We at EuroLife Ltd. (referred to as ‘we’, ‘us’, ‘our’ or ‘EuroLife’) are committed to protecting your privacy and handling your data in an open and transparent manner. The personal data that we collect and process depends on the product or service requested and agreed in each case.
This privacy statement sets out general information about how we manage your personal information and how you can contact us about this Privacy Statement or the personal information that we hold.
For the purposes of this privacy statement the following terms mean as follows:
“Personal Data” or “Personal Information” : when we refer to Personal Data or Personal Information, we mean data which identifies or may identify you. An indicative list of the personal data we process can be found under the heading “What Personal Data do we Process?” below. In cases of certain insurance policies you may have with us, Personal Data will also include Sensitive Data.
“Processing”: when we refer to Processing of your Personal Data, we collectively refer to the handling, collecting, amending, protecting, storing or other such action of your personal data.
“Sensitive Data”: Sensitive Data is the term we use to describe Special Categories of Personal Data (as these are set out in the GDPR) that we may process, and for our purposes mainly concerns data concerning health which may identify or reveal details about your past or current physical or mental health status, including data on any physical or mental disease or disability. Sensitive data may also include genetic data which is personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person.
“GDPR” : GDPR stands for the General Data Protection Regulation (EU) 2016/679 which is part of the legal framework (along with any other data protection laws or regulations in Cyprus) that governs the processing that we undertake of your personal data.
EuroLife Ltd is a licensed insurance company registered in Cyprus under registration number ΗΕ36247 as a private limited liability company having its registered office at Evrou 4, Strovolos, 2003, Nicosia, Cyprus.
We obtain your Personal Data through the following channels:
(a) From information you provide to us, examples include:
(b) From information lawfully obtained by third parties, examples include:
(c) From publicly available sources:
The type of Personal Information we usually collect and process depends on the nature of our interactions and relationship with you. We collect Personal Information about (a) current or potential customers of EuroLife, that is, persons who contract with us for the provision of a service, namely insurance cover (b) insured persons for who we provide cover under a Eurolife insurance policy (c) beneficiaries and nominated representatives of legal entities or of natural persons who hold an insurance policy with Eurolife (d) EuroLife employees and current or potential insurance intermediaries that we cooperate with (e) contact persons of our business partners, suppliers and service providers (f) persons who take part in any competitions/surveys we carry out.
1. The Personal Data collected, handled and processed by us may include:
2. Sensitive Data:
For the provision of insurance cover for certain policies, we also collect and process special categories of data for insured persons. Special categories of data processed by us are data relating to your health (this can include genetic information), and can include details in relation to your past and present physical or mental health including any injury or disability information activities that may impact your health, your health history, fitness and physical activities. We only collect and hold sensitive information with your consent or in other limited situations which the law allows.
3. Children’s Data
We understand the importance of protecting children’s privacy. We may collect Personal data and Sensitive data in relation to children that are insured persons under Eurolife policies, or that are named or legal beneficiaries of such policies, provided that their parent’s or legal guardian’s consent has been obtained or unless otherwise permitted by law. We do not provide online services to children. For the purposes of this Privacy Statement, “Children” are individuals under the age of eighteen (18).
1. Personal Data
We process your Personal Data lawfully for one or more of the following reasons:
a) Performance of a contract:
Processing of your Personal Data is necessary for the execution/performance of a contract we have entered into with you (e.g. insurance policy) or in the case of a group insurance policy, with the owner of the policy, or for undertaking certain actions prior to this with the aim of entering into a contract with you.
Indicatively, with regard to an insurance policy you have with us, it is necessary for us to process your personal data with regard to the following:
b) Compliance with a legal obligation
As an insurance company we are subject to a number of legal and regulatory obligations which require the collection and processing of personal data (e.g. anti-money laundering measures, FATCA/CRS, other tax law obligations, compliance with court orders and so forth). Such obligations require processing of certain data, for example we are required to obtain and process certain information from you on your identity, your profession and your income for purposes of compliance with anti-money laundering measures. An additional example is tax information that we may request and process from you for compliance with FATCA/CRS tax treaties to which the Republic of Cyprus is a party.
c) For the purpose of safeguarding legitimate interests
Where necessary, and taking into account your rights and freedoms, we may process Personal Data above and beyond the actual performance of our contractual obligations, in order to safeguard the legitimate interests pursued by us or by a third party. Examples include:
d) You have provided your consent
Provided that you have given us your specific consent for processing then the lawfulness of such processing is based on that consent. You have the right to revoke consent at any time. However any processing of Personal Data prior to the receipt of your revocation will not be affected.
2. Sensitive Personal Data
We process your Sensitive Data lawfully for one or more of the following reasons:
a) You have provided your consent.
When the insurance policy you wish to purchase or the claim you wish to submit requires the provision of your Sensitive Data, we collect and process such data on the basis of your consent.
You may withdraw your consent to processing of your Sensitive Data at any time, however this will likely impact our ability to provide you with the insurance cover requested or process any claims provided under such cover.
b) If it is necessary for the establishment, exercise or defence of legal claims;
c) If it is necessary for reasons of substantial public interest, such as preventing insurance fraud;
The confidentiality of your Personal Data is our priority. For this reason, all the persons who are recipients of your Personal or Sensitive Data are subject to an obligation of confidentiality and of processing your data in accordance with applicable data protection law and GDPR. Data is disclosed to such recipients and processed by such recipients only for the purposes set out above under the heading “Why we process your Personal and Sensitive Data and on what legal basis”.
Recipients of your data may be, for example:
Some of the recipients of your personal data may be located in third countries (i.e. countries outside the European Economic Area). We ensure that such processers are obligated to comply with the European data protection standards and to provide appropriate safeguards in relation to the transfer of your data in accordance with the GPR.
We will keep your personal data for as long as we have a business relationship with you as either an individual or as an appointed representative of a legal entity, or a beneficial owner.
Once our business relationship with you has ended, we may keep your personal data for the longest of the following periods: (i) any retention period set out in our retention policy which is in line with regulatory requirements relating to retention or (ii) the end of the period in which legal action or investigations might arise in respect of the products and services provided.
We may keep your data for longer if we cannot delete it for legal, regulatory or technical reasons. If we do, we will make sure that your privacy is protected and only use it for these purposes.
For prospective customer data we shall keep your personal data for 12 months from the date that a quotation was provided to you, assuming that no insurance applications or policies arose in relation to the quotation provided, or unless you have requested that we maintain this data for a further period of time as determined by yourself.
With regard to certain types of insurance cover, when you wish to submit an electronic application for such insurance cover with us, we will use systems to make automated underwriting decisions based on Personal and Sensitive Data you have provided us with. You have the right in this case to contact us to:
a) Give you information about the processing of such Data
b) To object to such electronic underwriting and to request that you are assessed by our Underwriting Department instead. In such a case we will require the completion of a hard copy insurance application.
We may process your personal data to tell you about products, services and offers that may be of interest to you or your business.
The personal data that we process for this purpose consists of information you provide to us and data we collect and/or infer when you use our services, such as information on your policy transactions. We study all such information to form a view on what we think you may need or what may interest you. In some cases, profiling is used, i.e. we process your data automatically with the aim of evaluating certain personal aspects in order to provide you with targeted marketing information on products.
We can only use your personal data to promote our products and services to you if we have your explicit consent to do so or, in certain cases, if we consider that it is in our legitimate interest to do so.
You have the right to object at any time to the processing of your personal data for marketing purposes, which includes profiling, by contacting at any time our Customer Services Center or any of our branches either in person or in writing.
In order for us to proceed with a business relationship with you, you must provide the Personal Data required for the commencement and execution of a business relationship and the performance of our contractual obligations.
In the case of an insurance policy you wish us to provide to you, this means that If you do not provide us with the necessary personal information requested in our quotations, application or claim forms, we will most likely not be in a position to accept your application for insurance with us, or any claims you may make under the Policy.
Furthermore we are obligated in certain circumstances to collect personal data from you for compliance with our legal obligations, such as for example identification details for compliance with anti-money laundering measures and tax details for compliance with FATCA/CRS treaties.
Kindly note that if you do not provide us with the required data, then we will not be allowed to commence or continue our business relationship either with you as an individual or as the authorized representative of a legal entity or beneficial owner of a policy.
You have the following rights in terms of your personal data we hold about you:
You also have the right to object where we are processing your personal data, for direct marketing purposes. This also includes profiling in as much as it is related to direct marketing.
If you object to processing for direct marketing purposes, then we shall stop the processing of your personal data for such purposes.
- it is not accurate,
- it has been used unlawfully but you do not wish for us to delete it,
- it is not relevant any more, but you want us to keep it for use in possible legal claims,
- you have already asked us to stop using your personal data but you are waiting for us to confirm if we have legitimate grounds to use your data.
To exercise any of your rights, or if you have any other questions about our use of your personal data, please contact our Customer Services Center, your insurance intermediary, or visit any of our branches, or complete the relevant web form through our website (http://www.eurolife.com.cy/en-gb/contact_us/).
You can also contact our Data Protection Officer at dpo@eurolife.bankofcyprus.com
We endeavour to address all of your requests promptly.
If you have exercised any or all of your data protection rights and still feel that your concerns about how we use your personal data have not been adequately addressed by us, you have the right to complain by completing our on line contact form (http://www.eurolife.com.cy/en-gb/contact_us). You also have the right to complain to the Office of the Commissioner for Personal Data Protection. Find out on their website how to submit a complaint (http://www.dataprotection.gov.cy).
We may modify or amend this privacy statement from time to time.
We will notify you appropriately when we make changes to this privacy statement and we will amend the revision date at the bottom of this page. We do however encourage you to review this statement periodically so as to be always informed about how we are processing and protecting your personal information.
If you have any questions, or want more details about how we use your personal information, you can contact our Data Protection Officer at Evrou 4, Strovolos, 2003, Nicosia, Cyprus, email: dpo@eurolife.bankofcyprus.com.
Our website use small files known as cookies to make it work better in order to improve your experience.
To find out more about how we use cookies please see our cookie policy