Navigate the current cyber risk landscape with Coalition’s Cyber Threat Index 2024Get the report
Cyber Incident? Get Help

Introduction

This Privacy Policy (“Policy”) is provided by Coalition, Inc., a Delaware corporation, on behalf of itself, and any of its current and future subsidiaries and affiliates, including Coalition Insurance Solutions, Inc. (“CIS”), Coalition Insurance Solutions Canada, Inc. (“CISC”), Coalition Incident Response, Inc. (“CIR”), Coalition Incident Response Canada, Inc. (“CIRC”), Coalition Risk Solutions, Ltd. (“Coalition UK”), Coalition Insurance Company, Inc. (“CIC”), BinaryEdge AG (“BE”), and Coalition Insurance Solutions Pty Ltd (ACN 657 140 791) (“Coalition AU”) (collectively, “Coalition,” “we,” or “us”). In order for our websites, including our online risk management platform (the “Platform”), applications (web-based or mobile), products and services (collectively, the “Services”) to function properly, we collect, use, store, disclose or otherwise process information, including personal information about individuals (“you” or “your”) who use, access, or enroll in the Services. In order to provide our threat detection services, we also maintain a security threat database that may include limited personal data relating to actors involved in those incidents.

Coalition is committed to protecting your privacy and we want you to understand what personal information we collect and how we use it. We also want you to understand the options that you have regarding our collection, use, and disclosure of, as well as your ability to access and correct such information. As the leading provider of active insurance, Coalition is required to adhere to certain local regulations, including U.S. federal and state laws that protect your information and our use and disclosure of it.

The Services are directed towards our business customers and potential customers. They should not be used for personal, family, or household purposes. We treat all personal information covered by this Policy as pertaining to individuals acting as business representatives, rather than in their personal capacity.

 

California-specific information is in the “CCPA Privacy Notice” section below. Europe-specific information is in the “Notice to European Data Subjects” section below. Canada-specific information is in the “Notice to Canadian Residents” section below.

 

If you have any privacy or data use concerns involving the Services, please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information” section.

Policy Application

This Policy applies to all of the Services and communications provided to you by Coalition and information provided to us by: (i) visitors to our Platform, and (ii) users of our Services (i.e. policyholders, insurance agents and brokers, and subscribers to or users of any of our Services), as well as information we collect in relation to the threats database. This Policy does not apply to our users’ websites, applications, or other systems or any third party websites or applications that may be linked from our Services; linking to them does not imply an endorsement. We are not responsible for these websites or applications or any information that they may collect. You should always review the privacy policy of any third party website or application that collects your personal information. See the “Third Party Service Providers” section below for more information.

This Policy also outlines how to request access to your personal information and how to exercise other rights you may have under applicable laws, and it outlines the choices you have regarding the collection, use and disclosure of your personal information. Coalition’s Services are not intended for, nor designed to attract, individuals under the age of majority in their jurisdiction of residence. Coalition does not knowingly collect personal information from any person who is under the age of majority in their jurisdiction of residence. If it comes to our attention through reliable means that a registered user is under the age of majority in their jurisdiction of residence, we will cancel that user’s account and/or access to our Services.

What Information Do We Collect and How Do We Get It?

When you use our Services, we may collect a variety of information that will aid us in providing Services to you, including, but not limited to, quoting and servicing your insurance policy. This information includes “nonpublic personal information”, which is all information that identifies you and is not available to the general public or information that is not publicly available information as prescribed by applicable law. We also collect information through the insurance policy application process, your communications with us, your transactions on our Platform, and your use of our other Services. The information we collect and how that information is used depends to a certain extent on how you use our Services. We may also collect your personal information from a third party based on your consent or as otherwise permitted or required by law.

We may collect the types of personal information below:

  • Name;

  • Mailing address;

  • Email address;

  • Phone number(s);

  • Password;

  • Corporate information 

  • Web Address or Domain name(s);

  • Job title and other occupational information;

  • Former insurance information, including payment and claims history; 

  • Information in relation to an insurance claim or cyber incident including details of the compromised communications, content or systems and information obtained in the investigation thereof;

  • Insurance coverage information, including endorsements; 

  • Information from public social network channels and torrent downloads;

  • Billing information, credit card or banking information, or other preferred payment means; however, we do not store full credit card numbers of personal account numbers (“PANs”);

  • Content you create, upload, communicate to or receive from Coalition when using our Services, including, text, email, photos, videos, audiovisual content, documents, spreadsheets, and comment/chat you make on any Coalition’s Platform or blog; and

  • All documents provided in response to a job posting on our Platform and/or social networks such as resumes and cover letters, including any personal information that these documents may contain.

 

Platform Usage

Like most online web services, when you use our Platform, to the extent permitted under applicable law, we may automatically collect certain information about your visit and store it in our server logs about the use of our Services, including the number of unique visitors, the frequency of visits, how users interact with our Services, user experience preferences, files, such as the app or website and/or search criteria that led you to our Services, your Internet Protocol address (“IP Address”), UDID, or other device address or ID, device type, operating system, browser information, and what pages you visit when using our Services, and the web pages or sites that you visit just before or just after using the Services. This information may be collected to help us improve the user experience, improve our Services, and mitigate fraudulent activity. We do not link this automatically-collected data to other personal information we collect about you. When Coalition runs its automated scanning and monitoring tool, it collects only publicly available information in order to conduct its risk and vulnerability assessment, including but not limited to names and email addresses sharing the requesting company’s domain name, to the extent permitted by law. 

Threats Database

Coalition scans the internet for cyber threats and information relating to cyber incidents, including company names, domain names, individual names, addresses, email addresses, passwords, job titles, and other similar information. Such information is stored and may be later processed for the purposes of detecting, investigating and preventing cyber fraud and crime. Such information could relate to any individual involved in the incident.

 

Blogs Posts and Testimonials

Our Platform offers publicly accessible blogs. You should be aware that any information you provide in these areas may be collected, read and used by others who access them so care should be taken when posting any personal information. To request removal of your personal information from our blog, please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information” section. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

 

From time to time, we may collect and display personal testimonials of satisfied customers on our Platform in addition to other endorsements. Where you have consented, we may post your testimonial along with your name and employer name. If you wish to update or delete your testimonial, please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information" section.

 

Cookies, Tracking Technologies, and Session Information

Coalition, our partners (such as our marketing partners), and our analytics or service providers use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the Services, track users' movements around the Platform, and to gather demographic information about our user base as a whole. Coalition, our partners, and our analytics or service providers may collect information about your interactions with the Platform, including the resources that you access, pages viewed, how much time you spent on a page, and how you reached our Platform. Coalition, our partners, and our analytics or service providers may log the details of your visits to our Platform and information generated in the course of using our Platform, such as mouse movements, clicks, page visits, text entered, and other details of your actions on our Platform. Details on how we use cookies can be found in our opt-in cookie consent.

In certain areas of the Platform, we offer a chat feature to help answer your questions about our Services. We collect information you may enter into the chat. We will collect and retain transcripts of those conversations. Additionally, your browser may automatically transmit the following data: date and time of access, duration of the visit, type of browser including version, operating system used, amount of data sent, type of event, IP address.

You have a variety of tools to control the information collected by these technologies when you use our website. For example, you can use controls in your internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies.

 

Information from Referrals

If you choose to use our referral service to tell someone about our Services, we may collect a name and email address from you. We will automatically send them a one-time invitation email to visit the Platform and provide your name as the person who made the referral, and a one-time reminder if permitted by applicable law. Coalition stores this information for the sole purpose of sending the invitation and reminder email (if applicable), and for tracking the success of our referral program. Any recipient of an invitation may contact us at privacy@coalitioninc.com if they believe that their personal information has been provided to us improperly, or to request that we remove this information from our database. In using our referral service, you represent that you have obtained the necessary consents to provide us with personal information relating to other individuals and acknowledge that it may be used in accordance with this Policy. Coalition will obtain consent directly from the recipient for the collection and use of their personal information if required by applicable law.

 

Coalition may, now or in the future, allow you to link your account on the Platform to your account(s) on third party services, such as social networking sites (“Linked Accounts”). If you link your account on the Platform to a Linked Account, you are authorizing Coalition to store and use your access credentials to access your Linked Account on your behalf as your agent to integrate your experience with the Platform with content, information, and features available through such Linked Account. This may include importing certain information of the Linked Account, and/or pushing updates regarding your use of the Services out to your Linked Accounts. The information we receive when you link your account through a third party service depends on the settings, permissions, and privacy policy controlled by that Linked Account. Linking, accessing, or using a third party service through the Platform in this manner may be subject to additional terms and privacy policies established by the applicable third party, and it is your sole responsibility to comply with such third party terms and familiarize yourself with such privacy policies.

 

If you download a mobile version of the Platform via the App store or Google Play, you may be subject to usage terms set forth by Apple, Inc or Google, Inc, respectively. Our Platform may also include links to or provide the ability to connect with other websites and applications (“Third Party Sites”). Our Platform also includes social media features, such as a “Like” button, and widgets, such as the “share this” button or other interactive mini-programs that run on our Platform. These features may collect your IP address, which page you are visiting on our Platform, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by Third Party Sites or hosted directly on our Platform.

 

Our Platform also offers publicly accessible community forums managed by Third Party Sites that may require you to register to post a comment. We do not have access or control of the information posted to the community forum. You will need to contact or login into the third party application if you want to access or remove the personal information that was posted or collected related to these forums.

 

Your interactions and any personal information that you submit via Linked Accounts, Third Party Sites or other features of these Third Party Sites are governed by the privacy policy of companies that are not controlled by Coalition and we do not assume responsibility for their privacy practices. Therefore, the terms of usage and their privacy policy may differ from the terms of this policy. You are encouraged to review the privacy policy of any Third Party Sites that you visit or engage with.

 

Audio, Visual and Similar Information Collection

Certain applications that are part of the Services may provide you with the ability to upload or share videos, photos, or the category, name or nickname attached to those data elements which in turn Coalition may collect, access or store.

In addition to the information we collect from you directly, we may also collect information (as listed above) about you from other sources, including trusted partners, marketing parties, business partners, security partners, our affiliates, or publicly accessible sources as permitted by applicable law so that we can improve the user experience, mitigate fraud or malicious activity, or comply with internal company and external regulatory requirements.

 

Password Management and Security 

Certain Services used via our Platform allow you to share your password with the application for safekeeping. Any passwords that you share are not visible by, transmitted to, or stored by Coalition in clear text. They may be saved on your device, with only an encrypted code sent to Coalition for which we do not have the encryption key.

The Ways Coalition Uses Information

Coalition generally uses the information you provide or we collect in connection with the Services for the following purposes:

  • Provide or Fulfill Services to you; 

  • Establish and verify your identity; 

  • Handle and resolve billing transactions; 

  • Activate, maintain and service your account or an insurance policy; 

  • Develop, operate, maintain, and enhance the Services now and in the future;

  • Communicate with you about our Services, including by sending announcements, updates, security alerts, and support and administrative messages;

  • Offer updates, notices, and other information, including marketing and promotional materials related to our products, services, sales, or promotions, or those of our affiliates and business partners we believe will be of interest to you, as further described in the “Communications with Coalition” section, where permissible according to applicable law. (Note: at any time, you may choose to withdraw your consent to Coalition’s use or disclosure of your personal information for marketing and promotional purposes by following the unsubscribe instructions included in any Coalition emails you receive or by contacting Coalition at privacy@coalitioninc.com or as further set out below under the “Contact Information” section of this Policy);

  • Respond to your questions, inquiries, comments and instructions; 

  • Enforce the applicable Terms of Use; 

  • Track and analyze de-identified data and provide such data to third-parties that provide services to Coalition;

  • Personalise our Services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you use our Services; 

  • Provide customised third party advertisements, content, and information in accordance with applicable law; 

  • Monitor and analyse the effectiveness of our Services and third party marketing activities; 

  • Monitor aggregate Platform usage metrics such as total number of visitors and pages viewed;

  • Protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims); 

  • To facilitate audit of our internal processes for compliance with legal and contractual requirements and internal policies, enforce the terms and conditions that govern the Services;

  • Prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft;

  • In order to assist you and employer respond to a cyber incident; 

  • To comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities as permitted by applicable law; 

  • To process and follow up on applications received in response to our job postings on our website or elsewhere, and to communicate with applicants and candidates in this regard;

  • For such other purposes as you may consent to from time to time; and

  • As otherwise required or permitted by law.

Communications with Coalition

If you are a Coalition policyholder or user of our Services, we may contact you regarding your policy (as applicable), such as billing notices and confirmations of changes, by mail or through email. We will also use your email address to provide you with updates about our products and Services in accordance with applicable law. We may also contact you by phone and email regarding timely matters such as late payment or other factors that might affect your policy or use of our Services, including to notify you of potential security vulnerabilities.

 

When you register for an account, we will use your name and email address to send periodic emails to you of both a promotional and transactional nature in accordance with applicable law. You may choose to stop receiving promotional emails by following the unsubscribe instructions included in those emails or please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information” section.

The Ways Coalition Discloses Information

Coalition is the responsible party for the personal information collected on the Platform and through the Services set out in this policy. We will not use or disclose your personal information to non-affiliated third parties except as disclosed in this Policy. In order for us to provide some of our Services we may also disclose any of the categories of personal information described in the “What Information Do We Collect and How Do We Get It?” section to the following categories of third parties:

  • Disclosures In Connection with Claims:

We may disclose your personal information to a policyholder’s insurers, their agents and representatives, claims representatives, insurance agents, law enforcement agencies, courts, and government agencies. These parties may disclose personal information to other parties as permitted by law in order to process and/or investigate insurance claims.

  • Payment Processors:

Coalition collects and maintains certain personal information from our customers for the purposes of billing. When you purchase our Services, your payment card information may be collected and processed directly by our payment processors, such as Stripe, Inc. (“Stripe”). Accordingly, in addition to this Privacy Policy and our Terms of Use, your data is also processed pursuant to Stripe’s or other processors’ services agreements and privacy policies. Moreover, when your payment information is collected and stored by your broker or a third party payment provider (as applicable), your information will be subject to their respective privacy policies and practices.

  • Third Party Service Providers:

Coalition works with other third party service providers in the U.S. and other jurisdictions to provide website development, hosting, maintenance, transcription, marketing, billing, contract and account management, customer support and customer relationship management, and claims support as well as other business services for us. To the extent it is necessary for these service providers to complete their work, these third-parties may have access to or process your personal information in accordance with applicable law. Such users are required to agree to limit their use of the information for the purpose for which it was provided or to seek your consent for any additional purposes.

  • Promotional Partners and third party Apps:

From time-to-time and where permissible under applicable law, Coalition may notify you about an offer from one of our promotional partners via our Platform or email. We will share your personal information (such as your name, company name, business email address, etc.) with the applicable partner only if you affirmatively consent and respond to a promotional offer. If you install an app from one of our third party partners, Coalition may provide your email address to that partner for account creation and communication with that partner.

  • Affiliates:

We may share your data with our affiliates, including Coalition Insurance Solutions, Inc., Coalition Insurance Solutions Canada, Inc., Coalition Incident Response, Inc., and BinaryEdge AG, to collect and share insurance application information, market products and services, collect payment information, and for other purposes consistent with this Policy or delivering our Services.

  • Business Transfers:

In the event we are involved in a proposed or actual purchase, merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets (including a liquidation, realization, foreclosure, or repossession), or transition of service to another provider or any assets or shares of our business or a division thereof (collectively, “Transaction”), for you to continue to receive the same or similar Services from the third party, we reserve the right to share, transfer, or assign the information that we have collected from users, including personal information in connection with such Transaction, in accordance with applicable law.

  • Comply with Laws and/or Legal Process:

We reserve the right to disclose your information that we believe is reasonable, appropriate, or necessary to take precautions against liability; to protect Coalition and others from fraudulent, abusive, predatory, or unlawful uses or activity; to investigate and defend ourselves against any third party claims or allegations; to assist government enforcement agencies; to protect the security or integrity of our Services; or to protect or vindicate the rights, property, or personal safety of Coalition, our users, or others. In addition, we may be required by law, court order, or other legal process to provide information about our customers to outside parties.

  • Aggregated Information:

Coalition may aggregate data we collect about our users. For example, we may aggregate data to determine if particular software used by our users is susceptible to exploitation. If we aggregate this sort of data and provide it to external parties, our users' personal information will not be attached to or included in such aggregated data. Please note, data that our users provide to us, including data collected in our underwriting process, may be included in the aggregate data, reports, and statistics but will always be anonymous.

  • Enforce our Terms of Use:

In addition to the above uses and disclosures, Coalition may identify you as a customer or user your website’s name in connection with proposals to prospective customers, to hyperlink to your websites home page, to display your logo on Coalition’s Platform or in marketing of its Services, or to otherwise refer to you in print or electronic form for marketing and reference purposes.

 

The Ways Coalition Protects Your Personal Information and Your Rights Regarding Your Personal Information

We are committed to taking steps to protect personal information we receive from our users and otherwise control from loss, misuse or unauthorized access, disclosure, alteration, and/or destruction. We have put in place physical, industry standard technological, and administrative procedures designed to safeguard and secure such information; however, no Internet or email transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us in connection with our Services. We will notify you of any confirmed security breach of your personal information to the extent required by and in accordance with applicable state, federal or other jurisdictional laws.

 

If you have reason to believe that your personal information is no longer secure, please contact us immediately at privacy@coalitioninc.com or as further set out below under the “Contact Information” section. We may allow our users access to their own personal information upon request, and allow them to correct, amend, or delete inaccurate personal information to the extent required by applicable laws (for information about the rights available to European data subjects, please refer to section “Notice to European Data Subjects”; (for information about the rights available to Canadian residents, please refer to section “Notice to Canadian Residents”). There may be exceptions to such access in accordance with applicable law, including, but not limited to: (a) where the rights of persons other than the requesting individual risk being violated; (b) where the information cannot be disclosed for legal, security, or commercial proprietary reasons; or (c) where the information is subject to solicitor-client or litigation privilege.   To make a request to exercise a right regarding your personal information under applicable law, or if you have a privacy related concern, please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information” section. 

Your Rights Regarding Your Personal Information

Depending on applicable law, you may have certain rights regarding your personal information, including, but not limited to, the right to access, correct, amend, or delete  your personal information (for more information about the rights available to California residents, please refer to the section “CCPA Privacy Notice” and for information about the rights available to European data subjects, please refer to the section “Privacy Notice to European Data Subjects”). There may be exceptions to such rights in accordance with applicable law, including, but not limited to: (a) where the rights of persons other than the requesting individual risk being violated; (b) where the information cannot be disclosed for legal, security, or commercial proprietary reasons; or (c) where the information is subject to solicitor-client or litigation privilege.

To make a request to exercise a right regarding your personal information under applicable law, or if you have a privacy related concern, please contact us through the information set forth in the “Contact Information” section.

How Long Coalition Keeps Your Personal Information

We keep your account information for as long as your account is in existence because we need it to operate your account. We also keep information about you and your use of the Platform for as long as necessary to comply with laws and for our legitimate business interests, such as providing the Services and defending or prosecuting claims, including as described in “The Ways Coalition Uses Information" and “The Ways Coalition Discloses Information” sections. To determine the appropriate retention period for your personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. In general, we keep your personal information for as long as necessary to fulfill the purposes for which it was collected and as permitted or required by law.

Social Media

Please be aware that any information that you submit to a social media site such as Facebook, Instagram or Twitter is done at your own risk and without any expectation of privacy. Coalition cannot control the actions of social media site users and is not responsible for any content or submission contained on such sites. Further, Coalition cannot guarantee the privacy and safety of these sites and is therefore not responsible for any content that you or any other social media user posts. You should always review the privacy policy of any Third Party Sites or website that you interact with.

Processing of Personal Information in the United States

Coalition has users located across the globe. We are headquartered in the United States with service providers that operate in other countries. We may transfer your personal information to the United States and other countries which may not have the same data protection laws as your home country or territory, and where such laws will apply to your personal information while it is located there, but we will generally protect your personal information in accordance with this Privacy Policy, or as otherwise disclosed to you. Those laws may require disclosure of your personal information to authorities in that other country or territory. For more information about our policies and practices regarding service providers outside of your home country or territory, please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information” section.

CCPA Privacy Notice

The California Consumer Privacy Act (“CCPA”) requires specific disclosures for California residents. This Privacy Policy is intended to help you understand how Coalition or its affiliates handle your information, specifically:

Retention Periods: We retain your information according to the “How Long Coalition Keeps Your Personal Information” section above. 

Your CCPA Rights: Subject to applicable exceptions, California residents may request information from Coalition about how it collects, uses and discloses your personal information, request access to your information, to correct inaccurate personal information, and request that Coalition delete that information. After we receive your request, we may request additional information to verify your identity. Your authorized agent may submit requests in the same manner, although we may require the agent to present signed written permission to act on your behalf, and you may also be required to independently verify your identity with us and confirm that you have provided the agent permission to submit the request. The CCPA also requires that you not be discriminated against for exercising your privacy rights.

 

Opt-Out of Sale or Share: We don’t sell your personal information in exchange for money, but some of our website tracking qualifies as a “selling” or “sharing” under the CCPA, so online tracking information is the only category of information that we sell. You have the right to opt-out of the sale or sharing of your personal information. You may do so through certain browser enabled opt-out preference signals, such as the Global Privacy Control. You can learn more about that option here: https://globalprivacycontrol.org/. We do not have actual knowledge that we sell the personal information of anyone under 16 years of age.

 

Limit Use and Disclosure of Sensitive Personal Information: We do not collect sensitive personal information other than as a consumer would reasonably expect. As such, we do not offer a right to limit our use of such information.

How to Exercise CCPA Rights: Questions or requests related to your rights under the CCPA may be addressed to privacy@coalitioninc.com or as further set out below under the “Contact Information” section of this Policy.

PRIVACY NOTICE TO EUROPEAN DATA SUBJECTS

This section of our Policy provides additional information to data subjects in the European Economic Area (EEA), Switzerland and the United Kingdom (collectively, “Europe”), pursuant to applicable European data protection laws and applies only to the extent of any inconsistency with the information above.

  • Data Controller. Coalition, Inc. is the data controller for your personal data in the EEA or Switzerland. Coalition UK is the data controller for your personal data in the United Kingdom. You can find relevant contact information in the “Contact Information” section. Other Coalition entities may process your personal data as a controller from time to time for the purposes described in this Policy.

  • Purposes and Legal Bases for Processing. Your personal data is processed for the purposes described in this Policy (refer to “The Ways Coalition Uses Information” section). Under applicable European data protection laws, we are required to specify the legal basis which allows us to process personal data, which depends on the personal data collected and the specific context in which we collect it. We process personal data from you when:

    • We have your consent to do so;

    • Necessary to perform our contract with you pursuant to our Terms of Use or other relevant contract with you, including:

      • Providing or fulfilling Services to you;

      • Establishing and verifying your identity;

      • Handling and resolving billing transactions;

      • Activating, maintaining and servicing your account or insurance policy;

      • Communicating with you about our Services, including by sending announcements, updates, security alerts, and support and administrative messages;

      • Responding to your questions, inquiries, comments and instructions; and

      • Assisting you and your employer to respond to a cyber-incident.

    • Complying with our legal obligations, including:

      • Complying with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities as permitted by applicable law.

    • Processing for our legitimate business interests including the promotion, delivery and improvement of our services, ensuring network and information security and preventing and detecting crime and fraud, enforcing our terms and pursuing and defending legal claims, including:

      • Enforcing the applicable Terms of Use;

      • Protecting our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims);

      • Facilitating the audit of our internal processes for compliance with legal and contractual requirements and internal policies, enforce the terms and conditions that govern the Services;

      • Developing, operating, maintaining, and enhancing the Services now and in the future;

      • Offering updates, notices, and other information, including marketing and promotional materials related to our products, services, sales, or promotions, or those of our affiliates and business partners we believe will be of interest to you, as further described in the “Communications with Coalition” section, where permissible according to applicable law. (Note: at any time, you may choose to withdraw your consent to Coalition’s use or disclosure of your personal information for marketing and promotional purposes by contacting Coalition at privacy@coalitioninc.com or as further set out below under the “Contact Information” section of this Policy);

      • Tracking and analyzing de-identified data and providing such data to third-parties that provide services to Coalition;

      • Personalizing our Services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you use our Services;

      • Providing customized third party advertisements, content, and information;

      • Monitoring and analyzing the effectiveness of our Services and third party marketing activities;

      • Monitoring aggregate Platform usage metrics such as total number of visitors and pages viewed; and

      • Preventing, identifying, investigating, and deterring fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

If we need to collect and process personal data by law, or under a contract we have entered into with you, and you fail to provide the required personal data when requested, we may not be able to perform our contract with you.

  • Categories of Recipients of Personal Data. We describe the categories of recipients of the personal data in the “The Ways Coalition Discloses Information” section.

  • Transfers of Personal Data. Coalition, Inc. is based in the United States and relies on cloud storage providers that store data on its behalf in the United States. If you are visiting our Platform from outside the United States, please be aware that your information may be transferred to, stored, and/or processed in the United States where our servers are located and our central database is operated for the purposes described in this Policy. The United States may have data protection laws less stringent than or otherwise different from the laws in effect in Europe. We have taken measures to protect the confidentiality and security of your personal information, as outlined in this Policy, and your rights as a data subject. If your personal data is transferred outside of the EEA, Switzerland, or the United Kingdom, we take commercially reasonable efforts to protect such personal data, including, where required, implementing standard contractual clauses approved by the European Commission or relevant United Kingdom or Swiss authorities. For further information, please refer to the “Contact Information” section below.

  • Retention Periods. We retain your information according to the “How Long Coalition Keeps Your Personal Information” section above.

  • Automated Decision-Making. As a part of our Services, we may use automated decision-making (ADM) under limited circumstances, namely the use of machine learning (ML) to assist with reviewing insurance applications. The ML uses the personal data collected as described in Section 3, and the logic involved is based on and replicates our established workflow and process for such requests. The potential results of this ML component may be that your quote is declined at the initial phase or advanced for further assessment. If you have additional questions about your quote results, please refer to the “Contact Information” section below.    

  • Your Rights. If you are a resident of the EEA, Switzerland, or the United Kingdom, you have the right to: (a) request to access the personal data we hold about you; (b) request we correct any inaccurate personal data we hold about you; (c) request we delete any personal data we hold about you (although certain aspects may be retained by us to meet our legal or regulatory compliance, obligations, exercise, establish, or defend claims, and to protect against fraudulent or abusive activity relating to our Services); (d) restrict the processing of personal data we hold about you in certain circumstances; (e) object to the processing of your personal data in certain circumstances, such as if we are using your personal data for direct marketing, for our or a third party’s legitimate interests or the public’s interest, or for scientific or historical research and statistics; and/or (f) receive any personal data we hold about you in a structured and commonly used machine readable format or have such personal data transmitted to another company. Please note that we may ask you to verify your identity before responding to such requests.

If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time, but this will not affect any processing of your personal data that has already taken place nor will it affect processing of your personal data conducted in reliance on a legal basis other than consent.

Your exercise of these rights may be subject to certain exemptions, including to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). 

To exercise any of your rights in connection with your personal data, please contact us privacy@coalitioninc.com or as further set out below under the “Contact Information section. If you have a complaint about how we use your personal data, we hope that you will contact us, and we will promptly address your concern. However, you also have the right to file a complaint to a data protection authority in your country. Contact details for data protection authorities in the EEA are available at https://edpb.europa.eu/about-edpb/board/members_en. Contact details for the data protection authority in the United Kingdom is available at https://ico.org.uk/.

Notice to Canadian Residents

Subject to our use of certain foreign third-party service providers as discussed above, we will keep your personal information in our offices and data centers in Canada and the United States.

We collect, use, and disclose your personal information with your consent or otherwise as permitted or required by applicable  law. We will typically obtain your  consent for the collection, use, or disclosure of your personal information at the time that we collect, and in the case where such information had already been collected for different purposes, prior to using or disclosing it for new purposes, except where permitted or required by law. 

Depending on the circumstances and the type of information required, consent can be express or implied. The form of consent that we seek, including whether it is express or implied, will largely be determined by assessing the sensitivity of the personal information and the reasonable expectations you might have in the circumstances.

You can withdraw or vary your consent at any time as required by applicable law. Where feasible or required by applicable law, we will generally accommodate requests to withdraw or vary consent – subject to legal or contractual restrictions. Withdrawal of your consent may mean that we will no longer be able to provide you with certain products or services. If you wish to withdraw your consent to our collection, use, or disclosure of your personal information, please contact us at privacy@coalitioninc.com or as further set out below under the “Contact Information” section. Please note that if you opt-out from receiving marketing-related emails, we may still need to send you communications about your use of our products or services, or other matters.

For access requests regarding your personal information, we may require that you provide sufficient identification to fulfill your access request regarding your personal information, and any such identifying information will be used only for this purpose. Where required by applicable laws, we will not charge you any fees to access your personal information in our records without first providing you with an estimate of the approximate fees, if any, as permitted. 

We use reasonable efforts to ensure that your personal information is accurate, complete and up to date as necessary for the purposes for which such information was collected by us. If you successfully demonstrate that the personal information we hold is inaccurate or incomplete, we will amend the personal information as required. When appropriate, we will transmit the amended information to any parties to whom we sent the original information. If you object to how we handle your request, you have the right to make a complaint to the applicable privacy commissioner or regulator.

Notification of Policy Changes

We take the trust and privacy of our customers extremely seriously, and do not believe that we will need to change the core principles set forth in this Policy going forward. However, if we are required to modify this Policy, we will provide notice to Users of the Services of any material changes and seek your affirmative consent where required by law. Coalition will post the modified Policy on the Platform along with the effective date of the policy updates, as indicated by the “Last updated” date at the top of this Policy.

Contact Information

We make information about our privacy policies and practices available. If you have any concerns, complaints, or if you would like further information regarding our privacy policies or practices, including with respect to our use of service providers outside of the United States and Canada, please contact our Privacy Team as set out below:

 

Coalition, Inc. 

Attention: Privacy & Compliance  

548 Market St, #94729

San Francisco, CA 94104-5401

Email: privacy@coalitioninc.com

 

If your questions relate to Services purchased from Coalition UK, please contact Coalition UK as set out below:

 

Coalition Risk Solutions, Ltd. 

34-36 Lime Street

London, EC3M 7AT United Kingdom

Our data protection representative in the EEA and the United Kingdom is:

Vanessa Vargas: privacy@coalitioninc.com

If your questions relate to Services purchased from Coalition Australia, please contact Coalition as set out below:

Coalition, Inc. 

Level 16, 80 Collins Street, South Tower

Melbourne VIC 3000

If you are you in Australia and you are not satisfied with our response to your complaint, you can also refer it to the Office of the Australian Information Commissioner (OAIC) or the Australian Financial Complaints Authority (AFCA): OAIC

AFCA

  • Telephoning – 1800 931 678

  • Writing – AFCA Service Complaints, Australian Financial Complaints Authority GPO Box 3, Melbourne VIC 3001.

  • Emailing – info@afca.org.au

  • Online: https://www.afca.org.au/make-a-complaint