Our company, operating under the name “BROKINS INSURANCE AGENTS AND INSURANCE AGENTS COORDINATORS S.A.”, with registered offices in Glyfada, Attica (65 Poseidonos Avenue & 2 Vaso Katraki Square), Tax Registration Number (VAT): 095578391 – Piraeus Tax Office, Tel.: +30 210 8931600 (hereinafter referred to as the “Company”), acts as an insurance intermediary (Registration No. 7049 as Insurance Agent and No. 1134 as Insurance Agents Coordinator). In its capacity as Data Controller, the Company provides you with the following information regarding the processing of your personal data.
Purposes of Processing Your Personal Data
The processing of your personal data is necessary and required due to our obligations as an insurance intermediary: (i) to assess your insurance needs and requirements and to justify the recommendations provided to you prior to entering into any insurance contract, (ii) to assist you in the management and execution of the insurance contract after its conclusion, particularly in the event of a claim, and (iii) to comply with our obligations under applicable legal and regulatory requirements.
Accordingly, your personal data is processed exclusively for the above purposes. In addition, subject to your explicit consent, the Company may process your personal data for promotional, commercial and/or research purposes in order to provide enhanced insurance intermediation services.
Categories of Personal Data Processed
Depending on the type of insurance requested or maintained, the Company may process the following categories of personal data, including special categories of personal data where required:
a) Identification data (e.g. full name, father's name, ID/passport number, tax identification number).
b) Contact details (e.g. telephone number, postal address, email address).
c) Information required for assessing insurance needs and managing insurance contracts,
including risk assessment data, financial and asset information, driving history, health-related information,
information relating to insured persons and beneficiaries, policy administration data and premium payment records.
d) Payment information (e.g. bank account details, debit and credit card information).
e) Claims-related information required for the handling of insurance claims, including property damage,
bodily injury reports, medical certificates, invoices and supporting documentation.
f) Electronic identification data relating to visitors of our website
(www.brokins.gr), including IP addresses and cookies.
The Company maintains, updates and securely stores your personal data based on the information you provide. Appropriate technical and organisational measures are implemented to safeguard data against loss, alteration, misuse, unauthorised access, disclosure or any other unlawful form of processing.
If You Refuse to Provide Personal Data
If you refuse to provide the personal data and information required for the purposes described above, the Company may be unable to provide insurance intermediation services.
Legal Basis for Processing
The legal basis for processing your personal data may include your explicit and informed consent, provided through dedicated consent forms where required. Additional consent may be requested at a later stage depending on the operation and administration of the insurance contract.
You may withdraw your consent at any time. However, withdrawal of consent may affect our ability to continue providing certain insurance intermediation services, particularly where processing of special categories of personal data is required. Withdrawal does not affect the lawfulness of processing carried out before such withdrawal.
If you provide personal data relating to another individual, you confirm that you have informed that person accordingly and obtained any required consent.
Recipients and Disclosure of Personal Data
Your personal data may be processed by authorised personnel within the Company and by departments carrying out lawful operational functions, including accounting, legal and compliance departments.
Data may also be disclosed to insurance companies operating legally in Greece and/or within the European Union and, where appropriate, to reinsurers, cooperating insurance intermediaries, loss adjusters, consultants, roadside assistance providers, vehicle repair service providers, document management companies, IT service providers, printing and mailing providers and contact centre service providers.
Personal data may also be disclosed to public authorities, courts, prosecutorial authorities, regulatory bodies such as the Bank of Greece and other competent authorities, where legally required or necessary for the protection of legitimate rights and interests.
Where you have provided specific consent for marketing, promotional or research purposes, personal data may additionally be shared with advertising agencies, promotional partners or research organisations.
Transfers Outside the European Union
Personal data may only be transferred to countries outside the European Union where an adequacy decision has been issued by the European Commission or where appropriate safeguards are in place in accordance with applicable data protection legislation.
Data Retention Period
The Company retains personal data for the duration of the contractual relationship and/or the insurance contract arranged through our services.
Following termination of the relationship or insurance contract, personal data will be retained for as long as required by applicable limitation periods, tax legislation and regulatory obligations, unless ongoing legal proceedings require a longer retention period.
Where no insurance contract is ultimately concluded, personal data may be retained for up to five (5) years.
Your Rights
Under applicable data protection legislation, you have the right to:
a) Obtain confirmation as to whether your personal data is being processed and receive information regarding such processing.
b) Request correction or completion of inaccurate or incomplete personal data.
c) Request erasure of your personal data where processing is no longer necessary.
d) Request restriction of processing.
e) Object to further processing of your personal data.
f) Request portability of your personal data to another controller of your choice.
The Company may refuse requests for restriction or deletion where processing is necessary for the establishment, exercise or defence of legal claims or to comply with legal obligations.
Exercising your rights is generally free of charge. However, where requests are manifestly unfounded, excessive or repetitive, the Company may charge a reasonable administrative fee or refuse to act on the request.
If you believe your personal data is being processed unlawfully, you have the right to lodge a complaint with the Hellenic Data Protection Authority .
Data Protection Contact
Email: dpo@brokins.gr • Tel: +30 210 8931600
If you believe your rights have been violated, you may contact the Hellenic Data Protection Authority at: www.dpa.gr.