ of receiving direct marketing communications from us, we may still communicate with you regarding information ancillary to the insurance service we are providing to you.

AUTOMATED DECISION-MAKING

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are using automated decision-making in the following circumstances:

  1. Where it is necessary to perform the contract with you and appropriate measures are in place to safeguard your rights, in particular when we offer quotations or when you are in arrears with your obligations and our internal debt recovery system will proceed with sending you warning letters.
  2. In limited occasions, with your explicit written consent and when appropriate measures are in place to safeguard your rights.


In order to make an automated decision on the basis of any particularly sensitive personal information, we must first ensure that we have obtained your explicit written consent or that the decision is taken for the public interest, and in addition to this that we have put in place the appropriate measures to safeguard your rights.

You will not be subjected to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis to do so and we have informed you accordingly.

In such cases, you have the right to contact us and request:

(a) to provide you with information about the processing of your personal data (please refer to the section below regarding your rights); and/or

(b) that one of our employees review your application and provide you with an explanation for the automated decision made. You also have the right to challenge such a decision. Upon receiving such a request, we will reassess your application, taking into consideration, both the reasoning behind the automated decision and your perspective.

DATA SHARING

We may have to share your data with third parties, including third-party service providers and other entities in the business group we belong to as a company.

We require third parties to respect the security of your data and to treat them in accordance with the law.

We may transfer your personal information outside the EEA. Please refer to the section “Transferring information outside the EU” below to review the instances in which we proceed to such action.

If we do, you can expect a similar degree of protection with respect to your personal information through contractual arrangements for the adherence to confidentiality and data protection ensuring that third parties comply with data protection law and the GDPR.

Why might you share my personal information with third parties?

We will share your personal information with third parties when required by law, when necessary for administering the commercial relationship with you or when we have any other legitimate interest in doing so.

Which third-party service providers process my personal information?

«Third parties» includes third-party service providers and other entities within the group we belong to.

The following third-party service providers process personal information about you so that we perform our obligations or when we are legally required to do so, or when we are authorized under our contractual and statutory obligations:

  1. Roadside Assistance
  2. Garages and Automobile Repair and Maintenance Stations
  3. Car hire companies
  4. Reinsurance companies/ reinsurance brokers that may reside outside the EEA
  5. Insurance companies
  6. Insurance agents/brokers and representatives
  7. Foreign insurance agents
  8. Risk surveyors/loss adjusters/valuators
  9. Your legal representatives
  10. Lawyers in Cyprus and abroad
  11. Government Agencies & Bodies & Supervisory Authorities (e.g. Road Transport Department, Police, Superintendent of Insurance)
  12. Liaison officers (group medical policies)
  13. Financial institutions
  14. Doctors and other medical service providers
  15. Auditors
  16. Intra group IT team
  17. Payment assistance providers (e.g. JCC)
  18. File storage/archiving companies and record management companies and cloud storage companies
  19. Credit Reference Agencies & Credit Bureaus
  20. Motor Insurance Fund (MIF)
  21. Cyprus Hire and Rejected Risks Pool
  22. Accident care and assistance service providers (i.e. in relation to motor, home, travel, medical)
  23. Data backup companies
  24. Software Service providers we have chosen to support us in the effective provision of our products and services to you by offering technological expertise, solutions and support
How secure is my information with third-party service providers?

All our third-party service providers and all other third-party entities, other than those to whom we are required under the law to disclose your personal information, are required to take appropriate security measures to protect your personal information in line with our policies and relevant contractual data sharing obligations. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions as per the GDPR.

When might you share my personal information with other entities in the group?

We will share your personal information with other entities in the group we belong to, for:

1. Reinsurance purposes/arrangements
2. IT technical development

What about other third parties?

We may share your personal information with other third parties, for example in the context of a possible sale or restructuring of the business. We may also be required to share your personal information with a supervisory regulatory authority or in any other case in order to be in compliance with the law.

Transferring information outside the EU

We may transfer the personal information we collect about you to countries outside the EU in order to perform our contract with you, protect our legitimate interests or those of third parties and in particular share them with:

(a) Reinsurance companies / reinsurance brokers
(b) Foreign insurance companies/agents
(c) Foreign lawyers
(d) File storage/archiving companies and record management companies
(e) Accident care and assistance service providers (i.e. in relation to motor, home, travel, medical)
(f) Government Agencies & Bodies
(g) Risk surveyors/loss adjusters/valuators
(h) Doctors and other medical service providers
(i) Internal group IT service providers

Where there is not an adequacy decision by the European Commission regarding the secure transmission of personal data to a specific country outside the EU, which means that your personal information is not deemed to have an adequate level of protection in that country, we ensure that your personal information does receive an adequate level of protection by implementing appropriate measures, such as Standard Contractual Clauses or Binding Corporate Rules, in order to safeguard that your personal information is treated by the named third parties in a way that is consistent with and respectful of EU and Cyprus laws on data protection.

DATA RETENTION

How long will you use my information for?

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Where our contractual relationship is terminated, we will retain your personal information until at least all related limitation periods have elapsed, in order to safeguard our interests from any potential legal claims that may arise within these periods. However, we may keep them for a longer period if deemed necessary.

It is noted that when you provide any personal information for the purposes of obtaining an insurance policy quotation and a contract has not been concluded for any reason whatsoever, then we will keep your personal information for a period of 12 months after the collection of your data, unless you have provided consent for keeping your data for direct marketing purposes. In such a case, we will only retain your contact details.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you. In such cases, we may use this information without further obligation to adhere to our data protection policy. Once you are no longer in a commercial relationship with us, we will securely destroy your personal information in accordance with our data retention and destruction policy.

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and updated. Please keep us informed if your personal information changes during your business relationship with us.

Your rights in connection with personal information

Subject to certain legal conditions, you have the right to:

  • Request access to your personal information (commonly known as the «right of access by the data subject»). This enables you to receive a copy of the personal information we hold about you and check that we are lawfully processing it.
  • Request rectification of the personal information we hold about you. This enables you to have any incomplete or inaccurate information we hold about you rectified.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Objectto processing of your personal information in cases we are conducting processing based on legitimate interests of ours (or those of a third party) and you possess legitimate interests or fundamental rights and freedoms that override the first and therefore justify your objection to processing on this ground. You also have the right to object to processing for direct marketing purposes.
 

It is noted that, in accordance with the legislation in force, your right to request for the erasure of your personal data or to object to the processing of your personal data by Trust Cyprus is not applicable or may be limited in the following instances where the processing of the data is carried out for the purpose of:

a) establishing, exercising or supporting legal claims, and
b) fulfilling a legal obligation that necessitates the processing based on Cyprus or European Law, to which Trust Cyprus is subject.

  • Request the restriction of processing your personal information. This enables you to ask us to suspend the processing of personal information about you, if and when you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.
 

If you want to review, verify, rectify or request erasure of your personal information, or to object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact dpo@trustcyprusinsurance.com. dpo@trustcyprusinsurance.com.

No fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to respond to the request in such circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This constitutes a security measure appropriate to prevent the disclosure of personal information to unauthorized individuals.

RIGHT TO WITHDRAW CONSENT

If you have provided your consent for the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact dpo@trustcyprusinsurance.com. Upon receiving notification of your withdrawal of consent, we will cease processing your information for the purpose or purposes you originally agreed to, unless we have any other legitimate basis for doing so in accordance with the law. It is also noted that any processing based on consent carried out prior to the withdrawal will remain lawful.

In some occasions, withdrawing or not providing your consent may impact our ability to continue performing an insurance policy, especially those requiring the disclosure of sensitive personal information (e.g. medical insurance policies), or the processing of claims if you are a third-party claimant, given that your consent may be inextricably linked with the provision of insurance services.

DATA PROTECTION OFFICER

Έχουμε ορίσει έναν υπεύθυνο προστασίας δεδομένων για να επιβλέπει τη συμμόρφωση της παρούσας πολιτικής προστασίας δεδομένων. Σε περίπτωση που έχετε οποιεσδήποτε ερωτήσεις σχετικά με την παρούσα πολιτική προστασίας δεδομένων ή τον τρόπο με τον οποίο χειριζόμαστε τις προσωπικές σας πληροφορίες, παρακαλείστε όπως επικοινωνήσετε με τον υπεύθυνο προστασίας δεδομένων:

Kostas Anastasiades | Data Protection Officer

T: 22050240

Ε: dpo@trustcyprusinsurance.com

You have the right to lodge a complaint at any time with the Office of the Commissioner for Personal Data Protection, the supervisory authority in the Republic of Cyprus for data protection issues.

Kypranoros 15, Nicosia 1061, Cyprus
Tel.: +357 22 818 456
Fax: +357 22 304565
E-mail: commissioner@dataprotection.gov.cy

CHANGES TO THIS DATA PROTECTION POLICY

We reserve the right to update this data protection policy at any time, and we will provide you with a new version of the policy when we make any substantial updates. Additionally, we may notify you through other means from time to time regarding the processing of your personal information.

If you have any questions about this data protection policy, please contact our DPO.
Head Office
LIMASSOL
LARNACA
PARALIMNI
PAPHOS
Road Side Assistance Accident Care

Road Side Assistance
Accident Care

Windshield / Window Repair

Emergency Health Issues

Emergency
Health Issues

Technical Support for Home / Business

Emergency Hospitalization Abroad

Emergency
Hospitalization Abroad

Contact Form