English

PRIVACY POLICY PROCEDURE

The purpose of this privacy policy

The purpose of this privacy policy is to inform users of our site about the personal data we will collect as well as the following information, if applicable:

  1. The personal data we will collect

  2. The use of the collected data

  3. Who has access to the collected data

  4. The rights of the site users

  5. The site's cookie policy

This privacy policy operates alongside our site's terms of use.

Applicable laws

In accordance with the General Data Protection Regulation (GDPR), this privacy policy complies with the following regulations.

Personal data must be:

  1. processed lawfully, fairly and in a transparent manner in relation to the data subject (lawfulness, fairness, transparency);

  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes (purpose limitation);

  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimization);

  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);

  5. kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organizational measures required by the GDPR in order to safeguard the rights and freedoms of the data subject (storage limitation);

  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (integrity and confidentiality).

Processing shall be lawful only if, and to the extent that, at least one of the following applies:

  1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

  2. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

  3. processing is necessary for compliance with a legal obligation to which the controller is subject;

  4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;

  5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

  6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Consent

Users agree that by using our site, they consent to:

  1. the terms outlined in this privacy policy and

  2. the collection, use and retention of the data listed in this policy.

Scope of the Policy

Personal data is collected and processed by KORINT as Data Controller.

KORINT, SAS registered under number SIREN 919444901 and located at 65, rue de la Croix, Nanterre, 92300, with a share capital of 1 347€, represented by Mr. Jean-Baptiste LIMARE acting as President of the company, VAT number: FR35919444901, processes, as part of its activity, the processing of personal data, both on its own behalf and on behalf of other entities.

KORINT may also act as joint controller, processor, or even subsequent processor on behalf of other data controllers with whom KORINT has contractually engaged.

Persons affected by the processing

KORINT, as data controller or as a processor, subsequent or not, may carry out processing on the personal data of the following categories of natural persons:

  • visitors and users of the websites;

  • potential individual clients;

  • individual clients;

  • employees and executives of potential legal entity clients;

  • employees and executives of legal entity clients;

  • beneficiary individuals of individual or legal entity clients;

  • individual commercial partners;

  • employees and executives of commercial entity partners;

  • suppliers and individual subcontractors;

  • employees and executives of individual suppliers and subcontractors;

  • individual employees and executives of KORINT;

  • any third party identified by a document in a regulated format to which KORINT is the recipient;

  • job applicants.

Processed personal data

The following list determines the types of personal data of the individuals concerned that may be processed in the context of KORINT's activities.

Personal data is collected directly at KORINT's initiative when personal data is provided in the context of contact forms, questionnaires, and other space made available to individuals in the use of site services (contact form, request for a quote, membership form or subscription to one of the distributed products, etc.).

Personal data may also be collected indirectly and transmitted by insurers, client companies, or our partners in the execution of insurance contracts and for the needs of using personalized services. KORINT undertakes to limit the collection of such data to the bare essentials.

As part of the collections, the following types of data are processed:

  • data relating to the identification of individuals (name, first name, addresses, ID card number, passport number, telephone number, other contact details such as email address and telephone number);

  • data relating to contract management (customer identification number, insured person identification number, contract number, duration, amounts, direct debit authorization, payment method data or transaction data such as transaction number, transaction detail related to the subscribed product or service);

  • data necessary for risk assessment;

  • data for determining or evaluating losses and benefits;

  • data relating to monitoring the commercial relationship (data relating to the organization of any promotional operation, loyalty actions, prospecting, study, survey, satisfaction surveys, data relating to contributions of individuals, comments, reasons for contact initiation, etc.);

  • data from your interactions with KORINT (e.g., our websites, telephone conversations, correspondence, requests for information and documents, our pages on social networks);

  • data necessary to combat insurance fraud, money laundering, and the financing of terrorism.

  • KORINT draws the attention of affected individuals to the fact that no processing of data relating to racial origins, political opinions, philosophical beliefs, trade union memberships, genetic data, or information concerning sexual orientation is carried out.

Purposes of processing and applicable legal bases

The following list determines the types of personal data of the individuals concerned that may be processed in the context of KORINT's activities.

KORINT will process your data according to the purposes determined below and the legal bases determined below.

1 - Complying with the legal and regulatory obligations to which KORINT is subject:

  • exercising the duty of advice;

  • preventing insurance fraud;

  • combating money laundering and the financing of terrorism;

  • combating tax fraud, carrying out tax controls, and notification obligations;

  • monitoring and reporting the risks that KORINT may face;

  • responding to official requests from duly authorized public or judicial authorities.

2 - Executing a contract with you or taking measures, at your request, before entering into a contract, notably:

  • evaluating risk characteristics to determine pricing;

  • managing claims;

  • communicating information concerning contracts in which you are involved;

  • responding to your requests;

  • assessing whether we can offer you a contract and, if so, at what conditions.

3 - Pursuing legitimate interests may include:

  • the commercial management of clients and prospects, in particular customer communication and loyalty operations, elaboration of your satisfaction, and development of commercial statistics;

  • commercial interests (assessment of your satisfaction, commercial prospecting);

  • implementing prevention actions;

  • conducting research and development activities, particularly with a view to improving all products and services offered by KORINT;

  • protecting its interests administratively and judicially;

  • pursuing the company's corporate purpose.

4 - Respecting your choice: KORINT obtains consent for certain specific processing. In some cases, KORINT may ask for your consent to process your personal data - especially if KORINT carries out subsequent processing or processing for purposes other than those set out in this Policy (e.g., managing browsing data).

Storage periods

The data of the individuals concerned are kept for the purposes indicated above and presented below, in compliance with current legal provisions, particularly in civil, tax, commercial, and criminal matters.

The retention of data for probative purposes leads to intermediate archiving whose access is strictly limited. At the end of the corresponding limitation period, the data will be destroyed or subject to irreversible anonymization so that the individuals concerned can no longer be identified by any means.

Purpose

Legal bases

Retention period

Preparation, subscription, management, and execution of contracts

Data provided during the subscription and during the execution of an insurance contract

For the duration necessary for the performance of the contract

Archiving for probative purposes for a duration provided for by the applicable legal provisions

Accounting documents and supporting documents

10 years - Article L.123-22 of the Commercial Code

Documents and information relating to clients and operations carried out by them in the context of combating money laundering and the financing of terrorism

5 years (Article L.561-12 of the Monetary and Financial Code)

Lapse of legal deadlines for insurance benefits:

 

Any benefit

2 years

Repetition of undue payment

5 years

Demand for a premium or contribution

10 years

Client management

 

Data collected in the context of commercial relations with KORINT

3 years from the end of the commercial relationship if you have taken out an insurance contract through KORINT

Prospect management

Data collected in the context of commercial relations with KORINT

3 years from their collection by KORINT, following your last contact in the absence of any contract subscription

Rights management

Proof of identity

In the event of exercising the right of access, rectification, portability, data relating to identity documents that may be collected may be kept for 1 year. In the event of exercising the right of objection, this data may be archived for 3 years from the exercise of the right of objection

Combatting insurance fraud

Data from “non-relevant” alerts and/or alerts not classified

6 months from the alert being issued

Data from relevant alerts

5 years from the closure of the fraud case

Data in the context of judicial proceedings initiated following an alert

Until the end of the judicial proceedings;

Archiving for the applicable limitation period

Data transferred to the list of suspected fraudsters

5 years from the date of registration on this list

Data and documents relating to the identity of habitual or occasional insured persons and, where applicable, effective beneficiaries

5 years from the closure of the account or the termination of the relationship

Combatting money laundering and the financing of terrorism

Documents and information relating to clients and operations carried out by them in the context of combating money laundering and the financing of terrorism (documents recording the characteristics of the operations mentioned in article L 561-10-2 of the monetary and financial code)

5 years from their execution

 

 

 

With whom we share personal data

Employees

Personal data is primarily intended for staff responsible for the conclusion, management, and execution of contracts, as well as for the commercial management of KORINT's clients/prospects, but it may also be transmitted, for the needs of managing and executing your insurance contracts, to KORINT's insurer and reinsurer partners.

Other disclosures

We undertake not to sell or share your data with third parties, except in the following cases:

  1. if required by law

  2. if required for any judicial proceedings

  3. to establish or protect our legal rights

  4. to buyers or potential buyers of this company in the event that we seek to sell the company

If you follow hyperlinks from our site, please note that we are not responsible for and do not have control over their privacy policies and practices.

To date, KORINT does not transfer data outside of the European Union.

Your rights as users

Under the GDPR, users have the following rights as data subjects:

  1. right of access

  2. right to rectification

  3. right to erasure

  4. right to restrict processing

  5. right to data portability

  6. right to object

You can find more information on these rights in Chapter 3 (Articles 12-23) of the GDPR.

How to modify, delete, or contest the collected data

You can exercise your rights, accompanied by proof of identity, either by sending an email to privacy@korint.io or by mail to KORINT - Contact CNIL - 65 rue de la Croix, 92000 Nanterre

KORINT reserves the right to request additional documents from the requester to justify their identity. KORINT informs the individuals concerned that, in compliance with prevailing public order rules, certain data or purposes may not be the subject of a positive response to requests: combating money laundering and terrorism financing…

If you believe you have been unable to exercise your rights, you can file a complaint with the CNIL: Commission nationale de l’informatique et des libertés, 3 place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07.

Modifications

This privacy policy may be amended from time to time to maintain compliance with the law and to take into account any changes to our data collection process. We recommend that our users check our policy from time to time to ensure that they are informed of any updates. If necessary, we may inform users by email of changes to this policy.

Contacts

If you have any questions, please do not hesitate to contact us using the following:

privacy@korint.io

65 rue de la Croix, 92000 Nanterre

Effective date: March 1, 2023