PRIVACY POLICY: Updated September, 2024

Internet and Mobile Application Privacy Notice

The purpose of this document is to discuss how information is handled on our websites, including insurica.com, insuricadirect.com, and our other affiliated websites, and on our mobile applications. We reserve the right to make changes to this notice at any time. If changes are made, we will post the revised notice at insurica.com/privacy.

Your use of our site indicates that you understand and agree to our collection, use, and sharing of your information as set forth in this document.

Information We Collect

We collect and maintain information about you, so we can provide you with the insurance coverage and other products and services that you have requested. We also use your information to protect, service, and administer your records, accounts, and funds. We may also use your information to help design new or improved products and services, to maintain the functionality of our website, or to improve our business processes. Most importantly any information that you may agree to provide helps us better understand your financial and insurance needs, so we can continue to provide you high quality products and services.

We require you to share your personal information with us for some of our online activities. These activities include, but are not limited to, accessing your policies online, applying for products or services, and asking us questions. Other information about you may be passively collected during your use of our websites and mobile applications by using software or analytics methods that we may choose to employ. Some examples of the information that INSURICA may collect include:

  • Demographics, such as name, address, age, marital status, date of birth, Social Security number, annual income, and other financial information. This includes information supplied on an application or to an insurance agent. If you interact with us on social media, we may collect information about your social media handle or other information made visible to us via social media permissions.
  • Information about your business with us or others. This information is about other products or services you own or use and may be provided to us by you upon our written request or via cookies or tokens related to websites that you visit.
  • Employment information or benefit eligibility data provided by your employer or group plan sponsor for any group product you may have. This type of data is typically either provided in writing or electronically through a secure process.
  • Consumer reporting agency data, such as credit relationships and history. This type of data would be provided upon our written request.  For example, if you are a job applicant or if the information is necessary to transact business with us. This includes information that an agency already has on file.
  • Other data held by sources outside INSURICA, such as medical records, motor vehicle reports, etc. This data is provided to us upon our request.  The medical information may be provided by a medical provider, from electronic medical records, or from the Medical Information Bureau (MIB).
  • Internet and electronic network activity information, including IP address, geolocation data, device information, operating system information, and details about activity performed on our websites or mobile applications such as mouse clicks, time spent on pages, order of operations performed, or any other actions taken while visiting our sites or apps. This includes information provided by your device, information collected by our systems, and information collected by cookies, pixels, and services that we may use.
  • Payment information. We may collect data such as credit card or bank account information that you provide to us to collect or send payments to you.
  • Job application data that you provide to us or to a third-party application in reference to a job that we have posted at one of our companies.

We may also combine information about you that we receive from different sources.

How do we use the information that we have collected?

We use the information we have collected about you to

  • Provide you with products and services
  • Improve our products and services
  • Enhance our customer experience
  • Conduct activities related to fraud prevention and security of our systems
  • Engage in marketing activities as described in our GLBA and HIPAA notices
  • Troubleshoot our websites
  • Collect feedback from you
How do we share the information that we have collected?

We may share the information we collect with affiliated or non-affiliated companies for business purposes. We may share the information we collect with third parties, such as those that assist us in servicing our products and policies or with those that work with us to improve our product offerings or our customer experience. We will also share the information we have collected if we are required to do so to comply with the law; to cooperate with law enforcement, legal counsel, or our auditors; or to respond to requests by regulators or similar entities. We do not sell or share information that you have provided to us or that we collect from your activities on our websites with non-affiliated entities for marketing purposes.

Supplemental Privacy Notice for California Residents: Updated September, 2024

This Supplemental Privacy Notice for California Residents supplements other privacy notices provided by INSURICA. The purpose of this notice is to comply with the California Consumer Protection Act and to advise California residents of certain rights that may or may not apply, based upon individuals’ relationships to us.

Information We May Collect

We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have potentially collected the following categories of personal information from consumers within the last twelve (12) months:

Category Examples Potentially Collected
A. Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C. Protected classification characteristics under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). YES
D. Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E. Biometric information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep or exercise data. YES
F. Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data Physical location or movements. YES
H. Sensory data Audio, electronic, visual, thermal, olfactory, or similar information. NO
I. Professional or employment-related information Current or past job history or performance evaluations. YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. YES
K. Inferences drawn from other personal information Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes YES
Please note that personal information as defined in this notice does not include:
  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you or your employer. For example, from an employee eligibility file from your employer to let us know you are able to purchase products from us.
  • Indirectly from you.  For example, information we learn about you through the course of providing you with services.
  • Directly and indirectly from activity on our websites.  For example, from information you enter into our webforms.
  • From third-parties that interact with us in connection with the services we perform. For example, from our third party claims administrators when you provide them with information or from entities that administer background checks for our job applicants.
Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following business purposes:

  • To fulfil the purpose we stated when you provided us the information.
  • To provide you with information, products or services that you request from us.
  • To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
  • To improve our website and present its contents to you.
  • For testing, research, analysis and product development.
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
Sharing Personal Information for a Business Purpose

We may disclose all types of your personal information that we collect to a third party for a business purpose.  When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We disclose your personal information for a business purpose to the following categories of third parties:

  • Our affiliates.
  • Service providers.
  • Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
Sale of Personal Information

As defined in the CCPA, “sell” and “sale” mean selling, releasing, renting, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for valuable consideration.  This means that we may have received some kind fo benefit in return for sharing personal information.

We may have conducted activities defined as “selling” the following categories of personal information in the last twelve (12) months:

  • Identifiers
  • Personal information categories listed in the California Customer Records statute
  • Commercial Information
  • Internet or other similar network activity
Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by choosing one of these options:

  • Completing our online request form here
  • Calling us at 405.523.2100
  • Sending us an email to: privacyofficer@insurica.com
Do Not Sell My Personal Information

You have the right to opt-out of the sale of your personal information by making a verifiable consumer request using the contact information listed above.

Notice Regarding Verifiable Consumer Requests

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We will try to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at any time. When we make changes to this privacy notice, we will post the changes here.

Notice to Consumers Under 16 Years of Age

INSURICA does not knowingly sell any personal information about consumers under 16 years of age.

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at privacyofficer@insurica.com or using the contact information listed above.

© Copyright 2024 INSURICA. All rights reserved.