PERSONAL DATA PROTECTION POLICY OF SiCRED sh.a.

 

We respect your privacy, so making sure that our policies are in accordance with the provisions of the applicable law, we have drafted this notification of our personal data protection policy.

This is the notification of our personal data protection policy, and we will provide it to you, the first time you consult our official website, and upon request or as required by law thereafter.

This notification describes how we protect, collect, use, share and transfer client information.

Client information means all non-public information, related to an identified individual, which within the meaning of Law 9887/2008 (as amended) is called personally identifiable information.

Client information does not include anonymous data, which do not identify an individual. According to the provisions of the applicable legislation in the Republic of Albania and for the purposes of this policy, “Anonymous data” is any data that, at the origin or during processing, cannot be associated with an identified or identifiable individual.

A - SiCRED principles on personal data protection

 i.   SiCRED does not sell client information
 ii.  SiCRED does not permit those doing business on SiCRED‘s behalf to use SiCRED‘s client information for their marketing purposes.
iii.  SiCRED contractually requires any individual, natural or legal entity, that provides products or services under SiCRED‘s name to protect SiCRED’s client information.
iv.  SiCRED does not share the client’s medical information within the entities where SiCRED owns shares or is their parent company, according to the applicable commercial legislation, unless:
     1. expressly authorized by the client
     2. permitted or required by law
     3. this request has expressly indicated in the insurance contract and the insured SiCRED client has approved it by signature.
v.  SiCRED may share client information and allow others to use that information, if you, the client, give us your consent, if it is necessary to complete a transaction that you would like to complete, or it is permitted and stipulated expressly by law.
vi.  SiCRED handles information for the previous and possible/potential clients equally, as well as for our current existing clients.

B - SiCRED keeps and protects the information received about the client

SiCRED implements physical, electronic, and procedural security policies to protect client information and to comply with the applicable legislation in the Republic of Albania regarding this issue. In addition, SiCRED reviews policies and professional practices, monitors computer networks, and periodically tests the technical security strength. SiCRED keeps client information only for legal, auditing, regulatory and business purposes.

C - Information that SiCRED receives about the client

SiCRED collects client information in various methods, for example, we collect information from:

i.  insurance applications regarding to our insurance products through conversations with SiCRED representatives, including our agents.
ii. use of https://www.sicred.com.al, our websites and applications, our social media websites and applications, and our online interactions and advertising.
iii. transactions or experiences with us, such as payments, underwriting and insurance policy claims;

D - How does SiCRED use client information

SiCRED may use client information to deliver newsletters with the following content:

i. ensure and evaluate your policies and accounts
ii. process your requests
iii. be cautious, protect yourself against fraud or unauthorized transactions,
iv. confirm your identity, only upon reading and approving the personal data protection policies
v. improve our insurance products and services by providing feedback on your experience as our client
vi. information on new insurance products
vii. information about new activities or changes, as imposed by the applicable law.

E - How does SiCRED share client information

i. SiCRED shares client information only for:

  1. our transactions with you (payments)
  2. experiences with you (automated claims)
  3. our regular business purposes (with your consent and as necessary to complete an insurance transaction that you request), or as required by law
  4. to handle your claim request on insurance product
  5. to report to the Financial Supervision Authority
  6. to inform our reinsurer about the insurance product you have purchased
  7. in cases where you enter a contract as a Union of Operators for the insurance product that you have purchased
  8. in cases of need and to protect against fraud and unauthorized transactions when an investigation is carried out

ii. If you are an existing client and have provided your information sharing preference as our client, you shall carry no action unless you decide to change your consent to information sharing as our client.

In addition to the information collection and sharing practices described above, SiCRED sh.a. website properties and applications use common tracking technologies, browser cookies, analytical tools, device IDs or other technological data.

Furthermore, we collect certain technical information about the device you use to access our website or services, such as the agent, time stamp, hardware type, language and time zone, IP address.

Our mobile and social media applications include a statement that describes what information is collected from your use of that particular application.

Currently, we do not implement common technology to respond to “do not track” web browser signals or other comparable tools.

 “Agree” with these terms if you want to learn more about us.

If you click on the links next to a third party, you will be guided directly to the website, which is not under our control.

This notification does not apply to the personal data protection practices of these websites. Read carefully the personal data protection policy of other websites. We bear no responsibility for these third-party websites.

If you request to delete your account, SiCRED sh.a. may continue to keep your information, only for legal, auditing, regulatory and business purposes. Retention periods vary, according to specific legal, audit, regulatory and business needs.

The request on deleting an account within the mobile application applies only to the credentials and account that you have developed within the application and not to any other account that you may have developed with SiCRED sh.a..

If you join the “newsletter” application or “SiCRED online products“, and “agree” with these terms, SiCRED sh.a. collects the correct information required in the application.

Upon “agreeing”, you have given “Consent as a data subject“. Therefore, SiCRED sh.a. will consider consent as your written statement, given expressly with full and free will and being fully aware of the reason why the data will be processed, which means that you, as the data subject, accept your data to be processed and handled at and by SiCRED s.a., in accordance with this notification of our personal data protection policy.

All information, collected in any application, that SiCRED sh.a. uses, is handled by SiCRED sh.a. in accordance with this notification of our personal data protection policy.