Privacy Policy

PERSONAL DATA PRIVACY STATEMENT

Last Modified: May 25, 2018

Atlantic Insurance Company Public Ltd (hereinafter “we”, “us” or “our”) is the controller of the information collected or provided directly and is committed to protect your privacy and handling your personal data, including sensitive data, in an open and transparent manner. The personal data that we collect and process will depend on the nature of the product or service provided by us.

When we refer to personal data we mean data which identify or may identify you and which may include your name, address, ID number, phone number, and date of birth, occupation, email, registration number for a car or that of a company.

When we refer to sensitive data we mean special categories of personal data which identify or may identify you and which may reveal details about your past or present physical or mental health status, medical history and may include data regarding any physical or mental disease or disability.

Collection of Personal Data:

For purposes of fulfilling our contractual obligations, we mainly collect personal data directly provided by you and/ or such information may be provided by third parties. In the list below, there are further ways mentioned as to how we collect personal data:

• Personal data are collected directly from you along with the completion of our insurance proposal, via request for quotations, via claim forms and/ or when you/ we contact us/you for any reason with regards to your contracts and/ or for the update of your personal data (e.g. contact details).
• Personal data are collected directly from any individual and/or any legal entity who retains a policy with us under which an insurance is enable (name driver, employee)
• Personal data are collected by third parties, where in between others, third parties include our agents, any authorised representative you may wish to appoint, other insurance companies which will be contacted by us for underwriting purposes and in the event that a claim may arise then data may be collected from witnesses, doctors, assessors and lawyers.
• Personal data may also be collected from the Registrar of Companies, the Road Transport Department and/ or any other data base approved by the Data Protection Commissioner.

Processing of Personal Data:

We will only process your personal data and or sensitive data when the law provides that we are entitled to act so. Most commonly we will use your personal data in the following situations:

• Performance of the contract agreed with you
• Where there is a need for compliance with legal obligations
• When we have received your explicit consent to do so 

For the performance of our contractual obligations, personal data may be brought to the attention of various departments within Atlantic Insurance. Also, our service providers and/ or brokers and or/ any further person co – operating with us, may receive personal data held by us. Such service providers and/or any of the aforementioned people co- operating with us have already entered into binding agreements with us which include such provisions aiming to preserve confidentiality and data protection in compliance with the Data Protection Act and the GDPR Regulations.

External Service Providers:

• Service providers that we have chosen in order to support us in technological manner
• Legal Consultants
• Auditors and accountants
• File storage companies
• Debt collection companies
• Medical professionals
• Claim handling experts (investigators, assessors, loss adjusters, surveyors)
• Third party claimants and or their lawyers
• Card payment processing companies
• Accident care and emergency assistance service providers
• Regulatory bodies, public authorities such us Police, Department of Road Transportation and any other Public authorities.
• Insurance partners such as agents, brokers, other insurance companies, reinsurers and reinsurance brokers. 

We may and we will keep your personal data for a time period equivalent to the validity of our Contract as long as there are no pending legal and/ or regulatory and/ or other procedures which we retain legal rights from. Furthermore, the necessity for keeping and storing such data for a period exceeding one year may  arise for technical and legislative reasons according to changes that may occur from time to time.

Moreover, with regards to quotation purposes, we may keep your personal data under the light of a prospective customer for a time period which in any case shall not exceed the time period of one year from the date that the quotation was provided.

Rights under the General Data Protection Act:

According to the General Data Protection Act, you are entitled to the following rights:

• The Right of access
• The Right to rectification
• The Right to erasure (right to be forgotten)
• The Right to restrict processing
• The Right to personal portability
• The Right to withdraw consent

Enforcement of Personal Data Protection Rights:

For the enforcement of any one of the aforementioned rights, or for any other questions with regards to the manner in which we use your personal data, please feel free to contact our head office at Esperidon 15, 2001, Nicosia, or contact us via email at: dpo@atlantic.com.cy

For the enforcement of your right to complain, contact the Office of the Commissioner for Data Protection via email at: www.dataprotection.gov.cy

Note: We reserve the right to amend this privacy Statement from time to time.