Basic information

H IB, strives to protect the privacy and confidentiality of the Personal Data it processes in relation to the services it provides to customers. The services of IB mainly concern consulting services of risk management and insurance mediation, which facilitate the examination, access, management of claims in the context of insurance services.

Insurance is the concentration and sharing of risk in a contingency. To this end, information, including the Personal Data of different categories of clients, needs to be disclosed to different persons participating in the insurance market, during the life cycle of the insurance:

  1. Special offer
  2. Inception,
  3. Management,
  4. Renewal.

In order to clarify the terms used in this Privacy Policy, the following are the roles of the main Insurance Market Participants:

• Insurance Beneficiary: Is the natural or legal person applying for insurance to protect himself from the risks that could affect him. The policyholder can approach an Intermediary (such as IB) to purchase the insurance or they can approach an Insurer directly or use an online price comparison platform.

ID card IB, 256 Mesogeion Ave., 155 61, Cholargos, Athens, Greece. THE IB is responsible for the processing of Personal Data that it processes in relation to the services provided by the relevant commitment of cooperation it has with its client.

In some cases, and for the purpose of performing certain services, the IBand her client may have agreed that the IB will have the capacity of executing the processing. When the IBacts as the executor of the processing, will comply with the obligations set out in the contract concluded by her and her client.

Personal information that can be processed.

We may collect and process the following Personal Data:

Personal information: name, address (and address proof), other contact details (eg email address, telephone numbers), gender, marital status, family details, date and place of birth, employer details, title and employment history, relationship with policyholder , the insured, the beneficiary in an insurance or the claimant in a claim.

Identity: Identity number issued by government agencies or organizations (eg depending on the country you are in, social security number, passport number, tax registration number, driver's license number).

Financial data: credit / debit card number, bank account number and bank account details, income and other financial information.

Insured Risk: Information about the insured risk, which includes Personal Data, which may include information only to the extent related to the risk insured, eg:

Health Data: existing and pre-existing physical or mental medical conditions, health status, information on injuries or disabilities, medical treatment / surgeries performed, relevant personal habits (eg smoking or alcohol consumption), prescription information, medical history.

Data on criminal convictions: criminal convictions, including driving offenses.

Other Special Categories of Personal Data: racial or ethnic origin, political views, religious or philosophical beliefs, participation in trade unions, and biometric data, data relating to a person's sexual life or sexual orientation.

Insurance Details: Information about insurance offers or insurance contracts that a person will acquire.

Credit or fraud information: background and credit rating (fraud and conviction information, crime and sanction charges, data obtained from various anti-fraud and anti-sanction databases) or regulatory authorities or law enforcement agencies.

Previous requirements: Information on prior claims, which may include health data, criminal records, and other Special Categories of Personal Data (as described above in the corresponding Insured Risk definition).

Current requirements: Information on current claims, which may include health data [criminal conviction data), and other Special Categories of Personal Data (as described above in the corresponding Insured Risk definition).

Marketing data: If the person has consented to receive marketing material from us or from third parties, as well as the person's interaction with emails, forms that we send to them, in order to optimize our communication processes.

If we collect this information directly from individuals, we will inform them if the information is necessary and what the consequences are, if they do not provide this information on the relevant website or in a corresponding form.

• Intermediary: It is the natural or legal person who assists the Insurance Recipient and the Insurers to arrange the insurance coverage. Can provide advice and manage requirements. Many insurance and reinsurance contracts are obtained through intermediaries.

• Insurer: Also known as an Insurance Company or "underwriter". Provides insurance coverage to the Recipient of the insurance against payment (premium).

• Reinsurer: The legal entity that provides insurance coverage to another Insurer or Reinsurer. This insurance is known as reinsurance.

During the life cycle of the insurance h IB may receive Personal Data about potential or actual Insurance Recipients, Beneficiaries of an insurance contract, their family members, persons making a claim and other parties involved in a claim. Therefore, references to "Person / Persons" in this Privacy Notice include any of the aforementioned persons whose Personal Data is IB receives within the framework of the services it provides and is committed to provide to its customers. This Privacy Policy sets out the use by IB of Personal Data and disclosures made to other Participants in the Insurance Market and other third parties.

Sources of personal data

We collect personal data from various sources, including:

• Individuals and their family members, online or by telephone, or by mail

• The employers of natural persons

• In the event of a claim, third parties including the other party to the claim (plaintiff / defendant), witnesses, experts (including medical experts), experts, lawyers and claims settlers

• Other participants in the insurance market, such as Insurers, Reinsurers and other Intermediaries

• Credit information offices (to the extent that IB assumes credit risk)

• Anti-fraud databases and other third-party databases, including lists of penalties

• Government services, such as vehicle registration authorities and tax authorities

• Damage forms

How we use and disclose your personal data

In this section, we define the purposes for which we use personal data, explain how we share information, and identify "Legal basis»On which we rely to process information.

These "Legal Basis" are set out in the General Data Protection Regulation 2016/679 / EU (GDPR), which allows companies to manage Personal Data only when processing is permitted by the specific legal bases set out in the Regulation (as discussed below). ).


Please note that in addition to the disclosures we have identified in the table below, we may disclose Personal Data for the purposes we explain in this Privacy Policy to service providers, contractors, agents performing work on our behalf.

In order to facilitate the provision of insurance coverage and the management of insurance claims, we rely on the consent of the data subject to process Special Categories of Personal Data such as medical data and data relating to criminal convictions, as defined in the table above, as well as for the outline of the profile as defined in the next paragraph. This consent allows us to share information with other Insurers, Brokers and Reinsurers who may need to process the information in order to play their role in the insurance market (which in turn allows risk to be accumulated and priced in a sustainable way. ).

The consent of the person affected by this processing of Special Categories of Personal Data and data relating to criminal convictions is a prerequisite for being able to IB to provide the services requested by the customer.

Where you provide us with information about individuals other than you, you agree to notify them of the use of their Personal Data by IB and receive their consent for us.

Individuals may withdraw their consent to such processing at any time. However, withdrawing consent may prevent IB to continue to provide its services. In addition, if a person withdraws their consent regarding the processing by the Insurer or the Reinsurer of the Special Categories of Personal Data and data related to criminal convictions, it may no longer be possible to continue the insurance coverage.


The premiums are calculated by the Participants in the Insurance Market by conducting comparative studies of the characteristics of customers and beneficiaries against other customers and beneficiaries as well as by studying the trends of insurance cases before they occur. The comparative study requires both IB as well as other Participants in the Insurance Market to analyze and gather information received from all policyholders, beneficiaries or persons who raise a claim in order to model these trends. Therefore, we may use Personal Data to combine the information with the models and create the standards that determine pricing in general but also for other policyholders. THE IB and other Participants in the Insurance Market may use Special Categories of Personal Data and data related to criminal convictions to create the above models to the extent that is appropriate and necessary, such as for example the medical history for life insurance.

THE IB and other Insurance Market Participants use similar forecasting techniques to evaluate the information provided by customers and individuals in order to understand the forms of fraud, the likelihood of future losses that actually occur in loss scenarios.

We may use these models only for the purposes stated in this Privacy Policy. In most cases our employees make decisions based on these models. In the following cases, decisions are made solely on the basis of the models and the comparative study of the Personal Data of the models by automated means.

Automated platform

When customers use our invoicing platform (Portal), the insurance offers offered arise only if the information provided by the customer meets the criteria set by the insurers and set, to the extent permitted by applicable law,

a. if an offer is made,

b. on what terms it will be given,

c. And at what price.

Each insurer uses different algorithms to determine the cost of insurance, and customers should consult each insurer's privacy policy for more information. Our platform simply examines whether a customer's data meets the insurers' insurance models and then returns the results. We also apply algorithms to customer information, which helps us detect and prevent fraud. We regularly check profile sketching procedures and associated algorithms for inaccuracies and bias.

These automated processes may result in no insurance being offered to a customer or affecting the cost or terms of insurance.

Customers can ask us to provide them with information about the decision-making methodology and ask us to confirm that the automated decision is correct. We may reject the application if permitted by applicable law, especially where the provision of information could lead to the disclosure of a trade secret or prevent the prevention or detection of fraud or other crime, but generally in these cases confirm that the algorithm and data source are working as expected without error or bias.

The prices generated by our company's pricing platform are generated from data we receive from insurance companies or from the use of web services provided by us.

In the event that an insurance company changes the invoicing parameters without notifying us, we are not responsible for the invoicing error. For this reason we consider the prices to be indicative and before completing your insurance application, we will ask for confirmation of the price from the insurance company

Security measures

We apply physical, electronic and procedural security measures appropriate to the sensitivity of the information we hold. These measures vary depending on the sensitivity, format, location, quantity, distribution and storage of Personal Data, and include measures designed to keep Personal Data protected from unauthorized access. Where appropriate, these measures include encryption of communications via SSL, encryption of information during storage, firewalls, access controls, segregation of duties and similar security protocols. We restrict access to Personal Data to staff and third parties who are required to have access to this information for lawful, relevant commercial purposes.

Restriction on collection

We collect, use, disclose and otherwise process the Personal Data necessary for the purposes set out in this Privacy Policy or as permitted by law. If we need Personal Data for a purpose other than the purposes set out in this Privacy Policy, we will notify customers of this new purpose and, where required, seek the consent of individuals (or ask other parties to do so). on behalf of IB) for the processing of Personal Data for these new purposes.

The periods of retention of Personal Data are determined by our professional needs and the requirements of the law. We keep the Personal Data for as long as necessary for the purpose / purposes of the processing of the information collected, and for any other permitted relevant purpose we are permitted or as required by law. For example, we may retain certain details of a transaction and related correspondence until the transaction margin arises, or to comply with regulatory requirements regarding the retention of such data. When Personal Data is no longer required, then we either proceed with irrevocable anonymization of the data (and may further retain and use the anonymized data for our own statistical purposes) or securely destroy it.

Cross-border data transfer

THE IB transfers Personal Data to or allows access to Personal Data from countries outside the European Economic Area (EEA). The data protection legislation of these countries does not always provide the same degree of Personal Data protection as provided within the EEA. In any case we will protect the Personal Data as defined in this Privacy Policy.

Some countries outside the EEA have been approved by the European Commission to provide substantially equivalent protection such as data protection laws in the EEA. EU data protection laws allow IBto transfer data freely to these countries.

If we transfer Personal Data to countries other than the EEA we will establish the legal bases justifying such transfer, a model of contractual clauses, the consent of the data subjects or other legal bases permitted by the applicable legal requirements.

Individuals can request additional information regarding the specific security measures that apply during the export of Personal Data by contacting the Data Protection Officer at the following address.

Accuracy, transparency, responsibility

We strive to maintain Personal Data that is accurate, complete and up to date. Individuals should contact us at the email address [email protected] to update their details.

Questions about her privacy practices IB should be addressed to its Data Protection Officer IB.

Under certain conditions, individuals have the right to request from IBto:

• Provide more details on how we use and process their data,

• Provide a copy of the Personal Data we hold about the individual,

• To correct any inaccuracies that exist in the Personal Data that we keep,

• Delete the Personal Data for which we no longer have a legal basis for their processing,

• To object to any processing of Personal Data that the IBjustifies the legal basis of the "legitimate interest", unless the reasons given and justifying such processing outweigh any damage to the individual's right to privacy, and

• Limit how we process Personal Data while considering your request.

These rights are subject to certain exceptions for the protection of the public interest (eg the prevention or detection of crime) and our interests (eg the maintenance of a legal interest). We will respond to most of your requests within 30 business days.

In the event that we are unable to resolve a query or complaint, the individual has the right to file a complaint with the Personal Data Protection Authority.

Questions, requests, complaints

To submit questions or requests regarding the Privacy Policy or its privacy practices IB, please contact the Data Protection Officer in writing at the following address:

Data Protection Officer IB

256 Mesogeion Ave.

155 61 Cholargos

Athens, Greece

[email protected]

Our policy is subject to change at any time. The last update was made on April 30, 2018. If we make changes to this policy, we will update the date of the last change. Any changes we make to this policy are effective as soon as we publish the revised policy on this site. We recommend that you check this policy regularly for changes. The official language of our policy is Greek and any other translation has no legal force.