How we process the data
We process the personal data provided by you on the basis of a legal reason pursuant to Article 6 of the GDPR (1) (b), if the processing is necessary for the performance of a contract or pursuant to (c) for compliance with a legal obligation. Further also according to (a) based on your consent to the processing of such data in cases where the legitimate interests under the above provision are insufficient as a legitimate reason for the processing or if the processing involves a special category of personal data. Personal data is processed for the purpose of providing claims settlement services. We always use the personal data you provide only for the purpose for which data was communicated to us, and we always inform users in a transparent manner.
What data we process
As part of our service we collect some of the following personal data:
a) address / title
b) name
c) surname (including maiden name)
d) date of birth
e) sex
f) place and country of birth
g) nationality
h) contact address (information on current and former residence)
i) e-mail address
j) phone number (or numbers if you tell us)
k) photographic record
l) health information
or other depending on the documents provided for the purpose of claims settlement.
Retention period of personal data
We keep the data for the time necessary for the purposes of the contract and for the time necessary to fulfil legal obligations or protect our rights. Data provided with the consent of the data subject and a specific category of personal data shall be kept for the period indicated in the consent. If you exercise your right to be forgotten or withdraw your consent, the data will of course be kept shorter.
Transfer of data – other processors
The Controller is authorized to process personal data both automatically and manually, also through designated processors. Personal data shall / will only be disclosed to authorised employees of the Controller or to employees of the Processor, and only to the extent necessary for the purposes of processing. The transfer of personal data to other Processors takes place only to a minimum extent and all processing relationships are based on processing contracts in which our Processors have undertaken to take measures that ensure the same level of security of personal data as our company provides. The Controller will transfer the personal data to third countries, international organizations or other third parties with whom cooperation is required to settle claims.
Business Communication
According to § 7 par. 3 of Act No. 480/2004 Coll., on Certain Information Society Services and on amendments to certain Acts (Act on Certain Information Society Services), as amended, and pursuant to Introductory Provision 47 of the GDPR, we are allowed to use some of the information provided by you for direct marketing within our existing contractual relationship. These marketing communications will only apply to the professional services we provide. At the same time, in any such commercial communication, you will find the option to unsubscribe from these communications free of charge.
Cookies
To make our offer relevant to you, our website www.inservis.com uses text cookies. It is used to remember your preferences and the actions you have performed on them (e.g. login, language, font size and other display preferences). You do not need to re-enter this information for a certain period of time. Our cookies do not in themselves identify an individual user; they only identify the device you use, using a randomly generated identification code. As a user, you can disable or limit the use of cookies in your browser. However, if you do so, you will not be able to use all the features offered by our site.
Security
We use certain security technologies and features to maximize the protection of the personal data you provide. We have also taken appropriate technical and organizational measures to safeguard your data, as well as technical measures to safeguard data storage, paper-based personal data storage, regular system updates, and measures to prevent unauthorized persons from accessing your data. Even though we do our best to protect your personal data from loss, misuse, unauthorized access, modification or disclosure, it is never possible to ensure 100% control. Therefore, we will inform you immediately in case of any incidents that reach a certain level of risk.
Rights of personal data subjects
In order to respect the principle of transparency in the processing of personal data, we will gladly provide you with information about the personal data we process using the contact details below.
If legally possible, you have the right to change or correct the personal data we store about you.
If the processing of personal data is carried out with your consent, you have the right to restrict such processing, to withdraw the consent or even to have all data that we store with your consent be deleted. Exceptions are cases where processing is due to a legal obligation or due to our legitimate interest.
You also have the right to a copy of the personal data we keep about you, including their sources, purposes and methods of processing, electronic decision making, and the entities with whom we share your data. We will endeavour to disclose the information you request within a reasonable time. Depending on what information you require, we may charge you a fee to the extent permitted by applicable law.
If you believe that the Controller is proceeding in violation of GDPR, you have the right to object to the processing and to file a complaint with the Office for Personal Data Protection.
Contact information
If you have any questions, complaints, comments or exercise the rights of data subjects, please contact us at: info@inservis.com