This Privacy Notice (the “Notice”) describes how we use the personal information of individuals whose loans, mortgages or other financial products are owned by Intrum Hellas Designated Activity Company (DAC) and any associated guarantors. It explains how Intrum Hellas DAC (Intrum Hellas, we, us and our) collect and process personal data about you; how we use and protect this data; and the rights you may have in relation to this data.
Details of the Controller
Intrum Hellas is the controller of the processing of all personal information that falls within the scope of this Notice. This Notice indicates what personal information is processed by us and for what purpose, and to which persons or entities the information will or may be provided. We may share your personal information with third parties.
Intrum Hellas has assigned doValue Greece Loans and Credits Claim Management Société Anonyme (the Servicer) with the servicing of your credit account and the management of your outstanding debts. Intrum Hellas and the Servicer are each independent controller of your personal data.
To find out more about how the Servicer may use your personal data please refer to the Servicer’s “Information Sheet on the Processing of Personal Data, pursuant to Regulation (EU) 2016/679 and the Relevant Greek Legislation” at https://dovaluegreece.gr/en/personal-data-processing-notice-dovalue-greece.
If you have any questions, feel free to get in touch via one of the methods set out in the ‘Contact us’ section below.
1. What Personal Data do we collect about you?
We May Collect The Following Types Of Personal Data About You:
- Identification information: such as name (including name prefix or title), gender, age, date of birth, proof of identification (such as identity card, driving license or passport).
- Contact details: such as email address, residential address or phone number.
- Data on your personal status and financial information: including employment status and details, bank statements, social security number, tax information, payment card details, savings, debts such as loans and credit cards, income and expenditure, employer and pension benefits, and other assets.
- Lifestyle and personal circumstances: including any information you or a co-borrower provides to us regarding your family, lifestyle and other circumstances, as relevant to the administration of your account.
- Interactions with us, or our representatives: including notes of any interaction that our servicers have with you in relation to the administration of your loan, mortgage or other financial product.
- Sensitive personal information: such as disclosures by you about health information or criminal convictions.
- Information from third parties: including credit references.
2. How do we use your Personal Data?
We may use your personal data for the following purposes:
- to identify you and to verify your data as part of our efforts to prevent money laundering, terrorist financing, tax avoidance and/or fraud;
- to assess and respond to your enquiries and requests (if any);
- to assess any application, to vary our security or for an alternative repayment arrangement where you find yourself in financial difficulty;
- to assess affordability and suitability for the provision of credit throughout our relationship with you, including analysing your credit data for regulatory reporting;
- to administer your account and to manage our business relationship with you;
- to administer your account, including processing payments and managing fees and payment collection;
- to meet contractual obligations that we have to third parties in connection with the administration of your account;
- to prevent imminent and serious harm to a person or property;
- to respond to queries raised by regulatory authorities, law enforcement and/or other government agencies;
- to deliver mandatory communications as required by legislation or regulations;
- to investigate and resolve complaints; and
- to comply with relevant law, regulation or other requirements.
3. From which sources do we obtain your data?
Where your loan, mortgage or other financial product has been transferred to us from another lender, we have obtained your personal data and account data from that lender.
Where you have taken a loan, mortgage or other financial product jointly with another person, we may have obtained your personal information from a co-borrower. If you have not authorised the relevant co-borrower to provide your personal information to us, please let us know as soon as possible.
We also sometimes obtain personal data from the following third parties with whom we work:
- asset managers, servicers, field agents and law or property receivers;
- our solicitors;
- credit reference agencies;
- fraud prevention agencies; and
- law enforcement agencies or government agencies.
In addition, we also may collect information about you from public data sources.
4. On what legal basis do we use your personal data?
We use your personal information on the following basis:
- because it is necessary to manage, perform and fulfill our contract with you;
- for the legitimate business interests of Intrum Hellas and others including our affiliates, including:
- to manage our relationship with you;
- to carry out reviews, analysis and reporting activities for the purposes of strategic business decision-making and internal governance compliance;
- to monitor and manage our internal business processes;
- to ensure business continuity and disaster recovery and to respond to incidents and emergencies;
- to undertake systems testing; and
- to analyse complaints for the purposes of preventing errors and process failures;
- to comply with certain legal and regulatory obligations of Intrum Hellas; and
- if applicable, because you have consented to the processing of your personal information.
Please note that any failure to provide any personal information we require in order to administer your account you may result in us being unable to honour our contractual obligations, which may jeopardise your loan, mortgage or other financial product.
5. With whom may we share your personal data?
5.1 Access to your personal data within Intrum Hellas and its affiliates.
Intrum Hellas’ employees and representatives are authorised to access personal information only to the extent necessary to serve the applicable purpose and to perform their jobs.
We may also share your personal information with and, where appropriate, transfer it to our group companies and affiliates and their representatives.
5.2 Access to your personal data by third parties
The following third parties may have access to your personal data, where relevant:
- financial organisations: including finance providers and insurance companies;
- service providers who perform services on our behalf: such as servicers, asset managers, valuers, estate agents, print providers, document storage providers, IT suppliers, providers of analytical services, and fraud prevention agencies;
- professional advisers: including our lawyers, accountants, auditors, receivers and business consultants.
- regulators and law enforcement agencies;
- joint borrowers and guarantors on your account and third parties with whom you have authorised us to communicate;
- prospective and actual purchasers, assignees and other parties with an interest in your loan, mortgage or financial product in the event that Intrum Hellas, its assets or an interest in such assets may be or are sold, transferred or assigned in whole or in part, including as part of a securitisation, funding or co-investment arrangement; and
- any other parties Intrum Hellas reasonably thinks customary, necessary or advisable for the processing purposes described in this notice and in any other way which does not identify you individually (including as part of an aggregated or anonymised dataset).
When third parties are given access to your personal data, we will take the required contractual, technical and organisational measures to ensure that your personal data is only processed to the extent that such processing is necessary.
6. Transferring your personal data outside the EEA
We may send your personal data to recipients in other countries, whose personal data laws may not be as strong as those of your home country.
Where we do so, we will always, as required by law, implement appropriate safeguards, such as EU standard contractual clauses, to ensure that your personal information is protected and that you are able to exercise your rights effectively.
You can find out more about the EU standard contractual clauses at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
7. How is your personal data protected?
We have taken adequate safeguards to ensure the confidentiality and security of your personal data. We have implemented appropriate technical, physical and organisational measures to protect personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access as well as all other forms of unlawful processing (including, but not limited to, unnecessary collection) or further processing. Examples are IT security policies, maintaining confidentiality, staff training and secure servers.
8. How long will we keep your personal data?
We will keep your personal data for as long as we need it for the purpose it is being processed for. For example, where you provide your details in relation to a loan we will keep such information, for as long as necessary to administer your loan and, after that, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns and comply with regulatory obligations. We will also keep your personal data where we need to do so in connection with legal action or an investigation involving Intrum Hellas.
We will actively review the data we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal or business need for it to be retained.
9. Your rights
You may be entitled to:
- ask us about the processing of your personal data, including to be provided with a copy of your personal data;
- request the correction and/or deletion of your personal datan;
- request the restriction of the processing of your personal data, or object to that processing;
- if applicable, withdraw your consent to the processing of your personal data where Intrum Hellas is processing your personal data based on your consent. Such withdrawal does not affect the lawfulness of processing based on consent before such withdrawal;
- request receipt or transmission to another organisation, in a structured, commonly-used, machine-readable form, of the personal data that you have provided to us; and
- complain to your local supervisory authority if your privacy rights are violated, or if you have suffered as a result of unlawful processing of your personal data.
If you would like more information about your rights, or have any concerns about our processing of your personal data, please let us know by getting in touch with us using the details in the ‘Contact us’ section below. We may ask you to verify your identity by providing us with additional documentation such as an up to date proof of identity.
10. Contact us
If you have any questions or requests regarding this Notice or the personal data that we hold about you, or need additional information, please contact:
Intrum Hellas DAC, at 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, Ireland. You may contact the Data Protection Officer of Intrum for any matter regarding the processing of your personal data, in writing at the above mentioned address or via email at [email protected].
Please note, that you may also submit your respective query and/or request and/or complaint addressed to Intrum, to the Servicer at Kyprou 27 and Archimidous street, 183 46 Moschato, Attica. The Servicer shall only be responsible for transmitting your relevant query/ request/ complaint to Intrum and Intrum shall be the only one responsible for addressing your query/request/complaint.