Get app Get app Join us!

Privacy Policy

Last updated on 13.11.2025.

Who is your Personal data controller?

Your personal data controller is Balcia Insurance SE (we, Balcia, insurer), registered in Latvia with the registration number 40003159840, legal address K.Valdemara Street 63, Riga, LV-1010, Latvia.

Phone: +48 22 274 22 22

E-mail: [email protected]

Please refer to the last section of this document for more information about the countries where we operate and the relevant contact details.

HOW TO CONTACT OUR DATA PROTECTION OFFICER?

If you have any questions related with personal data processing done by Balcia, you can contact our data protection officer by sending an e-mail to [email protected].

WHY DO WE PROCESS YOUR PERSONAL DATA AND ON WHAT BASIS?

We process your personal data for the following purposes:

(a) Provision of our services (including: your identification; conclusion and performance of the insurance contract; contract administration; communication with you in relation to contract conclusion or performance; insurance risk assessment and premium calculation; assessment and calculation of insurance claims).
Legal basis: conclusion and performance of a contract.

(b) Preparation and delivery of a new insurance contract offer.
Legal basis: your consent or Balcia’s legitimate interests (depending on the specific case).

(c) Prevention of misuse of Balcia’s services (including: prevention and detection of fraud; application of enhanced risk management measures to certain client profiles).
Legal basis: Balcia’s legitimate interests, fulfilment of a legal obligation, or performance of a task carried out in the public interest (depending on the specific case).

(d) Examination and administration of client complaints.
Legal basis: fulfilment of a legal obligation.

(e) Risk management (including within internal control and governance systems).
Legal basis: fulfilment of a legal obligation or Balcia’s legitimate interests (depending on the specific case).

(f) Improvement of services, business processes, and user experience (including: elimination of technical failures; conducting market research; enhancement of pricing models).
Legal basis: Balcia’s legitimate interests.

(g) Ensuring security and digital resilience (including implementation of physical and cybersecurity measures).
Legal basis: fulfilment of a legal obligation or Balcia’s legitimate interests (depending on the specific case).

(h) Protection of Balcia’s rights and interests (including: bringing, maintaining, and enforcing claims; debt recovery (including out-of-court); enforcement activities; assignment of claims).
Legal basis: Balcia’s legitimate interests.

(i) Direct marketing and advertising purposes (for example: sending commercial communications; approaching potential clients; delivering location-based content or offers).

Legal basis: consent or Balcia’s legitimate interests (where applicable).

(j) Fulfilment of obligations established by laws and regulations.
Legal basis: fulfilment of a legal obligation or performance of a task carried out in the public interest (depending on the specific case).

(k) Quality control of client service (including: monitoring of call content; verification of information provided to clients).
Legal basis: Balcia’s legitimate interests.

WHAT PERSONAL DATA DO WE PROCESS?

We typically process the following categories of personal data:

(a) Identification data (e.g., full name and surname, national identification number, date of birth, age).

(b) Contact data (e.g., telephone number, e-mail address, postal address).

(c) Offer data (e.g., information provided when requesting an insurance quote or before concluding an insurance contract, such as details about the object to be insured, desired coverage, and relevant risk factors needed to prepare an individual offer).

(d) Contract and policy data (e.g., policy number; insurance product type; policy period; details of the insured object (e.g., information about a vehicle, immovable property, or other insured item); information about policyholder, insured person, beneficiary and relevant third parties; coverage limits, deductibles, premiums, discount; history of policy offers, renewals, amendments or cancellations).

(e) Financial and payment data (e.g., bank account number, payment history and outstanding balances; information about the payer; claim payment amount, recipient, and date).

(f) Claim and event data (e.g., details of the occurred event (including date, location description); information about damages (including description, invoices, photos, repair estimates); evidence (including witness statements, police reports, expert opinions); limited health-related data strictly necessary for assessing the claim; data of third parties involved in the event (e.g., injured party, vehicle owner, driver); correspondence and supporting documents related to the claim).

(g) Risk management data (i.e., information necessary for managing risks relevant for our business (incl., misuse of services, fraud, technical disruptions, counterparty default, etc.)).

(h) Communication data (e.g., recordings of incoming and outgoing calls; correspondence (including via emails, letters, online chats)).

(i) Technical, device and digital interaction data (e.g., activity logs; IP address; application version; operating system; device model and type; browser information; cookie and similar-technology data; login credentials); network connection information (e.g., mobile, Wi-Fi)).

(j) Geofencing data (e.g., device location; interaction with defined geographic zones (“geofences”); hashed customer profile references; responses to marketing actions (e.g., whether a push notification was received, opened, or ignored)).

(k) Marketing and profiling data (e.g., marketing preferences; participation in campaigns, surveys, or promotions; Identifiers linked to marketing campaigns (e.g., internal campaign ID, segment ID)); statistics.

(l) Regulatory and legal compliance data (e.g., data related to customer complaints; regulatory investigation data; audit-related data; sanctions screening data).

HOW DO WE COLLECT YOUR PERSONAL DATA?

We collect personal data mainly in two ways:

(a) Directly (i.e., from you).
This occurs, for example, when you:

- apply for or use our services;
- submit an insurance claim;
- communicate with us (e.g., by phone, e-mail, mail, online chat, via our website, mobile application, or other channels);
- participate in our marketing campaigns, surveys, or other initiatives;
- use our website, mobile application, or self-service tools;
- otherwise interact with us in connection with our services.

(b) Indirectly (i.e., from other sources).
In certain cases, we may obtain your personal data from third parties or publicly available sources. These may include:

- brokers, agents, or other intermediaries involved in the insurance process;
- experts, repair shops, or service providers involved in claim handling;
- other insurance companies or financial institutions;
- public authorities and supervisory bodies (e.g., data protection authority, law enforcement agencies, courts, etc.);
- publicly available databases and registers (e.g., company, vehicle, or property registers);
- third parties related to an insured event (e.g., witnesses, injured parties, medical institutions, doctors, etc.);
- third parties involved in the provision of our services or daily operations (e.g., payment service providers, marketing service providers, identity verification providers, fraud prevention services, etc.);
- any other lawful sources, provided that the collection and use of such data complies with applicable data protection laws, including the General Data Protection Regulation (GDPR).

IS IT MANDATORY TO PROVIDE PERSONAL DATA?

In accordance with insurance regulatory enactments:

- we have the right and obligation to collect data concerning insured persons or beneficiaries included in insurance contracts or declarations submitted by policyholders prior to conclusion of an insurance contract, for the purpose of insurance risk assessment or for the performance of an insurance contract, for example, claims handling process;

- by entering into a contract, a policyholder or an insured person is obliged to provide all the information regarding the circumstances the insurer has requested and that is necessary for the insurer, in order to assess the probability of the occurrence of insurance risk and is important for entering into an insurance contract;

- we have an obligation to verify the occurrence of the insured event prior to the payment of the indemnity or refusal to pay the indemnity;

- the insured person is obliged to submit to the insurer all documents describing the occurrence of the insured event, including documents containing special categories of personal data (such as personal data concerning health condition) as well as other information requested by the insurer.

If the policyholder or an insured person does not provide the information requested by the insurer:

- the insurance proposal cannot be provided, and the insurance contract cannot be concluded, as the insurer is unable to assess the probability of the occurrence of the insured event nor the payable insurance premium;

- insurance indemnity cannot be paid as the insurer is unable to verify the occurrence of the insured event nor assess the amount of the indemnity.

WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

- In cases and to the extent specified by law we might transfer your personal to persons or institutions duly authorized by law, for example, supervisory authority, law enforcement institutions etc.

- In cases when it is necessary for the performance of the insurance contract, claims handling, debt collection, legal proceedings, for example, to obtain information from state registries or other public or private institutions, to assess the possibility of insurance risk occurrence, the amount of payable insurance premium, to recover debts, we might transfer your personal data to third parties, such as medical institutions, claim handlers, experts, lawyers, debt collectors, banks etc. in accordance with regulatory enactments and our legitimate interests.

- We might use authorised processors for processing of your personal data related to provision of our services, for example, postal services, services of archiving, translators, legal consultants, claim handlers etc. In such cases, we ensure that such processors provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing meets the requirements of the applicable law, including General Data Protection Regulation, and ensure the protection of the rights of the data subjects.

- In the event of an insured risk occurring under the MTPL insurance, we may, in accordance with the requirements of applicable laws and regulations, disclose your personal data to our Green Card correspondent or our representative who is responsible for handling and settling claims on behalf of Balcia in the country where the insured risk occurred.

- To prepare and send you a new insurance contract offer, we may share your personal data with third parties (including insurance offer aggregation intermediaries) in order to conduct market research and calculate the most suitable offer for you.

Your personal data may be transferred to third countries (outside the European Union) for the purpose of claim settlement:
(a) within the framework of the Green Card system;
(b) in travel insurance cases specified in the insurance terms and conditions, such as reimbursement of medical expenses, repatriation of the insured person to their home country, or repatriation of mortal remains.

FOR HOW LONG DO WE PROCESS YOUR PERSONAL DATA?

Your personal data will be processed no longer than necessary. The data storing period may depend on the concluded insurance contract, the legitimate interest of Balcia or the applicable law (for example, claims limitation period specified in insurance regulatory enactments, civil law, bookkeeping regulatory enactments etc.).

If you decide to terminate the insurance contract and discontinue using our services, we may continue to process your personal data in accordance with the requirements of applicable laws and regulations.

If you withdraw the consent you have previously given, we may continue to process your personal data obtained while your consent was still valid, if such processing is necessary to protect our legitimate interests.

IS THERE AUTOMATED DECISION MAKING INVOLVED IN THE PROCESSING OF YOUR PERSONAL DATA?

Some of your personal data might be subjected to the automated decision making, for example, when evaluating the possibility of the insurance risk occurrence or evaluating the amount of the payable premium and for Balcia to ensure the best and the most appropriate insurance proposals.

You have the right to obtain human intervention on the part of Balcia, to express your point of view and to contest the decision made based on automated decision-making process.

HOW DO WE ENSURE SECURITY OF YOUR PERSONAL DATA?

In order to process your personal data, we have implemented appropriate organizational and technical measures to guarantee personal data security, including protection against unauthorized or unlawful personal data processing, accidental loss or destruction of personal data.

WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?

In accordance with the General Data Protection Regulation, as a data subject you have the right to:

- request from Balcia access to personal data. This means that you can request for us to inform you whether we process your personal data, provide you with a copy of your personal data we process, provide information about your personal data processed by us (for example, what data about you and for what purposes we collect, to whom we disclose your personal data, whether we transfer this data outside the European Union and other information);

– request the rectification of your personal data from Balcia. This means that if you notice that the personal data we process about you is incorrect or inaccurate, you may ask us to correct or complete such data;

– request the erasure of your personal data from Balcia. This means that you may ask us to delete your personal data in cases where such data is no longer necessary for the purposes for which it was collected — for example, when you have withdrawn your consent, when you object to our processing of your personal data, when you believe that we are processing your personal data unlawfully, or in other similar cases. In certain situations, we may not be obliged to delete your personal data — for example, when such processing is necessary to comply with applicable legal requirements;

- request from Balcia restriction of processing concerning your personal data. This means that you can request us to restrict the processing of your personal data, except for storage, in cases you contest the accuracy of your personal data, you believe your personal data is being processed unlawfully, your personal data is no longer necessary for the purposes it was collected for, you object to processing of your personal data until it is checked, whether our legitimate reasons override your reasons. During the period of the restriction of processing of your personal data, we might not be able to provide you with our services;

- object to processing of your personal data. This means that you can object on grounds relating to your particular situation, at any time to to the processing of your personal data which is based on your consent or our legitimate interests. In such cases, we might not be able to provide you with our services;

- data portability. This means that you can request us to provide you personal data related to you which you have provided to us in a systematized, normally used and machine readable format, you can also request us to transfer your personal data to another data controller where it is technically feasible if the processing has been based on your consent or the contract and processing is carried out by automated means.

– withdraw your consent at any time. You have the right to withdraw your consent to the processing of personal data at any moment, if consent is the legal basis for such processing. Please note that the withdrawal of consent does not affect the lawfulness of processing carried out on the basis of your consent before its withdrawal.

You can exercise your rights as a data subject by contacting us in writing using contact information mentioned above.

RIGHT TO LODGE A COMPLAINT

If you have any concerns about the processing of your personal data, we encourage you to contact us first using the contact details provided above. We will carefully review your complaint and do our best to resolve the issue in a fair and timely manner.

However, if you believe that your personal data is being processed in violation of applicable data protection laws, you also have the right to lodge a complaint directly with a supervisory authority.

The main supervisory authority for Balcia Insurance SE is the Data State Inspectorate of the Republic of Latvia (Datu valsts inspekcija):
Address: Elijas iela 17, Riga, LV-1050, Latvia
Website: www.dvi.gov.lv
Email: [email protected]

If you reside in another EU/EEA country, or if the alleged infringement took place there, you may also submit your complaint to the data protection authority of that country. A list of EU data protection authorities is available on the website of the European Data Protection Board (EDPB) at https://edpb.europa.eu

DO WE USE COOKIES ON OUR WEBSITE?

Yes, we use cookies on our website. To learn more, read our Cookie policy.

WHERE WE OPERATE

Lithuania — Balcia Lithuania Branch
Registration No.: 304498010
Address: Perkūnkiemio g. 5, Vilnius, LT-12129, Lithuania
Tel.: +370 5200 0630
E-mail: [email protected]

Poland — Balcia Poland Branch
National Court Register (KRS): 0000493693
NIP: 5263124162 | REGON: 147065333
Address: Al. Jerozolimskie 96, 00-807 Warsaw, Poland
Tel.: +48 222 742 222
E-mail: [email protected]

France — Balcia France Branch
Registration No.: R.C.S. Nanterre 797 882 016 | SIRET: 797 882 016 00018
Address: 86 rue Anatole France, 92300 Levallois-Perret, France
Tel.: +33 (0)1 75 33 40 89
E-mail: [email protected]

Germany — Balcia Germany Branch
Registration No.: HRB 49268
Address: Senefelder Str. 17, 63322 Rödermark, Germany
Tel.: +49 (0)6074 91765 0
E-mail: [email protected]

Spain — Operations carried out under the freedom to provide services
Tel.: +371 6703 0500
E-mail: [email protected]

Italy — Operations carried out under the freedom to provide services
Tel.: +371 6703 0500
E-mail: [email protected]

Cookies Policy

What are cookies and what do they do?

Balcia Insurance SE (we, Balcia) uses cookies on Balcia’s website to save time and make your browsing experience more efficient and enjoyable, as well as for analytical and marketing purposes.

Cookies are text files that are stored by the website in the browser’s file directory of your computer or mobile device when you open the site. Each cookie includes the name of the website and a unique ID. Cookies operate like a memory of the website to help us to remember you and your preferences the next time you visit our website, for example, your selected language or region, so that you would not have to specify them each time anew.

Cookies also allow tracking the website visiting statistics, time spent on our website and what you do on our website (for example, which pages you visit and which buttons you click on), it helps us to understand what visitors like about our website and how we can make it more attractive for other visitors.

Cookies make the interaction between visitors and websites faster and easier. Without cookies, it would be very difficult for a website to remember the user's preferences or registration details for a future visit.

How do we use cookies?

On our website we use 'persistent' cookies that remain on your device until you erase them, or they expire, and the 'session' cookies – they will be erased when you close your internet browser.

We use cookies to personalize content and ads, to provide social media features, and to analyse our data traffic.

Necessary cookies

Necessary cookies are placed on our website by default. We need necessary cookies to help us run our website, and to help us detect any problems with it, as well as to remember our users while they are browsing our website. For example, we use a cookie that tracks your cookie privacy preferences so that we do not place analytics and advertising cookies if you do not want us to. This type of cookie will remain on your device even after you have stopped browsing the website so we can make sure we comply with our legal and regulatory obligations. Such cookies are used by us on the basis of Balcia's legitimate interest (Article 6(1)(f) GDPR), which is to inform You about our activities with the help of our website.

Statistics and advertising cookies

These allow us to recognise and count the number of visitors to our website, and see how visitors browse our website, so we can understand how our website content is performing and improve it. We use third party cookies for this purpose.

Advertising and analytics cookies also allow us to see what pages and links you have visited so we can provide more relevant ads. We may share this information with third parties, such as Google, Meta and LinkedIn, for the same purpose, they may combine this data with other information you provide to them or that they collect when you use their services. We also allow our trusted partners to place cookies or similar technologies for this purpose on our website. We only use non-essential cookies and similar technologies if You have given Your consent. Your consent is voluntary and You can withdraw it at any time. In addition, You can voluntarily decide at any time which type of data processing You would like to allow. The withdrawal of consent will not affect the lawfulness of the use of cookies and similar technologies made on the basis of consent before its withdrawal.

What cookies do we use?

To see which specific cookies we use on our website, the purposes for which we use them and their storage period, please click here to get to our cookie banner.

In addition, please note that with Your consent We are using the following marketing services which transfers, processes and stores the data collected outside the European Union:

Google Analytics, Google Enhanced Conversations and Meta Conversion API

Google Analytics, Google Enhanced Conversations and Meta Conversion API

We use Google Analytics on our website to improve the quality of the website content and tailor the content to your needs. Google Analytics is widely used traffic analytics tool that allows website owners to get deep and real time insight into how their site is being used, how much, and by whom. Google Analytics is like a map of our website that shows us how You behave when on our website. This gives us insight into our domain’s performance and lets us optimize it. You can find more information on Google Analytics here.

We use Google Enhanced Conversations and Meta Conversion API on our website to improve the accuracy of our web analytics and marketing activities in Google and Meta. Google Enhanced Conversions and Meta Conversion API send hashed first party data from our website to the channels in a privacy safe way.

Data that is collected with Google Analytics and Google Ads is transferred to, processed, and stored by Google (United States of America (U.S.)). U.S. state authorities have access to this personal data, and Google may use this personal data for any of its own purposes. Data protection safeguard level in the U.S. is not the same as in the European Union.

Data that is collected with Meta (Meta Platforms Ireland Ltd. or Meta Platforms, Inc.) may be transferred or transmitted to, or stored and processed in the U.S. or other countries for the purposes of maintaining and monitoring the infrastructure of the services, ensuring security protections, analyzing how services perform and other analytics purposes. Data protection safeguard level in the U.S. is not the same as in the European Union.

Can I change my cookies’ preferences?

Yes. You can manage your cookies preferences by clicking here. You can also manage your cookie preferences through our pop-up cookie banner that appears when you first visit the website.

You can also manage your preferences by changing your browser settings on your device to refuse the use of all or some cookies. However, if you block all cookies (including necessary cookies), you may not be able to use all or some parts of our website. You may also find that you are shown information on our website that is less interesting to you.

You can find more information here.

Please note, other organisations, such as advertising networks, may also use cookies to track you across different websites. We have no control over these cookies.

If we change the cookies we use, we will update our cookie banner and this Cookies Policy if necessary. You always can find the latest version of this Policy on our website.

You can find more information on how we process personal data in our Privacy Policy.

This version of the Cookie Policy has been updated on 26.06.2024.