Privacy Policy

EFFECTIVE DATE: May 22, 2018

LAST UPDATE: November 2022

Do you want to view this page in Spanish? Click here.

Welcome! BOXX Insurance Inc. are a leading specialist insurer and cyber services provider that targets specific types of insurance in which we develop expertise, often focusing on areas other insurers find too complex to insure. BOXX Insurance Inc. and its affiliates are collectively referred to in this privacy statement as “BOXX”, “we”, “us” or “our”.

​We wrote this privacy statement to help you understand what information we collect, how we use it, what choices you have and other important information. Although some of the concepts below are a bit technical, we tried our best to explain things in a straightforward and transparent way.

This Policy applies to all of our customers across the world. Some customers, including residents of the European Economic Area, may have additional rights depending on where they are located, which are described in this Notice.

SCOPE OF OUR PRIVACY STATEMENT

When This Privacy Statement Applies

This privacy statement applies to information collected through boxxinsurance.com and any other websites, mobile apps or other online products and services that display or link to this privacy statement (collectively, “online environments”).

When This Privacy Statement Does Not Apply

This privacy statement does not apply to:

  • Websites, mobile apps or other products and services that have their own privacy statement or policy;
  • Websites, mobile apps or other products and services that do not display or link to this privacy statement;
  • Information submitted to us on applications and forms available for download on our online environments; and
  • Information collected offline.

If you have any questions as to whether this privacy statement applies to you, please do not hesitate to contact us using the information provided in the “Contact Us” section at the end of this privacy statement.

Information We Collect

We collect information in a few different ways: (i) information you submit or give us permission to obtain; (ii) technical information collected automatically; and (iii) information provided by our partners. Each of these ways is discussed below.

Information You Submit Or Give Us Permission to Obtain

We collect information from you when you choose to provide it to us through our online environments. For example, if you:

  • Request a quote or create an account to save quotes, you may provide us with your name, postal address, email address, telephone number, business name and information, existing or past insurance coverage, and other information relevant to your request;​​
  • Manage or request changes to your policy, you may provide us with your name, policy number, email address, phone number, the change requested, and any additional information your provide;
  • Request support or submit an inquiry, you may provide us with information such as your name, contact information, the subject of your inquiry, message content and any other information you choose to provide;
  • Sign up to receive information about our products and services, you may provide us with information such as your name, contact information, the product or service you are interested in and any other information you choose to provide; or
  • Respond to surveys, you may provide us with your survey responses, contact information and any other information required to complete the survey. We also collect information from you when you give us permission to access it. For example, if you access our online environments through your desktop, tablet or mobile device browser, you may give us access to location data.

Technical Information Collected Automatically

We may collect certain technical information about your visits to our online environments without you actively submitting such information. This information can make your use of our online environments easier and more meaningful by allowing us to provide better service, customize our online environments based on your preferences, compile statistics, provide you with more relevant advertisements, analyze trends and otherwise administer and improve our online environments. As discussed in the “HOW BOXX AND OUR PARTNERS USE COOKIES FOR ADVERTISING” section below, such information may also be collected by our advertising vendors and other partners.

Some of the types of technical information collected automatically when visiting our online environments include:

  • Log Data. When you use our online environments, our servers automatically record information (“log data”), including information that your browser or mobile device sends whenever you visit or use our online environments. This log data may include your Internet Protocol address, the address of the web pages you visited that had Boxx features, browser type and settings, the date and time of your request, how you used our online environments and cookie data;
  • Cookie Data. Depending on how you are accessing our online environments, we may use “cookies” (a small text file sent by your device each time you visit our websites, unique to your BOXX account or your browser) or similar technologies to record log data. When we use cookies, we may use “session” cookies (that last until you close your browser) or “persistent” cookies (that last until you or your browser delete them). For example, we may use cookies to remember your personal preferences, such as sections of our online environments that you visit frequently, your user ID or other settings so you don’t have to set them up every time you visit our online environments. Some of the cookies we use may be associated with your BOXX account (including information about you, such as the email address you gave us), and other cookies are not. Please see the “HOW BOXX AND OUR PARTNERS USE COOKIES FOR ADVERTISING” section below for more information; and​​
  • Device Information. In addition to log data, we may also collect information about the device you are using to access our online environments, including what type of device it is, what operating system you are using, device settings, unique device identifiers and crash data. Whether we collect some or all of this information often depends on what type of device you are using and its settings. For example, different types of information are available depending on whether you are using a Mac or a PC, or an iPhone or an Android phone. To learn more about what information your device makes available to us, please also check the policies of your device manufacturer or software provider.

Information Provided By Our Partners

Our advertising vendors and other partners may share with us the information they collect. For example:

  • Our advertising vendors may share information with us regarding our ads on websites or apps where such ads run to measure and improve those ads, including a list of criteria to use in targeting ads;
  • We may obtain information such as business name, business owners, address, email address and telephone numbers from other commercially available sources such as data aggregators, marketing list providers, and other public databases, to provide us with information on prospects who might be interested in BOXX products and services.
  • We may also obtain additional information about our existing customers (this is known as “data appending”). This information may include name, demographic information, contact information, interests, and publicly-observed data, such as from social media and shopping behavior; and
  • We may receive information about customers when we acquire part or all of other companies.

We may also combine the information we collect through one or more of our online environments with information we collect through other online environments. We may also combine information collected through our online environments with information collected through our offline environments, as well as with information provided by our partners. We use this consolidated information to help us improve our online environments, products and services, communicate information to you, enhance our marketing and research activities and engage in any other uses described in the “HOW WE USE THE INFORMATION WE COLLECT” section below.

​​How We Use The Information We Collect

We use the information we collect to provide our products and services to you, improve our products and services, develop new products and services and protect ourselves and our customers.

If you request a quote from us, the information we collect will be used to generate the quote, allow you to create an account to save quotes, and provide you with information about other relevant products and services.

If you manage or request changes to your policy, the information we collect will be used to update your policy and provide you with information about other relevant products and services;

If you make a purchase through our online environments and authorize us to use your credit or debit card information, we will use this information to charge you as authorized. In these situations, we may also save your payment information and contact information so that you can use them the next time you want to order something from us.

If you register or open an account with us, the information we collect may be used to maintain your account, provide you with access to some features of our online environments or offer you the benefits and privileges that typically come along with account registration.

We also use the information we collect for other legitimate business purposes, such as to:

  • Send you advertisements, notices and other information regarding our products and services, including notifying you about special promotions;
  • Respond to your inquiries or support requests;
  • Invite you to participate in surveys regarding our products or services;
  • Furnish and maintain our online environments; and
  • Secure our networks and online environments.

We may also use the information we collect to offer you customized content, including to:

  • Recognize new or past visitors to our online environments;
  • Remember your personal preferences;
  • Show you more relevant and meaningful advertisements;
  • Better understand the interests of our customers and visitors to our online environments; and
  • Conduct research and analyze the use of our online environments, products, services and advertisements.

Some of our applications and mobile-optimized online environments may have location-based features. To deliver these features, we may access and use location data provided by your mobile device if you give us permission. For example, we may offer features that allow you to find the nearest broker. Location information will be collected solely to deliver the requested feature, and it will not be further retained or stored by us.

Finally, in certain limited circumstances, we may be called upon to release the information we collect in response to a court order, subpoena, search warrant, law or regulation. We plan to cooperate in responding to such requests, taking appropriate measures to ensure that the requester understands the potentially-sensitive nature of the information they may receive. We also reserve the right to cooperate with law enforcement authorities in investigating and prosecuting customers who violate our rules or engage in behavior that is illegal or harmful to others or their property.​

How BOXX Insurance And Our Partners Use Cookies For Advertising

We use common tools, such as cookies and similar technologies (discussed in the “TECHNICAL INFORMATION COLLECTED AUTOMATICALLY” section above), to collect information about your use of our online environments for purposes of enhancing your online experience and delivering more meaningful advertisements. Like many companies, we may also utilize third party advertising vendors and other partners to collect this information.

One way in which we deliver more meaningful advertisements is through a common form of online advertising known as “retargeting” or “remarketing.” Retargeting works by serving ads on one site based on consumer’s online activities on a different site. For example, if you visit pages on our online environments, you may later see advertisements for BOXX products and services when you visit third party websites. To do this, BOXX or our advertising vendors may use a device ID, cookie or similar technology placed by us or the advertising vendor when you visit our online environments or third party websites or apps. The placing of these cookies or other technologies on your device may enable you to be identified across multiple websites and you should consult the privacy policies of our advertising vendors to understand how they collect and use your data.

Your ability to control the use of tracking tools, such as cookies, and opt-out of retargeting activities is described in the “CHOICES YOU HAVE ABOUT YOUR INFORMATION” section below.​

When We Share Your Information & Our Relationship To Third Parties

We may use third parties to perform a variety of functions on our behalf. We may also use third parties to analyze data collected through our online environments. We will not disclose your personally identifying information to anyone other than our employees and those third parties with whom we have a business relationship. If we allow a third party vendor to have access to your personally identifying information, we will not authorize them to take it or use it for any purpose that is not consistent with this privacy statement.

We will not sell or disclose any personally identifying information collected from you to an unrelated third party without your express permission, except as explained in this privacy statement.

  • Cookies and Similar Technologies. As discussed above, we may partner with third party advertising vendors to manage our advertising on other websites and apps. Our advertising vendors may use a device ID, cookie or similar technology to collect information about your activities on our online environments to provide you retargeted ads on other websites and apps. Please note that opting out of receiving retargeted ads will not prevent you from being served advertisements generally.
  • Vendors and Suppliers. We have relationships with different vendors and suppliers who help us design and maintain our online environments, systems and computer security, respond to consumer inquiries, fulfill orders, analyze our data, create special promotions and engage in any other information uses described in this privacy statement.​
  • Legal Requests and Preventing Harm. If we believe that disclosure of information is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or BOXX; or to detect, prevent, or otherwise address fraud, security or technical issues.​​
  • Change of Ownership or Control. We may engage in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding that involves the transfer of the information described in this privacy statement.

Other Important Information About Our Relationship With Third Parties

  • Links to Other Sites. We may also feature links to websites that we believe you might find useful and informative. Please be aware, however, that we do not endorse or recommend these sites’ content, products or services, and we are not responsible for the privacy practices of these other sites. We encourage you to be aware of and read the privacy policy or statement of each site you visit. Remember, this privacy statement applies solely to information collected or used by BOXX Insurance.
  • Social Media Plugins. Our online environments may use social media plugins (for example, the Facebook, Twitter or LinkedIn buttons) to enable you to visit pages on these social media sites or to easily share information with others. When you visit our online environments, the operator of the social plugin can place a cookie on your device, enabling that operator to recognize individuals who have previously visited our online environments. If you are logged into the social media website (for example, Facebook, Twitter, Google+) while browsing on our online environments, the social plugins allow that social media website to receive information that you have visited our online environments. We do not control any of the content from the social media plugins. For more information about social plugins from other social media websites you should refer to those sites’ privacy and data sharing statements.

Choices You Have About Your Information

You may always limit the amount and type of information that we collect from you by choosing not to enter or provide any information requested from you on our online environments (for example, quotes and support requests can be made through our call center agents). However, some of our products and services can only be provided to you if you provide us with requested information. Some of the products and services offered through our online environments may ask whether you wish to opt out or opt into our contact lists for offers, promotions and additional products and services that may be of interest to you.

You can opt out of marketing emails we may send to you by following the “unsubscribe” instructions provided in such emails. If you opt out of our marketing emails, we may still send you transactional and relationship emails, such as emails about your orders and account.

You may also be provided with preference questions or preference boxes allowing you to indicate that you do not want our online environments to use tracking technologies, such as cookies, to “remember” the information collected on return visits, such as user IDs or mailing addresses. In addition, you may be able to control the use of tracking tools and limit retargeting activities as follows:

  • Controlling Tracking Tools. Most web browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways.
  • Opting-Out of Retargeting Activities. The Self-Regulatory Program for Online Behavioral Advertising program provides customers with the ability to opt-out of having their online behavior recorded and used for advertising purposes. Choices you make are both browser and device-specific. Also, certain versions of the iOS operating system permit you to “Limit Ad Tracking” in the system settings, and certain versions of the Android operating system allow you to “Opt out of Interest-Based Ads” in the system settings.

Do-Not-Track Signals and Similar Mechanisms

Some web browsers may transmit “do-not-track” signals to websites with which the browser communicates. As of the Effective Date of this privacy statement, an industry standard has not yet been established on how to respond to these signals. Therefore, we do not currently respond to these signals, but we may reassess our response approach once a standard is established.

How We Secure Your Information

We have instituted physical, technical and procedural safeguards to store and maintain information we collect in a secure environment. For example, when any confidential information is transmitted over public infrastructure it is encrypted. You may also be required to use a password to access certain pages on our online environments where certain types of your information can be changed or deleted. It is therefore important for you to protect against unauthorized access to your password and to your device. You take full responsibility for maintaining the complexity and confidentiality of your password. While we have implemented safeguards, you should be aware that Internet security technology rapidly changes. We cannot guarantee that the safeguards we employ today can protect your information from the threats of tomorrow. You should also be aware that despite our efforts, factors beyond our control may result in disclosure of information. Accordingly, we are not in a position to guarantee that your information will be secure under all circumstances.

Our Policy On Children’s Information

We do not knowingly collect or use any information from children (we define “children” as minors younger than 13) on our online environments. We do not knowingly allow children to order our products or services, communicate with us or use any of our online environments. If you are a parent and become aware that your child has provided us with information, please contact us using one of the methods specified below, and we will work with you to address this issue.​

International Data Transfer

BOXX operates globally. Consequently, some of our affiliates, subcontractors, distributors, and partners are located in multiple countries, including outside the European Economic Area to ensure the global reach and availability of our services. Depending on the scope of your interactions with BOXX, your personal information will only be stored in the region where it is collected. No other copies of personal data would be stored in other regions.

If a personal data transfer was found to be required, we only do so for a good reason and after assessing the resulting privacy risk. In the rare case that data would be transferred to another region we would first attempt to appropriately de-personalize the private data prior to transmission. In any case regardless if de-personalisation is possible we transfer personal / de-personalised data to other jurisdictions, including outside the European Economic Area, we secure such transfers of data according to the requirements of the law. We do this by imposing appropriate technical and contractual safeguards on relevant subcontractors and BOXX group companies, for example by using data transfer clauses that are approved by the European Union — the fixed content of such clauses is available here..

We store more sensitive customer data within each regional jurisdiction and keep it under our own control.

Residents of the European Economic Area and the United Kingdom

If you are in the European Economic (EEA) or the United Kingdom (UK), the following additional disclosures apply.

Data Controller
Where you purchase one of our consumer products, BOXX Insurance Inc. acts as the Controller of your Personal Data.

Legal Basis for Processing
When we process your Personal Data, we will only do so in the following situations:

  • We need to use your Personal Data to perform our responsibilities under our contract with you (e.g. processing payments for and providing the Services you purchase or request).
  • We have a legitimate interest in processing your Personal Data. For example, we have a legitimate interest in processing your Personal Data to provide, secure, and improve our Services, in communicating with you about changes to our Services, and in informing you about new services or products.
  • We have your consent to do so.
  • We need to process your Personal Data to comply with our legal obligations.

Consent
If you initially consented to our processing of your Personal Data, you may withdraw your consent by contacting us using the contact information below.

Contact Us

If you have any questions or comments about this privacy statement or the ways in which BOXX uses the information we collect, please do not hesitate to contact us using the following contact methods:

If you’re based in the EU/EEA and wish to contact us via our Data Protection Representative, DataRep, you may do so by:

  • Emailing datarequest@datarep.com quoting <BOXX Insurance, Inc.> in the subject line,
  • contacting DataRep using its online webform at www.datarep.com/data-request, or
  • mailing your inquiry to:
    • DataRep,
      Calle de Manzanares 4,
      Madrid, 28005, Spain
  • PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for ‘DataRep’ and not ‘BOXX Insurance, Inc.’, and within your correspondence refer to BOXX Insurance, Inc. On receiving your correspondence, BOXX Insurance, Inc. is likely to request evidence of your identity, to ensure your personal data and information connected with it is not provided to anyone other than you.


Changes To This Privacy Statement

We reserve the right to amend this privacy statement without prior notice to reflect technological advancements, legal and regulatory changes and good business practices. If we change our privacy practices, a new privacy statement will reflect those changes and the effective date of the revised privacy statement will be set forth at the top of this privacy statement.

 


 

PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

This Privacy Notice for California Residents supplements the information contained in the Company’s general Privacy Notice and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Notice.

Categories of Personal Information Collected & Disclosed

The following identifies the categories of Personal Information we may collect about you (and may have collected in the prior 12 months). Note that our collection, use and disclosure of Personal Information about you will vary depending upon the circumstances and nature of our interactions or relationship with you. Depending on how you use our Services, we may collect the following categories of Personal Information:

  • Identifiers, such as real name, alias, job title, address, email address, date of birth, policy number, salary information, social security number, driver’s license number, other government identifiers, credit card number, and tax ID.
  • Online Identifiers, such as unique personal identifiers, device IDs, ad IDs, IP addresses, and cookie data.
  • Customer or Claimant Records, such as paper or electronic customer or claimant records containing Personal Information, as well as information provided by an insurance broker/agent or reinsurer for underwriting purposes and information included in a list of claims, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, payment card number, gender, height, weight, medical information (including reports and medical bills), health insurance information, details about home address, security and travel plan arrangements, records of personal property, products or services purchased or obtained.
  • Financial Information, such as your bank account or credit card number and other payment details.
  • Characteristics of Protected Classifications under California Law, such as age (40 years or older), race, national ancestry, national origin, citizenship, religion or creed, marital status, pregnancy, medical condition, physical or mental disability, sex, sexual orientation, and veteran or military status.
  • Usage Data, such as Internet or other electronic network activity information regarding a California resident’s interaction with portals, Internet websites, applications, or advertisements, including, but not limited to, browsing history, clickstream data, search history and content of public posts.
  • Biometric Information, such as individual biological or behavioral characteristics including measurements of physical characteristics such as height, weight and blood pressure, sleep, health, or exercise data that contain identifying information.
  • Education Information, such as education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes and student disciplinary records.
  • Geolocation Data, such as physical location or movements.
  • Audio, Video and Other Electronic Data, such as audio information including call recordings, video and photographs, recorded meetings and webinars, and CCTV footage to secure our offices and premises.
  • Professional or Employment-Related Information, such as employment history, qualifications, licensing, and disciplinary record.
  • Inferences and Preferences, such as inferences drawn from any of the information described in this section about a consumer including inferences reflecting the consumer’s preferences, characteristics, behavior and abilities.
  • Sensitive Personal Information, such as social security number, driver’s license number, racial or ethnic origin, religious or philosophical beliefs, medical condition, and physical or mental disability.

Sources of Personal Information

We generally collect Personal Information from the following categories of sources:

  • Directly from you and automatically;
  • Our affiliates and subsidiaries;
  • Brokers and agents;
  • Corporate policyholders; and
  • Our vendors and service providers (e.g., third party administrators).

Purposes for Collecting and Disclosing Personal Information

In general, we collect and otherwise process the personal information we collect for the following business or commercial purposes:

  • Operate our business;
  • Provide you products and services;
  • Communicate with you;
  • Evaluate and improve our products and services;
  • Analytics models to support our business;
  • Marketing and advertising;
  • Inferences;
  • Find locations on request;
  • Fraud and security purposes;
  • Legal requirements;
  • Business transfers; and
  • Other operational and business purposes.

Sensitive Personal Information

Notwithstanding the purposes described above, we do not collect, use, or disclose “sensitive personal information” beyond the purposes authorized by the CCPA. Accordingly, we only use and disclose sensitive personal information as reasonably necessary and proportionate: (i) to perform our services requested by you; (ii) to help ensure security and integrity, including to prevent, detect, and investigate security incidents; (iii) to detect, prevent and respond to malicious, fraudulent, deceptive, or illegal conduct; (iv) to verify or maintain the quality and safety of our services; (v) for compliance with our legal obligations; (vi) to our service providers who perform services on our behalf; and (vii) for purposes other than inferring characteristics about you.

Retention of Personal Information

We retain the Personal Information we collect only as reasonably necessary for the purposes described in this Privacy Policy or otherwise disclosed to you at the time of collection. For example, we will retain certain identifiers for as long as it is necessary to comply with our tax, accounting and recordkeeping obligations, to administer certain policies and coverage, and for research, development and safety purposes, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, and to comply with our legal obligations. From time to time, we may also deidentify your Personal Information, retain it and use it for a business purpose in compliance with CCPA.

Disclosure of Personal Information to Third Parties and Other Recipients

The categories of Personal Information we have disclosed for a business purpose in the preceding twelve (12) months include: identifiers, online identifiers, customer records, financial information, characteristics of protected classifications, usage data, biometric information, education information, geolocation data, audio, video, and other electronic data, professional or employment-related information, inferences, and sensitive personal information.

The categories of third parties and other recipients to whom we may disclose personal information for a business purpose may include:

  • Affiliates, subsidiaries, and business partners;
  • Vendors and service providers;
  • Acquirers of business assets;
  • Advisors, auditors, consultants, and representatives;
  • Agents and brokers;
  • Reinsurers;
  • Regulators, government entities, and law enforcement;
  • Operating systems and platforms; and
  • Others as required by law.

Additionally, the CCPA defines “sale” as disclosing or making available personal information to a third-party in exchange for monetary or other valuable consideration, and “sharing” includes disclosing or making available personal information to a third-party for purposes of cross-contextual behavioral advertising. While we do not “sell” Personal Information, we may “share” the following categories of Personal Information: online identifiers, and usage data. We disclose this information to third-party advertising networks, analytics providers, and social networks for purposes of marketing and advertising. We do not sell or share “sensitive personal information,” nor do we sell or share any Personal Information about individuals who we know are under sixteen (16) years old.

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained. If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.


Exercising Access, Data Portability, and Deletion Rights

Email us at privacy@boxxinsurance.com

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:
    – Proof of identity.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

For instructions on exercising sale opt-out rights, see Personal Information Sales Opt-Out and Opt-In Rights.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Personal Information Sales Opt-Out and Opt-In Rights

We do not sell personal information.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this notice, the ways in which BOXX Insurance collects and uses your information described here, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Email: privacy@boxxinsurance.com

Postal Address:
BOXX Insurance
801 Brickell Ave, Suite 800
Miami, FL 33131