Warning: Trying to access array offset on value of type null in /data/web/virtuals/340689/virtual/www/www/wp-content/themes/petrisk/functions/templates/shared.php on line 182

Controller of your personal data:

We process personal data:

• Your identification and contact data (e-mail address, telephone number, address – not mandatory, but if you provide us with this information, our communication will be faster and more effective), data may result from our mutual communication (solving your inquiry, request, etc.);
• Details of products you have already contracted;
• Data from our mutual communication (whether verbal, telephone, written, for reasons of interest protection, we may also record our mutual telephone calls so that we can always better meet your requirements, wishes and goals. You will always be informed about the recording of such a call before it takes place);
• Sociodemographic data (e.g. age, occupation, etc.);
• Payment details (e.g.: premium paid, account number on the insurance policy, etc.);
• Data on payment record, creditworthiness and credibility;
• Specific data necessary to meet your needs, wishes and objectives, special “sensitive data”, e.g.: data about your health (e.g. for life, accident, sickness insurance) – if you give us your consent;
• Biometric data contained in the so-called biometric signature (if you sign as such);
• Data in the event of an insurance claim, in the context of mutual communication;
• You can provide us with new personal data when communicating about a change in insurance, or from people who contact us, personal data when dealing with requests (e.g. an heir asking for a refund of an overpayment of insurance premiums);
• From publicly available sources and other records available to us (e.g. commercial and insolvency registers, etc.);
• For the purpose of preventing and detecting insurance fraud and other unlawful acts, we may also obtain personal data from another entity (e.g.: insurance company), in particular data about the insurance participants, persons to whom the insurance participant has granted power of attorney, data about other persons involved in the insurance claim, etc. – the procedure in accordance with the law;
• Entities that will provide us with your personal data within the framework of applicable legislation in the course of insurance administration, claims handling, offer and assessment of the suitability of insurance, processing and preparation of the insurance contract.

The reason for the processing of personal data is to protect your or our rights and interests or the interests of others, in particular in the prevention and detection of crime, the evaluation of the quality and improvement of our professional activities, the improvement of existing products, direct marketing involving the offer of our other services and directly related products. Legislation also obliges us in some cases to process your personal data for the following purposes:

• Fulfilling the duties of professional care in arranging insurance services, in particular in assessing the ability, needs and requirements of the prospective insured;
• Identification in accordance with the regulations in the fight against money laundering and financing of terrorism;
• Preservation and archiving of data according to legal requirements (accounting and tax regulations, archiving, etc.);
• Fulfillment of general standards and duties in the professional practice of an independent broker.

Cases where the Controller requests consent to the processing of health data:

We will ask for your consent if you want to become our customer for products where we need to know your health condition in advance to assess the insurance risk, preparatory activities before arranging insurance or its change and for you to arrange the insurance or change or settle the claim. You are free to decide whether to give us your consent. However, we will not be able to prepare a quotation and arrange insurance or a change of insurance for you without your consent, in view of the applicable legislation. This applies to products where we need to know health information before arranging or arranging a change or providing a service in fulfilment of the insurance policy. However, without processing your personal data, we cannot provide you with other services such as assisting you in settling a claim, defending insurance-related claims, carrying out preparatory and analytical work in the administration of your insurance policies or exercising your rights under them.

Situations in which we process your personal data:

Preparation and conclusion of the contract

The provision of personal data is completely voluntary, but if you do not provide us with the data necessary for arranging insurance, we will not be able to prepare an insurance offer or conclude an insurance contract (or, for example, a supplement to an insurance contract) with you. In order to prepare the insurance offer and conclude the insurance contract, we necessarily need to know the following in order to comply with the sectoral regulation according to Act No. 170/2018 Coll., on the distribution of insurance and reinsurance, the standards of which we must follow and are regulated by: name, surname, birth number, date of birth, residential address, or correspondence address, in the case of a natural person entrepreneur, identification number, if assigned. We may also ask you to provide other necessary data depending on the nature of the product or service you require, e.g. data on insured property, occupation, income, risk behaviour, sports activities, including sensitive personal data.

Performance of the contract

The processing of personal data is also necessary for the proper administration of insurance contracts, including their amendments, the settlement of insurance claims, the provision of other services and mutual communication. The other data we process is related to the products you use and the personal data you have provided to us or that we have found out, e.g. during the settlement of an insurance claim.

Fulfilling a legal obligation

The obligation to process your personal data is imposed on us by the legal regulations that we are obliged to follow in the performance of our activities, both in the distribution of insurance and reinsurance (Act No. 170/2018 Coll.), in compliance with measures against the legalization of the proceeds of crime and the financing of terrorism (Act No. 527/2020 Coll. and Decree No. 235/2021 Coll.) or compliance with the Act on International Cooperation in Tax Administration (Act No. 164/2013 Coll.) or compliance with the Act on the Implementation of International Sanctions (Act No. 69/2006 Coll.), in the processing of personal data (Act No. 110/2019 Coll. – “Adaptation Act” specifying the General Regulation on the protection of personal data), (Act No. 182/2006 Coll.), on bankruptcy and methods of its resolution (Insolvency Act), or compliance with other applicable standards. In the performance of our activities, we are also obliged to provide, in justified cases, assistance to courts, law enforcement authorities, the Czech National Bank, etc.

Protection of our legitimate interests or the legitimate interests of a third party

We may also process personal data for legitimate interests consisting of:

• In protecting our legal claims (e.g.: recovering outstanding insurance premiums);
• In risk assessment and management, prevention and detection of potential violations;
• In the management of service quality and customer relations, as well as in reinsurance and co-insurance;
• In the preparation of a non-binding offer, modelling, suitability assessment or premium calculation, if no insurance contract is subsequently concluded;
• In the preparation, negotiation and execution of contracts negotiated on your behalf (the situation applies to both insured and insured persons), as well as in internal administrative processes (e.g.: reporting);
• In direct marketing (we may process your contact and identification data in the scope of: name and surname, telephone number, e-mail address for the purpose of direct marketing of our company, i.e. sending our products and services related or related to the already concluded insurance(s) via e-mail address);
• With your consent, we may process data for indirect marketing, i.e. offering products and services or other communications related to the agreed product or service from cooperating partners (insurance companies). The personal data specified in the consent is used for the outreach. No special category personal data is used for marketing, unless otherwise specified in the text of the consent. The current list of cooperating insurance companies, members of the “Administrator” community, or industry associations can be found at: www.petrisk.cz, under the “We cooperate” tab (https://www.petrisk.cz/spolupracujeme/);
• Providers of specialised services (legal, consultancy, financial) if you give your consent;
• Processing of special category personal data (“sensitive personal data”) on the basis of your consent in insurance only in the case of products where it is necessary to process personal data on the health condition not only of you but also of other insured persons. Health data is important for the correct setting of the insurance conditions, for the preparation and assessment of the insurance or credit risk, for the recommendation of a suitable product, for the creation of a quotation and for the possible subsequent conclusion of an insurance contract. The processing of this personal data is usually carried out directly by the service (product) provider, i.e. the insurance company. The controller arranges the transmission of the necessary data to the insurance company.

Recipient of personal data

We transfer your personal data in justified cases and to the extent necessary to categories of recipients:

• Contract insurance companies (or other financial institutions) in accordance with applicable laws;
• To other entities in cases where we are required to disclose your personal data by law or where it is necessary to protect our legitimate interests (e.g.: courts, law enforcement authorities);
• Providers of information systems and technical infrastructure where they manage internal systems for the management and recording of personal data of internal administration;
• At the same time, we may transfer your personal data in the context of fulfilling obligations arising from applicable legislation, in particular in cases of preventive activities against insurance fraud or the laundering of the proceeds of crime and the promotion of terrorism or other unlawful acts;
• All persons who cooperate with us and, where applicable, come into contact with your personal data in the course of their work or contractual obligations are bound by confidentiality and comply with the standards of security of your personal data, other legal or natural persons, if you give your consent, having other legal title to obtain your personal data;
• Suppliers of services necessary for the operation of the “Administrator” (administration, accounting, personnel, etc.).

Period of processing and storage of personal data

• The controller processes and stores your personal data for the duration of the contract and for ten years after the termination of the obligation under this contract pursuant to Act No. 527/2020 Coll., hereinafter referred to as “AML”;
• The administrator processes and stores your personal data for the duration of the contract and for a period of ten years from the end of the insurance contract according to Act No. 170/2018 Coll., hereinafter referred to as the “ZDPZ”;
• The controller shall process and store your personal data until the end of the second calendar year after the last communication with you, unless insurance has been arranged;
• The Controller processes and stores your personal data in the case of sending marketing offers for the duration of the commitment from the respective contract, and further for a period of two years after the termination of the commitment from this contract, unless you object to the processing of personal data, in which case the “Controller” is obliged to stop processing your personal data.

Method and principles of processing personal data

The Controller is entitled to process personal data manually or by automated means through its authorised persons, employees, processors or third parties with whom the “Controller” has concluded a valid contract for the processing of personal data and who provide activities and services forming part of the services provided by the “Controller”, as well as to persons according to your consent and to persons authorised under applicable legislation. Personal data is stored in secure databases. The Controller declares that all processing of personal data, or necessary transfers, will be carried out in full compliance with the principles of security in the handling and management of personal data and in accordance with the applicable legislation governing the protection of personal data and the regulations governing the intermediary activities of the Controller.

Communication and sending documents and information

You have the option to choose whether the information required by law to be provided by the “Controller” will be provided through paper records and reports or electronically or through another durable medium. By accepting this document, you confirm that you have been offered the options of information and ongoing communication and that you agree to the provision of information by electronic means (other durable medium) and that the method chosen is appropriate in relation to the insurance being arranged. Certain information will be provided, in accordance with the law, via the website of the “Administrator” www.petrisk.cz. In this context, you also declare that you have regular access to the Internet, that you regularly use this service and that you have the possibility to consult the information provided on the website of the “Administrator” and provided by electronic means of communication and that you have established an e-mail address. In the event that you do not have regular access to the Internet service, you are obliged to inform the “Administrator” immediately. In the event that you require the provision of information in paper form, you shall communicate your request to the “Administrator”, who will provide you with the information in that form.

You may exercise the following rights in relation to the processing of your personal data:

Automated individual decision-making: if the decision has significant consequences for you (e.g. it would lead to a failure to conclude a contract, a refusal to pay a benefit, etc.), you have the right to have the decision reviewed, to comment on it and, if necessary, to challenge it.

Portability: you have the right to receive processed data that is processed on the basis of consent or on the basis of the conclusion or performance of an insurance contract. This applies only to personal data processed by automated means.

Right to information: at your request, we will inform you whether and how we process your personal data, for what purpose, the period of storage, possible transfer to third parties, and what your rights are.

Right of access: you have the right to a copy of the data that is processed about you.

Right to rectification: if you discover that your data is incorrect, you have the right to have it corrected or clarified.

Right to erasure (“to be forgotten”): you have the right to have your data erased, but only if there is no other lawful basis for processing it (including to protect the legitimate interests and rights of the “Controller”).

Right to object: applies to cases of processing for reasons of public interest which the “Controller” pursues or for its own legitimate interest, including direct marketing. You have the right to object to such processing and, in the case of direct marketing, the “Controller” will cease such processing upon objection.

Right to withdraw consent: you may withdraw your consent at any time by writing to PETRISK a.s., Brumlovka – budova G, Michelská 1552/58, Michle, 141 00 Praha 4, or by e-mail to: petrisk@petrisk.cz.

The right to restriction: you have the right to restrict the processing of your personal data if you contest the accuracy of the data until the “Controller” verifies the accuracy (the Controller’s legitimate grounds override your legitimate interests) or if the data have been otherwise specified or the data are not necessary for the purposes of processing but you require their processing for the establishment, exercise or defence of your legal claims or the processing of the data has been unlawful and you require only the restriction of processing instead of the deletion of the data.

The right to turn to: the supervisory authority (Office for Personal Data Protection, address: Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz) or the court, information on your rights and their fulfilment can also be obtained at
tel.: +420 272 769 586, or at PETRISK a.s., Brumlovka – budova G, Michelská 1552/58, Michle, 141 00 Prague 4, or by e-mail: petrisk@petrisk.cz.

This information is available at www.petrisk.cz under Important Links (https://www.petrisk.cz/ochrana-osobnich-udaju/). We will inform you if there is a fundamental change in the processing of your personal data.

This information on the processing of personal data is valid and effective from 8. 3. 2023.