This Privacy Notice for California residents (“Notice”) supplements the information contained in our Privacy Policy and applies to all visitors, users and others who reside in the State of California (“consumers” or “you”). We adopted this notice to comply with the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA), and any terms defined in the CCPA and CPRA have the same meaning when used in this Policy.
Information We Collect
We may collect the following categories of personal information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:
• Health or medical information covered by the Health Insurance Portability and Accountability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
• Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm – Leach – Bliley Act (GLBA) or California Financial Information Privacy Act (FPA), and the Driver’s Privacy Protection Act of 1994.
In particular, we may have collected the following categories of personal information from our consumers within the last twelve (12) months:
• Identifiers: Name, email address, phone number, Social Security number and other similar and unique identifiers.
• Personal Information Categories listed in the California Customer Records Statute: Billing address, signature, driver’s license or state identification card, account name, and other records related to your interactions with us. Some personal information included in this category may overlap with other categories.
• Protected classification characteristics: Age (40 years or older), race, color, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, or veteran or military status.
• Biometric Information: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier
• Commercial Information: Information about your purchase history, records of personal property, insurance policies and policyholder information, claims data, underwriting details, regulatory compliance information and other commercial transaction information.
• Internet or Other Similar Network Activity: Browsing history, IP address, and interactions with our website and online services.
• Geolocation Data: Precise geographical location of an individual or device,
• Professional or Employment Information: Current or past job history details and other employment-related information.
• Sensory Data: Audio, electronic, visual, thermal, olfactory, or similar information.
• Inferences drawn from other Personal Information: Profile reflecting a person’s preferences, characteristics, intelligence, predispositions and behavior.
• Sensitive Data as defined under the California Privacy Rights Act when used to infer characteristics of an individual.
How Do We Gather Your Data?
In the last twelve (12) months, we may have obtained personal data from the following sources:
· Directly from you. For example, from forms you complete or products and services you purchase.
· Indirectly from you. For example, from visiting our website.
· Your employer, association, or business (if you are insured through them).
· Our affiliates about your transactions with them.
· Consumer reporting agencies, Motor Vehicle Departments, and inspection services, to gather your credit history, driving record, claims history, or value and condition of your property.
· Other public directories and sources
· Third parties, including other insurers, agents and brokers and insurance support organizations who you have communicated with about your policy or claim, anti-fraud databases, sanctions lists, court judgments and other databases, government agencies, open electoral register, or in the event of a claim, third parties including other parties to the claim witnesses, experts, loss adjusters and claim handlers.
Purpose for Collecting Personal Information
| We collect personal and business information: | Purpose |
|---|---|
| To provide and manage our services | We use personal information to deliver, administer, and enhance our insurance products and services. |
| To communicate with you | Personal information is used to respond to inquiries, send notifications, and provide customer support. |
| To process transactions | We collect personal information to facilitate policy issuance, premium payments, and claims settlements. |
| To improve our website and services | Personal information helps us analyze usage patterns and improve user experience. |
| To comply with legal obligations | We collect and retain personal business information to meet regulatory requirements and respond to legal processes. |
| For marketing and promotional purposes (with your consent): | Personal and information may be used to send promotional materials and offers, subject to your preferences. |
| For underwriting and risk assessment | We use personal information to evaluate risks and determine policy terms and pricing. |
| For claims processing and management | Personal information is essential for investigating, processing, and resolving insurance claims. |
| For regulatory compliance and reporting | We collect and maintain personal information to ensure compliance with applicable laws and regulations. |
Disclosing Personal Information
We may disclose your personal information with third parties for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract.
In the preceding twelve (12) months, we may have disclosed personal information for a business purpose to the following categories of third parties:
· Service Providers
These are third-party vendors that perform business functions on our behalf, such as payment processors, IT support, marketing agencies, logistics providers, and customer service platforms. These entities are contractually bound to use your personal information solely for the services they provide to us and are prohibited from using it for their own purposes.
· Joint Marketing
We may collaborate on joint marketing where there is a formal agreement between nonaffiliated financial companies that together market financial products or services to you. Our joint marketing partners may include agents and brokers. In such cases, we may share your personal information to facilitate these offerings. These partners are expected to handle your information in accordance with applicable privacy laws and only for the agreed-upon purposes.
· Legal Authorities and Regulatory Bodies
We may disclose your personal information when required to do so by law, regulation, legal process, or governmental request. This includes responding to subpoenas, court orders, or other legal obligations, or to protect our rights, property, or safety, or that of others.
How Do We Keep Your Personal Data Safe?
We maintain physical, electronic, and procedural safeguards to protect your non-public personal information. These safeguards comply with applicable laws. Our employees and agents are authorized to access your data only for legitimate business purposes.
Retention of Personal Information
We retain your information in accordance with our legal obligations, our records retention policies, or as otherwise permitted by law. For example, we may have a legal obligation to retain information relating to your policies or claims with us. We will delete your data once the legal obligation expires or after the period of time specified in our records retention policies. The period of retention is subject to our review and alteration.
Sharing or Selling Personal Information:
In the preceding twelve (12) months, we have not knowingly sold personal information of customers as defined by California law. Under the CPRA, a “sale” involves the exchange of personal information for monetary or other valuable consideration. We do not engage in such practices.
We do not share your personal information for cross-context behavioral advertising unless explicitly stated. If we engage in such sharing, we will provide clear notice and offer you the right to opt out. Please refer below on how to opt out under How to Exercise Your Rights.
Your Rights Under the CPRA
If you are a California resident, the California Privacy Rights Act (CPRA) grants you specific rights regarding your personal information. These rights are designed to give you greater transparency and control over how your data is collected, used, and shared by businesses.
As a California resident, you have the right to:
• Know What Personal Information We Collect and How We Use It
You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you covering the 12 months preceding your request, the sources from which it was collected, the business or commercial purposes for collecting it, and the categories of third parties with whom we share it.
• Request Access to Your Personal Information
You may request a copy of the personal information we have collected about you in a readily usable format that allows you to transmit the information to another entity.
• Request Deletion of Your Personal Information
You have the right to request that we delete any of your personal information that we have collected from you, subject to certain exceptions as permitted by applicable law (such as when the information is necessary to complete a transaction or to comply with our legal and regulatory obligations and to detect security incidents or other fraudulent or illegal activity).
• Correct Inaccurate Personal Information
If you believe that any personal information, we maintain about you is inaccurate, you have the right to request that we correct it.
• Limit the Use and Disclosure of Sensitive Personal Information
You may direct us to limit the use of your sensitive personal information (such as your Social Security number, financial account information, or precise geolocation) to only what is necessary to perform the services or provide the goods you requested.
• Opt-Out of the Sale or Sharing of Personal Information
If applicable, you have the right to opt out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertising.
• Non-Discrimination
You have the right not to receive discriminatory treatment for exercising any of your CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level or quality of service for exercising your rights.
How to Exercise Your Rights
If you are a California resident and would like to exercise your rights under the CPRA, you may make a request described above yourself, or you may have an authorized agent submit a request on your behalf. To submit a request, please contact us through one of the following methods:
[Do Not Sell Or Share My Data Opt-Out] link (Coming Soon)
Email: COMPLIANCE@CORESPECIALTY.COM with the word “remove” in the subject line.
Phone: 844-722-7827
Postal Address:
ATTN: Privacy OfficerWhen making a request, you will need to provide certain identifying information, such as your name, and email address to allow us to verify the request and locate your information. If an authorized agent submits a request on your behalf, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. We may need to verify your identity before responding to any request.
Response Timing and Format
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please email us at COMPLIANCE@CORESPECIALTY.COM.
We will endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and the extension period in writing. Any disclosures we provide will only cover the preceding 12-month period of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We may deliver the personal information to you electronically or by mail at your option.
We do not charge a fee to process or response to your verifiable consumer request unless it is excessive or repetitive. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Right to Limit the Use and Disclosure of Sensitive Personal Information
Under the California Privacy Rights Act (CPRA), California residents have the right to limit the use and disclosure of their sensitive personal information. This includes data such as:
• Social Security numbersWe may collect and use sensitive personal information to provide you with products or services, detect security incidents, or comply with legal obligations. However, you have the right to request that we limit our use of this information to only what is necessary to deliver those services. To do so, see How to Exercise Your Rights section.
Other Important Notices:
Children’s Privacy
We do not direct our services to individuals under the age of 13. We do not knowingly collect personal information online from any person we know to be under the age of 13. If we discover that a person under the age of 13 has provided us with information, we will delete such information from our systems. If you believe we have impermissibly collected personal information from someone under the age of 13, please contact us using the information above.
Changes to our Privacy Notice
We reserve the right to update our Privacy Notice at any time to reflect changes in our practices, legal requirements, or for other operational reasons. The updated version of our Privacy Notice will be effective as of the date it is posted on our website. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.
Accessibility Statement:
If you have a disability and need access to this notice in an alternative format, please contact us at the email or phone number provided above.
Revised August 2025
StarStone Specialty Insurance Company
Property and casualty, excess and surplus lines insurer.
American Surety Company
Lancer Insurance Company
Lancer Insurance Company of New Jersey
StarStone National Insurance Company
Property and casualty, admitted markets insurers.
Standard Life and Accident Insurance Company
Life, Accident, and Health insurer.
