Our priority at MEDITERRANIA AAEZ Insurance Company is the protection of your personal data. We take all necessary measures to safeguard the data collected and processed during your transactions with us.

In accordance with the regulatory framework for personal data protection under the General Data Protection Regulation (EU) 2016/679 and Law 4624/2019, as currently in force, our forms and procedures have been updated to ensure full compliance with regulatory requirements.

Below, we provide full information and details on how we process and use your personal data:

1. Who Will Use Your Personal Data       
  MEDITERRANIA will use your personal data in its capacity as the Data Controller. You can contact us at the following address:

• Iasonidou 1, 167 77 Elliniko (1st floor)
• Tel.: 215 500 5588
• Email: info@mediterrania.gr

If you have any questions regarding the processing of your personal data, wish to exercise any of your rights, or submit a complaint related to your personal data, you may contact our Data Protection Officer either by mail or via email at dpo@mediterrania.gr.

2.  Categories of Personal Data        
  The processing of personal data includes the following:

• A. Identification Data: Name, surname, date of birth, ID/passport number, Social Security Number (AMKA), Tax Identification Number (AFM), tax records, etc.
• B. Contact Information: Phone numbers, mobile numbers, mailing address, email address, etc.
• C. Data Required for the Conclusion of an Insurance Contract: Additional information related to risk assessment necessary for the execution of insurance contracts, including financial data, health information, employment details, physical characteristics, etc.
• D. Payment Data: Bank accounts, credit/debit card details.
• E. Other Data: Public databases, online sources, etc.

3.  Categories of Data Subjects        
  The categories of data subjects include:      
  - Policyholders
  - Prospective policyholders      
  - Contracting parties
  - Prospective contracting parties
  - Insurance beneficiaries     
  - Potential insurance beneficiaries     
  - Third parties involved in events related to the occurrence of the insured risk      
  - Suppliers, partners, independent professionals, affiliated consultants, and service providers

4. Purposes for Which We Use Personal Data    
  We use personal data for the following purposes by category:

If you are the policyholder or an insured person:

• For the assessment and management of insurance risk and the determination of the insurance premium.
• For the issuance and management of the insurance policy.
• For the provision of insurance coverage under your policy.
• For the settlement of insurance claims in the event of an insured risk.
• For the processing of payments to and from you.
• For conducting pre-insurance assessments.
• For informing you via electronic or postal correspondence, phone, or SMS regarding your insurance policy or other insurance products.
• For handling complaints, grievances, and claims.
• For the mandatory exchange of information in the tax sector, potentially using automated means.
• For compliance with court decisions and responding to requests from public authorities.
• For the provision of marketing services and the presentation of personalized insurance information and offers.
• For improving the user experience of our website visitors.
• For ensuring the security and verification of electronic communications, only with your explicit prior consent, which constitutes the legal basis for such processing (Article 6(1)(a) of the GDPR).
• For the security of company facilities and the management of business operations, information systems, and data hosting.

In the event of an insured risk under your policy coverage, the collection and processing of necessary special category data (e.g., health data) are conducted strictly based on one of the following legal grounds:

1. With your explicit consent, following a specific notification.
2. For MEDITERRANIA’s compliance with legal obligations under labor law and social security regulations.
3. For the establishment, exercise, or defense of legal claims.
4. For ensuring the provision of preventive or occupational medical services to you.

If you are a supplier, professional, partner, or service provider:

• For carrying out all necessary pre-contractual actions within the framework of procurement or service agreements.
• For the implementation of the contract, if concluded, and the execution of necessary administrative, tax, and accounting activities.
• For conducting internal audits.
• For handling complaints, grievances, and claims."

5. Which Personal Data Do We Use
The personal data we use include:      
Insurance Contract Services Provided  

• Basic Identification and Contact Information: Name, Address, Tax Identification Number (AFM)/Social Security Number (AMKA), Phone, Email.
• Additional Information (Depending on the Type of Insurance): Financial Data, Health Data, Socioeconomic Information.
• Payment History.

Procurement and Partner Service Provided  

• Basic Identification and Contact Information: Name, Address, Tax Identification Number (AFM)/Social Security Number (AMKA), Phone, Email.
• Professional Information.

6. Legal Bases for Data Processing  

• Your personal data is processed based on the following legal bases:
• Contract: Processing is necessary for the performance of a contract or to take steps at your request before entering into a contract.
• Legal Obligation: Processing is necessary for compliance with a legal obligation.
• Consent: In certain cases, processing is carried out based on your consent.
• Legitimate Interests: Processing is necessary for our legitimate interests, provided that these do not override your interests, fundamental rights, or freedoms.

7. Retention Period of Your Personal Data 
Your personal data is retained for as long as necessary to achieve the purposes of its collection and processing, as described in this notice, and in compliance with the provisions of applicable law.

8. Your Rights as a Data Subject     
As a data subject, you have the following rights:  

• Right of Access: You can request information about the personal data we hold and process.
• Right to Rectification: You can request the correction of inaccurate or incomplete data.
• Right to Erasure: You can request the deletion of your personal data under specific conditions.
• Right to Restriction of Processing: You can request the restriction of the processing of your data under specific conditions.
• Right to Data Portability: You can request the transfer of your data to another data controller.
• Right to Withdraw Consent: You can withdraw your consent at any time.

To exercise your rights, you can contact us via email at dpo@mediterrania.gr or by mail at Iasonidou 1, 167 77 Elliniko.

9. Security of Your Personal Data     
The protection of your personal data is important to us. We have implemented all necessary measures to ensure the security of your data, including the use of technical and organizational security measures.

10. Updates to This Policy
We may update this privacy policy periodically. Any changes will be posted on our website and will take effect from the date of publication.

ELECTRONIC APPLICATIONS

When you visit our website, our servers may automatically record the following information:

1. Information About Your Visit:

• IP Address
• Date and time of the visit
• Duration of the visit

2. Traffic Statistics:

• Data is collected for statistical purposes and is stored anonymously, without identifying individual visitors.

3. Information from Contact or Complaint Submission Forms:

• Full Name
• Email
• Phone Number
• City of Residence
• Tax Identification Number (AFM)

4. Cookies:

• Cookies are stored on your device when using our website.

The recorded and collected information is used to improve your experience on our website, analyze visitor traffic, and provide our services.

ACCESS/OTHER INFORMATION

When you communicate with us or visit our company offices (Iasonidou 1, Elliniko), we collect the following personal data:

1. Telephone Center:

• Your call may be recorded.
• The phone number from which you called will be logged.

2. Visit to the Premises:

• Upon entering the building, we will collect:
  • Your full name
  • The purpose of your visit
  • The duration of your visit
  • Closed-circuit television (CCTV) will record your image.

These data are collected for security reasons, visitor management, and to ensure the quality of our services.

DATA COLLECTION AND PROCESSING

Please be aware that we collect your personal data either during your application, communication, or visit, as provided by you or through other sources related to the company's operations and procedures. The provision of personal data is voluntary.

The company does not process the following categories of personal data:

• Personal data of minors
• Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership
• Genetic data, biometric data, health data, or data concerning sexual life or sexual orientation.

Submit a GDPR Request here!

For any inquiries or questions regarding the processing of your personal data, you can contact us at the following address:

Iasonidou 1, 167 77 Elliniko (1st floor)
Tel.: 215 500 5588
Email: info@mediterrania.gr

Best regards,
Mediterrania Insurance Company