Our website uses cookies.

Learn more about them and how you can limit them here.

Euroins Partners Portal Online Payment Online Services About Claims Offices and Contacts +30 210 9764307
  • Home
  • CCTV Monitoring Privacy Notice

CCTV Monitoring Privacy Notice

INFORMATION ABOUT PERSONAL DATA PROCESSING THROUGH VIDEO SURVEILLANCE SYSTEM

 

 

1.      Introduction – Data Categories:

The information about personal data processing through video surveillance system (hereinafter «information»), has been devised by the company «INSURANCE COMPANY EUROINS SA BRANCH OF GREECE» (hereinafter «company»), as Head of Processing, in the context of necessary information provision, regarding personal data processing (i.e. image data) of individuals, of which their image is taken («data subjects») through company’s video surveillance system. 

 

2.      Data Controller:

«INSURANCE COMPANY EUROINS JSC BRANCH OF GREECE», 14 Amfitheas Av. and 43 Agion Anargiron Str, P.C. 17564, Palaio Faliro, Attiki, phone number: 210.9764307, e-mail: office@euroins.gr 

 

3.      The Purpose of processing and legal basis:

We use video surveillance system, aiming to individual’s and property protection. The processing carried out through the video surveillance system is governed by the relevant provisions of the current national legislation for personal data protection (Greek Law no. 2472/1997, Greek Law no. 4624/2019 as in force, etc.), of European Union Directives and Regulations (in particular General Data Protection Regulation (EU) 2016/679, hereinafter «GDPR»), as well as from the decisions, instructions (in particular the no. 1/2011 Directive) and regulations of Hellenic Data Protection Authority (hereinafter «HDPA») and is subjected to the legal formalities and restrictions being imposed. This process is necessary for purposes of legitimate interests, pursued by our company, as a data controller (Art. 6 par. 1 apr. 6 GDPR).

 

Our Company ensures to comply with the principles of processing, in accordance with the current legal framework regarding personal data protection, namely the principle of lawfulness, fairness and transparency, the principle of purpose limitation, the principle of data minimization, the principle of accuracy, the principal of storage limitation and the principle of integrity and confidentiality. (Art. 5 GDPR).

 

4.      Analysis of legitimate interests:

Our legitimate interest is comprised of the need to protect our space, our buildings, our critical infrastructure and goods that are found in them from illegal acts, such as thefts and robberies. The same applies to life safety, physical integrity, health as well as property and staff and third parties property (visitors, etc.) who are legally in the supervised area. We only collect image data (not audio) and we limit the recording in areas with increased possibility of committing legal acts, i.e. theft, robbery, as in the cashier and entrance area, without focusing in areas where individuals privacy being recorded may be severely restricted, including their right in personal data respect.

 

5.      Recipients:

The control unit is installed in an area with limited access, so as the stored material is accessible only by the competent/authorized personnel, who oversees the area and the management of the video surveillance system. This material is not transferred to third parties or legal person, apart from the following cases: a) to the competent judicial, prosecuting  and police authorities, when it contains necessary material regarding a criminal act investigation, concerning processor’s people or goods, b)to the competent judicial, prosecuting and police authorities, when data is required, legally, during the performance of their duty and c) to the victim or the perpetrator of a criminal act, when it concerns data, which may constitute evidence of the act.

 

6.      Retention time:

We store personal data, which are processed for the above-mentioned purposes, for fifteen (15) days, after which they are automatically deleted. In case that during this period an incident to the detriment of a person or property has taken place, we isolate the specific part of the video and keep it in a separate file for one (1) month, in order to investigate the incident and start he legal proceedings to defend our legal interests. If the incident concerns a third party, we will keep the video in a separate file for three (3) months.

 

7.      Rights of data subjects and how to exercise them:

Data subjects have the following rights:

 

  • Right to transparent information and communication regarding their right exercise (Art. 12,13,14 GDPR), before and during the processing, ie the right to be informed about personal data processing (as detailed with this information sheet).
  • Right of access (Art.15 GDPR): you have the right to know if we are processing your image and in this case, you will receive a copy of it.
  • Right of restriction (Art. 18 GDPR): you have the right to ask to restrict the processing, for example not to erase necessary data to establish, exercise and support legal claims.
  • Right of objection (Art. 21 GDPR): you have the right to object towards the processing.
  • Right to be forgotten: you have the right to ask for your data deletion, under specific circumstances and without prejudice to the obligations and any legal claims of the data controller, regarding data preservation, according to the provisions of law.

You can exercise your rights by sending an e-mail to dpo@euroins.gr or by sending a letter to our postal address or by submitting your request in person, in our company’s address.

 

In order to examine a request related to your image, it is necessary to specify when you were within the range of the cameras and to provide us a picture of you, in order to facilitate the valid and timely detection of your personal data and hide third parties data. Alternatively, you have the choice to visit our company in order to show you the images in which you appear. 

 

We also note that the exercise of the right of objection or the right to be forgotten does not imply the immediate deletion of data or modification of the processing. In any case, you will receive a detailed reply by us as soon as possible, within the deadlines set by the GDPR.

 

In any case you consider that personal data processing concerning you, violated the applicable legal framework for personal data protection, you have the right to file a complaint to the competent national supervisory authority, Hellenic Data Protection Authority. (1-3 Kifisias Str., 11523, Athens, https://www.dpa.gr/, phone number 210.6475600).