Motor Insurers’ Fund Privacy Notice

Last updated on 31/08/2023

1. Introduction

The Motor Insurers’ Fund (referred to as “MIF”, “we”, “us”, “our”, or “Fund”) as a Data Controller is committed to protecting your privacy and ensuring that processing of your personal data takes place in a transparent and secure manner. Personal data (referred to as ‘‘Data’’ or “Personal Data”) is information that identifies and relates to you or other individuals (such as name and address).

This Privacy Notice provides an overview of how and why we collect and process your Personal Data. It additionally contains information about third parties receiving your Data as well as your rights under local applicable data protection laws and the EU General Data Protection Regulation (‘‘GDPR’’).

Please note that this Privacy Notice applies to:

• individuals who have filed a claim or will be filing a claim to the MIF,
• uninsured drivers or owners of uninsured vehicles,
• individuals involved in any way in claims handled by the MIF (e.g. witnesses, police officers, injured individuals and drivers or passengers of vehicles involved) and
• customers of insurance companies (insureds), to whom a 7-day written notice was sent, in relation to the notification of cancellation of their insurance policy
• individuals who have submitted a claim or intend to submit a claim to the MIF in the context of Liquidation/Insolvency of a Cyprus insurance company or an insurance company which is under Liquidation/Insolvency and it operates in Cyprus under Freedom of Services or Freedom of Establishment,
• customers (insured) of Cyprus insurance companies under Liquidation/Insolvency or insurance companies that are under Liquidation/Insolvency and operate in Cyprus under the Freedom of Services or Freedom of Establishment

2. The Motor Insurers’ Fund

We are an organization registered in the Republic Cyprus under registration number HE2377 as a private company limited by guarantee having its registered office at 23 Zenon Sozos Street, Nicosia, P.O. Box 22025, 1516 Nicosia.

The MIF was established in 1969 and continues to operate under the provisions of the Motor Vehicles (Third Party Insurance) Law 96 (I) / 2000, as amended (hereinafter referred to as “Motor Vehicles Law”).

The MIF has been established to compensate in certain occasions, individuals who have suffered vehicle or other property damage, personal injuries and death due to road traffic accidents with uninsured vehicles, unidentified vehicles or vehicles insured with insurance companies under liquidation.

In case have any questions or want more details about how we use your personal information, you can contact our Data Protection Officer at: dpo@mif.org.cy.

3. What Personal Data do we collect, how we obtain it

We will collect and process only the necessary categories of Data required under our relationship with you. The categories of Personal Data we collect, and process may include the following:

• General identification and contact information: Name, address, contact details (telephone no. and/or email), identity number, birth date, occupation, sex.

• Personal Data for handling claims received by the MIF: Vehicle registration number, type and make of vehicle, driver’s license type, insurance policy number, insurance company, current income (in case of a loss of earnings claim due to the accident, for the assessment of future loss of earnings).

• Health related Data: To compensate fairly and adequately for any personal injuries suffered due to a road traffic accident, we may request Personal Data disclosing injuries suffered by claimants and other individuals involved. Health related data may be also provided by medical experts.

• In case of fatal accident, the MIF will request the disclosure of certain Personal Data of dependents of the applicant/victim (spouse and/or children) for the purposes of the fair and just quantification of compensation for the loss suffered by the dependents.

We collect Personal Data from the following sources:

• Directly from you: Through claim forms, telephone communications, letters, emails and any other correspondence we may have with you.

• Third parties: Such as public authorities, law enforcement bodies and any other public or private bodies.

• Publicly available sources: Such as the Department of Registrar of Companies and Official Receiver, the Land Registry, the Bankruptcy Archive, commercial registers, the press, media and the internet, data which we lawfully obtain and process.

4. Purposes of Processing and Legal Justifications

We collect and process Personal Data to properly manage or handle (evaluate, assess and satisfy, if required) claims received by persons who have suffered damage to their vehicle or other property and/or personal injuries and/or death, in road traffic accidents with uninsured drivers, unidentified drivers, drivers insured with insurance companies under liquidation and which in some instances, if applicable, may fall under the scope of green card claims.

In order to lawfully process the Data described above we rely on one or more of the following justifications:

1. Complying with our legal obligations

We are subject to a number of domestic and EU laws, including the European Motor Insurance Directives and Regulations as well as the Motor Vehicles Law.

The MIF has a legal obligation in certain occasions to compensate individuals who have suffered vehicle or other property damage, personal injuries and death as a consequence of a road traffic accident with uninsured drivers, unidentified drivers, drivers insured with insurance companies under liquidation. In order to fulfill its legal obligations the MIF has to process Personal Data.

1. Safeguarding our Legitimate Interests

We process Personal Data to safeguard the legitimate interests pursued by us or by a third party.

Such legitimate interests include:

• handling of claims submitted to the MIF;
• initiating and defending legal actions/claims;
• implementing measures and processes aimed at protecting IT security including asset security, network security and hardware security;
• implementing measures for the physical security of our premises and the safety of our employees;
• implementing measures in order to prevent crime or fraud (e.g. to identify fraudulent claims).

• Legal Claims

We may process Personal Data in order to establish, exercise or defend legal claims before Courts and competent tribunals.

1. You Have Provided your Consent

In cases where you have provided your consent to the collection and processing of Personal Data by the MIF we will use the legal justification of consent. Please note that you have the right to withdraw your consent at any time, however, any processing of Personal Data prior to the receipt of your withdrawal will not be affected.

1. Public Interest

The MIF has been established to compensate in certain occasions, individuals who have suffered vehicle or other property damage, personal injuries and death due to road traffic accidents with uninsured drivers, unidentified drivers, drivers insured with insurance companies under liquidation, who would otherwise be left without compensation.

Our functions include ensuring that the proper and just compensation is provided to individuals involved in road traffic accidents irrespective of the insurance status of the individual who caused the road traffic accident. Additionally, we contribute to the significant reduction in the number of uninsured vehicles in the Republic of Cyprus.

5. Recipients of your Personal Data

We may share your Personal Data with any of the following selected third parties:

• Our agents, suppliers and service providers such as debt collection agencies, independent consultants and investigators, engineers, damage evaluators, medical experts, insurance companies, brokers of reinsurance companies, records management providers, cloud storage companies, IT support providers, software providers, analytics and search engine providers that assist us in the improvement and optimisation of this website, and any other third-party vendors assisting the MIF.

• Our professional advisors and auditors such external legal advisors and accountants.
• Regulators, governments and law enforcement authorities.
• Courts, tribunals, arbitrators or other judicial committees.
• Uninsured drivers involved in the incident for which you have submitted a claim to the MIF.

6. Personal Data of Other Individuals

If you provide the MIF with Personal Data of another person such as a passenger of the vehicle that was involved in an accident, please note that it is your responsibility to inform the said individual about the content of this Privacy Policy and ensure that they have understood and accepted how the MIF uses their Personal Data.

7. Transfer of your Personal Data to a Third Country or to an International Organisation

We may transfer your Personal Data to countries not providing an adequate level of protection to Personal Data. Where appropriate, we will take steps to ensure that Personal Data transferred is subject to appropriate safeguards, such as entering into Data transfer agreements. In cases where we use Data transfer agreements or similar safeguards, we may be able to supply you with a copy or a specimen of such, if you contact us at dpo@mif.org.cy.

8. Retention of your Personal Data

In general, we will keep your Personal Data for the time period required to fulfil the purpose(s) of processing, e.g. for as long as it is necessary to evaluate and respond to your claim.

9. Your Data Protection Rights

In some instances, you may have the following rights:

• to request a copy of your Personal Data held by the MIF;
• to request the correction and/or deletion of your Persona Data, or restrict or object to the processing of your personal information;
• to withdraw your consent to the processing of your Personal Data at any time, where we process your Personal Data based on having your consent;
• to request to obtain and reuse your Personal Data in a format that is structured and commonly used. You may also request by the MIF to transmit such data to other organisations;
• to complain to the Office of the Commissioner for Data Protection in cases where you believe that your Data protection rights are being violated.

10. Children

We understand the importance of protecting children’s privacy. We may collect Personal Data in relation to children when handling claims provided that we have first obtained their parent(s)’ or legal guardian’s consent or unless otherwise permitted under the applicable laws.

11. Cookies

To enhance your experience while visiting our website, we may use “cookies.” A cookie is a unique numeric code that is transferred to your computer’s browser to track your interests and preferences and to recognize you as a return visitor.

We use cookies for different purposes:

• Essential Operations: these cookies are necessary to allow us to operate our website.
• Performance/Analytics: they allow us to recognise and count the number of visitors and to see how visitors use our website. In this way we may improve the user experience, for example, by ensuring that users are finding what they are looking for easily.
• Functionality: these are used to recognise users when they return to our website. This enables us to personalise our content for you and remember your preferences (for example, your choice of language and high visibility setting).

A number of web browsers allow you to manage your cookie preferences. You may set your browser to refuse cookies or to delete certain cookies. Please note that certain features of our websites will not be available if cookies are disabled.

12. Changes to this Privacy Notice

We may modify or amend this Privacy Notice from time to time.

In this case, we will amend the revision date at the top of this page. We do encourage you to review this Privacy Notice periodically to be always informed about how we are processing and protecting your Personal Data.

13. Contact the MIF

To exercise any of your rights, or if you have any other questions about the use of your Personal Data, please contact us at info@mif.org.cy

You can also contact our Data Protection Officer at dpo@mif.org.cy