Privacy Policy / California

(Last updated January 25, 2023)

About This Notice

We are committed to protecting your privacy and earning your trust. This Privacy Policy (“notice“) describes the personal information we collect about you and how we use and protect it. It applies to our current and former customers and others who live in your state. It replaces earlier versions that we may have given to you.
See the “California Consumer Privacy Act Supplement” below for a summary of our personal
information practices subject to, and your rights under, that law.

• Summary
• What information do you collect about me?
• Who might get information about me from you?
• Can I limit use of my information for marketing?
• How do you protect my information?
• How can I review and correct information you have about me?
• Our family of companies
• Additional information about Internet practices
• Why do you ask for my e-mail address?
• What about website security?
• What about links to other websites?
• California Consumer Privacy Act Supplement
• California Notice at Collection

Summary

This section summarizes our privacy practices. For more detail, please read the entire notice.

• We gather information from you, your transactions with us, and outside sources.
• We use your information only to conduct our business and provide insurance to you.
• We will share your information with your selected agent or broker and companies that provide certain products or services you request through us.
• We will not share your information with other companies for their independent marketing purposes without your consent.
• You can limit our use of some of this information for marketing purposes.
• We limit access to your information and use safeguards to help protect it.
• You may review and correct your information.

Back to Top

What information do you collect about me?

We collect information about you to quote and service your insurance policy. This is called “Nonpublic Personal Information” or “NPI” if it identifies you and is not available to the public. Depending on the product, we collect it from some or all of the following sources. We have provided a few examples for each source, but not all may apply to you.

• Application Information: You provide this on your application, through your agent or broker, by phone, or online. We may also obtain it from directories and other outside sources. It includes your name, street and e-mail addresses, phone number, driver’s license number, Social Security number, date of birth, gender, marital status, and type of vehicle. It also includes information about other drivers.
• Consumer Report Information: We obtain this from consumer reporting agencies. It includes your driving record, claims history with other insurers, and credit report information. The information is kept by the consumer reporting agencies and disclosed by them to others as permitted by law.
• Transaction Information: This is information about your transactions with us, our affiliates, or others. It includes your insurance coverages, limits and rates, and payment and claims history. It also includes information that we require for billing and payment.

We also may collect “Website Information” about you. This is unique to Internet activity. It may include how you linked to our website. It also may include your IP address and information about your device, time of visit, and what pages you visit on our website. When you visit our websites, we use cookies, web beacons, and other technology to collect information about you and your activities on our websites. We do this to provide services to you, enhance your online experience, and advertise our products and services.

Back to Top

Who might get information about me from you?

We will share information about you only as permitted by law. We will not share your NPI with other companies for their independent marketing purposes without your consent. There is no need to “opt out” or tell us not to do this.

Disclosures include those that we feel are required to provide insurance claims or customer service, prevent fraud, perform research or comply with the law. Recipients include, for example, our family of companies, claims representatives, service providers, consumer reporting agencies, insurance agents and brokers, law enforcement, courts and government agencies. They may disclose the information to others as permitted by law. For example, consumer reporting agencies may disclose Transaction Information received from us to other insurance companies with which you do business.

Where permitted by law, we may also disclose Application or Transaction Information to service providers that help us market our products. These service providers may include financial institutions with which we have joint marketing agreements.

Some products or services obtained through us will be provided by other companies. We may share your information with these companies. They will use the information as described in their privacy policies. These companies may share with us information about you and your transactions with them.

Back to Top

Can I limit use of my information for marketing?

We may share your NPI among our family of companies so they may offer products and services to you. You may limit some of this marketing by calling us at (541) 646-7873. Your choice will apply to all people listed on your policy.

Back to Top

How do you protect my information?

We restrict access to your information to our employees and others who we feel must use it to provide our products and services or otherwise run our business. Their use of the information is limited by law, our employee code of conduct, and written agreements where appropriate. We also maintain physical, electronic and procedural safeguards to protect your information.

Back to Top

How can I review and correct information you have about me?

To review information we have about you, send a written request to Customer Service, P.O. Box 1026 Escondido, CA 92033. You must describe the kind of information you want to review and state that your request is in response to this notice. Include your full name, mailing address, and policy number (if applicable). Within 30 business days, we will describe what is available and how you may request corrections. We will also name anyone we show as having received the information within two years prior to your request. Finally, we will identify the companies that have provided Consumer Report Information about you.

You may review the information at our offices or receive a copy of it for a fee to cover our costs. We will not provide information that we feel is privileged, such as information about insurance claims or lawsuits.

To correct information about you, send a written request as described above, explaining your desired correction. Within 30 business days, we will either make the requested correction or tell you why we will not. We cannot correct Consumer Report Information. To do this, you must contact the consumer reporting agency that provided it.

If we make your requested correction, we will notify you in writing. We will also notify anyone you name who may have received the information within the previous two years. If required by law, we will also notify others who may have given it to or received it from us. If we refuse to make the requested correction, you may file with us a concise written statement about why you object. That statement should include the information you think is correct. We will include your statement in your file. We will send it to the same persons to whom we would send a copy of any correction or change.

Back to Top

Our family of companies

This notice is from our family of companies. Our family of companies also includes RL Health and the entities that it directly or indirectly majority owns or controls. Those companies are governed by a separate privacy policy available at https://nucleusinsurance.com/rl-health-privacy-policy/ .

Back to Top

Additional Information about Internet Practices

When you visit our websites, we collect Website Information for various reasons. For example, if you start an insurance quote on our website, but decide to finish it later, we will save your information so you can pick up where you left off. We may use your Website Information to serve ads to you across multiple devices, such as your computer, smartphone, or tablet, or to limit the number of times you see our ads. We may also use your Website Information to customize your experience with and analyze your use of our websites and interaction with our ads.

We may transmit certain Website Information to third party advertising companies we work with (“Ad Companies”) to, among other purposes, measure our advertising efficiency or track referrals to our website. Some Ad Companies may be able to associate Website Information with other information they already have about you.

We advertise through Ad Companies on websites and mobile apps. We also do this on internet-connected platforms such as streaming TV devices. Some of these sites, apps, and platforms may use cookies, web beacons and other technology to capture and share information about you or your device with us or our service providers. These service providers may use information about your visits to and interactions with this and other websites, mobile apps and platforms, or the ads themselves, along with information about you, your purchases or interests (which may include Website Information), to provide ads about goods and services that may interest you (“Interest Based Advertising” or “IBA“). Some of this information may be exchanged with us or other service providers for market research or to analyze and manage our advertising and marketing efforts.

We adhere to the Digital Advertising Alliance’s (“DAA’s”) IBA principles. You may limit the extent to which Website Information is used to deliver IBA. You may do this using the DAA’s WebChoices tool at http://optout.aboutads.info. The WebChoices tool will provide you with more information about your privacy choices. The tool also will provide you with a list of companies that compile Website Information about your interactions with this and other websites, and a means to opt out of the collection and use of certain Website Information for IBA on your browser. You can also opt out of receiving certain IBA from Nucleus Insurance by clicking on the advertising options icon displayed in certain Nucleus Insurance ads shown to you online. By clicking the icon, you can learn more about and opt out of the use of certain Website Information for IBA on your browser.

You may have other means of controlling the use of cookies and other tracking technologies on this and other websites. You may be able to instruct your browser or mobile device to warn you each time a cookie is being sent, or to reject all or certain kinds of cookies. Typically, you can do this by changing the privacy settings on your internet browser or device. However, if you reject cookies, some websites may not function properly, and some website services may be diminished. In most cases, you must manage these settings on each of your browsers or devices. For example, blocking cookies on your desktop browser may not work for your mobile device.

Your browser or device may include a “do not track” (DNT) setting that signals websites to disable tracking by third parties, such as advertising companies. Our websites do not recognize the DNT signal, but you may access the DAA’s WebChoices tool to manage your IBA preferences.

We believe that these means of controlling the use of cookies and other tracking technologies constitute reasonable choice regarding Website Information and IBA. But some cookies and other tracking technologies may persist on this and other websites.

We will send our policyholders a written privacy policy with any changes at least once a year. Website visitors who are not policyholders should refer to the date at the top of this notice to see if it has been updated.

Back to Top

Why do you ask for my e-mail address?

When you quote or buy insurance on our website, we collect your e-mail address. We do this so that we can send you e-mails concerning your transactions with us. We may also send updates with other information we think you’ll find useful. You can stop these updates by using the links provided in the emails. Customers may also manage their preferences in the policy services area of our website.

We will share your e-mail address with our service providers and your selected agent or broker. We will not share your e-mail address with other companies for their marketing purposes without your consent.

Back to Top

What about website security?

Our security measures help secure your data, so that others cannot access it while in transit. We limit access to our servers and require our employees to adhere to high standards of ethics and integrity in performing their jobs.

Back to Top

What about links to other websites?

Our website contains links to other sites that we do not maintain. We make no warranties or representations about other websites. We recommend that you read the privacy and security policies of these sites.

Back to Top

California Consumer Privacy Act Supplement to Privacy Policy

This Supplement (“Supplement“) describes our collection and use of Personal Information that is subject to the California Consumer Privacy Act (the “CCPA“), and describes the rights of Consumers under the CCPA. This Supplement does not apply to information that is exempt from the CCPA. This Supplement controls if there is a conflict with our privacy policy.

Back to Top

Our Personal Information practices

We collected each of the categories of Personal Information listed in the “Notice at Collection” below during the twelve months preceding the date of this notice (the “past year”).
We collect Personal Information for the Purposes listed in the Notice at Collection.
The categories of our sources for Personal Information about Consumers include:

• Advertising networks, lead sources or aggregators, or other third-party sites, web
  browsers or search engines
• Consumers or our observation of consumers
• Data analytics providers
• Data brokers
• Government entities
• Insurance agents and brokers
• Internet service providers
• Operating systems and platforms
• Our service providers
• Persons involved in insurance claims, litigation, or fraud prevention or detection
• Social networks
• Third-party product providers
  We disclose each of the categories of Personal Information listed in the Notice at Collection.
  During the past year, we disclosed the following Personal Information for business purposes:
• Identifiers were disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; data brokers; government entities; insurance agents or brokers; loss payees or additional insureds; operating systems and platforms; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• CCR Categories were disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; data brokers; government entities; insurance agents or brokers; loss payees or additional insureds; operating systems and platforms; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Protected Classifications were disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; data brokers; government entities; insurance agents or brokers; operating systems and platforms; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Commercial Information was disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; data brokers; government entities; insurance agents or brokers; loss payees or
  additional insureds; operating systems and platforms; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Biometric Information was disclosed to data analytics providers; government entities; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Internet or Other Electronic Network Activity Information was disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; data brokers; our service providers; and third-party product providers.
• Geolocation Data was disclosed to data analytics providers; government entities; operating systems and platforms; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Sensory Data was disclosed to data analytics providers; government entities; operating systems and platforms; persons involved in insurance claims, litigation, and fraud prevention and detection; our service providers; and third-party product providers.
• Professional or Employment-Related Information was disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; government entities; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Education Information was disclosed to data analytics providers; government entities; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Inferences were disclosed to our service providers.
• Sensitive Identifiers were disclosed to data analytics providers; data brokers; government entities; insurance agents or brokers; operating systems and platforms; our service providers; and persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Sensitive Account Information was disclosed to our service providers.
• Sensitive Demographics were disclosed to advertising networks, lead sources or aggregators, or other third-party sites, web browsers or search engines; data analytics providers; government entities; our service providers; persons involved in insurance
  claims, litigation, or fraud prevention or detection; and third-party product providers.
• Sensitive Communications were disclosed to operating systems and platforms and persons involved in insurance claims, litigation, or fraud prevention or detection.
• Sensitive Health Information was disclosed to data analytics providers; government entities; operating systems and platforms; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.
• Sensitive Sexual Information was disclosed to data analytics providers; government entities; our service providers; persons involved in insurance claims, litigation, or fraud prevention or detection; and third-party product providers.

All of this information may be disclosed within our family of companies.
We make these disclosures for the Purposes listed in the Notice at Collection.

During the past year, we sold or shared Identifiers, Internet or Other Electronic Network Activity Information, Professional or Employment-Related Information, and Commercial Information to or with advertising networks, lead sources and aggregators, or other third-party sites, web browsers or search engines; data analytics providers; and data brokers for the following purposes:

• Claims and litigation. This includes disclosures of Personal Information needed to access
• third-party products used for claims purposes.
• Helping ensure our ability to detect security incidents, resist malicious, fraudulent or illegal activity, and report and help prosecute such activity and help protect people’s physical safety.
• Marketing and advertising products and services offered by us or others and lead monetization. This includes Cross-Context Behavioral Advertising purposes such as compensation for leads and analysis of advertising effectiveness. “Cross-Context Behavioral Advertising” means targeting advertising to a Consumer based on the Consumer’s Personal Information obtained from that person’s activity across businesses,
  distinctly-branded websites, applications, or services, other than the business, distinctlybranded website, application, or service with which the person intentionally interacts.
• Provide, process and service our products or offerings (e.g., maintaining or servicing policies, providing other consumer service, processing or fulfilling transactions and payments, verifying consumer information, communications, etc.). This includes disclosures of Personal Information needed to access third-party products used for underwriting purposes.

We do not use or disclose the “Sensitive Personal Information” described in the “Notice at Collection” below for purposes other than those specified by the CCPA and its regulations.
To our knowledge, we do not sell Personal Information about Consumers under sixteen years old or share it with others for Cross-Context Behavioral Advertising.

Back to Top

Your rights to delete, discover and correct

To the extent provided by law, you are entitled to receive a “Notice at Collection,” which we have attached to this Supplement.

To the extent provided by law, you may request that we:

• delete Personal Information that we collected from you;
• correct inaccurate Personal Information that we maintain about you; and
• disclose the following to you free of charge:
  • the categories of Personal Information we collected about you;
  • the categories of sources from which it is collected;
  • our purpose for collecting, selling or sharing Personal Information;
  • the categories of third parties to whom we disclose Personal Information;
  • the specific pieces of Personal Information we collected about you;
  • the categories of Personal Information about you that we sold or shared and the categories of third parties to whom the Personal Information was sold or shared; and
  • the categories of Personal Information about you that we disclosed for a business purpose and the categories of persons to whom it was disclosed.

You may exercise the rights described above by using the form at https://nucleusinsurance.com/contact-us/ or by calling us toll-free at (541) 646-7873.

Back to Top

Your CCPA opt-out rights

You may opt-out of our sharing Personal Information about you for Cross-Context Behavioral Advertising purposes, as well as from any sales by us of that information. You may exercise this right at https://nucleusinsurance.com/contact-us/.

We will honor any Global Privacy Control (“GPC“) signals that indicate your preference to optout of sales or sharing of your Personal Information. You may enable this on many browsers’ settings or by downloading a GPC extension for applicable browsers. GPC opt-outs are applied at the browser level. If you clear the cookies cache on your browser, websites such as ours will not be able to recognize your prior GPC opt-out, but you may opt-out again by re-enabling or downloading the GPC setting extension or by notifying us at https://nucleusinsurance.com/contact-us/.

Back to Top

Nondiscrimination

We will not discriminate against you for exercising your rights under the CCPA. However, we may charge a different price for goods or services if the difference is reasonably related to the value of your Personal Information.

Back to Top

Verifying requests

If you request to delete, correct, or discover Personal Information, we will attempt to verify your identity by trying to match identifying information provided by you to Personal Information about you that we have. If we do not have enough information to match, we may try to contact you to verify your identity. Examples of information you may be asked to provide include your name, address history, and information about your interactions with us. If you want us to disclose specific pieces of Personal Information that we collected about you or delete Personal Information that we collected from you, you may also be asked to provide a copy of the front and back of your driver’s license or other government-issued identification card. We will notify you if we cannot timely verify that you are the consumer about whom we have collected Personal Information.

Back to Top

How an agent can make requests on your behalf

You may designate an agent to make requests on your behalf. To make such a request, your agent may use https://nucleusinsurance.com/contact-us/ or call us toll-free at (541) 646-7873. The agent must provide us with a power of attorney from you or your signed permission authorizing the agent to make the request for you. If the agent requests disclosure of specific pieces of personal information or deletion of personal information, the agent may also be asked to send us a copy of the front and back of your driver’s license or other government-issued identification card. If the agent does not provide us with a power of attorney, we may contact you to directly verify with you your identity and that you gave the agent permission to submit the request.
Questions and concerns
If you want to access this notice in a different format because of disability, or if you have any other CCPA questions or concerns, you may contact us at https://nucleusinsurance.com/contact-us/ or call
us at (541) 646-7873.
Date
This Supplement was last updated as of January 20, 2023.

Back to Top

California Notice at Collection

This Notice applies only to California residents (“Consumers“) concerning Personal Information that is subject to the California Consumer Privacy Act (“CCPA“). This Notice does not apply to information that is exempt from the CCPA.
“Personal Information” is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or household in California. It includes the following categories:

• “Identifiers” such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
• “CCR Categories,” which may include the following categories of Personal Information described in the California Customer Records statute: name, signature, Social Security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card
  number, or any other financial information, medical information, or health insurance information.
• “Protected Classification Characteristics” under California or federal law such as age, marital status, and gender.
• “Commercial Information,” which may include records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
• “Biometric Information,” which means a Consumer’s physiological, biological or behavioral characteristics used or intended for use singly or in combination with each other or other identifying data to establish individual identity.
• “Internet or Other Electronic Network Activity Information,” which may include website information, browsing history, search history, information on a Consumer’s interaction with an internet website, application, or advertisement.
• “Geolocation Data” about physical location or movements.
• “Sensory Information” consisting of audio, electronic, visual or similar information.
• “Professional or Employment-Related Information” such as information about current or past employment.
• “Education Information” such as education level.
• “Inferences” drawn from other Personal Information to create a profile about a Consumer reflecting the Consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Personal Information also includes the following categories of “Sensitive Personal Information”:

• “Sensitive Identifiers,” meaning Personal Information that reveals a Consumer’s Social Security, driver’s license, state identification card, or passport number.
• “Sensitive Account Information,” meaning Personal Information that reveals a Consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
• “Sensitive Geolocation Information,” meaning Personal Information that reveals a Consumer’s geolocation within an area that is equal to or less than the area of a circle with a radius of 1850 feet.
• “Sensitive Demographics,” meaning Personal Information that reveals a Consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership.
• “Sensitive Communications,” meaning the contents of a Consumer’s mail, email, and text messages unless we are the intended recipient of the communication.
• “Sensitive Genetics Information,” meaning a Consumer’s genetic data.
• “Sensitive Health Information,” meaning Personal Information collected and analyzed concerning a Consumer’s health.
• “Sensitive Sexual Information,” meaning Personal Information collected and analyzed concerning a Consumer’s sex life or sexual orientation. We may collect and use the preceding Personal Information (including Sensitive Personal Information) about you and your household for the following purposes (the “Purposes”):
• Analytics, research & development, pricing, and improving or upgrading our offerings.
• Auditing and quality control.
• Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions.
• Claims and litigation.
• Compliance and related purposes, including, without limitation, making disclosures required by law or regulation, for governmental investigations or processes, or to our attorneys, accountants and auditors.
• Helping ensure our ability to detect security incidents, resist malicious, fraudulent or illegal activity, and report and help prosecute such activity and help protect people’s physical safety.
• Maintaining and protecting our data, systems and ourselves, including, without limitation, debugging to identify and repair errors.
• Marketing and advertising products and services offered by us or others and lead monetization.
• Provide, process and service our products or offerings (e.g., maintaining or servicing policies, providing other consumer service, processing or fulfilling transactions and payments, verifying consumer information, communications, etc.)
• Sharing information with other companies in our family of companies or in which we invest.

The minimum length of time for which we will retain the Personal Information we collect varies based on applicable statutes of limitations and whether we think we might need the information for court or other official proceedings.

We may sell, or share for Cross-Context Behavioral Advertising Purposes, Identifiers, Internet or Other Electronic Network Activity Information, and Commercial Information. “Cross-Context Behavioral Advertising” means targeting advertising to a Consumer based on the Consumer’s Personal Information obtained from that person’s activity across businesses, distinctly-branded websites, applications, or services, other than the business, distinctly-branded website,
application, or service with which the person intentionally interacts. You can opt-out of such sharing at https://nucleusinsurance.com/contact-us/.
We may allow third parties to collect personal information from our websites.