Get our app now!

We have just launched out mobile apps!

Learn more

+371 67334065 24/7 Skambučių centras

Privacy Protection Policy

Definitions

1) ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2) ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

3) ‘controller’ means the natural or legal person, public authority, agency or other body which determines the purposes and means of the processing of personal data;

4) ‘client’ means any natural person who uses, has used or has expressed a wish to use or is in other way related to any of the services provided by CORIS.

Data controller information

The controller is “CORIS Baltic Group OÜ” (hereinafter - CORIS), registered in the Commercial Register of the Republic of Estonia under registration No. 14385328, legal address: Hobujaama tn. 4, 10151, Tallinn, Estonia, tel: +37167334065.

General description of personal data processing performed by us

CORIS is committed to protecting and respecting your privacy. Data is collected and processed according to the data protection regulations, in particular European Union’s General Data Protection Regulation Nr. 2016/679, applicable contractual provisions, as well as controller’s legitimate interests.

A full range of organizational and technical actions is constantly performed to ensure your personal data is processed in a secure and lawful way:

  • the processing of the personal data is strictly limited to the extent that is necessary for the provision of CORIS services (including, but not limited to concierge services, technical assistance services, legal assistance) and for customer service;
  • personal data is collected and processed in accordance with applicable laws and regulations;
  • the collection of relevant personal data is strictly proportionate to the purpose for which it is collected;
  • when appropriate, the consent for personal data collection and procession is obtained, ensuring the transparency and enabling to withdraw the consent;
  • the access to personal data is limited to companies and persons having a legitimate and reasonable for the access to the data;
  • personal data is retained as long as it is necessary for the purposes pursued and only in accordance with applicable laws and regulations;
  • an assessment of the risks related to personal data processing is systematically performed;
  • in case data is transferred to a service provider, CORIS assumes that the service provider fulfills his obligations and ensures the confidentiality of the data provided as well as its fair, lawful and secure processing.

Personal data categories

CORIS processes the following personal data categories:

  • Identification and contact data of a client or a potential client: name, surname, contact information (e-mail, telephone number, postal address) details or a copy of an identification document, place and date of birth, address, etc.
  • Additional information specific to CORIS services: such as Family data, beneficiaries, third parties, medical information;
  • Digital service’s user’s data: such as data required for registration of a digital account (login, password, and other identification details)
  • Information about the use of CORIS services, such as statistics on the use of service functions;
  • Communication data, collected through client’s communication with CORIS by telephone, by visual or audio files, by e-mail, messages and other communication means, as social media, data obtained by Client’s access to CORIS website or mobile application;
  • We do not process the information about one’s race or ethnicity, religious or political beliefs, trade union membership, genetic or biometric data for a unique identification of a natural person, person’s personal life or sexual orientation

Personal data processing and collection purposes

CORIS will process the personal data provided by you:

1. For the purpose of the provision of services:

  • client identification;
  • assurance and maintenance of services;
  • preparation and conclusion of contracts;
  • fulfilment of contractual obligations;
  • advertisement and distribution of information on services and products for commercial purposes;
  • improvement of services, development of new services;
  • administration of complaints;
  • cooperation, increase in loyalty, satisfaction evaluation;
  • customer service;
  • tax and payment administration;
  • risk assessment;
  • maintenance of the webpage and mobile applications and their upgrade.

2. For the purpose of business planning and analytics:

  • statistics and business analysis;
  • efficiency evaluation;
  • planning and controlling;
  • conduct of market and public opinion researches;
  • data quality assurance;
  • performing of customer surveys;
  • preparation of the reports;
  • prevention and investigation of criminal offences;
  • within the framework of risk management, audit, operation compliance activities.

3. For other purposes:

  • provision of information to the state authorities and subjects of operational activities in cases and within the scope prescribed by external regulatory enactments;
  • special purposes, in case of which we will inform you when you provide the relevant data to CORIS.

Main legal bases used to achieve these objectives

  • Conclusion and performance of a contract (GDPR, Article 6. 1. b));
  • Compliance with a legal obligation to which the controller is subject (GDPR, Article 6.1. c));
  • CORIS legitimate interests (GDPR, Article 6.1.f)), such as identification of our Client, of our partner’s contact person.

Recipients of Personal data:

CORIS shall not disclose confidential information about your personal data. Access to your data will only be available to those employees, who need it to perform working duties. However, in cases stipulated by law or in accordance with the legitimate interest of CORIS, the information might be provided to the following persons:

  • Our counterparties (processors or separate controllers) related to the provision of our products and services to the client;
  • Supervisory authorities (Consumer Rights Protection Centre, Data State Inspectorate, State Revenue Service and other institutions) based on written requests or binding duties upon, stipulated by legal enactments;
  • In the specific cases to execute requests of the competent state institutions, for instance, AML Service, court, investigation bodies, the Prosecutor's Office, operational entities, Corruption Prevention and Combating Bureau, State Treasury, State Audit Office, State Revenue Service, Orphan's Courts, the Bank of Latvia and other statutory persons, for instance, sworn bailiffs, notaries, insolvency administrators;
  • In the cases specified in the legal enactments to state/law enforcement agencies, investigation bodies, courts, sworn bailiffs, sworn notaries;

CORIS legitimate (lawful) interests are:

  • to perform commercial activities;
  • to provide CORIS services;
  • to check your identity as a customer before entering into a contract;
  • to ensure the fulfilment of contractual obligations;
  • to prevent unreasonable financial risks for its commercial activity (including performance of risk assessment before service provision and during fulfilment of the contract);
  • to save your applications for services, other applications and submissions, notices regarding them, including verbal ones, by calling the call center, on the website and mobile application;
  • to analyze the operation of the CORIS website, online sites and mobile application, to develop and introduce improvements thereto;
  • to administer the customer’s account on CORIS websites and mobile application;
  • to perform activities for the maintenance of customers;
  • to segment the customer data base for the more efficient provision of services;
  • to develop and improve services;
  • to advertise its services by sending commercial notifications;
  • to send other messages regarding the course of fulfilment of the contract and events significant for fulfilment of the contract, as well as to perform customer surveys about services and the usage experience thereof (NPS);
  • to prevent fraud;
  • to ensure corporate management, finance and business accounting and analytics;
  • to ensure effective company management processes;
  • to ensure service efficiency;
  • to ensure and improve service quality;
  • to administer payments;
  • to administer non-performed payments;
  • to turn to the state administration and operational activity authorities and court for the protection of its legal interests;
  • to inform the society about its activities.

Data transfer to the countries outside of the European Union

Your personal data are stored within the territory of the European Union and European Economic Area. If CORIS transfers your data to service providers outside of the European Economic Area, it will be performed in accordance with the regulatory enactments being in force in the European Union in the area of data protection.

Your rights

You have the right to object to the processing of your personal data for the purpose of advertising by sending reply e-mail to coris@corisbaltic.com.

In addition to the right to object, you have the right to receive information about your data, to request it to be rectified and erased. If you would like to display your data or to rectify it, please contact CORIS in written.

Submission of complaints regarding the processing of your data

You have a possibility to turn to an CORIS data protection officer with a written application to the registered office of CORIS or contact CORIS by e-mail legal@corisbaltic.com.

Susisiekite su mumis Telefonas: +371 67334065 Faksas: +371 67334066 Privacy Policy Cookie Policy
El. paštas coris@corisbaltic.com bills@corisbaltic.com control@corisbaltic.com motorclaims@corisbaltic.com
Social