Policygenius Privacy Policy

Updates go into effect on January 3, 2020


GLB Financial Notice

This Privacy Policy describes how Policygenius Inc. (“Policygenius,” “we”, “us,” or “our”) collects, uses and shares personal information in connection with our website, mobile applications, and other digital properties that link to this Privacy Policy (collectively, the “Sites”). We provide online insurance brokerage, insurance coverage quotes and estimates, and related services (the “Services”).

By agreeing to our Terms of Service, you have consented to the data handling practices described in this Privacy Policy. Capitalized terms that are used in this Privacy Policy but not defined here shall have the meanings ascribed to them in the Terms of Use.

This Privacy Policy is effective as of the date specified above. We may change this Privacy Policy at any time, and we will notify you of any material changes by posting a message on our home page. Your continued use of the Sites or Services after any such chance will constitute your acceptance of any modified Privacy Policy.

What We Collect and How We Use It

You can use some of the Sites by just browsing without logging in (as a “Visitor”) or by creating and maintaining an account to apply for and/or purchase one or more insurance policies through us (as a “Member”). Each of Visitors and Members may be referred to in this Privacy Policy by the terms “you” or “your.” Some of our Services are only available to Members.

Sites’ Visitors

From Visitors, whether or not they are or become Members, we collect: information about the technical mechanisms you used to access the Sites, such as your browser and operating system type; the link that brought you to our Sites; data points that help our analytics function and which tell us what brought you to a particular spot on our Sites; and your IP address, which is automatically anonymized when used by our third party analytics services. Collectively, this is “Usage Information.”

We use Usage Information to inspect, analyze, and improve our Sites and ensure they function well with the technology used by our Visitors. In addition to analytics about the demographics of our Sites’ Visitors, we use IP Addresses for Visitors not to individually identify you, but to confirm we can deliver the Sites and Services to you based on local legal rules.

Newsletters, Email and Chat

Visitors and Members may sign up for email newsletters, or email or chat with us on the Sites by providing their name and email address. In connection with our marketing campaigns, we also collect and use information about your engagement with our marketing emails (e.g., whether you open and/or forward those emails) to make sure that the products and offers that we inform you of are relevant to you.

Establishing an Account

To become a Member, you may establish an account on the Sites by providing your name, email address, and other information. You may also choose to login via a social network or other third-party platform (for example, Facebook or Google). We may collect information from that platform, such as your social network alias, email address, first and last name, age, number of “friends” on the social network and, depending on your third-party platform settings, a list of your “friends” or connections. Our collection and processing of the information we obtain from third-party platforms are governed by the requirements these platforms impose on us in their relevant terms and conditions.

Insurance Checkup and Application

When you use the Sites for an “Insurance Checkup,” you can choose to supply additional information about yourself to us, including your first name, last name, and email address. In order to receive results for our Personal Insurance Checkup, you will be required to provide us with additional personal information which includes, but is not limited to: your email address, zip code, marital status, employment status, risk tolerance, living situation details, property and vehicle ownership, family information such as number of children and number of pets, whether you are a homeowner or a renter, your income, amounts of your savings and debts, and general details about your current insurance coverage (collectively, “Checkup Information”). We use each of these data points to return results to you that assess your current coverage and provide recommendations about how to improve your current coverage. Providing Checkup Information is never required to visit the Sites, but we do use this information to perform an analysis of your insurance needs.

Applying for Insurance

To get an insurance quote, in addition to the Checkup Information described above, you may need to supply your date of birth, gender, occupation, address, smoking status, height and weight, certain family history, certain health history, certain driving history, and your citizenship status (collectively, “Quote Information”). We use this information to calculate the price estimates for coverage you request.

To apply for an insurance policy, you will need to become a Member and also submit your social security number, phone number and address in addition to Quote Information (collectively, “Application Information”).

If and when you become a Member, you will create an account password. This is referred to in this Privacy Policy, together with your Application and/or Quote Information, as “Account Information.”

Cookies and Web Beacons

Our Sites and Services, especially free services like our Insurance Checkup and insurance quoting, are possible in part because we enable advertising by third parties on the Sites. To do so, we use cookies and web beacon technologies for both Visitors and Members.

Cookies are a small piece of software or text placed on your computer when you visit a website. They are used to store information on web browsers and to store and receive identifiers and other information on computers, phones, and other devices. They may include data we store on your web browser or device, identifiers associated with your device, and other software. In this Privacy Policy, we refer to all of these technologies that store or reference data on your own device as “cookies.”

If you use the Services, we also use a cookie to recognize you on return visits and, if you have an account, expedite the login process. You can remove cookies through your browser preferences menu, though the exact method varies depending on the type of browser you use – but note that you won’t be able to log into our Services if your cookies are completely disabled. If you visit from a mobile device, we may reference your device identifier or other information about where your visit originated. The various cookies used on our Sites last for ninety or more days.

We use cookies to:

  • Verify your account and determine when you’re logged in so we can make it easier for you to access the Services and show you the appropriate experience and features;
  • Show ads and to make recommendations for businesses and other organizations to people who may be interested in the products, services or causes they promote;
  • Measure the performance of ad campaigns for us and for businesses that advertise with or through our Sites, including through retargeting campaigns;
  • Serve and measure ads across different browsers and devices used by the same person; and
  • Conduct web analytics on usage of our Sites and Services.

You can opt-out of certain cookies and tracking technologies by visiting the Digital Advertising Alliance Opt-out here. Note that this opt-out only applies to certain cookies and tracking technologies we use.

Web beacons (also sometimes called “clear GIFs”) are small files stored and/or served on a website on in an email which collect, track, or transmit a data point back to us or to a third party. For example, we use a web beacon to assess whether an email message has been opened.

We use web beacons to facilitate advertising and functionality on our Sites, as well, including without limitation to:

  • Associate our users with the reports they provide about satisfaction with our Sites and Services;
  • Administer and monitor email campaigns;
  • Analyze the portions of our Sites that are used most often by our Visitors, as well as how Visitors interact with our Sites;
  • Perform A/B testing on our Sites;
  • Optimize interaction with our data stores;
  • Improve the functionality and usefulness of our support and support chat functions;
  • Analyze the efficacy of our own advertising campaigns;
  • Customize the content displayed to you on our Sites;
  • Organize and administer other web beacons and cookies on our Sites;
  • Conduct web analytics on usage of our Sites and Services; and
  • Enable, improve, and effect targeted and re-targeted advertising for our advertising partners on both our Sites and their third-party sites such as Facebook.

In some cases, the above web beacons functions may be performed by custom HTML in our Sites’ code.

We may use cookies and/or web beacons to track if and when a user abandons a purchase before it is complete and attempt to re-engage that user for the same or a similar purchase, as well as making offers for related purchases to that user.

We do not currently have the ability to recognize Do Not Track signals.

Financial Information

If you submit a credit card payment through our Services, for example to purchase insurance coverage, we will transmit your payment details, including without limitation your credit card number, to the payee through an encrypted transmission. We do not store credit card information on our own servers or associate it with your other Account Information for any purpose other than completing your purchase.

If you purchase temporary insurance coverage through us, you will be required to provide bank account information to pay for and enable that coverage. That bank information is stored on our servers in encrypted form and will be accessed and used to complete your purchase and maintain your temporary coverage. We will delete this bank account information within 30 days of the conclusion of your temporary coverage, once all payments have been completed.

If you submit credit card or other payment information via DocuSign, it will be temporarily stored in encrypted form on DocuSign’s servers, and we will use the content to securely transmit your payment information to the carrier.

Other Uses of Personal Information on our Sites and Services

In addition to the above, we may use your personal information to:

  • Otherwise provide, improve, maintain, or optimize the Services;
  • Help underwrite and provide accurate insurance premium rate quotes;
  • Provide insurers with the required information for applications;
  • Provide or offer other financial and consumer products and services from partners with whom we have entered into a joint marketing agreement;
  • Provide, maintain and improve customer service;
  • Tailor your experience with the Services to your interests;
  • Develop and improve the Sites and the Services;
  • Respond to your inquiries;
  • Communicate with you regarding the insurance products that you purchased through the Sites as well as other products and services that may be of interest to you; and
  • In addition, we may aggregate your personal information with our other users’ personal information and use that information for benchmarking and analysis purposes.

Use of Personal Information for Compliance and Protection

We may use your personal information to:

  • Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
  • Audit our internal processes for compliance with legal and contractual requirements and internal policies;
  • Enforce the terms and conditions that govern the Services; and
  • Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

How We Share Your Information

We share your information with third parties only as described in this Privacy Policy. Specifically, in addition to the usages described above, we share:

  • Quote Information and Application Information with insurance carriers to obtain quotes and submit and process insurance applications.

Information we collect, generally

  • With certain third-party vendors that help us administer the Sites and/or Services (and who has agreed to keep personal information they receive confidential and use it only or the purpose of providing their piece of our Services), including by:
    • Storing and hosting our content or your data;
    • Performing analytics on our Sites and Services; and
    • Providing operations and marketing assistance to us.
  • With corporate affiliates including any of our parent companies, subsidiaries, joint ventures, or other companies under common control with us.
  • With counterparties in the course of a corporate sale, merger, reorganization, sale of assets, dissolution, or similar event, some or all of the personal information may be part of the transferred assets.
  • To the extent permitted by law, when required by law, in connection with a court order, or other government or law enforcement authority or regulatory agency, or whenever we believe that disclosing such information is necessary or advisable, for example, to protect the rights, property, or safety of us or others.

How We Secure Your Information

We secure information stored in our data stores using encryption at rest and use additional encryption mechanisms to secure certain sensitive fields on our database. Our Sites use HTTPS and SSL protocols, and transmissions from the Sites to our servers use TLS encryption standard or better. Vendors who receive personal information from us are contractually obligated to impose no less than reasonable security measures on their storage infrastructure, and in any case no lesser measures than they use for their own data.

While we take commercially reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, we cannot guarantee perfect security - no internet-based service can. No security system is impenetrable. Despite our security measures, we cannot guarantee the security of our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to and from us over the Internet.

California Residents

Under California Civil Code Section 1798.83, California residents who have established business relationships with us may choose to opt out of our sharing their personal information with third parties for direct marketing purposes. If you are a California resident and (1) you wish to opt out; or (2) you wish to request certain information regarding our disclosure of your personal information to third parties for their direct marketing purposes, please send an e-mail to privacy@policygenius.com.

Visitors from Outside the U.S.

Policygenius provides its Sites and Services for use by U.S. residents, and U.S. law, and not the laws of other countries, govern these Sites and Services. If you are visiting the Sites or any of the Services, your information will be maintained in the U.S. and in other locations where we may process data.

By default, we disable the submission of personal information to our Sites from Visitors using European Union IP addresses, regardless of whether the user is an E.U. citizen or using a VPN device. If you need access to your account and are using an E.U. IP address, please email privacy@policygenius.com with (i) a description of the access and/or help you need, and (ii) an express consent to use any personal information in our possession to respond to your request.

Children

We do not knowingly collect personal information from children under the age of 13. If you are under 13, please do not give us any personal information and do not use the Sites. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us immediately, and we will delete that information from our databases.

Job Applicants

When visit the careers portion of our Sites, we collect the information that you provide to us in connection with your job application. This includes business and personal contact information, professional credentials and skills, educational and work history, and other information of the type that may be included in a resume. This may also include diversity information that you voluntarily provide. We use this information to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, and monitoring recruitment statistics. We may also use this information to operate and improve the Services, and as otherwise necessary for compliance, fraud prevention, and safety purposes.

External sites

The Sites may contain links to third-party websites, including, without limitation, the websites of the insurance carriers offering the third-party insurance products made available to you through the Services (“External Sites”), but we do not endorse and we are not responsible for the content of any linked External Sites or for the privacy practices of the third parties that own and operate such sites. Before using any External Site, please refer to the terms of use and privacy policies of the External Sites for more information, as those terms and policies govern your use of such External Sites.

How to Opt-Out

If you wish to opt-out of the use of your personal information by our Services, we are happy to assist you. Please email us at privacy@policygenius.com and let us know what you wish to opt-out of. Please be advised that certain uses and sharing of your information may be required to continue providing certain Services to you, and that you will not be entitled to any refund if your removal of personal information will make certain prepaid Services unavailable to you.

Questions or Concerns

If you have additional questions or would like more information regarding our information collection, use of disclosure practices, please feel free to contact us at privacy@policygenius.com.

Notice to California Residents

We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of their personal information.

Under the CCPA, this Notice to California Residents and the privacy practices and rights it describes do not apply to the information we collect, use or disclose about Visitors and Members when they initiate the process of applying for our financial products or services (i.e., applying for insurance). This is because this information is subject to the federal Gramm-Leach-Bliley Act (“GLBA”), and implementing regulations, or the California Financial Information Privacy Act (“FIPA”), or to information related to our business contacts. The GLBA and/or FIPA governs the information of Visitors and Members who initiated the process of applying for our financial products or services.

We do not sell personal information. As we explain in this Privacy Policy, we use cookies and other tracking technologies to analyze website traffic and facilitate advertising. If you would like to learn how you may opt out of our (and our third party advertising partners’) use of cookies and other tracking technologies, please review the instructions provided in the Online Tracking Opt-out Guide.

California Residents’ Privacy Rights. Except as excluded above, the CCPA grants you the following rights:

  • Information. You can request information about how we have collected, used and shared your Personal Information during the past 12 months. We have made this this information available to California residents without having to request it by including it in this Privacy Policy.
  • Access. You can request a copy of the personal information that we maintain about you.
  • Deletion. You can ask us to delete the personal information that we collected or maintain about you.

Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.

You are entitled to exercise the rights described above free from discrimination.

How to Submit a Request. To request access to or deletion of personal information:

Identity verification. The CCPA requires us to verify the identity of the individual submitting a request to access or delete personal information before providing a substantive response to the request.

Authorized agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.

Online Tracking Opt-Out Guide

Like many companies online, we use services provided by Google, Facebook and other companies that use tracking technology. These services rely on tracking technologies – such as cookies and web beacons – to collect directly from your device information about your browsing activities, your interactions with websites, and the device you are using to connect to the Internet. There are a number of ways to opt out of having your online activity and device data collected through these services, which we have summarized below:

  • Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.

  • Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.

  • Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery or uBlock Origin, and configuring them to block third party cookies/trackers.

  • Platform opt-outs. The following advertising partners offer opt-out features that let you opt-out of use of your information for interest-based advertising:

  • Advertising industry opt-out tools. You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies: