PRIVACY POLICY
RK2 SEGUROS is committed to protecting your privacy.
RK2 SEGUROS is committed to carrying out any and all data processing activities using technical, legal and administrative security measures capable of protecting the data and privacy of holders, ensuring that everyone who has data processed within the scope of the relationship they establish with our company enjoy services offered in accordance with ethical and appropriate practices, able to meet the requirements of the General Data Protection Law (Law 13.709/2018) –
*LGPD, for security, privacy and integrity.
*In addition to the Information Security Glossary – Ordinance n. 93 of 2019 and the LGPD Practice Guide in the Central Data Governance Committee – CCGD and Accountability and Governance of Contracts of the Information Commissioner's Office – ICO of the United Kingdom of 2019.
RK2 INSURANCE
RK2 SEGUROS is an insurance broker and consultant designed to deliver innovative risk and benefit solutions for our clients. With a strong presence in the national and international markets, our main objective is to act with high performance, with the vision that the most important thing for us are our customers and their needs.
PRIVACY POLICY
Last Update: August 25, 2021 – Version 1.0.
This Privacy Policy applies only to RK2 SEGUROS, exclusively to our website, to our customers (when contracting our services) and collaborators (when establishing employment ties with us). It does not apply to “banners”, sweepstakes, other advertisements or promotions that RK2 SEGUROS may display, sponsor or participate in third-party websites, nor to other forms of data collection practiced by RK2 SEGUROS through other websites or platforms, including those that you may have access to through a link displayed on this website.
I. INTRODUCTION
The contracting of services provided by RK2 SEGUROS, generates the need to provide some personal data in order to enable the provision of service.
To this end, our Privacy Policy describes how we collect, use and disclose data that we obtain from you, our user, and about the link you establish with us – RK2, whether through contracting our services and/or while browsing our website.
RK2 SEGUROS values data security, respect for your privacy and transparency with its holders.
- The purpose of this document is to establish the rules for processing data that include, for example, the operations of collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction of data collected from USERS, in addition to recording their activities, in accordance with applicable laws and their permissives.
II. WHO IS RESPONSIBLE FOR YOUR DATA?
RK2 SEGUROS is responsible for your data, acting as data controller, that is, a legal entity governed by private law who is responsible for decisions regarding the processing of personal data, pursuant to art. 5, item VI of the LGPD.
III. DATA OFFICER (DPO) AND FACILITATED CONTACT
If you have any questions about this policy, even after reading it, or need to interact with us about matters involving data and its collection, you can do so through our service channels: (21) 2391-1318 and/or through the address electronic address (e-mail) of the Data Officer (DPO) – dpo@rk2seguros.com.
IV. ABOUT THE USE OF DATA
I SAW. Collection and Treatment
– Through your activity on our website and platforms
As part of the standard and essential functioning of our website, RK2 SEGUROS may collect, analyze, process, store, record in real time and analyze any and all activity on our website, whether through interactions or communications that use our website, including the collection, analysis, processing, storage and recording of areas of the website that you browse, called a user session (e.g. URLs or specific areas), where you click, scroll, hover, interact or communicate with the website or through it and when and for how long each of these activities took place.
The provision of data as a customer or pre-customer in the form of a user, in the items below, consents to the possibility of communication through the channels provided for updates, offers, new products and materials related to RK2.
Personal identification data, provided by you to the contact through the chatbot, for example, such as:
a) Identification data;
b) Name;
c) Telephone;
d) E-mail;
– By completing forms/newsletter
To download our free content, by filling out forms, we collect the following data, with the purpose of interacting and communicating with our users with offers, new products, updates, events and materials related to RK2:
a) Identification data;
b) Name;
c) Telephone;
d) E-mail;
d) Company you work for and position.
– When pre-negotiating, contracting our services and/or keeping in touch with us through our ChatBot / WhatsApp / Phone Call – through the operator application Leucotron:
a) Identification data;
b) Claim registration data in the life insurance business;
c) Claim registration data in the field of health insurance;
d) Claim registration data in the field of general liability insurance;
e) Claim registration data in the field of personal accident insurance;
f) Claim registration data in the field of auto insurance;
g) Data for registration of claims in other lines of insurance, such as home insurance, travel insurance, local surety insurance, bicycle insurance, insurance
dental benefits and insurance;
h) Data of associated brokers;
i) Details of beneficiaries and dependents;
j) Data from customer representatives – legal entity;
k) Data from third parties that have a service provision link, including contractual, with (specify the company – if any);
l) Data for insurance quotes in general;
m) Identification data of the insured object;
n) Billing data;
o) Data on health and lifestyle;
p) Voice call recording data, text messages and emails with RK2;
q) Data for customer travel coverage;
r) Data for customer registration;
s) Data of customer representatives – legal entity;
t) Customer data relating to complaint records;
u) Power of attorney data;
v) Video surveillance data.
– By adding your resume to our talent bank through Work with Us – In Search of Talents, Be Part of the Team. (rk2seguros.com).
a) Identification data;
b) Name;
c) Telephone;
d) E-mail;
d) Message written by the candidate (optional);
e) Curriculum Vitae of the candidate (with optional personal data, added by the candidate himself and known to him), such as: name; email; telephone; address; ZIP CODE; City; state; birth date; RG/CPF; nationality; Photograph; interests; academic education; professional experience; skills and/or other information that the candidate finds relevant.
None of the data presented in the “Work with Us” tab will be sold or transferred to third parties.
We may receive Personal Data and Sensitive Personal Data, through third parties or an intermediary company, for the purpose of providing services described in item VII of this policy, thus applying all items provided for in this Privacy Policy.
V. NECESSARY DATA
When establishing a link and/or contact with us, through our means of communication, you will see and receive a list of the personal data necessary for the service or provision of certain products, services or functionalities of RK2.
When you do not provide the required Personal Data, these products, services or functionalities may become unavailable due to the need to execute a contract or pre-contract.
SAW. LEGAL BASIS FOR COLLECTING YOUR DATA BY RK2
– Contract fulfillment
Data processing by RK2 is carried out on the basis of what is strictly necessary to achieve the purpose expected by the parties involved, either for the fulfillment of a contract or in order to take measures at the request of the user, before entering into said contract. As described by art. 7, item V of the LGPD.
– Legitimate interest
Another legal basis on which RK2 relies for data processing is the fact that they are necessary for the legitimate interests of RK2 or a partner/operator of the data processing chain, such as: sending marketing about our products and/or materials through our newsletter to which you have subscribed or where we have a reasonable expectation that we will need to carry out a certain type of processing on your behalf.
RK2 will only base itself on legitimate interests after an assessment that balances the interests and rights involved, as well as the need for processing to offer our products, services and features. As described by art. 7, item IX of the LGPD.
– Consent
A third legal basis used by RK2 to process data is your consent. In such cases, we will make such a request at the time of availability or request for treatment. The treatment will only be carried out when consented. For example, when you enter into a contract with us, where your consent will be requested so that we can process your data. As described by art. 7, item I of the LGPD.
We emphasize that, as explained in our Term of Consent, you can revoke your consent at any time, through our facilitated contact set out above.
– Compliance with legal obligation
Finally, we rely, for certain treatments, on the need for compliance with a certain legal obligation by RK2. As described in art. 7, item II of the LGPD in respect of interdisciplinary legislation, such as tax, labor, civil, social security and others.
VII. GOAL
The data collected by us, described in this Privacy Policy, will be used to offer our products, services and functionalities. Such as:
The. For the execution of a contract or for carrying out preliminary procedures at the request of the customer.
Within the scope of providing services and/or offering products that the customer intends to hire, we will process data for the following purpose:
i. Request from the client or potential client: Request for Quotation; Telephone Order Management; Order Management via the Website, Phone Call and WhatsApp; Order management by data operators Leucotron and Conecta. Submission of Proposal; Submission of Request for Issue; Denunciations / Complaints; Ethical Lines; Geolocation Requests; Confirmation of Age of Age Data; Password request, new card, card unlocking and issue of Invoice; Sending a request for issuance; proposal, policy, insurance card or invoice; Requests in general regarding health and dental insurance; Life Insurance Adhesion Proposal;
ii. Contract execution: Customer Management; Commercial management; Contract Management; Registration Management; Endorsement Management; Policy Issuance Management; Premium Collection Management; Policy Renewal Management; Portfolio analysis / Loss ratio; Physical File of Insurance Contract; Insurance Contract Digital File; Confirmation of Age of Age Data;
iii. Claim follow-up: Management of expectation and/or actual claim; Accident report; Evidence of losses / damages suffered, Evidence of amounts claimed, Video surveillance;
iv. Business Risks: Claims Service; Claim Expectation; Finding of Damages; Check the amounts claimed;
B. To handle requests:
We process data to comply with contractual clauses, in the following cases:
Commercial Prospecting / Market study; User management of websites or social networks; Management of Health, Life and Dental Insurance invoices; Registration Change Health, Life and Dental Insurance; Apportionment of Monthly Health and Dental Insurance (Pre and Post Payment); Apportionment of Health and Dental Insurance Co-participation; Personal Health Declaration – DPS; Letter of Travel Insurance and Life Insurance; Medical Reimbursement Management, therapies, among other health/dental coverage; Statement of income tax to the insured; Movement of Insurance for invoice verification; Life insurance membership proposal; Life Insurance Sinister; Forwarding information to retired policyholders (slips/statements); Invoice extension due to inconsistency
ç. For compliance with legal and regulatory obligations, R2K is subject to:
In the exercise of our activity, we are subject to certain legal and regulatory obligations, the fulfillment of which implies the need to carry out data processing, such as:
i. controls of events held on behalf of Politically Exposed Persons, for the Prevention and Combat of Money Laundering and Financing of Terrorism;
ii. For computerized systems, it is necessary to carry out: Access Control to Installations; Geolocation; Access controls and analytical actions;
iii. To comply with labor laws; Contract Management; Leave Management; Benefits Management, including but not limited to medical/dental expense reimbursements;
iv. For assistance with judicial, extrajudicial or arbitration proceedings in which the customer is sued;
v. Requests from public, regulatory and supervisory bodies of Municipal, State and/or Federal origin;
saw. Compliance with standards, as long as they are framed and necessary in the RK2 regime, in provisions of the Superintendency of Private Insurance - SUSEP, especially Circular n. 638/2021.
d. To ensure the best provision of services to customers:
To ensure the best customer service and to comply with applicable laws, we will process data to: analyze business information; internal electronic communication management; tax information file; portfolio and loss ratio analysis and market studies.
and. Data processing when subcontracted
In the event that we act as a subcontracted company, that is, the data are the initial responsibility of other entities, they will only be processed for the purposes expected by the parent company and in accordance with the instructions transmitted to it in the treatment contract.
VIII. SHARING
The data collected by RK2 will be shared, when necessary, with insurers that have an active registration with the Superintendence of Private Insurance - SUSEP and/or with International Insurers and Reinsurers, in cases of accounts that need support from the international insurance market (which will appear as data operators, pursuant to article 5, item VII, of the LGPD). The insurers in question will be specified in the original contract, and may be distinguished in view of the concrete situation or upon request by the insurers.
Sharing is essential for the purposes described in this instrument to be achieved, and will occur based on the principles of good faith, purpose, adequacy, necessity, free access, data quality, transparency, security, prevention, non-discrimination, accountability and provision of bills.
Before sharing the data, RK2 will verify and ensure that the insurers registered with SUSEP are in compliance with the rules and principles of data protection listed by the LGPD, in order to preserve the integrity, confidentiality and availability of such data.
IX. SECURITY AND STORAGE
We at RK2 are committed to:
i) Store the collected data in secure databases, in order to preserve them and guarantee their integrity;
ii) While in possession of the data, RK2 will ensure compliance with security measures to protect the data (including copies derived from data files created to perform the provision) against accidental or unlawful destruction, loss, unauthorized alteration, disclosure , unauthorized access or processing;
iii) The data, in all its forms (electronic, paper, verbal or otherwise) will be stored throughout its life cycle (collection, use, disclosure, retention and disposal) through reasonable protection measures, determined by policies , by legislation and regulation, and other authorities;
iv) Conversations held via WhatsApp and via voice call are recorded in a secure database owned by the platforms (operators) Leucotron and Conecta, in a single event, between RK2 and the customer or pre-customer.
In addition, all RK2 employees are subject to obligations of confidentiality and secrecy, under specific training.
X. GOOGLE ANALYTICS
Google Analytics is a web analytics service that identifies your browsing patterns on our website and generates reports on these activities so that we can improve the website. To do this, we collect and share data about you and how you use our website. The Google Analytics Privacy Policy can be accessed at: https://policies.google.com/privacy and/or by clicking here.
XI. COOKIES
When you visit our website, a “cookie” is inserted in your browser through the Google Analytics software to identify how many times you return to our address. Information such as IP address, geographic location, referral source, browser type, duration of visit and pages visited are collected in an anonymised manner.
We only collect, via cookies, essential data for the operation of our website and to measure access metrics, such data is not shared with third parties, in addition to those responsible for the cookies themselves.
You can adjust your browser settings to disable cookies or delete them. If enabled, we (and the aforementioned third parties) will issue cookies when you interact with our website.
XII. TREATMENT PERIOD
The user declares to be fully aware that we may keep and treat (even after the collection period has expired) the personal data and/or sensitive personal data collected from the holders through the website, services and functionalities, during the period in which they are relevant to the scope of the purposes listed in this policy, and they may be kept for an indefinite period, where, in any case, they will always be anonymized according to the legal permissive, not being associated with the specific user or customer.
Such information may be used and disclosed only in its accumulated and consolidated form by groups, segments or regions, with statistical intent without enabling the identification of the parties and includes, but is not limited to, volumes and products handled, values, records, procedures , policies, work instructions and/or any other information and data belonging to the other party;
XIII. UPDATE
The information contained in this document may undergo changes or adaptations, for due compliance with the law. Therefore, we advise you to always consult the latest version of this document, to stay up to date on your rights and treatment given to the information provided to us.
XIV. HOLDER'S RIGHTS
The following rights may be exercised by the holder, at any time, in accordance with the applicable legislation, upon request:
- Confirmation of the existence of processing of personal data; Access to personal data; Correction of incomplete, inaccurate or outdated personal data; Anonymization, blocking or deletion of unnecessary, excessive or processed data in violation of the provisions of the LGPD; Portability of personal data to another supplier of a service or product, subject to the regulation of the national authority; Deletion or anonymization of personal data processed based on your consent, except when the law authorizes the maintenance of this data on another basis; Information about the public and private entities with which RK2 has carried out the shared use of your personal data; Information on the possibility of not giving consent to the processing of your personal data and on the consequences of such an action; eRevocation of your consent, when the treatment has been carried out based on the consent of the holder.
XV. EXERCISE OF RIGHTS AND FACILITATED CONTACT
We facilitate the exercise of rights by data subjects, whenever possible and in accordance with the law.
Holders may make any claim, request or request for information related to the processing of their personal data, including for the exercise of data holder rights indicated in this Privacy Notice and guaranteed by national legislation, through the email: dpo@ rk2seguros.com.
XVI. HOLE.
The Privacy Policy is governed in accordance with the legislation of the Federative Republic of Brazil. Any disputes or controversies arising from any acts performed within the scope of the use of RK2's websites or communication systems, including in relation to non-compliance with the Privacy Policy or violation of the rights of RK2, other Users and/or third parties, is elected the State of Rio de Janeiro forum to resolve any controversy arising from this instrument.
When browsing and interacting with the communication on our website, the user declares that he has read and agrees with the present privacy policy presented by RK2.
