Privacy Policy

This Privacy Policy describes how Casey Labs Insurance Services LLC ("Casey," "Company," "we," "us," or "our") collects, uses, discloses, and protects personal information when you use our services ("Services"), including when you:

• Visit our website at caseyinsure.com or any website of ours that links to this Privacy Policy;
• Request information about commercial insurance products or submit information through our intake, quote-request, or application forms;
• Communicate with us by email, telephone, text message, or other means; or
• Otherwise engage with us in connection with our insurance brokerage services.

Casey Labs Insurance Services LLC is a licensed insurance producer and a wholly owned subsidiary of Casey Labs Inc., a Delaware corporation. This Privacy Policy applies to information collected through our marketing website, our customer-facing platform, and our offline business activities.

Questions or concerns? If you do not agree with our policies and practices, please do not use our Services. If you have questions, please contact us at dpo@caseyinsure.com.

1. Scope and Definitions

This Privacy Policy applies to personal information we collect from or about you when you interact with us, whether through the Services, communications, or third-party sources. It does not apply to information collected by third-party websites or services linked from our website.

"Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.

"Business Information" means information about a business entity, such as business name, EIN, locations, revenue, payroll, fleet details, operations, employee information, and risk assessments. Business Information may constitute Personal Information when it is associated with an identifiable individual (for example, a sole proprietor or business owner).

"Sensitive Personal Information"means Personal Information that applicable law treats as requiring additional protections, which may include Social Security numbers, driver's license numbers, financial account information, precise geolocation, and similar categories. We collect Sensitive Personal Information only as necessary to deliver the Services you have requested.

We operate primarily in the United States and comply with applicable U.S. federal and state privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), and other state laws where applicable. To the extent we process personal data of individuals located in the European Economic Area, the United Kingdom, or Switzerland, we do so in accordance with the applicable requirements of the General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP).

2. Information We Collect

We collect Personal Information from you directly, automatically through your use of the Services, and from third-party sources.

Information You Provide Directly

When you contact us, request quotes, submit applications, or otherwise interact with us, we may collect:

• Contact details: name, email address, phone number, mailing address, and business address.
• Personal identifiers:date of birth, gender, marital status, Social Security number, and driver's license number.
• Business and financial details: business name, EIN, entity type, locations, revenue, payroll, fleet information, vehicle and driver details, property information, loss history, prior carriers, claims data, and similar underwriting information.
• Professional information: employment history, educational background, and financial data relevant to insurance placement.
• Risk-related information: criminal background, history of bankruptcy, tax or credit liens, lawsuits, and other details relevant to insurance placement requirements.
• Documents: loss runs, claims reports, financial statements, tax documents, contracts, leases, photos, inspection reports, and other materials relevant to your insurance needs.
• Communications: content from emails, text messages, phone calls (which may be recorded as described in Section 7), and other interactions.

We collect Sensitive Personal Information (such as Social Security numbers, driver's license numbers, and financial account information) only when necessary to deliver insurance Services you have requested. If you provide information about third parties (such as employees, drivers, or dependents), you represent that you have the authority and any necessary consents to do so.

Information Collected Automatically

When you visit our website or use the Services, we automatically collect certain information that does not generally reveal your specific identity, including:

• Device information: IP address, browser type and version, operating system, device type, referring URLs, and other technical information.
• Usage data: pages viewed, links clicked, time spent on pages, and other interactions with the Services.
• Approximate location: derived from your IP address.

We use cookies and similar technologies (such as web beacons and pixels) to collect this information. See Section 10 for details.

Information from Third-Party Sources

To enhance our ability to provide relevant quotes, evaluate risk, and serve your insurance needs, we may collect information from:

• Public databases, government regulatory sources, and motor vehicle records providers;
• Insurance industry data services, including loss-run aggregators, claims databases, and premium/loss data providers;
• Consumer reporting agencies (for credit reports, background checks, and related information, subject to FCRA requirements);
• Marketing partners, data enrichment providers, and social media platforms; and
• Insurance carriers, wholesale brokers, MGAs, and other industry counterparties.

3. How We Use Your Information

We process your Personal Information for the following purposes:

• Providing Services: responding to inquiries, evaluating insurance needs, preparing and submitting quote requests and applications on your behalf, and servicing your account.
• Communications: sending administrative information, service updates, policy-related notifications, and responding to your questions.
• Marketing: sending promotional communications by email and, where you have provided express written consent, by SMS or automated telephone call. See Section 7 for details.
• Analytics and improvement: understanding usage trends, measuring marketing effectiveness, improving our Services, and developing new products.
• Legal and compliance: complying with applicable insurance, tax, and recordkeeping laws, preventing fraud, enforcing our agreements, and protecting our rights and the safety of others.
• AI-assisted processing: using artificial intelligence to help organize, structure, and transform information for the purposes described in this Section. See Section 6 for details.

Legal bases for processing. We process your information when we have a valid legal basis to do so, including: performance of a contract or steps prior to entering into a contract; compliance with a legal obligation; our legitimate interests (such as providing and improving the Services, fraud prevention, and direct marketing), provided those interests are not overridden by your rights; and your consent, where applicable.

4. When and With Whom We Share Your Information

We share Personal Information only as described below and with appropriate safeguards:

• Service providers and subprocessors. We share information with vendors who help us operate the Services, including hosting, analytics, email and telephony providers, payment processors, and AI model providers. All such providers are bound by written agreements limiting their use of the information to the services they provide to us.
• Insurance-industry counterparties. When you ask us to pursue an insurance quote or placement on your behalf, we share the information necessary to prepare and submit the request with insurance carriers, wholesale brokers, managing general agents (MGAs), program administrators, premium finance companies, reinsurers, and related insurance-industry service providers. We do not share your information with these parties for quoting purposes until you have indicated you would like us to seek a quote.
• Affiliates. We may share your information with our affiliates, including our parent company Casey Labs Inc., under terms that require them to honor this Privacy Policy.
• Consumer reporting agencies and background check providers. We may obtain consumer reports, credit reports, or background checks as permitted by the FCRA and applicable state law, and we may furnish information to such agencies as required or permitted by law.
• Legal obligations and safety. We may disclose your information where required by law, in response to valid legal process, or where necessary to protect our rights, your safety, or the safety of others.
• Business transfers. We may share or transfer your information in connection with a merger, acquisition, sale of assets, financing, reorganization, or bankruptcy, subject to customary confidentiality obligations.

We do not sell your Personal Information. We do not sell or rent Personal Information, and we do not share Personal Information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA. We may share de-identified or aggregated data that does not identify you.

5. Financial Information Privacy (GLBA)

Because Casey is a licensed insurance producer, certain information we collect constitutes "nonpublic personal information" under the federal Gramm-Leach-Bliley Act (GLBA) and similar state insurance privacy laws.

Categories of nonpublic personal information we may collect: information you provide on applications and forms (such as name, address, phone, email, Social Security number, business and financial details); information about your transactions with us, our affiliates, or others (such as policy coverage, premiums, and payment history); and information from consumer reporting agencies and other third parties (such as motor vehicle records, credit reports, claims history, and loss runs).

Categories of parties to whom we may disclose nonpublic personal information: insurance carriers, wholesale brokers, MGAs, program administrators, reinsurers, premium finance companies, claims administrators, and other parties as necessary to evaluate, underwrite, place, or service insurance products you have asked us to obtain; service providers and subprocessors who perform services on our behalf; our affiliates, including Casey Labs Inc.; and government or regulatory bodies as required or permitted by law.

We do not sell your nonpublic personal information, and we do not disclose it to nonaffiliated third parties for their own marketing purposes. You have the right to opt out of certain disclosures of nonpublic personal information to nonaffiliated third parties, to the extent required by applicable law. To exercise this right, please contact us using the information in Section 16.

6. Artificial Intelligence

Casey incorporates artificial intelligence (AI) tools into our operations to enhance the efficiency and accuracy of our Services. We are committed to transparency about how we use AI.

How We Use AI

AI tools assist our team with:

• Processing and extracting key details from client-submitted documents, including applications, loss histories, policies, and endorsements;
• Organizing, structuring, and transforming information to prepare submissions for carriers;
• Generating draft notes, internal summaries, and communications for staff review;
• Managing workflows, task prioritization, and team follow-ups; and
• Drafting outbound marketing and follow-up communications, and conducting outbound phone calls as described in Section 7.

Human Oversight

Every output from our AI tools that affects your insurance placement undergoes human review. No final insurance decisions — such as quoting terms, evaluating risks, determining eligibility, placing coverage, issuing endorsements, or binding policies — are made automatically by AI. All such determinations are performed, reviewed, and approved by our licensed insurance professionals and/or partnering carriers, in compliance with applicable state insurance laws and regulations.

Data Protection in AI Processing

All third-party AI model providers used by Casey are engaged under zero-data-retention terms — meaning the prompts and outputs we send them are not stored by the provider beyond what is technically necessary to return a response and are not used to train their models. We do not feed client Personal Information or Business Information into third-party foundation models for training purposes.

We apply ongoing monitoring, error detection, and human override capabilities for AI applications that may affect sensitive or high-stakes decisions. We do not use AI for automated final outcomes in categories that could substantially affect individuals without meaningful human involvement.

7. Communications, Call Recording, and Automated Outreach

Email Communications

We may use AI-assisted tools to draft and send marketing and follow-up emails on behalf of Casey. Every marketing email contains an unsubscribe link. You may opt out of marketing emails at any time by clicking the unsubscribe link in any email or by contacting us.

SMS Communications

We do not send SMS or text messages unless you have provided express written consent to receive them. If you opt in to SMS from Casey, we will use the mobile number you provide to send the messages you have requested. Message and data rates may apply. You can opt out at any time by replying STOP.

Casey Labs Inc. and its subsidiaries, including Casey Labs Insurance Services LLC, do not share mobile numbers, text messaging originator opt-in data, or consent with any third parties or affiliates for marketing or promotional purposes. Mobile information may be shared only with subcontractors and service providers that support the delivery of SMS services, such as messaging platforms, telecommunications providers, or customer support vendors. This information is used solely to provide and operate the messaging service. All other use case categories exclude text messaging originator opt-in data and consent. This information will not be shared with any other third parties.

AI-Assisted Phone Calls

We may use AI-driven voice technology to place outbound phone calls regarding our Services. Where required by applicable law, the AI system will clearly disclose at the beginning of the call that you are communicating with an automated system. You may ask to be transferred to a human representative or to end the call at any time.

Call Recording

We may record inbound and outbound phone calls for quality assurance, training, compliance, and recordkeeping purposes. In states that require all-party consent for call recording, we provide a recording disclosure at the start of the call. By continuing the call after that disclosure, you consent to being recorded. If you do not consent, you may end the call at any time.

8. Data Retention

We retain Personal Information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, regulatory, accounting, or reporting requirements.

• Customers and quoted prospects: We typically retain records for five (5) to seven (7) years following the end of the relationship, consistent with applicable insurance regulatory requirements.
• Prospects and leads: We retain lead information for a period appropriate to our marketing and follow-up activity, generally not exceeding twenty-four (24) months from last meaningful interaction, unless a longer period is required by law.
• Automatically collected data: We retain analytics and log data for the period necessary for the purposes described in this Privacy Policy.

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it, or, if deletion is not immediately possible (for example, because information has been stored in backup archives), we will securely store and isolate it from further processing until deletion is possible.

9. Data Security

We implement appropriate administrative, technical, and physical safeguards designed to protect Personal Information from unauthorized access, use, alteration, or disclosure. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be completely secure. While we strive to protect your information, we cannot guarantee absolute security.

In the event of a data breach involving your Personal Information, we will notify affected individuals and regulatory authorities in accordance with applicable law.

10. Cookies and Tracking Technologies

We use cookies and similar technologies for functionality, analytics, and advertising purposes. Categories of technologies we use include:

• Essential cookies: necessary for the operation and security of the Services.
• Analytics cookies: used to measure usage, performance, and to improve the Services. We use analytics tools such as PostHog and may use additional analytics services.
• Advertising cookies: used, where applicable, for targeted advertising based on interests.

You can manage cookies through your browser settings. Disabling cookies may affect certain features of the Services. For more information about cookies, visit www.aboutcookies.org.

We do not currently respond to Do-Not-Track (DNT) browser signals, as no uniform standard for recognizing and implementing DNT has been finalized. If a standard is adopted that we are required to follow, we will update this Privacy Policy accordingly.

11. International Data Transfers

Our operations and data hosting are primarily located in the United States. If you access the Services from outside the United States, your information may be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.

Where we transfer personal data from the European Economic Area, the United Kingdom, or Switzerland to the United States, we rely on appropriate transfer mechanisms recognized under applicable law, such as standard contractual clauses or other lawful bases for transfer. By using the Services, you acknowledge and consent to the transfer and processing of your information in the United States.

12. Your Privacy Rights

General Rights

Depending on your location and applicable law, you may have the following rights with respect to your Personal Information:

• Access: request details about the Personal Information we hold about you.
• Correction: request that we correct inaccurate or incomplete information.
• Deletion: request that we delete your Personal Information, subject to legal exceptions.
• Portability: request a copy of your Personal Information in a commonly used, machine-readable format.
• Opt-out: opt out of marketing communications, targeted advertising (if applicable), or profiling.
• Restrict or object: request that we restrict or cease processing your information in certain circumstances.
• Withdraw consent: where we rely on consent, withdraw that consent at any time, without affecting the lawfulness of processing conducted prior to withdrawal.
• Limit sensitive PI: request that we limit the use and disclosure of your Sensitive Personal Information to what is necessary to deliver the Services.

U.S. State-Specific Rights (Including CCPA/CPRA)

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, Virginia, or another state with applicable privacy legislation, you may have additional or specific rights, including the right to know the categories and specific pieces of Personal Information collected, the right to non-discrimination for exercising your rights, and the right to designate an authorized agent to submit requests on your behalf.

Certain Personal Information collected, processed, or disclosed in connection with insurance transactions may be exempt under the GLBA, FCRA, or comparable state insurance privacy laws.

Categories of Personal Information collected in the preceding twelve (12) months:

We will use and retain collected Personal Information consistent with Section 8 of this Privacy Policy.

EEA, UK, and Swiss Residents

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you may have additional rights under the GDPR or FADP, including the right to lodge a complaint with your local data protection authority. For Swiss residents, you may contact the Federal Data Protection and Information Commissioner.

Exercising Your Rights

To exercise any of these rights, please contact us using the information in Section 16. We will verify your identity before processing your request and will respond within the timeframes required by applicable law. We will honor opt-out preference signals (such as the Global Privacy Control) recognized under applicable law.

If we decline your request, you may appeal by contacting us at dpo@caseyinsure.com. We will inform you in writing of any action taken or not taken and the reasons for our decision.

13. Children's Privacy

Our Services are intended for adults and businesses. We do not knowingly collect, solicit, or market to individuals under 18 years of age. If we learn that we have collected Personal Information from a person under 18, we will take reasonable measures to delete that information promptly. If you believe a minor has provided us with information, please contact us at dpo@caseyinsure.com.

14. Third-Party Links and Services

The Services may contain links to third-party websites or services, including payment processors, analytics providers, and insurance-industry platforms. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with your information. Payment transactions, where applicable, are handled by our payment processing partners, each of which maintains its own privacy policy.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date at the top. If we make material changes, we may notify you by prominently posting a notice on our website or by sending you a direct notification. Your continued use of the Services after any changes constitutes your acceptance of the updated Privacy Policy.

16. Contact Us

If you have questions or comments about this Privacy Policy, wish to exercise your privacy rights, or want to submit a complaint, you may contact us at:

Casey Labs Insurance Services LLC
Data Protection Officer
95 Third Street, 2nd Floor
San Francisco, CA 94103
United States of America

Email: dpo@caseyinsure.com
General inquiries: inquiries@caseyinsure.com
Phone: (628) 300-0949

We respond to verifiable requests promptly and within the timeframes required by applicable law.