ActInsuranceSign in
Back to home

Legal

Brooks Privacy Policy

Brooks Insurance Agencies Ltd · ActInsurance Platform

1. Introduction

We are committed to safeguarding and preserving the privacy of our users.

This privacy policy outlines how we collect, use, and protect personal information that you provide to us, or that we collect from you while you use our application. We respect your right to privacy and are committed to maintaining it. We only collect, store and process your personal information according to the relevant laws and regulations. By accessing, browsing or otherwise using the application you confirm that you have read and understood this Privacy Policy. Ensure you have read it carefully.

2. Definitions

"Brooks," "We," "our," "ours," and "us," means Brooks Insurance Agencies Ltd and includes its successors in title and assigns, its affiliates and/or its strategic business units as may be specified from time to time.

"Personal data" or "personal information" means: Information about you or information that identifies you as a unique individual, such as your name and surname combined with your physical address, contact details, identity card or passport number.

"Processing" means handling, collecting, using, altering, merging, linking, organizing, disseminating, storing, protecting, retrieving, disclosing, erasing, archiving, destroying, or disposing of your personal information.

"Sensitive personal information" includes data revealing your race, health status, ethnic social origin, conscience, belief, genetic data, biometric data, property details, marital status, family details including details of your children, parents, spouse or spouses, sex or sexual orientation.

"You" means: Customer, which includes personal representatives and assigns doing business with us and includes (where appropriate) any person you authorize to give us instructions, the person who uses any of our products and services or accesses our websites. "Customer" shall include both the masculine and the feminine gender as well as a legal person.

Any visitor that is a person (including partners or any third parties) who gains access to any of our premises. Any supplier/service provider who has been contracted by us and/or signed a service level agreement with us.

The word "includes" means that what follows is not necessarily exhaustive and therefore the examples given are not the only things or situations included in the meaning or explanation of that text.

3. Information We Collect

We may collect the following personal information:

  • Individual details: Name, address, email and telephone details, gender, marital status, family details, date and place of birth, relationship to the policyholder insured, beneficiary, or claimant.
  • Identification details: Identification numbers issued by government bodies or agencies (e.g., ID number).
  • Financial information: Mobile money number, mobile money statements, bank account number and account details, and other financial information.
  • Online data: When you use our products and services through our website, mobile applications such as cookies, login data, IP address (your computer's internet address), browser type and version, ISP or operating system, domain name, access time, page views, location data, how you frequently use our online insurance, banking and other services, our mobile applications or visit our website; or
  • Profile data: Such as your username and password, your interests, preferences, feedback, and survey responses.

4. Where We Collect Personal Information

We collect Personal Data from various sources, including:

  • Directly from individuals and their family members, online or by telephone, or in written correspondence;
  • From individuals' employers;
  • Claim forms.
  • Once you register on our platform, you will no longer be anonymous to us and will provide us with personal information.

5. Purpose For Data Processing And The Legal Basis

The primary purpose for collecting and processing your personal data is to perform statutory and contractual activities related to management of the insurance product you have with us. We will also process your data in connection with other tasks as required by law and statutory regulations. In addition to these, personal data may be used in service and product development.

6. Storage And Protection Of Personal Data

We maintain appropriate technical and organizational safeguards against unauthorized processing of personal data and against accidental loss, destruction or damage.

7. Use Of Personal Data

We use your personal information to manage your policy, process payments, and manage claims. We may also use your information to provide you with marketing materials or to improve our services.

8. How We Share Your Information

We may share your personal information with third-party service providers, such as payment processors or claims management companies, who help us manage your policy and process your payments. We may also share your information with as required by law and statutory regulations.

9. Consent

In order to facilitate the provision of our services, we rely on the data subject's consent to process personal sensitive information, such as age and marital status. This consent allows us to share the information with Insurers and other Intermediaries that may need to process the information in order to undertake their role in the insurance industry.

The affected individual's consent to the processing of personal information is a necessary condition for us to be able to provide the services requested. When you are providing us with information about a person other than yourself, you agree to notify them of our use of their Personal Data and to obtain such consent for us.

Individuals may withdraw their consent to such processing at any time. However, doing so may prevent us from continuing to provide the services. In addition, if an individual withdraws consent to an Insurer's processing of their Personal Data, it may not be possible for the insurance cover to continue.

10. Cookies

We may use cookies and similar technologies on our websites, systems, apps and in our emails. Cookies are text files that gather small amounts of information, which your computer or mobile device stores when you visit a website or use an app. When you return to the website or app, or visit websites and apps that use the same cookies, they recognize these cookies and your device.

Cookies make it easier for us to give you a better experience online. You can stop your browser from accepting cookies, but if you do, some parts of our website or online services may not work. We recommend that you allow cookies.

11. Marketing

If you give us permission, we may use your personal or other information to tell you about products, services, and special offers from us or other companies that may be of interest to you. We will do this by post, email, or text message (SMS), WhatsApp, and social media platforms. If later you decide that you would not want us to do this, please contact us at dpo@brooks.co.ke and we will update your preferences.

12. Transfer Across Borders

Your data is primarily stored in our data server located in Kenya. Some data is stored on cloud, and accessed in other countries. We are committed to ensure an appropriate level of protection by the recipient of the data when we transmit your data outside Kenya.

If we transfer Personal Data to other countries outside Kenya, there are legal grounds justifying such transfer, such as individuals' consent, or other legal grounds permitted by law.

By dealing with us and submitting your personal information, you agree to the transfer, storage, and/or processing of your personal information outside of Kenya.

13. Your Rights As A Data Subject

So as to exercise your rights as provided above, we may request specific information from you to help us confirm your identity. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request.

Requests, questions, or concerns should be:

Made at our head office: Brooks Insurance Agencies Limited, 1113 Kayahwe Rd, Off Galana Rd, Kilimani, P.O Box 15850-00100 Nairobi Kenya. Tel: 0111023600

Sent via email to: dpo@brooks.co.ke

  • Access a copy of your Personal Data processed.
  • Correct, delete, or verify your Personal Data that we process that you have submitted to us.
  • Request erasure of your Personal Data where there is no good reason for us to continue to process it. Please note, that we reserve the right to decline this request for specific legal or regulatory obligations.
  • Object to the processing of all or part of your personal data.
  • Request the transfer of your Personal Data to you or a third party. We will provide to you, or a third party you have chosen, your Personal Data in a commonly used, machine-readable format. Please note that this right only applies to information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw your consent to the processing of your Personal Data. We may, in certain circumstances continue to process your data if there is a legitimate reason to do so.

14. Data Security

Personal information is safeguarded against unauthorized access, use, disclosure, alteration, damage or loss.

We take reasonable steps to ensure the integrity, accuracy and confidentiality of personal information held by it. We have implemented adequate security measures such as access control, encryption, physical security, and other best practices, to protect personal data. We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your personal information is secure.

15. Retention And Storing Your Personal Data

We will retain your personal information for as long as you have your account with us, or as long as it is required for us to be able to provide the relevant services to you. We may retain your personal data and information as may be required by law and maintain specific records management and retention policies and procedures. If the data is not required anymore for statutory or contractual obligations, it will be deleted.

16. Updates To This Privacy Policy

We reserve the right to modify or update this privacy policy from time to time to reflect changes in our data processing practices or legal requirements. We shall notify you of any material changes to this policy.

17. Limitation Of Liability

We recognize our responsibility in relation to the collection, holding, processing or use of personal information. The provision of your personal information is voluntary. You may choose not to provide us with the requested data, but failure to do so may inhibit our ability to provide services to you.

We are not responsible for, give no warranties, nor make any representations in respect to the privacy policies or practices of linked or any third party websites.

18. Contact Us

If you have any questions about our privacy practices, or want to exercise any of your rights, contact our Data Protection Officer:

Data Protection Officer, Brooks Insurance Agency, 1113 Kayahwe Rd, Off Galana Rd, Kilimani, P.O Box 15850-00100 Nairobi, Kenya Tel: 0111023600 Email: dpo@brooks.co.ke

© 2026 Brooks Insurance Agencies Ltd. All rights reserved.