Privacy Policy

Privacy Policy for California Residents

Effective Date: January 1, 2020

Revision Date:  January 2, 2020

 

This Privacy Policy for California Residents (this “Policy”) is provided on behalf of Professional Insurance Associates, Inc. We adopt this Policy to comply with the California Consumer Privacy Act of 2018 (the “CCPA”) and any terms defined in the CCPA have the same meaning when used in this Policy (unless separately defined in this Policy). This Policy applies solely to residents of the State of California who do business with us directly and/or visit our website (the “Website”). This Policy does not apply to employment-related personal information about our employees, job applicants, contractors or similarly situated individuals. This Policy also does not apply to personal information about employees, owners, directors, officers, or contractors of any of our commercial clients to the extent the information is collected in connection with our relationship with any commercial client.

 

Information We Collect

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA) and the Driver’s Privacy Protection Act of 1994.

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Category Examples Collected

 

1. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
2. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

YES
3. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). YES
4. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
5. Biometric information. Genetic, physiological, behavioral and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns and sleep, health, or exercise data. NO
6. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
7. Geolocation data. Physical location or movements. YES
8. Sensory data. Audio, electronic, visual, thermal, or similar information. NO
9. Professional or employment-related information. Current or past job history. YES
10. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. YES
11. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes. NO

 

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you – for example, from insurance applications or in connection with your other communications with us.
  • From third parties – for example, from insurance carriers and other industry service providers and other third parties with which you maintain a relationship, such as an employer or financial service or medical or health providers. This may occasionally include referral sources.
  • Indirectly from you – for example, from observing your actions on our Website, including through the use of “cookies” as described on our Website, or as may otherwise be developed over time based on your interactions with us.

 

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following purposes:

  • To fulfill or meet the reason you provided the information and for our everyday business purposes – for example, to obtain quotations for insurance or other insurance or financial industry services (including those procured proactively and/or in connection with the movement of a book of business from one provider to another) on your behalf; to obtain insurance (or similar products) on your behalf or to facilitate the performance of related services by other industry service providers; to maintain or service your account or insurance, including by reporting claims of loss to other industry service providers, such as insurance carriers and adjusters; to evaluate our performance or offerings; and to make reports to credit bureaus. We may also save your information to facilitate new quotations or placements.
  • To comply with, or exercise rights under, applicable law – for example to make required or advisable reports to insurance regulatory, law enforcement or other similarly situated authorities; to respond to and comply with court orders, applicable law and other legal requirements; and to defend ourselves against claims and to enforce our rights or protect our employees or property.
  • To market to you products and services, including through the use of targeted or similar advertising on the internet.
  • To provide or receive shared organizational services.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To evaluate or effect a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, in which personal information held by us about our consumers is among the assets evaluated or transferred.

 

Sharing of Personal Information

We generally share your personal information to perform services on your behalf and provide you with the insurance products and services you expect from us. We may disclose your personal information to a third party, including for any purpose identified within this Policy. We share your personal information with the following categories of third parties:

  • Service providers.
  • Insurance carriers and other industry service providers.
  • Other third parties with which you or we maintain a relationship regarding your insurance.
  • Affiliates

 

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

Category 1: Identifiers.

Category 2: California Customer Records personal information categories.

Category 3: Protected classification characteristics under California or federal law.

Category 4: Commercial information.

Category 6: Internet or other similar network activity.

Category 7: Geolocation data.

Category 9: Professional or employment-related information.

Category 10: Non-public education information

We disclose your personal information for a business purpose to the following categories of third parties:

  • Service providers.
  • Insurance carriers and other industry service providers.
  • Other third parties with which you or we maintain a relationship regarding your insurance.

 

Sales of Personal Information

In the preceding twelve (12) months, we have not sold personal information.

We do not sell your personal information to anyone, so we do not offer an opportunity for you to prevent or “opt out” of such sale.

 

Your Rights and Choices

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

 

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability and Deletion”), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

We do not provide these access and data portability rights for B2B personal information.

 

Deletion Request Rights 

You have the right to request that we delete any of your personal information that we collected from you and retained. Once we receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability and Deletion”), we will delete your personal information from our records, unless an exception applies. We may deny your deletion request for other reasons described in the CCPA. We do not provide these deletion rights for B2B personal information.

 

Exercising Access, Data Portability and Deletion Rights

To exercise the access, data portability and deletion rights described above, please submit a verifiable consumer request to us by:

  • Telephone 650-592-7333.
  • Emailing us at info@piainc.com.
  • PO Box 1266 San Carlos, Ca 94070

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us by email at the email address shown above.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information as we may request that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative of such person, which may include personal and/or commercial identifiers, such as an insurance policy number. Depending on the sensitivity of the information you are requesting, we may ask for additional information to verify your identity.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

 

Response Timing and Format

We endeavor to respond to a verifiable consumer request within thirty (30) days of its receipt. If we require more time, we will inform you of the extension period.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without significant hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

 

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write us at the mailing address shown beneath the heading “Contact Information”.

 

Changes to this Policy

We reserve the right to amend this Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated Policy on the Website and update the Policy ‘s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes with respect to your use of the Website.

 

Contact Information

If you have any questions or comments about this Policy, the ways in which we collect and use your personal information described herein and in the Statement, your choices and rights regarding such use, or wish to exercise your rights under California law, please contact us at:

 

Phone: 650-592-7333

Email: info@piainc.com

Postal Address:

Professional Insurance Associates, Inc. PO Box 1266 San Carlos, Ca 94070