Privacy Policy

Khasim Insurance Agency (hereinafter, “Khasim”) is committed to protecting the personal data of its customers, suppliers and other third parties with whom it has a relationship. For this reason, it has adopted this Privacy and Personal Data Processing Policy (hereinafter, “Policy”), which shall apply to all operations carried out by Khasim with such data, regardless of the form or means by which they are collected or stored.

Definitions

For the purposes of this Policy, the following definitions shall apply:

  • Authorization: Prior, express and informed consent of the holder for his or her personal data to be processed.
  • Database: Organized set of personal data that is subject to processing.
  • Personal data: Any information linked or that may be associated to an identified or identifiable natural person.
  • Data processor: Natural or legal person, public or private, who by himself or in association with others, carries out the processing of personal data on behalf of the data controller.
  • Data Controller: Natural or legal person, public or private, who by himself or in association with others, decides on the database and/or the processing of personal data.
  • Personal data owner: Natural person whose personal data is the object of processing.
  • Processing of personal data: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.

Principles

In the processing of personal data, Khasim shall observe the following principles:

  • Legality: The processing of personal data will be carried out in accordance with the applicable legal provisions.
  • Purpose: The processing of personal data will obey a legitimate purpose, which will be informed to the owner.
  • Freedom: The processing of personal data will be carried out with the prior, express and informed consent of the owner.
  • Truthfulness: Personal data will be processed in accordance with reality, with the highest possible quality.
  • Transparency: In the processing of personal data, Khasim will guarantee the holder’s right to obtain information about the processing of his or her data.
  • Restricted access and circulation: Personal data will be processed in such a way as to guarantee restricted access and circulation, only to persons authorized by the owner or by law.
  • Security: Personal data will be treated in such a way as to guarantee its security, avoiding its adulteration, loss, consultation, unauthorized or fraudulent use or access.
  • **Confidentiality: Personal data will be treated in such a way as to guarantee its confidentiality, avoiding its undue disclosure.

Purpose of the processing of personal data

Khasim may process personal data for the following purposes:

  • To manage the contractual relationship with its customers, suppliers and other third parties.
  • To offer its products and services to its customers.
  • To carry out marketing, advertising and commercial prospecting activities.
  • To comply with its legal and regulatory obligations.
  • Perform statistical and trend analysis.

Databases

Khasim may collect personal data from the following holders:

  • Customers: Personal identification, contact, financial, health and other data necessary for the management of the contractual relationship.
  • Suppliers: Personal identification, contact and financial data necessary for the management of the contractual relationship.
  • Third parties: Personal identification, contact and other data necessary for the fulfillment of Khasim’s legal and regulatory obligations.

Personal data collection procedure

Personal data may be collected by Khasim through the following channels:

  • Contact forms: personal data will be collected through the contact forms available on Khasim’s website.
  • Communication channels: Personal data may be collected through Khasim’s communication channels, such as email, telephone and social networks.
  • Events: Personal data may be collected through events organized by Khasim.

Processing of personal data of minors

Khasim will not collect personal data from minors without the prior and express authorization of their parents, guardians or legal representatives.