European Reliance General Insurance Co. S.A. (hereinafter “the Company”) is a comprehensive insurance company, active in all modern sectors of insurance, except for credit and surety, providing full insurance coverage to individuals and businesses. It is registered in Greece and its headquarters are in Chalandri, 274 Kifisias Avenue, Tel. +30 2106829601, email: email@example.com. European Reliance Group of Companies owns the subsidiaries “European Reliance Asset Management M.F.M.S.A.”, “Alter Ego S.A.”, “Reliance Single Member S.A.” and “AEM Energy Systems P.C.”. The protection of natural persons against Personal Data Processing is very important for the Company. Therefore, the collection and processing of the personal data by the Company takes place only according to the General Data Protection Regulation (EU) 2016/679 and the current applicable legislation.
1. Categories of Personal Data
The Company processes the data that you have entered in the contact form and the newsletter, as indicatively but not restrictively, the first and last name, the professional information, and the contact details.
2. Purposes of processing
The processing of personal data takes place for the following purposes:
(a) to receive answers to your requests /questions and to receive, if you wish, updates and news on the Company.
(b) to establish any other legal claim or to defend the Company.
3. Legal basis of the processing
The processing of Personal Data is necessary for the fulfillment of these objectives. Unless otherwise stated, at the collection of personal data, the legal basis for their processing is one of the following:
(a) there is an explicit consent for personal data processing,
(b) the processing is necessary for the lawful interests of the Company (i.e. establishment and lawful exercise of rights).
4. Recipients and transmissions
The Company’s competent departments may receive your personal data, i.e. the Investor Relations Department, the Marketing and Public Relations Department, the Compliance Department, Legal Service, etc. Your personal data may be transmitted to third parties and partners of the Company, such as lawyers, and/or Public Authorities and Supervisory Bodies. Other IT companies (processors) may have access to your personal data. In these cases, we ensure via the contractual terms and regular audits, that if they have access to these data, the legislation for their protection will be strictly implemented.
5. Personal Data of Children
The website of the Company addresses to people that have reached at least the eighteenth (18) year of age. If the users are younger than 18 years old and they visit our website at their own will, the Company bears no liability. In case that at the collection and processing of personal data, the Company perceives that the user is younger than 18 years old, then the Company will cease any type of processing.
6. Time period for the Retention of Personal Data
The Company will keep your personal data for as long as it is required for the fulfillment of the objectives described in the current briefing, unless the current legislation requires or allows a larger time period.
7. Data Security
The security of your personal data is extremely important to us and for this reason we take and implement all appropriate organizational and technical measures to ensure that the data we collect are adequately protected and processed in accordance with the requirements of the applicable legislation.
The Company applies an Information Security Management System according to the international standard ISO/IEC 27001:2013 and since 01/11/2017, it has received a certificate by the Certification Body TUV HELLAS (TUV NORD) S.A. According to this System, the Company apart from the technical security measures, has adopted Information Security Policies and Procedures for the protection of your personal data. The adopted Information Security Policy consists of a set of rules that determine the way with which the Company administers and protects its Information Assets. These rules determine the role of any person involved with the Company, its competences, responsibilities and duties.
The Primary Purposes of the Information Security Policy include, among others:
• The protection of the data of European Reliance.
• The assurance of the trust of the customers/ shareholders of the Company.
• The assurance of the compliance with the Greek Legislative and Institutional Framework (Greek legislation).
• The determination of the security level and security requirements of the Organization.
• The establishment of mechanisms that support the identification and prevention of threats of the information of the Company and the effective response of the Organization, should such threats occur.
• The determination of the roles and responsibilities of the members of the Organization for the protection of the information and information assets.
• Raising awareness on the risks of the information and IT systems of the Organization.
The full text of the Information Security Policy can be found here.
8. Right for the revocation of the consent
In case you gave your consent for Processing of certain Personal Data by the Company, you retain the right to revoke your consent, at any given moment, with future application. The revocation of your consent does not affect the legality of the processing which was based on the consent before its revocation. In case of revocation of the consent, the Company may further process the Personal Data, only in the cases where no other legal reason for the processing applies.
9. Rights of the subject
Under the applicable legislation on Personal Data Protection and provided these relevant legal requirements apply, you retain the following rights:
9.1 Right of access
You retain the right to receive information on whether the Company processes your data, access your data and take all necessary information on their processing.
9.2 Right to correction
You retain the right to request for update, corrections, or additions to your personal data.
9.3 Right to erasure
You retain the right to submit a request for erasure of your personal data, which will be fulfilled, under the prerequisite that no other legal basis for the processing applies, as indicatively any liability for personal data processing, imposed by the Law).
9.4 Right to restrict processing
Your retain the right to request for restriction of processing of your personal data in the following cases; (a) when you question the accuracy of your personal data and up to the time of their verification, (b) when you object to the erasure of your personal data and request, instead of an erasure the restriction of their use, (c) when your personal data are not needed for processing purposes, yet they are necessary for the establishment, exercise, support of legal claims, and (d) when you object to the processing and up to the verification that there are legal purposes that prevail the reasons for which you object to the processing.
9.5 Right to object processing
You retain the right to object any moment in the processing of your personal data, when this is based on the legal basis [Article 6 (1) (e) or (f) of the GDPR] which will be fulfilled, unless the Company presents urgent and legal reasons for their processing.
9.6 Right to portability
You retain the right to receive without any obligation your personal data in a structured, commonly used format, and readable by all machinery, or request, provided this is technically possible, to transmit your data directly to another data controller.
9.7 Right to object to decision making based on the automated processing
You retain the right to request to be excluded from decision-making, based on an automated processing, including the creation of a profile.
10. How to file a Complaint / Protest
For any matter pertinent to the processing of Personal Data, you may contact the Data Protection Officer (DPO) of the Company (tel.: +30 210-8119670, email firstname.lastname@example.org). Moreover, you maintain the right to contact the Personal Data Protection Authority, which receives relevant complaints submitted in written form in its Protocol Department (1-3 Kifisias Avenue, P.C. 115 23, Athens, tel.: +30 210-6475600 / fax: +30 210-6475628), or via email at email@example.com. Furthermore, you always maintain the right to appeal to the Greek Courts.