Your data is safe with us

At HD Insurance PLC (“Hellas Direct”) we value privacy and data protection. We comply with all relevant Legislations, including Regulation (EU) 2016/679 of the General Data Protection Regulation (also known as «GDPR»), which came into force on May 25, 2018 and affects the protection of all personal data we have in our possession.

What is personal data?

The term Personal Data refers to any element or information that can identify a person’s identity or contact information. This also includes cases where one’s identity can be ascertained even indirectly by reference to a factor that is unique to the physical, physiological, genetic, psychological, economic, cultural or social identity of that individual.

The purpose of this Privacy Policy is to inform you in detail about everything that concerns your personal data and Hellas Direct. If you have any follow up questions, please do not hesitate to contact us.

Which categories of personal data we use?

The main categories of personal data that we use are:

Data to identify you

We may use data such as your name, surname, identification or passport number, telephone number, date of birth, email address, home address, TAX identification number, for identification purposes.

The above data may also be used for (i) communication purposes - to enable us to contact you for any of the purposes mentioned in this privacy policy and in your insurance contract, (ii) to calculate the insurance cost for the requested insurance cover, (iii) to negotiate your claim with another insurance company, on your behalf and affiliated processes, always based on a legal ground.

For assessment of a claim, additional categories of personal data may be processed, for instance, photographic material as well as sensitive data in relation to your health status, medical reports and medical history.

Bank details

We may use details of the banking institution or your card details and billing information in order to process your payment, for example when you purchase insurance from us or when we want to make a payment to award you with compensation.

Browsing data

Your browsing data will also be processed. For example, we will use your IP address and place cookies on your browser, to offer you a better online experience on our website. More information are provided in our cookies policy.

Personal data of minors

We will not request or process minor’s data, except if necessary, to do so. For instance, if we are assessing a claim following a accident, in which minors were involved, we will have to process their data for assessment and compensation purposes. This will be done based on the minor’s parent or legal guardian’s consent and always in compliance with the GDPR provisions.

Our website is not addressed to minors and should not be used by minors.

How do we collect personal data?

Clients obtaining a quote

In order for you to get a quote for insurance from Hellas Direct, you need to provide us with some information that belongs to the personal data category, such as your name, address, and contact details. We only ask for the personal data that is absolutely necessary. Without it, we cannot quote you a price correctly.

By completing the above fields in the quote process, and by voluntarily communicating your personal data to us, you accept the processing of your personal data by Hellas Direct. In addition, you accept that we will be sending you your offer to the email you have given us. Throughout the process, you will receive three (3) emails to remind you of the insurance offer.

Clients purchasing insurance from us

When you decide to purchase insurance from us we will need to obtain more categories of personal data from you, to be able to provide you with the required insurance cover.

The necessary personal data we collect and process are: name, address, email, telephone (landline and mobile), TAX number, call recording and collection of written communications to and from Hellas Direct, number of contracts, photographs, and number of visits to the site, account details, and other financial information. Where necessary, we may process medical and legal data.This kind of personal data will also be obtained upon the renewal or amendment of your insurance or when you submit a claim for payment under your insurance contract.

This kind of personal data will also be obtained upon the renewal or amendment of your insurance or when you submit a claim for payment under your insurance contract.

Other ways in which we may obtain your personal data:

  • Whenever you may provide us with such data – for example during a telephone conversation with us
  • We may collect your personal data from any platforms accessible by the public
  • When you purchase insurance cover from us through one of our trusted partners or insurance intermediaries
  • When we process data for assessment of claim or compensation purposes, we may obtain data through our trusted partners that provide us with valuations in relation to the damage you suffered, experts and consultants
  • We may also obtain your data through Customer Loyalty Schemes or Refer-a-Friend programme

Our goal is to offer you the best insurance covers and to improve our services and for this purpose the collection of the above personal data is absolutely necessary.

Our site uses Cookies. To see our Cookies Policy click here.

How do we process personal data?

We process personal data in accordance with the relevant laws and regulations. We will process your personal data only if:

  • you have consented to processing for one or more purposes
  • processing is necessary for the proper implementation of a contract to which you are a party or for actions that need to be taken at your request prior to the conclusion of a contract
  • processing is necessary to comply with a legal obligation we may have
  • processing is necessary to safeguard your vital interest or someone else’s
  • processing is necessary for the performance of a duty performed for the public interest or in the exercise of public authority entrusted to us
  • processing is necessary for the purposes of the company’s legitimate interests, except in cases where your fundamental rights and freedoms override those interests - in such cases, the protection of your personal data will supersede the company’s legitimate interests

Calculation of quote / cost of your insurance

To be able to either insure you or calculate the cost of your insurance, we evaluate the data and personal data you give us. This data is necessary to be able to determine the insurance risk we undertake and, consequently, to be able to calculate the costs effectively. For example, for home insurance, it is important to know your place of residence because in some areas the risk of theft is higher than others.

Communication purposes

In addition, we need your personal information so that we can communicate with you when necessary. In addition, we will contact you to remind you of the expiry of your contract. Also, in case you file a complaint or a claim we will have to contact you to obtain all the relevant information to enable us to assess your complaint or claim.

After your obtain a quote through our website we will send you up to three (3) emails to remind you about the quote we provided you with.

Also, if you have purchased insurance from us which has lapsed, we may contact you within a period of 18 months from the date the insurance contract elapses.

Legitimate interests

Cases of data processing for the purposes of legitimate interests include, but are not limited to, processing for the prevention and assessment of criminal or illegal and malicious actions to our company. For example, when we have reasonable grounds to suspect that a claim has been made fraudulently, we may process personal data to determine the validity of such claim.

Trusted partners

As Hellas Direct we have engaged with Emailage which is a global leader in helping companies reduce online fraud. Emailage is obliged to process or arrange for processing of your personal data only in accordance with the details set out in the Emailage Privacy Policy.

Marketing

With your explicit consent, we will use some of your details for marketing and market research purposes. We will use your details to send you informational material, as well as any information we believe may be of interest to you and our offers for any products we may make available.Any kind of information (emails / sms) sent to you will provide you with the option to stop receiving such information if you ever wish to cease such communication.

Remarketing

With your explicit consent, we will use some of your personal data for remarketing purposes, to display our advertisements relevant to your interests through our trusted partners. In this way we may use your data to provide you with targeted and personalised advertisements. If you have purchased insurance from us, your data will be used for remarketing purposes for as long as you remain our client, as well as for 18 months after your insurance contract elapses. If you have obtained a quote from us, your data will be used for remarketing purposes for a period of 9 months after the date we provided you with a quote.

What will we do if you give us false information?

If you give us inaccurate, incomplete or false information, we may cancel or terminate your contract or decline to renew it.

How long will we keep your personal data?

We will maintain and process your personal data for as long as it is necessary to achieve the purpose for which you originally provided the data.

Clients obtaining a quote

In the case of a quote, we will process your details to calculate the cost of your insurance. If you do not insure your house with us, we will keep your data for eighteen (18) months from the date of the quote.

Clients purchasing insurance

In the event that you purchase a policy with us, we will maintain and process your data for the period necessary for the duration of your contract, our operations and your proper service. Upon termination or cancellation of your policy, we will keep your information for as long as is required by applicable laws and regulations.

How is your personal data processed? What do we process?

We use automated systems to process your personal data. This means that we have systems that automatically collect, organize and evaluate the data you give us. Automated processing allows us to calculate your insurance quote immediately (in real time) so that you do not have to wait for it. It also help us to identify and prevent potential insurance fraud against us more effectively.

Automated processes are controlled by our analytics department. This means that the department can perform regular checks to ensure that everything is working appropriately.

Who has access to your personal data?

Access to this data is only available to those who need access, with the sole purpose of serving you.

The customer service department will refer to your information if you have any questions and if you need help. This is also the department that will collect your data if you choose to get a quote or purchase a policy over the phone.

The Emergency Line team also has access to this data. It is the team that will record your data in the event of an accident or damages.

The claims team will need your information to manage and pay your claim or handle your claim or a claim alleged against you, on your behalf. To this end, your data may be forwarded to doctors, hospitals, lawyers and / or the authorities. Before anything like this happens, we’ll let you know.

If you have a complaint, the complaints team will also need access to some of your data to properly evaluate your issue.

The analytics team has access to some of the information about your house to ensure that we evaluate the services we provide and make sure we quote you the right product at the best price.

The strategic intelligent unit may process your data to provide the company with sales and operations insight.

The finance and payments team will process your data to pay you in case you will be awarded with compensation following a claim, to receive payment of your insurance contract, in case of cancellation of your insurance policy as well as to award you with points or compensation through customer loyalty schemes or Refer a Friend scheme.

Finally, if you have given us permission to send you promotional material, some of the data may also be used by our communications and marketing department.

Aside from Hellas Direct, who else has access to this data?

In general, we avoid disclosing personal data to third parties. However, in some cases this is necessary. Your details may be shared with:

  • Other companies within the HD Insurance group for administrative and accounting purposes.
  • Public or governmental bodies such as (for example, courts, regulatory bodies, law enforcement agencies, tax authorities and criminal intelligence services) and third-party tribunals and their accountants, auditors, lawyers and others consultants and their representatives, as we think is necessary or appropriate. These include any authority requesting data from us.
  • Other insurance companies and reinsurers. We will disclose your details to the Insurance Statistics Agency, and to other insurance companies if this is deemed necessary by our reinsurers.
  • The partners who assist us in providing the services you have purchased. These include repair services, technicians that provide emergency services and take on repairs in the insured house, insurance appraisers, as well as doctors, lawyers and legal counsellors, accountants, reinsurers, brokers, experts, banks and financial institutions, and others.
Will your data be used for commercial purposes?

According to the GDPR, in order to be able to send you any promotional material, you must first give us your consent. Without it, we cannot send you updates about new services or new products or partnerships with affiliated companies. Also, we will not be able to send you the company news or news of the market.

If you opt in to these communications, you have the right to withdraw your consent at any time. Just let us know by emailing us at dpo@hellasdirect.gr or simply «unsubscribe» from the next email you receive. We will immediately stop processing your data for commercial and promotional purposes.

Is your personal data safe?

Absolutely! We use all appropriate technical and organizational measures to ensure the security of your personal data. We have chosen to keep only the data which is absolutely necessary, all of which is encrypted and / or anonymized, either in part or in whole. The security of your data is extremely important to us.

What kind of changes do we make?

At times, we may make changes to our Privacy Policy for the purpose of improving customer service and to comply with relevant legislation. We urge you to visit our site from time to time to keep up-to-date with any changes. However, if we make substantial changes to this Policy, we will notify you through via email to give you the opportunity to review the new terms and conditions in order to decide whether or not you agree with them.

What are your rights in relation to your personal data?

You have the right to information and access, to know which data we process, why and by whom.

The right of rectification if for some reason your data is not valid or incorrect.

The right to restrict processing, as the case may be, to specify what data you want to be processed and which ones you want to restrict.

The right of deletion, aka the right to erasure from our database in some cases, especially if there is no need for us to have your data.

The right of portability, to give you the data we have processed to transfer it to another partner or other company.

The right of objection. If applicable, you are entitled to oppose the processing of your data. However, since some of these data are necessary for us to provide you with insurance, the objection may lead to the termination of your insurance contract.

The right to automated individual decision-making, since you have the right not to be subject to decisions taken solely on the basis of automated processing, including profiling.

The right to withdraw the consent you have given us for the use of your data for commercial purposes.

In order to exercise any of your above mentioned rights, you must send us your request by email at dpo@hellasdirect.gr or by calling us at 22 277499. We will evaluate your request within thirty (30) days. If there are objective reasons that do not allow us to meet your request, we will inform you. You can exercise these rights at no cost. If they are often reiterated, we have the right to ask you to pay a management fee of up to €25.

How can you complain about the way your personal data is being processed?

If you disagree with the way we have processed your personal data, you can email the Data Protection Officer at dpo@hellasdirect.gr. Alternatively, call us 22 277499.

You can also contact the Personal Data Protection Authority, which is available at www.dataprotection.gov.cy.