In Greece, online insurance aggregators are rapidly taking over significant market share of the insurance distribution market. This article intends to briefly illustrate the minimum structure and operation requirements, under applicable EU and Greek law that aggregators’ websites and undertakings dealing with them should take into account.

General requirements

Terms of Use and FAQs documents as well as simple, understandable, real, lawful, easily accessible and regularly revised Privacy and Personal Data Protection Policies shall be available on the aggregator’s webpage. They shall indicate they are different to those of the insurance undertaking’s, particularly if the consumers are at any point re-directed to its website.

Cookies may only be installed if the consumers have given their informed consent. If no such consent is given the use of the website shall be allowed to the highest degree which is technically possible. Whether or not any insurance contract is ultimately concluded, data may only be processed if consumers have consented in advance, and only in relation to those clearly indicated activities for which the consent has been given. Aggregators are required to take all necessary technical and organisational measures for the security of the electronic transactions and of the data they process. Greece follows the opt–in system with respect to consumers receiving marketing communications. 

Links

In compliance to Regulation 524/2013/EU and the Greek Code of Consumer Conduct for e-commerce, the aggregator shall post on its website an easily accessible link to the Online Dispute Resolution (ODR) platform operated by the European Commission, and a link to the above Code.

Insurance law requirements

If the website makes available the purchase of an insurance policy, it qualifies as an insurance intermediary under Greek law. It is therefore subject to the respective regulatory requirements, including making available on site the relevant pre-contractual information package as well as information on the complaints handling process and the contact person.

The website should also provide an easily accessible, short description of the participating insurance undertakings. It shall present the various insurance products in a clear and comprehensive manner, in the sense that each type of coverage is presented with the same connotation, so that the consumers may easily compare the different options. To minimize eventual liability, it is advisable that pop-up windows or banners provide information on basic contractual terms or exceptions from coverage.

To comply with consumer protection law on contracts concluded by distance means, the policy terms must be made available to the prospective policyholder prior to the purchase. The purchaser is deemed to have received proper knowledge of the terms when their text is available either via a hyperlink or via a clearly marked point of an electronic document. The purchase order may not be registered if the purchaser does not declare that he/she has received knowledge of the policy terms.

Under Greek law, the proof of insurance may be delivered and the insurance cover applies only after the payment of the premium. Following the purchase of the policy, the policyholder’s attention should be drawn to the exact moment (date & time) the insurance coverage starts, especially if it is different from the time of the purchase of the contract.

The policyholder shall be provided with the contractual terms “in a written form or in any other data storage medium” allowing him/her to save and reproduce it in the future, together with any other insurance documentation as for example standard forms for the exercise of rescission and/or objection rights.

Next steps

Insurance aggregators shall have to revise their policies and terms in view of the implementation of the Insurance Distribution Directive (IDD) and of the new General Data Protection Regulation (GDPR).