AWP Polska sp. z o.o. (“we”, “us”, “our”), making up Allianz Worldwide Partners SAS group, is a service company providing, among other things, assistance services. This privacy notice explains how and what type of personal data shall be collected and for what purposes and to whom personal data shall be made available/disclosed. Please read the information below carefully.
A data controller is an entity which decides on personal data processing and is responsible for retention and use of personal data. AWP Polska Sp. z o.o. is precisely a data controller.
We shall collect and process various categories of your personal data, the scope of which depends on the subject-matter of the contract or the services provided to you, as per the list below:
Depending on your contract and scope of service, we shall request solely the data indispensable in a given case.
We shall process personal data provided to us by you or received by us without your involvement as explained and listed below:
| Purpose and legal basis for processing | Do we need your consent? | Legal basis for processing |
|---|---|---|
| Conclusion and performance of the contract (e.g. examining advisability of provision of a service, providing the service, settling costs and processing of complaints) | No |
Article 6(1)(b) of GDPR* |
|
To inform you, or enable AWP Group’s companies and selected third parties to inform you, about the products and services that, in our view, may be of interest to you, in accordance with your preferences in terms of reception of marketing information. You may change these preferences at any time. If you change your decision relating to the aforesaid preferences, including withdrawal of a consent to any of the aforesaid items, please notify us by clicking on the “Unsubscribe” link in each email message containing marketing information or by contacting us in the manner described in Clause 9 below. |
Yes |
Article 6(1)(a) of GDPR*, Article 6(1)(f) of GDPR* (direct marketing of our products and services constitutes our legitimate interest) |
|
Fulfilling the obligations (e.g. tax, accounting and administrative obligations) arising under legal regulations |
No | Article 6(1)(c) of GDPR* |
| To spread risk through reinsurance or co- insurance | No |
Article 6(1)(f) of GDPR* (reducing insurance risk constitutes our legitimate interest) |
|
To mitigate risk relating to economic sanctions through verification and application of other adequate measures examining whether the client is not subject to any restrictions or whether the contract does not violate any economic sanctions, through regular client audits and, at the stage of provision of the service, through performance of an analysis relating to application of financial sanctions to the client and, as applicable, the beneficiary prior to disbursement of damages or benefit |
No | Article 6(1)(f) of GDPR* (our legitimate interest is to mitigate the risk of financial and economic sanctions) |
| To examine client satisfaction | No |
Article 6(1)(f) of GDPR* (checking quality of services provided by us and the level of satisfaction of our clients constitutes our legitimate interest) |
| To determine and seek claims as well as to defend against claims. | No |
Article 6(1)(f) of GDPR* (the possibility to determine and seek claims as well as defend against claims constitutes our legitimate interest) |
We shall ensure that your personal data are processed in the manner consistent with the purposes stated above.
For the purposes stated above, your personal data may be disclosed to the following third parties being data controllers: public authorities and other AWP Group’s companies.
For the purposes stated above, we may also make your personal data available to the following entities processing data at our request: other AWP Group’s companies, technical consultants, specialists, lawyers, service technicians, physicians and other subcontractors providing services to AWP in order to deliver services (service requests, IT services, postal services, document management, performance of a contract through provision of services to eligible persons) as well as entities and networks providing advertising services to enable them to send you marketing information as permitted under the national laws and regulations while taking into account your preferences in terms of communication. We shall not make your personal data available to unrelated third parties for their own marketing purposes without your consent.
Furthermore, we may share your personal data in the following cases:
Your personal data may be processed in the territory of the European Economic Area (EEA) or outside it by the entities listed in Clause 4, subject to contractual restrictions relating to information confidentiality and security, in compliance with the applicable data protection laws and regulations. We shall not make your personal data available to the persons who are not authorized to process them.
Your personal data shall be transferred for the purpose of their processing to another company from AWP Group outside EEA each time in compliance with the approved binding corporate rules (BCR) that assure adequate personal data protection and are legally binding upon all AWP Group’s companies. Where the Group’s BCR do not apply, we shall take appropriate measures to assure adequate protection of your personal data transferred outside EEA at the same level that is assured within EEA. If you are interested in the security measures taken by us when transferring data outside EEA (e.g. standard contractual clauses), please contact us in the manner specified in Clause 9.
If permitted under the applicable laws and regulations, you have the right to:
You may exercise these rights by contacting us in the manner specified in Clause 9 and stating your first name and surname, email address and the subject matter of your request. You may also file a data access request by completing a Data Access Request Form available at https://mondial-assistance.pl/polityka-prywatnosci-AWP-Polska.
If permitted under the applicable laws and regulations, you have the right to file an objection to our processing of personal data and to request that we discontinue their processing (also for the purposes of direct marketing). Once we have received such request, we shall discontinue further processing of your personal data unless such processing is permitted under the applicable laws and regulations.
You may exercise the other rights specified in Clause 6 in the same manner.
We shall retain your personal data over a period of 6 years from the date of expiry or termination of a contract or the end date of the proceedings concerning provision of a service or examination of your complaint. The six-year period is related to the limitation period for pursuing claims in force in Poland and the need for archiving documents in compliance with the Accounting Act.
We shall not retain your personal data longer than is necessary and we shall retain them solely for the purposes for which we have collected them.
Should you have any questions relating to the manner in which we use your personal data, you may write to us to:
AWP Polska Sp. z o.o.
ul. Konstruktorska 12
02-673 Warszawa
We have appointed the Data Protection Officer (DPO), who may be contacted via email or by post at:
Data Protection Officer
AWP P&C S.A. Branch in Poland
ul. Konstruktorska 12
02-673 Warszawa
E-mail: iodopl@mondial-assistance.pl
You may also contact us using the Data Access Request Form available at https://mondial-assistance.pl/polityka-prywatnosci-AWP-Polska.
This privacy notice is reviewed and updated on a regular basis. We shall make sure that its up- to-date version is available on our website https://mondial-assistance.pl/polityka-prywatnosci-AWP-Polska at all times and, furthermore, we shall inform you in person about each important amendment to this privacy notice that may affect you. This privacy notice was most recently updated on 31 March 2023.
*GDPR or Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1 and OJ L 127, 23.5.2018, p. 2).