Skip to content

Privacy Policy

Last updated: 4 May 2026

Jump to section
  1. 1. Who we are
  2. 2. Scope
  3. 3. Our role
  4. 4. Personal data we collect
  5. 5. Why we use your data, and the legal basis
  6. 6. Who we share your data with
  7. 7. International transfers
  8. 8. How long we keep your data
  9. 9. Your rights
  10. 10. Cookies and tracking
  11. 11. Security
  12. 12. Complaints
  13. 13. Changes to this Policy
  14. 14. Contact

This Privacy Policy explains how Cover Solutions LLC(“we”, “us”) collects, uses, shares and protects personal data when you visit cover.ge(the “Site”) or buy a travel-insurance policy through it. It is written to comply with the Law of Georgia on Personal Data Protection.

1. Who we are

Cover Solutions LLC, a company registered in Georgia under identification code 445837435. For any privacy-related question or to exercise your rights, contact us at info@cover.ge.

2. Scope

This Policy covers personal data we handle when you use the Site, request a quote, buy a policy, or contact us. It does not cover personal data processed by JSC Insurance Company Unison(“Unison”) once a policy is issued — Unison is the insurer and a separate data controller for claims, medical care and post-issuance servicing. Unison publishes its own privacy policy at unison.ge.

3. Our role

We act in two capacities:

  • As an independent controller for personal data we collect through the Site for our own purposes — for example, your support correspondence, technical logs, and fraud-prevention records.
  • As a processor on Unison's behalf when we collect the policyholder and traveller data needed to issue the insurance policy. Once we transmit that data to Unison, Unison becomes the controller for it.

This Policy describes both. Where Unison is the controller, your rights against Unison are set out in their own privacy policy.

4. Personal data we collect

We collect the following categories of data:

  • Policyholder and traveller details — full name, date of birth, citizenship, passport (or other travel document) number, and dates of travel.
  • Contact details — email address and, where provided, phone number.
  • Order and payment metadata — order reference, policy number, premium amount, currency, and the payment provider used. We do not see, store or process full card numbers. Card data is collected and processed directly by the payment provider on its own infrastructure.
  • Technical data — IP address, device type, browser, language, pages viewed, and error traces collected to keep the Site secure and working.
  • Communications — the content of emails or messages you send us.
  • Marketing preferences — only if and when we send marketing communications (see Section 10).

We do not knowingly collect data of children under 18 as policyholders. The policyholder must be at least 18 (Georgian law). Travellers covered under a policy may be minors but only via an adult policyholder.

5. Why we use your data, and the legal basis

  • To issue your policy — process your quote, register the policy with Unison, send the certificate by email, and provide a personal page where you can re-download it. Legal basis: performance of a contract with you.
  • To take payment — process the transaction through the chosen payment provider and reconcile the order. Legal basis: performance of a contract with you and our legal obligations.
  • To keep records required by law — tax, accounting, insurance and consumer-protection records. Legal basis: legal obligation.
  • To run and protect the Site — diagnose errors, prevent fraud and abuse, enforce our Terms of Use. Legal basis: our legitimate interest in a secure service.
  • To answer your support requests — respond to emails, handle complaints, re-issue policies on request. Legal basis: performance of a contract with you and our legitimate interest in providing customer service.
  • To send marketing — only if you have given prior consent. Legal basis: your consent.

6. Who we share your data with

We share personal data only with categories of recipients that need it for the purposes listed above:

  • the insurer that underwrites your policy;
  • payment service providers who process your transaction;
  • email and messaging delivery providers who deliver your policy certificate and operational notifications;
  • error-monitoring and hosting providers who keep the Site running and help us diagnose issues;
  • professional advisers (lawyers, auditors, accountants) bound by confidentiality, where reasonably necessary;
  • regulators, courts and law-enforcement bodies where we are legally required to disclose data.

We do not sell personal data, and we do not share it with advertising networks.

7. International transfers

Sometimes we may need to transfer your personal data to third-country locations to provide our service to you. We strive to ensure an adequate level of personal-data protection wherever our contractor is located. We transfer your personal information only where: (a) the destination country provides an adequate level of personal-data protection, or (b) we take appropriate safeguards to ensure your rights as a data subject are protected.

8. How long we keep your data

We keep personal data only as long as needed for the purpose we collected it, and for any longer period required by Georgian law:

  • Policy records (policyholder, traveller and order data) — up to 7 years from policy expiry, to meet commercial-records and audit obligations.
  • Payment metadata — up to 5 years under the Tax Code.
  • Server access and error logs 90 days on a rolling basis.
  • Email-delivery records30 days on a rolling basis.
  • Marketing consents — until you withdraw consent.
  • Support correspondence — up to 2 years after the matter is closed.

9. Your rights

Under the Law of Georgia on Personal Data Protection you have the right to:

  • be informed about whether and how we process your data, and receive a free copy;
  • have inaccurate or incomplete data corrected or completed;
  • ask us to delete or destroy data, or block (restrict) further processing;
  • withdraw consent at any time, where consent is the basis for processing — withdrawal does not affect processing already carried out;
  • object to processing based on our legitimate interests;
  • opt out of direct marketing at any time. We will stop within seven working days of receiving your request.

To exercise any of these rights, email info@cover.ge. We will respond within 10 working days of receipt. In exceptional cases this period may be extended by up to a further 10 working days; we will tell you if we need the extension and why.

Some legal obligations (insurance, tax, anti-fraud) may prevent us from immediately deleting or restricting data — we will explain which obligation applies if that is the case.

10. Cookies and tracking

We use a small number of cookies and similar technologies that are strictly necessary to operate the Site — for example, to remember your selected language and to keep your session secure during checkout.

We do not use third-party analytics, advertising cookies, social-media trackers, or session-replay tools. If we ever introduce non-essential tracking, we will update this Policy and ask for your consent before activating it.

11. Security

We use technical and organisational measures appropriate to the risk, including encrypted transport (HTTPS), restricted access to production systems, secret management, error monitoring, audit logging, and time-limited security tokens for personal pages. No internet service is perfectly secure, but we work to keep the risk low and to respond quickly when issues arise.

12. Complaints

If you believe we have processed your data unlawfully, please contact us first at info@cover.ge so we can try to resolve the issue.

13. Changes to this Policy

We may update this Policy from time to time. The “Last updated” date at the top reflects the latest version. Material changes will be highlighted on the Site or notified by email where we have your address.

14. Contact

Cover Solutions LLC
Email: info@cover.ge
See also our Terms of Use.