25η Μαΐου 2018
AKATERINI GOUSIOU – ZOI GOUSIOU O.E.
Con. Karamanli174 & 42 Riga Feraou, P.O. 542 48, Thessaloniki
ΑΦΜ: 099410769, ΔΟΥ: Ζ’ ΘΕΣΣΑΛΟΝΙΚΗΣ
You have certain rights in relation to your data, including the right to object to processing where the lawful basis for processing is based on legitimate interests, profiling and direct marketing. You can exercise your rights at any time by using the online application or by sending us an email to dpo@insurance-shop.gr.
Please read the full text of the company’s Privacy Policy below.
This Privacy Policy (which is also referred to as the “Privacy Policy”) constitutes the confidentiality statement of the company named AIKATERINI GOUSIOU – ZOI GOUSIOU O.E., with headquarters at the address Kon. 174 Karamanli & 42 Riga Feraou, P.O. 542 48, Thessaloniki, VAT number: 099410769, DOU: G’ THESSALONIKIS, hereinafter “COMPANY”.
Contact the company
Place of communication with the COMPANY, for any purpose, is the central store of the COMPANY’s headquarters and/or e-mail address customercare@gousiou.gr.
Field of application
This information is addressed to natural persons who visit our website(s) or carry out any transaction with the COMPANY, such as indicatively: to customers who maintain a permanent relationship of cooperation with the COMPANY or passing and/or prospective customers, to the legal representatives as the case may be and/ and their representatives as well as to their special or universal successors, to representatives of legal entities, to suppliers and their representatives and in general to any natural person who in any capacity has transactions or communicates with the COMPANY.
This Privacy Policy provides information regarding the collection, use, sharing and processing of your personal information by the COMPANY, its affiliates and its partners, in connection with the use of the COMPANY website(s), electronic applications for PC and mobile devices, social media pages linked to this Privacy Policy, any interactions you have with the COMPANY, such as during personal meetings or at COMPANY events or in the context of other sales activities and marketing.
This Privacy Policy is intended for your information regarding the processing of your personal data by the COMPANY and your rights as a subject of the processing. It also describes the choices we give you to access, update or control your personal data and explains the choices you have in relation to these processing activities.
The processing of personal data consists of the collection, registration, organization, structure, storage, alteration, retrieval, information search, use, transmission, restriction or deletion of personal data that have come or will come to the knowledge of the COMPANY, either in the context of any kind of relationship you have with it, or in the context of information received by the COMPANY from a third natural or legal person or public sector body in the exercise of your or the COMPANY’s legal right.
When you visit our website(s), you may connect to non-COMPANY websites, services, social networks, applications or other features. Activating these functions will lead to other parts of the internet, where the COMPANY has no control over the features of those other parts. We encourage you to review the privacy policies of those parties before using these features.
Who is responsible for data processing?
The COMPANY acts as a “Processor” and in some cases as a “Processor” of personal data based on the General Data Protection Regulation (EU) 2016/679, hereinafter the “GDPR”, of the European Parliament and the Council of April 27, 2016 for the protection of natural persons with regard to the processing of personal data and the free circulation of such data and the repeal of Directive 95/46/EC.
What personal data do we process and where do we collect it from?
The COMPANY processes your personal data provided by you and derived from the relationship between us, such as: during personal meetings, interviews, your participation in events, conferences, workshops or meetings, data that you have submitted or are about to to be submitted by you or your legal representatives, necessary for the initiation, maintenance and execution of all your transactions with the COMPANY, existing or future, depending on the product or service provided and its procedures and policies in force at any given time.
Your personal data that you provide to the COMPANY must be complete and accurate and updated with your own diligence immediately, in any case of change or whenever deemed necessary by the COMPANY to maintain our relations or to fulfill an obligation of the COMPANY arising from the law and the regulations in force at any given time.
The COMPANY also processes your personal data that it receives or becomes aware of from a third natural or legal person or public body and which is necessary either to achieve the legitimate interests of the COMPANY itself or a third party, or for the fulfillment of duties of those performed in the public interest (e.g. Tax and Insurance bodies).
The COMPANY may also process your personal data which it collects from third-party publicly accessible sources (e.g. General Secretariat of Information Systems, Mortgage Registries or Land Registry, Commercial Registers, internet) if this data is necessary for the purposes of the processing.
In order to conclude an insurance contract, in accordance with current insurance legislation, it is necessary to complete the “Customer Needs Form” and the “Insurance Application”, where the COMPANY collects and processes the following personal data as a minimum: First name, patronymic, identity/passport or other official identification document, permanent place of residence, residential address, mailing address, business information and work address, financial information (e.g. tax clearance note), tax residence, tax registration number, telephone (landline or/ and mobile), as well as a sample signature (physical or electronic).
In some cases, you may be asked for additional information (e.g. professional ID or status ID) if this information is a condition for starting or maintaining a specific service provided. Depending on the product or service provided by the COMPANY, the COMPANY may additionally collect and process the following data as indicative and not limiting: financial data (e.g. tax returns, tax returns, ENFIA), valuation of assets, in particular for the insurance of assets, collateral property data, insurance contracts as well as additional information in the context of the implementation of the currently applicable provisions and obligations of the COMPANY.
Any objection by you to the provision or processing of your personal data may lead to the impossibility of starting or continuing your cooperation with the COMPANY (e.g. the refusal to process and use the electronic address makes it impossible to use or continue to provide the of our services through the COMPANY website, refusal to process and use the mobile phone number makes it impossible to provide your information service via short SMS messages, for matters that directly concern you, refusal to value assets makes it impossible to fully insure the asset and possibly reject the insurance application).
Why and how we use your personal information
We use your personal data for the following purposes:
When communicating to answer your requests and questions to the COMPANY
If you contact us (such as submitting a contact request on our website(s), participating in COMPANY events or otherwise, sending an email, by phone, visiting social network platforms), we process information about you to contact you and respond to your requests.
We may also process personal information to interact with you through social networks.
For functionality of our websites and for their technical and operational management.
When you choose to register for a service through our website(s), we need to process the personal information you provide in order to create and manage a personal account for you. This personal information allows us to manage your account, for example changing your password or correcting personal information.
For the conclusion and management of insurance contracts.
If you ask us to mediate your insurance, we process information about you for the conclusion and administration of the insurance policy, including the renewal process.
To promote our products and services and tailor our marketing and sales activities to your interests.
COMPANY may use information about you to inform you of new product releases and service developments, events, notices, updates, prices, terms, special offers and related campaigns and promotions (including newsletters).
COMPANY may also use personal information to inform its partners, distributors, or resellers about products or services that you have expressed interest in.
If you attend one of our events, COMPANY must process information collected in connection with the event and share information about your participation in it.
COMPANY may also allow designated event partners or conference sponsors to send you up to two communications regarding your participation in the event.
Please note that our partners or conference sponsors may directly request information about you in their conference rooms or presentations, and their use of the information you provide to them will be subject to their own privacy policies.
We may also process your personal information to publish your opinion about our services on our website(s), but only after we have obtained your positive consent for this purpose.
For our dealings with customers, suppliers and partners who process orders for COMPANY products and services.
If you request any of our products or services, or if you provide products or services to COMPANY, our employees, customers or partners as a supplier or business partner, COMPANY processes information about you to engage and manage related transactions such as invoices and payments, or providing help and assistance to complete the order.
To analyze, develop, improve and optimize the use, operation and performance of our website(s), products and services.
We may process personal information in order to analyse, develop, improve and optimize the use, operation and performance of our websites, products and services and marketing and sales campaigns.
In the event that our website(s) allow you to participate in interactive discussions, create profiles, post comments, opportunities or other content or communicate directly with another user or participate in networking activities, COMPANY may process personal data by the control of these activities.
To manage the security of our website(s), networks and systems.
We may collect and process data about the use of our website(s) in order to ensure the security of our websites, networks and systems or to investigate and prevent potential fraud, including ad fraud and cyber-attacks.
To comply with applicable laws and regulations and for the proper operation of our business.
In some cases, we need to process personal information to comply with applicable laws and regulations. For example, to respond to a request from a regulatory authority or to defend a legal claim.
We may also process personal information to monitor the performance and operation of our business, such as to carry out internal audits and investigations or for financial and accounting record-keeping and insurance purposes.
Processing of special categories of personal data
Depending on the type of insurance contract intended and the requirements of the respective insurance COMPANY, mainly for life and healthcare insurance, personal health data, genetic or biometric data and in some cases sex life and sexual orientation data may be requested. These data will be used for the purpose of communication, risk assessment, premium calculation and the drawing up of the insurance contract.
In addition to the above and exclusively for the stated purpose, the COMPANY does not process personal data unless:
You have expressly consented to this for a specific purpose.
This data has been disclosed to the COMPANY by you or a third natural or legal person in the context of documenting and safeguarding the legal interests of you and/or the COMPANY as data controller (e.g. information about the subject’s position in legal aid).
The processing is necessary to protect the vital interests of you or another natural person.
The data has obviously been made public by you.
The processing is necessary for the establishment, exercise or support of both your own legal claims and the COMPANY as controller.
Processing is necessary for reasons of substantial public interest such as the investigation of a criminal offense under the Law on the Prevention and Suppression of Money Laundering and the Financing of Terrorism.
The COMPANY has in any case taken all reasonable technical and organizational measures for the safe keeping and processing of your personal data belonging to the above special categories.
Data relating to minors
All our services are aimed at adults. COMPANY is focused on serving the needs of businesses, our websites are not directed to minors and COMPANY does not promote or market its services to minors.
In insurance policies where minor children are insured, or in insurance policies where minors are registered as beneficiaries of the insurance, this is done exclusively with the decision and consent of the parents or those exercising parental care, or as defined by law. Persons under the age of 18 are considered minors.
If you believe that we have incorrectly or inadvertently collected personal information from a minor without proper consent, please let us know so that we can promptly delete that information and make any other necessary corrections.
How we secure your personal data
The COMPANY, in compliance with the current legislative framework, has taken all the necessary actions, applying reasonable technical and organizational measures for the legal observance, processing and safe keeping of the personal data file, committing to ensure and protect in every way the processing of your personal data from loss or leakage, alteration, transmission or in any other way improperly processing it.
What is the legal basis for processing your personal data
The COMPANY legally processes personal data as long as the processing a) is necessary for the service, support and monitoring of your transactions with the COMPANY and the proper execution of the contracts between us and the insurance mediation, b) it is necessary for the COMPANY to comply with its legal obligation or to pursue its legal interests arising from your relations with the COMPANY or from its other rights arising from the law, c) it is necessary for the fulfillment of its duty which is carried out in the public interest within the framework of the applicable legislative and regulatory framework and d) is based on your prior express consent, as long as the processing is not based on any of the aforementioned legal processing bases.
Particularly:
In order to communicate with you and respond adequately to your requests, we need to process information about you and therefore have a legal obligation to process this information.
To service, support and monitor transactions with customers, suppliers and partners and to fulfill your orders for purchases of our products and services, we must process information about you as necessary to enter into or perform a contract with us.
We process personal information for marketing and sales activities based on your consent, where this is stated at the time your personal information was collected, or in parallel with our legitimate interest to promote our products and services.
We rely on our legal obligation to analyze, develop, improve and optimize our website(s), products and services and to maintain the security of our website(s), networks and systems.
We process personal information when the processing is necessary for the fulfillment of a duty of the COMPANY which is carried out in the public interest within the framework of the applicable statutory and regulatory framework, such as complying with a subpoena or other legal process or serving requests to withdraw your consent, which submit to COMPANY.
We process personal information during your visit to the COMPANY’s premises, as long as we have your positive consent.
Withdrawal of consent
You have the right to withdraw your consent in writing at any time, where it is required and has been given, without prejudice to the legality of the processing based on it, up to and including the day of its withdrawal. The withdrawal of your consent can be submitted in writing to the main store of the COMPANY’s headquarters or to the electronic address mentioned under the heading “Contacting the company”.
Processing purposes
The processing of your personal data concerns:
The service, support and monitoring of your relations with the COMPANY, the correct execution of the contracts between us, the examination of requests for the provision of products and services of the COMPANY, the fulfillment of the obligations of the COMPANY as the responsible or performing the processing and the exercise of the legal and contractual rights.
Carrying out checks provided for by the current legislative and regulatory framework.
The registration, recording and archiving of all your orders to the COMPANY which are granted either in writing, electronically or by telephone, for the drawing up of contracts, insurance mediation, the provision of information, communication and our active assistance in matters of compensation or providing advice and services.
The upgrading of the products and services provided by the COMPANY and the promotion of the products and services of the COMPANY and the companies collaborating with the COMPANY, subject to your prior consent.
The satisfaction of all kinds of requests addressed to the COMPANY or the examination of your complaints regarding the products and services offered by the COMPANY.
The fulfillment of legal obligations of the COMPANY arising from the applicable legislative and regulatory framework (e.g. legislation on the prevention and suppression of money laundering and the fight against terrorism, tax and insurance provisions).
The defense of the COMPANY’s legal interests, which are indicatively consistent with: a) the assertion of its legal claims before the competent judicial authorities or other out-of-court or alternative dispute resolution bodies, b) the prevention of fraud and other criminally prosecuted acts, c) the evaluation and optimization of security procedures and information systems, d) the management of operational and/or credit risks of the COMPANY, e) the physical security and protection of persons and property (e.g. video surveillance).
In particular for insurance contracts, after completing the “Customer Needs Form” and the “Insurance Application”, the information is entered into our IT systems and is subject to both paper and electronic processing. In this way we are given the possibility to make decisions regarding your insurance legally, safely and accurately.
With reference to the occurrence of the insurance event and the request for compensation, a physical and electronic damage file is opened, in order to monitor the actions of the insurance company and your requests for the settlement of the damage.
During your visit to the COMPANY’s premises, the recording, video recording, processing and storage of your data relating to the determination of your identity and the time of your stay in the COMPANY’s premises is done to satisfy the exclusive purpose of the safety and protection of both persons located in the COMPANY’s facilities (e.g. employees, visitors) as well as the COMPANY’s equipment in general (indicative of building, electronic, etc.).
Automated decision making and profiling
The COMPANY does not make decisions based solely on automated personal data processing procedures.
However, it may legally take such decisions, including profiling, for the purposes of monitoring and preventing fraud against the COMPANY or a third party as well as for the assurance and reliability of the services provided by the COMPANY (e.g. insurance & investment services and products) or if such processing is necessary for the conclusion or performance of a contract, which is based on personal data obtained directly from you or from a search in the database of public bodies.
Data retention time
The information we collect for the conclusion of contracts with our customers, suppliers and partners will be kept for the entire duration of the transaction or periods of service provision and for as long as provided for in each case, by the applicable legislative and regulatory framework and in any case for a period of twenty (20) years from the last calendar day of the year of the end of your respective transaction with the COMPANY.
In the event that any request for your cooperation with the COMPANY is not accepted and the drawing up of a contract is not completed, the data will be kept for a period of five (5) years.
In the event of a legal dispute, your personal data will be kept in any case until the end of the pending litigation, even if the above period of twenty (20) years is exceeded.
If you have registered in the members area of our website(s), COMPANY will retain your account information for as long as you maintain an active account. Your accounts and account information will be deleted if you do not log in for 24 consecutive months. The COMPANY keeps records of this deletion for 90 days.
If you have subscribed to receive newsletters, your subscription details will be retained for as long as you are subscribed to our distribution lists.
Contact information, such as your email address or telephone number, collected either electronically or in person from our interactions with you and used for direct marketing and sales activities will be retained for as long as you have an active relationship with COMPANY. An active relationship is defined as any contact you have with the COMPANY or the correction and updating of your contact details as well as your preferences, made by you or at your request, in the last 24 months and if you have not submitted a deletion request.
Any information recorded through an online chat will be retained for 90 days after the chat has ended.
During your visit to the COMPANY’s premises and for the fulfillment of the purpose of processing which concerns the safety and protection of both the persons who are in the COMPANY’s premises (e.g. employees, visitors) and the COMPANY’s equipment in general (indicative of building , electronic, etc.) we consider a reasonable and necessary period of retention of your relevant data to be fifteen (15) days. After the lapse of fifteen (15) days from the time of your entry into the COMPANY’s facilities, the relevant file with all your information is deleted. In cases of criminal acts, the data is kept until the incidents are clarified.
The personal information required to exercise your rights and record your preferences remains for 20 years and/or longer if this is necessary for the compliance of our COMPANY, according to applicable laws or regulations.
Who are the recipients of the personal data?
COMPANY employees are authorized to access personal information only to the extent necessary to serve the applicable purposes and perform their duties, as well as the COMPANY’s respective auditors.
The COMPANY does not transmit or disclose your personal data to third parties, unless it is about:
Collaborating companies such as indicatively:
Insurance companies, Anonymous Service Providers related to the professional orientation of the COMPANY, Anonymous A/C Management Companies (AEDAK), other Financial Organizations or Bodies or other Authorities (e.g. Central Securities Depository, Stock Exchanges, Capital Market Commission) in the context of service of the COMPANY’s professional relations, concerning the provision of investment and/or insurance services.
Businesses (domestic and foreign) to which it has delegated, partially or fully, on behalf of the execution of the processing of your personal data and which have undertaken vis-à-vis the COMPANY an obligation of confidentiality either a) in the context of a contractual relationship between them, with which defines the object, the purpose, the duration of the processing, the type of personal data processed and the rights of the COMPANY, or b) in the context of their regulatory obligation to maintain confidentiality.
as indicative:
Transfer required for the initiation of a business relationship or the performance of a contract, or for the collection of the COMPANY’s claims in the event of non-fulfillment of your contractual obligations entered into with the COMPANY (e.g. transfer to cooperating lawyers , law firms and bailiffs, notaries, engineers and valuers).
Accountants and accounting firms to comply with the COMPANY’s statutory obligations (e.g. payroll and taxation).
Digitization and management (storage, destruction) companies of physical records.
Companies issuing and sending bills.
Courier and mail forwarding companies and mobile text messaging (sms) companies.
Collaborating businesses for participating in programs or promoting the COMPANY’s products and services through them.
The COMPANY has legally ensured that those performing the processing on its behalf meet the conditions and provide sufficient assurances for the implementation of the appropriate technical and organizational measures, so that the processing of your personal data ensures the protection of rights.
Affiliated businesses or companies.
Transmission or disclosure, which is required by the applicable regulatory, legislative and generally regulatory framework or court decision (e.g. transmission to judicial authorities, tax authorities, supervisory bodies, mediation bodies).
The COMPANY does not directly transmit your personal data to third countries or international organizations unless the transmission is required by the applicable regulatory or legislative framework.
Your rights
As a subject of personal data processing you have the following rights:
In any case, where we rely on legitimate interests to process your information you have the right to refuse or restrict the processing of your information by us.
Right of access to the personal data concerning you and as long as it is being processed by the COMPANY as controller, the purposes of the processing, the categories of the data and the recipients or categories of recipients thereof (Article 15 GDPR).
The right to correct inaccurate data as well as complete incomplete data (Article 16 GDPR).
Right to delete your personal data subject to the obligations and legal rights of the COMPANY for their retention based on the applicable legislative and regulatory provisions (Article 17 GDPR).
Right to limit the processing of your personal data if, either the accuracy of the same is disputed, or the processing is illegal, or the purpose of the processing has been eliminated and provided that there is no legitimate reason for their retention (Article 18 GDPR).
Right to portability of your personal data to another controller, provided that the processing is based on your consent and carried out by automated means. The satisfaction of said right is subject to the legal rights and obligations of the COMPANY for the retention of data and the fulfillment of its duty in the public interest (Article 20 GDPR).
Right to object for reasons related to your particular situation in the event that your personal data is processed for the fulfillment of a duty performed in the public interest or in the exercise of public authority delegated to the COMPANY or for the purposes of the legitimate interests it pursues the COMPANY or a third party.
The COMPANY is committed to providing you with all possible support and assistance to exercise these important rights of yours.
How to exercise your rights and file a complaint
Each of your requests regarding your personal data and the exercise of your rights must be addressed in writing to the central store of the COMPANY’s headquarters, or to the electronic address listed under the heading “Contacting the company”. A special form for exercising the right of access is available at the main store of the COMPANY’s headquarters.
The COMPANY’s refusal or unjustified delay in satisfying your requests when exercising your rights entitles you to appeal to the Personal Data Protection Authority as the competent supervisory authority for GDPR application.
In any case, you reserve the right to submit a complaint to the competent Supervisory Authority if you consider that the processing of your personal data is in violation of the applicable legislation. For more information you can visit the website of the competent supervisory authority at www.dpa.gr.
Use of Websites
We inform you that the COMPANY uses “cookies” on its websites in order to improve your online experience. For details about cookies, you can find out on the COMPANY’s website at https://insurance-shop.gr/cookies.
Update and revisions to this Privacy Policy
This Privacy Policy was last updated on May 25, 2018. The COMPANY based on its current data protection policy and within the current legislative and regulatory framework, in order to comply with legal requirements or respond to changing business needs, may revise or modify this information. The most updated version can be found on the COMPANY website https://insurance-shop.gr/privacy.
In the event that there is a material change to this Privacy Policy, we will also notify you in another appropriate way (for example through a pop-up notice or a statement of changes on our website).