Privacy Policy

In compliance with the Spanish and European regulations on personal data protection, we inform you that the data collected by SUM BROKER ONLINE, S.L, in its capacity as Data Controller, will be treated with the legal basis of the legitimization protected by your consent for the fulfillment of the missions and business objectives legally recognized by the entity, and specifically to offer the interested party insurance products, aimed at maintaining the commercial relationship with the client and managing the relationship with the mediating agent and with the possible Insurance Companies for the contracting of the insurance products and the provision of coverage of the risks to be insured.

The categories of personal data to be processed are as follows: identification and contact data; IP address; and, economic, financial or insurance data.

In the event that a contract is made online, the IP address of the user's computer will be saved for evidential purposes and as a fraud prevention measure. The communication of the data associated with the above purposes is essential for the maintenance of the contractual relationship and the data will be kept for the duration of the relationship and after its completion for the periods of time stipulated by the applicable legislation.

Likewise, the data collected by SUM BROKER ONLINE, S.L., regardless of the electronic, telematic or telephone means used, will be used by SUM BROKER ONLINE S.L. and communicated to companies belonging to the sectors of Business Process Outsorcing (BPO), insurance, business management, digital sales, technology consultancy, leisure, health, sport, travel, welfare, food, culture, energy, water, communications, IT, automotive, finance and banking, training, mass consumption, transport, real estate and other value-added services to carry out commercial, promotional and/or marketing activities for the supply of products and services in line with its corporate purpose. These data are processed by automatic decision, segmentation and assessment systems in order to obtain statistics, carry out market surveys, analyse and draw up profiles.

This purpose is not linked to the fulfilment of the contractual relationship and you are not obliged to authorise this processing. Thus, and for the purposes of the provisions of Article 21 of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, the User expressly authorises the aforementioned companies to send him/her commercial, promotional or advertising communications by e-mail, SMS or any other electronic or equivalent telematic communication means, including direct contact by telephone.

These data will be kept as long as you do not express your will to revoke the consent previously given for the sending of commercial communications, by sending an e-mail to

On the other hand, insofar as the User proceeds to contract an insurance product through the website and is not providing his or her data directly through a form belonging to the Insurance Company, the User gives his or her express consent for SUM BROKER ONLINE, S.L. to communicate said data to the insurance companies with which he or she has signed a mediation contract, as well as to their possible underwriting agencies, for the purpose of managing the contracting of the insurance and the provision of the coverage service associated with it. This communication is essential to enable the insurance to be taken out.

In any case, SUM BROKER ONLINE, S. L. guarantees the interested party the exercise of their rights regarding personal data protection, which include access to their personal data, its rectification or suppression, the limitation of its processing, the opposition to the processing, as well as the right to the portability of the data. In order to exercise these rights, you should contact Data Protection Delegate - SUM BROKER ONLINE, S.L., with address at Calle Ferrol, No 1, Piso 5, Puerta 3. 15004 A Coruña, proving your identity and attaching your address for the purposes of notifications.

Likewise, you are reminded that you can also file a complaint with the Spanish Data Protection Agency by informing yourself of the form and content of the procedure on the website


Last updated: 2 November 2020.

ai sensi dell'art. 13 Regolamento UE 2016/679

Gentile Interessato,

with the present document (the "Informative"), we intend to renew our commitment to ensure that the processing of personal data collected through the website (the "Site"), carried out by both automated and manual means, is in full compliance with the laws and rights recognised by Regulation (EU) 2016/679 ("GDPR" or the "Regulation") and subsequent applicable rules on the protection of personal data.

Con il termine dati personali si fa riferimento alla definizione contenuta nell'art. 4 comma 1 del Regolamento, ossia "qualsiasi informazione riguardante una persona fisica identificata o identificabile; si considera identificabile la persona fisica che può essere identificata, direttamente o indirettamente, con particolare riferimento a un identificativo come il nome, un numero di identificazione, dati relativi all'ubicazione, un identificativo online o a uno o più elementi caratteristici della sua identità fisica, fisiologica, genetica, genetica, psichica, economica, culturale o sociale" (i "Dati Personali").

The purpose of this Information - drawn up on the basis of the principle of transparency and including all the elements required by art. 13 of the Regulation - is to provide you in a simple and intuitive way with all the useful and necessary information so that you can confer your Personal Data in an informed and conscientious manner and, at any time, exercise your rights under the GDPR.


The company that will process your Personal Data for the purposes described in this Information and that will therefore be the data controller, i.e. "the natural or legal person, public authority, service or other body which, alone or together with others, determines the purposes and means of processing your personal data" is Insurama - DBDG Italy S.r.l., con sede legale in Lungotevere Flaminio n. 14, 00196 - Roma (RM) (the "Titolare").


The Holder, in order to improve its relations with interested parties, has appointed a Data Protection Officer (the "DPO"), by appointing SAPG Legal Tech S.r.l. with registered office in Via Durini n. 15, 20122 - Milano (MI).

As provided for in art. 38 of the GDPR, you are free to contact the DPO for all matters relating to the processing of your Personal Data and/or in the event that you wish to exercise your rights as provided for in this Notice, by sending a written communication to the following e-mail address:


While browsing the Site, you can acquire some of your Personal Data in the following ways.

  • Navigation data

The computer systems and software procedures used to operate the Site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes, by way of example: IP addresses, the type of browser used, the operating system, the domain name and the addresses of the websites from which access or use has been made, information on the pages visited by users within the Site, the time of access, the permanence on the single page, the analysis of the internal path and other parameters related to the operating system and the user's computer environment.

Such data of a technical/computer nature are collected and used exclusively in an aggregated and non-identifying manner and may be used for the assumption of liability in the event of computer-related incidents or damage to the Site.

The processing shall be based legally on the legitimate interest of the Holder to improve the functioning of its own systems, to optimise and improve the browsing experience, to avoid fraudulent activities and to improve the security of the Site (art. 6, paragraph 1, letter f) of the Regulation).

For more information about cookies and their use within the Site, you can view the appropriate policy available at the following link.

  • Dati forniti volontariamente dal visitatore

These are all the Personal Data freely given by the visitor on the Site, for example, to register and/or access a reserved area, to download free resources, to request information about a specific product or service through a form, to subscribe to the newsletter service, to write an e-mail address or to call a telephone number displayed on the Site to have a direct contact with the visitor, subscribe to the newsletter service, write to an e-mail address or call a telephone number displayed on the Site to have a direct contact with the company (for example, to request assistance or further information on a Titolare product/service). Tale trattamento sarà lecito in forza dell'art. 6, comma 1, lettera b) del Regolamento (esecuzione di un contratto o di misure precontrattuali adottate su richiesta dell'interessato) nonché per l'adempimento di eventuali obblighi di legge.

In order to allow the Data Controller to carry out the processing activities for such purposes, it will be necessary to provide the Personal Data requested in the appropriate forms. In case of failure to compile even one of the fields specified as mandatory, it may not be possible to proceed with the processing of your Personal Data and, consequently, to provide you with the requested information and services.

  • Dati economici, finanziari e assicurativi dell'interessato

In function of the completion of the contractual obligations, in order to ensure the correct delivery of the services in the field of insurance provided on the Site, the Holder will need to collect and process, in addition to the aforementioned common personal data, also data of an economic-financial and insurance nature.

The Data Controller has the obligation to inform the data subject that the data concerning the economic, financial and insurance situation of the data subject are not formally recorded within the personal data controller in accordance with art. 9 of the GDPR. However, since such data can determine a unique identification of the data subject, and in order to ensure the appropriate broad protection of such information, the Data Controller undertakes to always provide all necessary and appropriate measures to ensure the correct procedure of pseudonymisation and, where possible, anonymisation of such data.

Il Titolare, inoltre, assicura che il loro trattamento troverà in ogni caso giustificazine nella preventiva manifestazione del consenso esplicito dell'interessato.

In addition to the above, your Personal Data may be processed by the Holder for the following and further purposes.

  • Direct marketing - This term refers to the development of promotional activities (with both automated and traditional methods) of products and/or services of your interest sold and/or provided by the Holder. The treatment will be lawful in force of the consent of you expressly drawn up for such purpose (art. 6, comma 1, letter a) of the Regulation).
  • Indirect marketing - This term refers to the willingness of the Holder to carry out promotional and/or marketing activities on your behalf to promote products and/or services sold and/or provided by third parties, without any communication of your Personal Data to such third parties. The Holder may carry out such activities on the sole basis of the consent expressly given by you for such purposes (art. 6, comma 1, letter a) of the Regulation).

If you have given your consent (in whole or in part) to the processing of your Personal Data for the above purposes, you may at any time revoke it in whole and/or in part without prejudice to the lawfulness of the processing based on the consent given prior to the revocation. The eventual revocation of the consent will oblige the Data Controller to cease the processing of your Personal Data for such purposes. The procedures for revoking consent are very simple and intuitive: all you have to do is contact the Data Controller using the contact channels listed in this Notice.


Your Personal Data can be managed, on behalf of the Holder, exclusively by staff expressly authorised for processing (in accordance with art. 29 GDPR) and by third parties expressly appointed as data controllers (within the meaning of art. 28 GDPR), in order to correctly carry out all processing activities necessary to pursue the purposes of this Notice.

If required by law or to prevent or repress the commission of a crime, your Personal Data may also be communicated to public bodies or to the judicial authority.


In accordance with the principle of limitation of the retention period (art. 5.1 letter e) of the Regulation), your Personal Data will be processed by the Data Controller only to the extent necessary for the pursuit of the purposes for which this Information is provided.

In particular, i tuoi Dati Personali saranno trattati per un periodo di tempo pari al minimo necessario, come indicato dal Considerando 39 del Regolamento, ossia fino alla cessazione dei rapporti in essere tra te ed il Titolare, nonché per un ulterioriore periodo di conservazione che potrà essere imposto da norme di legge (come anche previsto dal Considerando 65 del Regolamento).


Potrai esercitare in qualsiasi momento i tuoi diritti previsti dagli artt. 15 e ss. del Regolamento nei confronti del Titolare. In particular, you have the right to obtain:

  • the confirmation that a processing of your Personal Data is underway and to obtain access to the data and to the following information: purpose of the processing, categories of personal data, recipients and/or categories of recipients to whom the data has been and/or will be communicated, as well as the relative retention period;
  • the retification of your unresolved personal data and/or the integration of incomplete personal data, including by providing an integrative statement;
  • the cancellation of your Personal Data and the limitation of processing in the cases provided for by the GDPR and the privacy regulations in force;
  • If applicable, the portability of your Personal Data and, in particular, the possibility of requesting the direct transmission of your Personal Data to another data controller;
  • theopposition to the treatment at any time, for reasons related to your particular situation, to the treatment of your Personal Data in full compliance with the privacy regulations in force.

To exercise your rights, you can contact the Titolare at the following e-mail address, enclosing a copy of your identity card:

In any case, if you believe that the processing of Personal Data is contrary to the Privacy Policy, you will always have the right to submit a complaint to the competent supervisory authority (Guarantor for the Protection of Personal Data) pursuant to art. 77 GDPR.


Your Personal Data will be processed by the Holder within the territory of the European Union.

Back to home page