Privacy Policy | MedicareAdvantage.com

Last Updated: January 2023

In this Privacy Policy (“Policy”), we describe how MG LLC d/b/a TRANZACT, a Delaware limited liability company, and our affiliated and subsidiary companies (collectively, “TRANZACT,” “we” or “us”) collect, use and otherwise process personal information about our customers and users of our websites and services.

If you apply through the Services (defined below) for insurance offered by third party insurers with whom we work (each a “Third Party Insurer”), we will share your personal information with such Third Party Insurer so that they may evaluate and process your application. The use of your personal information by a Third Party Insurer is subject to that Third Party Insurer’s applicable privacy policy and terms, not this policy.

Overview of Categories of Personal Information Collected and Purposes of Use

This overview is intended to summarize key information about our information practices, which are further explained below. (Skip to full details). While the actual information we collect about you and our use of such personal information varies depending upon the nature of our relationship and interactions with you, below we provide an overview of the categories of personal information we collect about Users and the purposes for which we use such information.

Categories of Personal Information Collected (described in greater detail below).	Use of Personal Information
Name, contact information and other identifiers: identifiers such as a real name, alias, address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.	Providing our Services and related support Protecting the integrity of the Services Analyzing and improving the Services and our business Personalizing the Services Advertising, marketing and promotional purposes Securing and protecting our business Defending our legal rights Auditing, reporting, corporate governance, and internal operations Complying with legal obligations
Customer records: paper and electronic customer records containing personal information, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, credit card number, debit card number, or any other financial or payment information, medical information, or health insurance information.
Protected classifications: characteristics of protected classifications under California or federal law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information.
Commercial Information: including records of products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
Usage data: internet or other electronic network activity Information including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
Audio, Video and other Electronic Data: audio, electronic, visual, thermal, olfactory, or similar information such as, CCTV footage, photographs, and call recordings.
Employment history: professional or employment-related information.
Education information: education information that is not publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).
Profiles and inferences: Inferences drawn from any of the information identified above to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
Account Access Information: an account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
Other forms of Sensitive Personal Data: information concerning an individual’s health, sex life, or sexual orientation.

California residents. If you are a California resident, please be sure to review the section Additional Information for California Residents below for important information, as required by California privacy laws, about the categories of personal information we collect and disclose and your rights under California privacy laws.

Scope

This Privacy Policy applies to the personal information that TRANZACT collects and processes about individuals related to our services, including users of any websites that we operate and which include this Privacy Policy (each a “Site”), individuals who speak with our representatives over the telephone in any of our call centers and/or individuals who submit their personal information to us in writing for the purpose of learning about the insurance products we offer or who provide feedback or complete online surveys related to our products (collectively, the “Services”). This Privacy Policy does not apply to any third party websites, services, products or mobile applications maintained by other companies, which are linked to or from our Services.

By providing your information to us through the Services, or otherwise using any of our Sites or Services, you understand and acknowledge that TRANZACT may process your personal information in accordance with this Privacy Policy. If you do not want this Privacy Policy to apply to you, please do not use the Services or communicate with us via the Services. If required by applicable law, we will obtain your consent to our collection, use, transfer and disclosure of your personal information.

Personal Information Collected

The information we collect about individuals varies depending upon the circumstances and the Services used. TRANZACT collects personal information directly from individuals, automatically related to the use of the Services, and in some cases, from third parties (such third parties that provide us with information about individuals who may be interested in our Services).

Information Collected Directly. We collect information that you provide to us when you inquire about or use our Services, request a quote, fill out forms or fields on the Sites, create or submit an application, request information from us, sign up for newsletters or our email list, participate in a survey or promotion, or when you otherwise communicate with us or request information from us, whether via the Site, telephone, email or other means. For example, you may be required to provide us with certain information, including, without limitation, some or all of the following information:

Name
E-mail address
Daytime telephone number
Evening telephone number
Cellular phone number
Zip Code
Year of Birth
Any information you provide to us
Other personal or company information reasonably required to use the Services.

We may also collect additional personal information in providing our Services, operating our business, and interacting with individuals during our business, which may at times meet the definition of “sensitive personal information” under the California Consumer Privacy Act (“CCPA”). Such information may include social security numbers, driver’s license numbers, passport number, credit card/bank info, health information including that about your sex life, and sexual orientation. Where required by law, we will provide specific data processing information to you regarding how we may process that data and what rights you may have regarding such processing.

Information Received from Third Parties. We may work with third parties who provide us with the name, contact details and other relevant information about potential customers, who may be interested in the Services, as well as third parties that assist us in updating or enhancing the information that we have collected about individuals. The personal information we collect from third parties may be combined with the other information we have collected about individuals or demographic information obtained from secondary sources. In addition, when we help an individual identify, apply for or obtain insurance from a Third Party Insurer, we may receive limited information back from Third Party Insurer when your Policy is issued (such as the date, term, premium amount, payment terms, etc.).

Information Collected Automatically. Our Sites use cookies, pixels, tags, log-files, and other technologies, which may be provided by third parties, to collect information about a user from their browser or device, including, without limitation, your browser type, device type, operating system, software version, phone model, phone operating system, platform-dependent information, requested document, referring URL, date and time of your visit, clickstream data (e.g., about the pages you view, links you click and date and time stamps for your activities on our Sites) and the IP address associated with your transactions in the system. This information that we collect automatically may be linked with other personal information we have collected. For more information, see the Cookies and Analytics section below.

Use of Personal Information

We may use the personal information that we collect about you for the following purposes:

Providing our Services and related support: including to confirm, process, or otherwise complete a transaction or transactions requested by you; help fulfill your requests for products and services; to communicate with you about you use of our Services; to respond to your inquiries; to facilitate your application for one or more Policies; to provide troubleshooting and other technical support; submitting your credit card or other payment information when ordering and/purchasing products or services through the Services; and for other customer service and support purposes.
Protecting the integrity of the Services: including to verify your identity; to detect and prevent fraud and unauthorized activities; to facilitate software; to preserve the integrity of the Services and our systems, and prevent unauthorized access and activities; to enforce our applicable terms; and to protect the rights and safety of others.
Analyzing and improving the Services and our business: including to better understand how users access and use our Services; to evaluate and improve the Services and our business operations; to develop new features, offerings and services; to conduct surveys and other evaluations; and for other research and analytical purposes.
Personalizing the Services: including to tailor content we send or display on our Sites and Services (e.g., for your geographic area); to offer personalized help and instructions; and/or to otherwise personalize your experiences with the Services.
Advertising, marketing and promotional purposes: including to send or display targeted marketing and advertising on the Site, via email, direct mail, telephone, or across other websites, mobile applications, social media or other online services from us or on behalf of our partners and affiliates; to reach you with more relevant ads and to evaluate, measure and improve the effectiveness of our ad campaigns; to contact you about our Services, and/or those of our affiliates, as well as other information we think may interest you; and/or to share your information with third parties so that they may contact you with information about products and services you may be interested in. Where required by applicable law, we will obtain your consent to use your personal information for marketing and related purposes. We do not use personal information that you provide us on your insurance application(s) for marketing or advertising purposes.
Securing and protecting our business: including to protect and secure our business operations, assets, Services, network and information and technology resources; to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third party, and/or other unauthorized activities or misconduct.
Defending our legal rights: including to manage and respond to actual and/or potential legal disputes and claims, and/or to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with Users or third parties.
Auditing, reporting, corporate governance, and internal operations: including relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; to maintain appropriate business records; to enforce company policies and procedures; and/or related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business.
Complying with legal obligations: including to comply with the law, our legal obligations and legal process, such warrants, subpoenas, court orders, and/or regulatory or law enforcement requests.

Disclosure of Personal Information

We may share or disclose the personal information we collect as follows:

Subsidiaries and Affiliates: We may share your information with our affiliated companies (i.e., companies under common ownership, control or management with us) for business, operational, promotional and marketing purposes.
Service providers: We may disclose personal information with third-party service providers who use this information to perform services for us, such as hosting providers, auditors, advisors, consultants, customer service and/or support providers.
Third Party Insurers: If you request a quote, services or information from a Third Party Insurer or request that we match your request with relevant Third Party Insurer (each, a “Request”) or submit an application to a Third Party Insurer (an “Application”), we may share your personal information with that Third Party Insurer. The Third Party Insurer may further disclose, share and use any personal information provided by you in connection with your Request or Application, subject to the Third Party Insurer’s own privacy policy and applicable terms.

IF YOU MAKE A REQUEST OR SUBMIT AN APPLICATION, YOU ACKNOWLEDGE, UNDERSTAND AND CONSENT TO OUR DISCLOSURE OF YOUR PERSONAL INFORMATION THE RELEVANT THIRD PARTY INSURER(S) WHO MAY CONTACT YOU DIRECTLY VIA TELEPHONE, FAX, AND/OR EMAIL; YOU MAY RECEIVE TELEPHONE CALLS AS A CONSEQUENCE OF SUBMITTING A REQUEST ON THIS SITE, EVEN IF YOU ARE ON THE NATIONAL DO NOT CALL REGISTRY OR ANY OTHER DO NOT CALL REGISTRY.

Other third parties: We may disclose your information to our sponsors, partners, advertisers or other third parties to provide you with product information and promotional and other offers. This information may be used by such third parties for those parties’ own purposes, such as to offer products or services that may interest you. For example, we may share personal information with third parties that provide advertising, campaign measurement, online and/or mobile analytics, and related services. These third parties may receive or access as browsing and/or other data about your use of the Services, in order to help us better reach individuals with relevant ads and/or measure our ad campaigns, and/or to better understand how individuals interact with our Site and online services overtime and across devices. We may also transfer and/or sell personal information we collect and/or join together with other businesses to bring selected opportunities to customers or potential customers. We do not share personal information from your insurance application with third parties for marketing or advertising purposes.
Business transfers: We may disclose and/or transfer personal information as part of any actual or contemplated merger, sale, transfer of assets, acquisition, financing and/or restructuring of all or part of our business, bankruptcy or similar event, including related to due diligence conducted prior to such event where permitted by law.
Legally required: We may disclose personal information if we are required to do so by law (e.g., to law enforcement, courts or others, e.g., in response to a subpoena or court order).
Protect our rights: We may disclose personal information where we believe it necessary to respond to claims asserted against us, to comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation and/or to protect the rights, property or safety of Tranzact, our clients, our customers and/or others.

Aggregate and De-identified Data. We may de-identify personal information and create anonymous and aggregated data sets and reports in order to assess, improve, and develop our business, products, and services, prepare benchmarking reports on our industry, and for other research, marketing and analytics purposes. When we de-identify personal information, we have implemented reasonable measures as required by law to ensure that the de-identified data cannot be associated with any individual or client. We will only maintain and use such data in a de-identified manner and do not attempt to re-identify the data, except as permitted by law. We may share aggregate or de-identified information with third parties for research, marketing, advertising, analytics and/or other purposes.

Categories of Personal Information Disclosed. Certain privacy laws require that we disclose the categories of personal information that we have disclosed for a business purpose as well as the categories that we have “sold” or “shared” as those terms are defined under applicable privacy laws. Please review the descriptions of the categories of personal information under the “Personal Information Collected” section above for further descriptions of each category of personal information.

In general, we may disclose the following categories of personal information in support of our business purposes identified above:

Name, contact information, and other identifiers
Customer records
Protected classifications
Commercial Information
Usage data
Audio, video, and other electronic data
Education information
Profiles and inferences
Account Access Information
Certain forms of Sensitive Personal Data

We have disclosed the categories of personal information listed above to the following categories of Third Parties in the preceding twelve months: data analytics providers, our clients, service providers, third party insurers, and buyers of consumer data.

Categories of Personal Information Sold or Shared. While we do not disclose personal information to Third Parties in exchange for monetary compensation from such Third Parties, we do disclose or make available personal information to Third Parties to receive certain services or benefits from them such as when we allow Third Party tags to collect information such as browsing history on our Sites to improve and measure our ad campaigns.

The CCPA defines a “sale” as disclosing or making available to a Third Party Personal Information in exchange for monetary or other valuable consideration, and it defines “share” in pertinent part as disclosing personal information to a Third Party for cross-context behavioral advertising.

As defined by the CCPA, the categories of Personal Information that we may “sell” include:

Name, contact information and other Identifiers
Sensitive personal information
Customer records

As defined by the CCPA, the categories of Personal Information that we may “share” include:

Name, contact information, and other identifiers

Protected classifications
Commercial information
Usage data
Profiles and inferences
Certain forms of Sensitive Personal Data

The categories of Third Parties to whom we sell or share the data, as defined by the CCPA, may include:

Data analytics providers
Our clients
Service providers who are assisting us in fulfilling our contracts and carrying out our business
Third party insurers
Buyers of consumer data

The legitimate business purpose for which we sell or share the data, as defined by the CCPA, may include:

Lead generation, business prospecting, and similar activities
To gain insights into online activities through analytics
To sells leads

We have “sold” the categories of personal information listed above to data analytics providers in the preceding twelve months.

Cookies and Analytics

We use session replay scripts, cookies, pixels, tags, and other technologies, which may be provided by third parties, on our Sites to enable certain functionality and for security and fraud detection and prevention, as well as to collect usage information about our Sites and the emails that we send and to personalize content and provide more relevant ads and information. We may combine the information we collect via these technologies with other information, including personal information, that we collect.

Cookies. Cookies are alphanumeric identifiers that are transferred to your computer through your web browser for record-keeping purposes. Some cookies enable you to log-in to our Sites or save certain settings and preferences, while others, allow us to track usage and activities on our Sites, personalize content on our Sites, or deliver more relevant ads on our Sites and third party sites. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The “Help” tab on the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you disable cookies, however, certain features on our Sites may not be available or function properly.

Pixel tags and embedded script (aka clear GIFs and web beacons). Pixel tags are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, pixel tags are embedded invisibly on web pages. We may use these, in connection with our Sites to, among other things, track the activities users of our Services, improve ads, personalize and manage content, and gather usage information about our Sites. We may also use these in HTML emails to, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Session Replay script. Session replay software capture information concerning your interaction with the website, including keystrokes, mouse movements and clicks, movements within a webpage and through a Site, interactions with menus, banners, and forms, and form field entries. We may use third-party software embedded in the script of the Site to monitor your interaction with the Site and/or for our compliance verification purposes, which may mean that the third party software provider also collects this information. By using our Site, you consent to this collection and disclosure of information.

Opt-Out Preference Signals and “Do-Not-Track” Signals. If your browser enables the Global Privacy Control (“GPC”) when visiting our Sites, our Sites will automatically opt you out of any tracking cookies that constitute a “sale” where required by applicable privacy law. For more information about the GPC and to learn how to implement it on your browser, please click here. Please note, our Sites do not recognize or respond to any signal which your browser might transmit through its so-called “Do Not Track” (“DNT”) feature. If you wish to disable cookies on our Sites, you should not rely on DNT browser settings. For more information about DNT signals, please click here.

Interest-based Advertising

We work with third party ad networks, channel partners, measurement services, analytics and others (“third party ad companies”) to display advertising on our Services, and to manage or measure our advertising on third party sites, social media platforms, mobile apps and online services, as well as to send you promotional materials or offers via email or direct mail. We and these third party ad companies may use cookies, pixels tags, and other tools to collect activity information on our Services (as well as on third party sites and services), as well as IP address, device ID, cookie and advertising IDs, and other identifiers, general location information, and, with your consent, your device’s geolocation information; we and these third party ad companies use this information to provide you more relevant ads and content and to evaluate the success of such ads and content.

Custom Lists and Matching. We may create and disclose hashed customer list information (such as name and email address) with third parties—such as Facebook and Twitter—so that we can better target ads and content to you and others with similar interests, within these third party services. These third parties use the personal information we provide to help us target ads and to enforce their terms, but we do not permit them to use or share the data we submit with other third-party advertisers.

Opt Out of Targeted Ads. You may control how participating third party ad companies use the information that they collect about your visits to our Sites, and those of third parties, in order to display more relevant targeted advertising to you; for more information and to opt-out of go to:

https://optout.networkadvertising.org (Network Advertising Initiative)
www.aboutads.info/choices (Digital Advertising Alliance)

Opting out of participating ad networks does not opt you out of being served advertising. You may continue to receive generic or “contextual” ads on our Services. You may also continue to receive targeted ads on other websites, from companies that do not participate in the above programs.

Retention Period

We store personal information as needed to accomplish the purposes identified in this Policy and to meet legal requirements, including legal and compliance requirements regarding records retention, resolving disputes, and enforcing our agreements. This means that we may be required to maintain your information, for example, to: (1) comply with our legal or regulatory compliance needs (e.g., maintaining records of transactions you have made with us); (2) to exercise, establish or defend legal claims; and/or (3) to protect against fraudulent or abusive activity on our services and systems. For these and possibly other reasons, we may be unable to delete personal information upon request of an individual in certain cases.

We may retain different categories of information for different periods of time for the instances stated above. However, it our policy as an organization that when personal information is no longer needed or after legal authority to retain it has expired, personal information will be destroyed in accordance with applicable law and pursuant to procedures established in relation to the relevant services, systems, or processes. Retention periods for records maintained by us, including those containing personal data are established based upon business need, statutory and regulatory record keeping requirements in the geographies where we do business, and legal obligations. If you have any further questions about our handling of personal information, please contact us at privacy@tranzact.net.

Your Choices

If you need to update your contact details or other personal information provided to us, please contact us as set forth in the Contact Us section below. California residents have certain rights, under California privacy laws, regarding their personal information, which are set forth below, in the Additional Information for California Residents section below.

Marketing: As noted above, we may use your contact to send you information about us and to keep you informed of our other products and services, and/or those of our affiliates, which may be of interest to you. By submitting your e-mail address at this Site, you agree to receive e-mail marketing from us and our third-party advertisers. In addition, you agree that such act constitutes a purchase and/or an inquiry or an application for purposes of the Telemarketing Sales Rule, 16 C.F.R. § 310 et seq., as amended from time to time (the “TSR”). Notwithstanding that your telephone number may be listed on the Federal Trade Commission’s or a State’s Do-Not-Call List, we retain the right to contact you via telemarketing in accordance with the TSR and applicable States’ laws, rules and regulations. Moreover, by requesting information from us or a third-party advertiser at or through this Site, such action constitutes a purchase and/or an inquiry or an application with the respective third-party advertiser for purposes of the TSR and you may be contacted via e-mail, direct mail and/or telemarketing by such third-party advertiser in accordance with the TSR.

Communications Preferences: You may opt out of marketing communications from us as follows:

Email: To stop receiving future e-mail marketing communications from us, please send an e-mail to unsubscribe@tranzact.net or write to us at the address set forth at the end of this Privacy Policy requesting that we stop sending future e-mail marketing communications from us.

Direct Mail: If you do not want us to send you any promotional offers through direct mail, you may write to us at the address set forth in the “Contact Us” section of this Privacy Policy requesting that we stop sending future direct mail marketing communications from us.

Phone: If you do not want to receive marketing phone calls from us, you may: (i) call us at 1-844-909-1563; (ii) ask to be placed on our Do Not Call list when you receive a call from us; (iii) write to us at the address set forth in the “Contact Us” section of this Privacy Policy requesting your telephone number to be placed on our Do Not Call list; or (iv) email or mail us at dnc@tranzact.net and provide the telephone number you wish to have placed on our Do Not Call list.

To unsubscribe from a Third Party Insurer’s communications, you must contact such Third Party Insurer directly.

Interest Based Ads: To opt-out of certain targeted advertising, follow the instructions set forth in the Interest Based Advertising section above.

Third Party Links and Websites

Our Sites may contain links to other third-party owned and/or operated websites. We are not responsible for the privacy practices or the content of such third-party websites. In some cases, you may be able to make a purchase through one of their third-party websites. In these instances, you may be required to provide certain information, such as a credit card number, to register or complete a transaction at such website. These third-party websites have separate privacy and data collection practices and we have no responsibility or liability relating to such policies or practices.

Security

We have taken certain physical, electronic, contractual and managerial steps to safeguard and secure the personal information we collect. Despite this, the security of the transmission of information via the Internet cannot always be guaranteed and you acknowledge this in your access and use of our Site. Please note that it is your responsibility to maintain the confidentiality of your password associated with this Site, if any. In addition to using a variety of security technologies and procedures to protect your personal information generally, to the extent your Social Security Number (“SSN”) is collected, we also take measures to maintain its confidentiality, to protect it from unlawful disclosure and limit access to it by unauthorized third parties. Specifically, we will not make your SSN available to the general public, print your SSN on any card, require your SSN to access products or services, require you to transmit your SSN on the Internet unless the connection is secure or the SSN is encrypted, or require you to transmit your SSN to access a website without requiring additional authentication.

Minors

Our Services are not designed for individuals under 18, and we do not knowingly solicit or collect information from individuals under the age of 18. We encourage parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children. We will not be liable for any content or advertisements viewed by minor children in violation of the terms of this Privacy Policy.

Changes to this Privacy Policy

We may amend this Privacy Policy from time to time. When we do, we will post the change on this Site. If we change the Privacy Policy in any material way, we will provide appropriate online notice to you.

Contact Us

If you have any questions or suggestions regarding this Privacy Policy, you should feel free to contact us at privacy@tranzact.net or at:

TZ Insurance Solutions LLC

96 Linwood Plaza #144

Fort Lee, NJ 07024

Attention: www.medicareadvantage.com

Additional Information for Residents in Certain Jurisdictions

In this section, we provide additional information as required under applicable privacy laws in certain jurisdictions.

California Residents

In this section, we provide information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how handle their personal information, whether collected online or offline.

This section does not address or apply to our handling of personal information that is subject to an exemption under Section 1798.145(c) – (f) of the CCPA, such as protected health information that is subject to HIPAA or the California Medical Information Act, or publicly available data lawfully made available by federal, state or local government records. This section also does not apply to personal information we collect about job applicants, independent contractors, or current or former full-time, part-time and temporary employees and staff, officers, directors or owners of TRANZACT. This section also does not apply to personal information we collect about non-California residents.

Categories of Personal Information that We Collect, Disclose, and Sell

The table below sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, sell, and disclose to others for a business purpose. We collect these categories of personal information from the sources described in the Personal Information Collected section above, and for the purposes described in the Use of Personal Information section above. Our collection, use and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident.

Scroll to the right to continue reading the chart

Categories of personal information	Do we collect?	Do we disclose for a business purpose(s)	Do we sell?
Name, contact information and other identifiers: identifiers such as a real name, alias, address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers (e.g., related to leads and referrals).	Yes	Yes	Yes
Customer records: other paper and electronic customer records (e.g. associated with your application for insurance offered by Third Party Insurer) containing personal information, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, credit card number, debit card number, or any other financial or payment information, medical information, or health insurance information.	Yes	Yes	No
Protected classifications: characteristics of protected classifications under California or federal law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information.	Yes	Yes	Yes
Commercial Information: including records of products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.	Yes	Yes	Yes
Usage data: internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.	Yes	Yes	Yes
Audio, video and other electronic data: audio, electronic, visual, thermal, olfactory, or similar information such as, CCTV footage, photographs, and call recordings.	Yes	Yes	No
Employment history: professional or employment-related information.	Yes	Yes	No
Education information: education information that is not publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).	Yes	Yes	No
Profiles and Inferences: Inferences drawn from any of the information identified above to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.	Yes	Yes	Yes
Account Access Information: an account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.	Yes	Yes	Yes
Other forms of Sensitive Personal Data: information concerning an individual’s health, sex life, or sexual orientation.	Yes	Yes	Yes

Categories of Sources of Personal Information

We collect the categories of personal information listed in the table above from the following categories of sources:

from you, either directly (i.e., through information you submit to us, including via forms or surveys that you may complete and submit through our Site) or indirectly (i.e., by observing your actions on our Site);
from 'cookies' and other similar tools deployed on parts of our Site;
from our clients in connection with us providing professional services to them;
from other sources, such as public databases, joint marketing partners, social media platforms (including from people with whom you are friends or otherwise connected) and from other third parties;
from data analytics providers;
from service providers (i.e., companies who are assisting us in fulfilling our contracts and carrying out our business, such as to perform mailings or to provide customer assistance); and
from marketing/lead generation vendors who place advertisements for our products and services.

Categories of Third-Parties to Whom We Have Sold or Disclosed Personal Information

In the past twelve months, we have sold or disclosed certain categories of personal information as explained in the table above to the following categories of third-parties:

our business clients;
data analytics providers;
service providers (i.e., companies who are assisting us in fulfilling our contracts and carrying out our business); and
to certain lead buyers in limited circumstances.

California Resident Rights

California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

Do-Not-Sell & Do-Not-Share: California residents have the right to opt-out of our sale or sharing of their personal information. Opt-out rights can be exercised by clicking the “Do Not Sell/Share My Info” link in the footer of the Site. We do not sell personal information about residents who we know are younger than 16 years old without opt-in consent.

Limit the Use of Sensitive Personal Information: California residents have the right in certain instances to request that we limit the use and sharing of their sensitive personal information. The CCPA defines “sensitive personal information” to include, among other things, your: social security, driver’s license, state identification card, or passport numbers; account log-in, financial account, debit card, or credit card numbers in combination with any required security or access code, password, or credentials allowing access to an account; racial or ethnic origin, religious or philosophical beliefs, or union membership; genetic data; and biometric information (including physiological, biological, or behavioral characteristics). You may exercise this right by clicking the link in the footer of the Site titled “Limit the Use of My Sensitive Personal Information” or contacting us as at privacy@tranzact.net.

Notice at Collection: At or before the point of collection, notice must be provided to California residents of the categories of personal information collected and the purposes for which such information is used.

Verifiable Requests to Delete and Requests to Know: Subject to certain exceptions, California residents have the right to make the following requests, at no charge:

Request to Delete: California residents have the right to request deletion of their personal information that we have collected about them and to have such personal information deleted, except where an exemption applies. The instructions for submitting a verifiable Request to Delete are described in the “Submitting Requests” section below.

Request to Know: California residents have the right to request and, subject to certain exemptions, receive a copy of the specific pieces of personal information that we have collected, used, disclosed, and sold about them in the prior 12 months and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance. California residents also have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including the:

categories of personal information collected;
categories of sources of personal information;
business and/or commercial purposes for collecting and selling their personal information;
categories of third parties with whom we have shared their personal information;
categories of personal information that we have sold in the preceding 12 months, and for each category identified, the categories of third parties to which we sold that particular category of information; and
categories of personal information disclosed for a business purpose in the preceding 12 months, and for each category identified, the categories of third parties to which we disclosed that particular category of personal information.

California residents may make Requests to Know up to twice every 12 months. We will respond to verifiable requests received from California residents as required by law. The instructions for submitting a verifiable Request to Know are described in the “Submitting Requests” section below.

Request to Correct: California residents have the right to request that we correct inaccurate personal information that we maintain.

Submitting Requests. Requests to Know, Requests to Correct, and Requests to Delete may be submitted:

Submitting a request to us at here
By contacting us at 1-800-275-9761 (toll free)

We will respond to verifiable requests received from California residents as required by law.

We will use the following process to verify Requests to Know, Requests to Correct, and Requests to Delete: We will acknowledge receipt of you Consumer Request, verify it using processes required by law, then process and respond to your request as required by law. To verify such requests, we may ask you to provide the following information:

For a request to know categories of personal information which we collect, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you against information in our systems which are considered reasonably reliable for the purposes of verifying a consumer’s identity.
For a request to know specific pieces of personal information or for requests to delete, we will verify your identity to a high degree of certainty by matching at least three pieces of personal information provided by you to personal information maintained in our systems and also by obtaining a signed declaration under penalty of perjury that the requestor is the consumer whose personal information is the subject of the request.

An authorized agent can make a CCPA request on a California resident’s behalf by providing either: (1) proof that the consumer authorized the agent to do so; (2) verification of their own identity with respect to a Right to Know categories, Right to Know specific pieces of personal information, Requests to Correct, or Requests to Delete which are outlined above; and (3) direct confirmation that the consumer provided the authorized agent permission to submit the request.

Right to Non-Discrimination: The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA. Discrimination may exist where a business denies or provides a different level or quality of goods or services, or charges (or suggests that it will charge) different prices, rates, or penalties on residents who exercise their CCPA rights, unless doing so is reasonably related to the value provided to the business by the residents’ data.

Financial Incentives: A business may offer financial incentives for the collection, sale or deletion of California residents’ personal information, provided the incentive is not unjust, unreasonable, coercive or usurious, and is made available in compliance with applicable transparency, informed consent, and opt-out requirements. California residents have the right to be notified of any financial incentives offers and their material terms, the right to opt-out of such incentives at any time, and may not be included in such incentives without their prior informed opt-in consent. We may make available educational materials that may be useful to individuals who are shopping for a specific type of insurance in exchange for an individual providing us their personal information and agreeing to be contacted about our and third party products and services. You may opt out of marketing communications from us at any time, as set out in the Your Choices section above.

For more information about our privacy practices, you may contact us at privacy@tranzact.net.

Consumer Requests Received in 2021. In calendar year 2021, we received and responded to consumer requests under the CCPA as set forth in the table below:

Request Type	Number of Requests Received	Number of Requests With Which We Complied (in whole or in part)	Number of Requests Denied*	Average Response Time (Number of Days)
Requests to Know	5	1	4	41.8
Requests to Delete	6	0	6	52.6
Requests to Opt-Out of the Sale of Personal Information	22	21	1	5.2

*This includes requests that were denied because we were unable to verify the identity of the requestor.

Your California Privacy Rights Under the Shine the Light Law

California law allows individuals that reside in California to know the third parties with whom we shared their personal information for those parties’ own marketing purposes. The type of information and instances in which we share such information is detailed in this Privacy Policy. However, if you are a resident of California and you would like to know the specific companies with whom we shared your personal information and the categories of the information we shared, you may submit a written request for such information to us at privacy@tranzact.net.

Virginia Residents

Virginia law grants Virginia residents certain rights and imposes restrictions on particular business practices as set forth below.

Right to Confirm/Access: Virginia residents have the right to confirm whether or not we are processing their personal information and to access such personal information.
Right to Correction: Virginia residents have a right to correct inaccuracies in their personal information, taking into account the nature of the personal information and our purpose for processing their personal information.
Right to Delete: Virginia residents have the right to request the deletion of their personal information that we have collected about them and to have such personal information deleted.
Right to Data Portability/Access: Virginia residents have a right to obtain a copy of their personal information previously provided to us in a portable and, if feasible, readily usable format.
Right to Opt-Out: Virginia residents have a right to opt-out of the processing of their personal information for purposes of (i) targeted advertising; (ii) the sale of personal information; or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects. Under Virginia law, “sale” means only if we exchange personal information for monetary consideration with a Third Party. Opt-out rights can be exercised by clicking the “Do Not Sell/Share My Info” link in the footer of the Site.
Right to Non-Discrimination: Under Virginia law, we are prohibited from discriminating against Virginia residents for exercising their rights listed above.

Submitting Requests: You may exercise your rights(s) to Confirm, Access, Correct, Delete and/or Opt-Out of processing your personal information for certain purposes by:

Submitting a request to us here, or
Contacting us at 1-800-275-9761 (toll free)

We will use the following process to verify requests that we receive: acknowledge receipt of the request, authenticate it using processes required by law, then process and respond to the request as required by law. To authenticate such requests, we may ask for additional information as reasonably necessary.