Menu
Menu

Privacy Policy

INTRODUCTION

Insurance Systems Inc. and our affiliates and subsidiaries (”Company,” “ISI” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy.

This policy describes how we collect, use, disclose, and protect the personal information of our Canadian and U.S.-based customers and website users (”you”), describes the types of information we may collect from you or that you may provide when you visit the website www.insurancesystems.com (our “Website”), and our practices for collecting, using, maintaining, protecting, and disclosing that information.

We will only use your personal information in accordance with this policy unless otherwise required by applicable law. We take steps to ensure that the personal information that we collect about you is adequate, relevant, not excessive, and used for limited purposes.

Privacy laws vary in their definition of personal information, but generally define “personal information” as any information about an identifiable individual or a household, which includes information that can be used on its own or with other information to identify, contact, or locate a single person. In Canada, personal information does not include business contact information, including your name, title, or business contact information.

This policy applies to personal information we collect, use, or disclose about our customers and Website users:

  • On this Website.
  • In email, text, and other electronic messages between you and this Website.

It does not apply to personal information collected by:

  • Us offline or through any other means, including on any other website operated by us or any third party (including our affiliates and subsidiaries) that does not link to this policy; or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or through our Website.

We may provide additional or different privacy policies that are specific to certain features, services, or activities.

The Website may include links to third-party websites, plug-ins, services, social networks, or applications. Clicking on those links or enabling those connections may allow the third party to collect or share data about you. If you follow a link to a third-party website or engage a third-party plugin, please note that these third parties have their own privacy policies and we do not accept any responsibility or liability for these policies. We do not control these third-party websites, and we encourage you to read the privacy policy of every website you visit.

Please read this policy carefully to understand our policies and practices for collecting, processing, and storing your information. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you indicate that you understand, accept, and consent to the practices described in this policy. This policy may change from time to time (see section Changes to Our Privacy Policy). Your continued use of this Website after we make changes indicates that you accept and consent to those changes, so please check the policy periodically for updates.

INFORMATION WE COLLECT ABOUT YOU

We collect and use several types of information from and about you, including:

  • Personal information, that we can reasonably use to directly or indirectly identify you, such as your name, mailing address, e-mail address, telephone number, Internet protocol (IP) address used to connect your computer to the Internet, user name or other similar identifier, and any other identifier we may use to contact you online or offline (”personal information”).
  • We provide an opportunity for any user to unsubscribe from our collection or opt-out on an ongoing basis by using the unsubscribe mechanism at the bottom of our e-mails.
  • Non-personal information that does not directly or indirectly reveal your identity or directly relate to an identified individual, demographic information, or statistical or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal information. For example, we may aggregate personal information to calculate the percentage of users accessing a specific Website feature.
  • Technical information, including your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, or information about your internet connection, the equipment you use to access our Website, and usage details.
  • Non-personal details about your Website interactions, including the full Uniform Resource Locators (URLs), clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, or any phone number used to call our customer service number.

HOW WE COLLECT INFORMATION ABOUT YOU

We use different methods to collect your information, including through:

  • Direct interactions with you when you provide it to us, for example, by filling in forms or corresponding with us by phone, email, or otherwise. Information You Provide to Us

The information we collect directly from you on or through our Website may include:

  • Information that you provide by filling in forms on our Website. This includes information provided at the time of registering for a demonstration or requesting further services. We may also ask you for information when you report a problem with our Website.
  • Records and copies of your correspondence (including email addresses), if you contact us.

HOW WE USE YOUR INFORMATION

We use information that we collect about you or that you provide to us, including any personal information:

  • To present our Website and its contents to you.
  • To provide you with information, products, or services that you request from us.
  • To fulfill the purposes for which you provided the information or that were described when it was collected, or any other purpose for which you provide it.
  • To carry out our obligations and enforce our rights arising from any contracts with you, including for billing and collection or to comply with legal requirements.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.

We may also use your information to contact you about our own goods and services that may be of interest to you, as permitted by law. If you do not want us to use your information in this way, please use the unsubscribe mechanism at the bottom of our e-mails.

Marketing (Canadian Residents)

This section explains how we send electronic marketing—such as promotional emails, SMS/text alerts, in-app messages, and other commercial electronic messages (“CEMs”)—to individuals in Canada, including residents of Ontario. We comply with Canada’s Anti-Spam Legislation (“CASL”) and related regulations, as well as applicable Ontario consumer-protection requirements for electronic (internet) agreements when marketing leads to a consumer contract.

We only send CEMs when we have a valid form of express or implied consent under CASL, or when a statutory exemption applies. Express consent means you took a proactive step—such as checking an unchecked box, signing up through a web form, or verbally saying “yes”—to receive marketing from us. Express consent does not expire until withdrawn. Implied consent may arise in limited situations (e.g., we have an existing business relationship with you, i.e. you have purchased our services less than 2 years before the message was sent; you have inquired about or applied for our services within the 6 month period immediately before the message was sent; or you have made a conspicuous publication of your business email address and our messages relate to your role) and is time-limited.

Every marketing message we send includes:

  • Our business name (and, if different, the name we do business under) and, where applicable, the name of any party on whose behalf the message is sent.
  • Valid contact information (mailing address plus one of: phone number, email address, or web address) that will remain valid for at least 60 days after the message is sent.
  • A clear, prominent unsubscribe mechanism that is free, simple, and can be readily performed (e.g., one-click link in email; reply “STOP” by SMS).

You can opt out of marketing at any time by using the unsubscribe instructions included in each CEM, or by contacting us at info@insurancesystems.com We process unsubscribe requests without delay and no later than 10 business days after we receive them, and at no cost to you. Our unsubscribe tools allow you to stop all marketing or (where offered) choose specific categories (e.g., newsletters vs. event invites).

We maintain records of the consents on which we rely (who, when, manner obtained, scope) and of unsubscribe actions so we can demonstrate compliance. We also periodically refresh consent where required or where implied consent is nearing expiry (e.g., 2-year purchase window; 6-month inquiry window).

We may use third-party service providers (email delivery platforms, analytics or advertising partners) to send CEMs or measure their effectiveness. Where a provider acts only on our behalf and pursuant to our instructions, sharing customer information with that provider is treated as a “use” rather than a “disclosure” for PIPEDA purposes; however, if a provider uses the information for its own purposes (e.g., building advertising profiles), that sharing becomes a “disclosure” that generally requires additional consent. We contractually require service providers to protect personal information and to process it only as permitted.

If we engage in targeted, interest-based, or cross-channel advertising that uses your personal information or inferred interests (for example, matching customer lists with a social media platform or using offline purchase data to measure online ad conversions), we will: (a) clearly explain the practice at or before the time data is collected (“just-in-time” notice where feasible); (b) identify the categories of information involved and the third parties receiving it; (c) obtain the form of consent appropriate to the sensitivity of the data and your reasonable expectations (often express/opt-in if outside expectations); and (d) provide an easy way to opt out of such targeted uses.

Ontario Residents

Where our electronic marketing links directly to an online purchase or subscription by an Ontario consumer and the total potential obligation exceeds $50 CAD (excluding cost of borrowing), Ontario’s Consumer Protection Act rules for “internet agreements” require that key contract information be disclosed clearly and prominently before the consumer accepts, that the consumer has an express opportunity to accept/decline and correct errors, and that a copy of the agreement be delivered in a retainable format (e.g., email PDF) within 15 days. Failure to meet these requirements gives the consumer statutory cancellation rights (7-day or 30-day windows depending on the deficiency).

Ontario consumer-protection modernization efforts emphasize plain-language disclosures and restrictions on deceptive interface designs (“dark patterns”) that could mislead or coerce consumers in the digital marketplace. We are committed to presenting marketing offers, pricing, and consent choices in clear, comprehensible language and to avoiding interfaces that nudge you into unwanted purchases or subscriptions.

When communicating with business contacts at their work addresses that have been publicly listed, we limit messages to matters relevant to the recipient’s business role and honour any “do not contact” indicators associated with the address. Industry best practices also call for presenting a clear opt-out opportunity on such communications and respecting internal and industry do-not-contact lists.

Marketing (U.S. Residents)

This section applies when we send commercial email messages (“CEMs”) to any recipient with a U.S. address. We follow the Controlling the Assault of NonSolicited Pornography and Marketing Act of 2003 (“CANSPAM Act”) and its implementing Rule, 16 C.F.R. Part 316, as enforced by the U.S. Federal Trade Commission (FTC).

When we send CEMs to you we follow the following requirements:

  1. Accurate header information – “From,” “To,” “ReplyTo,” and routing data accurately identify us as the sender.
  2. Truthful subject lines – The subject is not misleading and reflects the email’s content.
  3. Clear ad disclosure – Where the message is primarily promotional, we disclose clearly and conspicuously that it is an advertisement or solicitation.
  4. Physical postal address – Every CEM contains our current street address, PO box, or registered CMRA mailbox.
  5. Easy, nocost optout – Each CEM includes a clear, conspicuous mechanism (e.g., “unsubscribe” link or replyto address) that lets you stop all marketing messages or, where offered, select categories.
  6. Prompt processing – We honour optout requests within 10 business days and keep optout tools available for at least 30 days after sending the CEM.
  7. No fees or hurdles – Our optout mechanism never requires payment, personal data beyond an email address, or more than one step (singlepage web form or reply email).
  8. No sale/transfer of optedout addresses, except to a service provider strictly for compliance purposes.
  9. Oversight of service providers – If a third party sends you an email on our behalf, we monitor their compliance.

Please note that emails whose primary purpose is to complete or confirm an agreedupon transaction, provide warranty or safety information, or notify about account changes are classified as “transactional or relationship” and are exempt from most CANSPAM content requirements—but we still ensure accurate header information and avoid deception.

For compliance purposes we maintain the following recordkeeping and governance principles:

  • We log template IDs, send dates, recipient lists, and suppression lists.
  • CRM logic suppresses any address on the master “donotemail” list across all campaigns within the 10day window.
  • Annual reviews verify footer language, physical address accuracy, and thirdparty sender contracts.

California Residents

We honor California residents’ right to opt out of the “sale” or “sharing” of personal information, including hashed email addresses used for crosscontext behavioural advertising. Every marketing email contains (a) a “Do Not Sell or Share My Personal Information” link and (b) instructions for sending a Global Privacy Control (GPC) signal. Optout requests are propagated across all advertising partners within ten business days.

Connecticut Residents

Connecticut consumers may send a Universal OptOut Mechanism (UOOM) or browserlevel GPC signal to block use of their email for targeted ads or data sales. We recognise and act on such signals automatically. Confirmation of your choice arrives within 45 days.

Florida Residents

Floridians can opt out of (i) the sale of their personal data, (ii) targeted advertising, and (iii) certain profiling. Our footer link “Florida Privacy Choices” provides a oneclick method to exercise these rights; our processing of opt out requests completes in ten business days.

Illinois Residents

We do not link biometric identifiers—such as voiceprints gathered by callcentre IVR—to marketing email lists unless we first obtain the written release required by BIPA and disclose our retention schedule. We never sell or profit from biometric data.

Iowa Residents

Under the ICDPA you may opt out of any processing of your email address for targeted advertising or data sales. Requests are acknowledged immediately and fulfilled within 45 days. Beginning December 31, 2025 we will also accept recognized UOOM signals.

Missouri Residents

We comply with Missouri’s unsolicitedemail rule that subject lines for standalone adverts begin with “ADV:”. Each email includes a valid return address or tollfree number; a single optout request stops all further messages.

New Jersey Residents

New Jersey residents may opt out of the sale of personal data, targeted advertising, and profiling. We must honour universal optout signals and process manual optout requests within 15 days. Sensitive data (e.g., health or precise location) is used for marketing only with your explicit consent.

North Carolina Residents

All marketing claims in our emails must be truthful, not misleading, and substantiated to comply with the law. Any false or deceptive statement is prohibited, and unsubscribe requests are processed within CANSPAM’s tenbusinessday window.

Texas Residents

Texans have the right to opt out of the processing of personal data for targeted advertising, sale, or certain automated profiling. Our “Texas Privacy Choices” link and recognized browserlevel UOOM signals honour these preferences. Appeals of request denials may be submitted via email and will be reviewed within 45 days.

Wisconsin Residents

Under Wis. Stat. § 100.18 it is unlawful to make untrue, deceptive, or misleading representations in promotional email. We therefore ensure subject lines and body content accurately reflect any offer and disclose all material terms. Optout requests are completed in ten business days.

Residents of Other U.S States

As additional state privacy laws take effect, we will extend the same optout tools described above and update this policy at least 30 days before any new law’s enforcement date. Where no specific statute applies, we still avoid unfair or deceptive practices under each state’s consumerprotection law and process email optouts within CANSPAM timelines.

DISCLOSURE OF YOUR INFORMATION

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.
  • In accordance with applicable law, to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of ISI’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by ISI about our customers and users is among the assets transferred.
  • To contractors, service providers, and other third parties we use to support our business (such as analytics and search engine providers that assist us with Website improvement and optimization) and who are contractually obligated to keep personal information confidential, use it only for the purposes for which we disclose it to them, and to process the personal information with the same standards set out in this policy.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request, in accordance with applicable law.
  • To enforce or apply our terms of use of our Terms and Conditions of Use page and other agreements, including for billing and collection purposes.

If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of ISI, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

TRANSFERRING YOUR PERSONAL INFORMATION

We may transfer personal information that we collect or that you provide as described in this policy to contractors, service providers, and other third parties we use to support our business (such as analytics and search engine providers that assist us with Website improvement and optimization) and who are contractually obligated to keep personal information confidential, use it only for the purposes for which we disclose it to them, and to process the personal information with the same standards set out in this policy.

If you are a Canadian resident, please note that we may process, store, and transfer your personal information in and to a foreign country, with different privacy laws that may or may not be as comprehensive as Canadian law. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your personal information through the laws of the foreign country. Whenever we engage a service provider, we require that its privacy and security standards adhere to this policy and applicable Canadian privacy legislation.

By submitting your personal information or engaging with the Website, you consent to this transfer, storage, or processing.

CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this Website may not be accessible or may not function properly. For more information about tracking technologies, see the Section Information We Collect Through Cookies and Other Automatic Data Collection Technologies.
  • We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of several third party ad servers’ and networks’ cookies simultaneously by using (i) if you are a resident of Canada, an opt-out tool created by the Digital Advertising Alliance of Canada or, if you are a resident of the United States, the opt-out tool created by the Digital Advertising Alliance; and/or (ii) if you are a resident of Canada or the United States, an opt-out tool created by the Network Advertising Initiative. You can also access these websites to learn more about online behavioral advertising and how to stop websites from placing cookies on your device. Opting out of a network does not mean you will no longer receive online advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.

DATA SECURITY

The security of your personal information is very important to us. We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us behind firewalls on our secure servers. Any payment transactions will be encrypted.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

DATA RETENTION

Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize your personal information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.

CHILDREN AND MINORS’ DATA

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any information to the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not register on the Website. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at info@insurancesystems.com

ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes. By law you have the right to request access to and to correct the personal information that we hold about you.

You can review and change your personal information by logging into the Website and visiting your account profile page.

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

We will provide access to your personal information, subject to exceptions set out in applicable privacy legislation. If you are concerned about our response or would like to correct the information provided, you may contact our Privacy Officer at info@insurancesystems.com

U.S. Residents: Your State Privacy Rights

Depending on your state of residency, you may have certain rights related to your personal data, as follows:

California Residents

In addition to their rights to opt out of the “sale” or “sharing” (as these terms are defined under the CCPA) of their personal information (see Marketing section), California consumers may exercise the rights to know (access), delete, correct, port, and limit the use/disclosure of their sensitive personal information. We honour these rights via our privacy request form, toll-free number, and any Global Privacy Control (GPC) signal. We will not discriminate against you for exercising your options. Requests are fulfilled within 45 days (90 days where reasonably necessary).

Connecticut Residents

In addition to their opt out rights in relation to any use of their personal data for sales and marketing purposes (see the Marketing section), Connecticut residents can access, correct, delete, and port their personal data. We automatically honour Universal Opt-Out Mechanisms (UOOM)—including GPC browser signals—without additional steps from you.

Florida Residents

In addition to the right to opt out of the use of their personal information for targeted advertising, sale, or profiling purposes (see Marketing section), Florida consumers may confirm, access, correct, delete or port their data, as well as opt out of the collection of their sensitive data, as well as of any collection of personal data by voice or facial-recognition features. Our “Florida Privacy Choices” link or any unsubscribe action triggers your opt-out; we will process your request to opt-out within 10 business days of your request.

Illinois Residents

We do not collect or use biometric identifiers (e.g., face templates, fingerprints) for any purpose unless we first (1) provide written notice of purpose and retention schedule and (2) obtain your written consent. We never sell or profit from biometric data, and you may sue us if we violate these commitments.

Iowa Residents

In addition to their right to opt out of both the sale of personal data and its use in targeted advertising, Iowans have the rights to know whether we process their data, access it, delete it. The Iowa Consumer Data Protection Act does not provide a separate right to correct inaccuracies or to opt out of profiling. We respond to verified requests within 90 days (with one 45-day extension if needed).

Missouri Residents

Missouri does not yet grant specific data-rights similar to the laws above, but Missouri laws prohibit deception, fraud, misrepresentation, or the omission of material facts in any consumer transaction. We therefore commit to truthful, non-misleading data-handling disclosures and to honour any deletion or access request you send us within 45 days, even where not legally mandated.

New Jersey Residents

In addition to their right to opt out of sale, targeted advertising, and certain profiling (see Marketing section), New Jersey residents may access, correct, delete, and port their personal data. We accept universal opt-out signals (UOOM) and we also use automatic recognition. Sensitive data (including precise location) is processed only with your opt-in consent.

North Carolina Residents

North Carolina bans unfair or deceptive acts in commerce. While the law does not yet confer granular privacy rights, we voluntarily allow residents to request access to, correction of, or deletion of personal information and we process all unsubscribe or opt-out signals within 10 business days.

Texas Residents

In addition to their right to opt out of sale, targeted advertising, and profiling that produces legal or similarly significant effects (see Marketing section), Texans may access, correct, delete, or port their personal data. We also honour browser-level UOOM/GPC signals. Appeals of any request denial are handled within 45 days.

Wisconsin Residents

Wisconsin has no comprehensive data-privacy statute, but its Fraudulent Representations Law and Unfair Business Practices Law forbid untrue, deceptive, or misleading statements. Consistent with those standards, we (a) provide accurate descriptions of how we collect and use your data and (b) honour access or deletion requests within 45 days, even where not legally mandated.

Other U.S. States

If you reside in a state that later enacts consumer-privacy legislation granting additional rights (for example, Indiana, Montana, Oregon, Tennessee, or others), we will extend the same request channels and fulfilment timelines described above and update this policy at least 30 days before the new law becomes enforceable.

Please note that if we deny your request, you may appeal by replying “APPEAL” (for Connecticut, Virginia, Colorado, and New Jersey) or using the method provided in our response.

WITHDRAWING YOUR CONSENT

Where you have provided your consent to the collection, use, and transfer of your personal information, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact us at info@insurancesystems.com Please note that if you withdraw your consent we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you with your decision.

 CHANGES TO OUR PRIVACY POLICY

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you by email to the email address specified in your account or through a notice on the Website home page. We include the date the privacy policy was last revised at the top of the page. You are responsible for ensuring we have an up-to-date, active, and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

CONTACT INFORMATION AND CHALLENGING COMPLIANCE

We welcome your questions, comments, and requests regarding this privacy policy and our privacy practices. Please contact us at: info@insurancesystems.com

We have procedures in place to receive and respond to complaints or inquiries about our handling of personal information, our compliance with this policy, and with applicable privacy laws. To discuss our compliance with this policy please contact our Privacy Officer using the contact information listed above.