Below is the Company’s privacy pledge to our customers:
Information We May Collect
Through the Website, we provide a platform that allows: (i) users to obtain information about the insurance policies provided by or through the Company (“Policy” or “Policies”); (ii) insurance agencies and agents to apply to become agencies or agents authorized by the Company to solicit and sell certain Policies to third-parties (“Producers”) (such third-parties to whom such Policies will be solicited or sold are referred to herein as “Customers”); (iii) individuals and entities insured under a Policy (“Insured Party or “Insured Parties”) to review and manage, and submit payments in connection with such Policy; and (iv) Producers and their Authorized Employees (as defined herein), through the Company’s Agent Portal, to submit payments, obtain and submit Policy-related information and documentation, including Policy applications, quote requests, endorsement and other policy change requests, and to review, track, and/or manage quote requests, application submissions, binders, issued Policies, Policy renewals as well as Producer’s production goals, Policy sales, and commission. We collect Personal Data solely for the purposes of providing these services and other services that we may offer on or through the Website from time to time but may collect non-personal information in order to operate, maintain, and improve the Website and our services.
Our Security Procedures
The Company restricts access to Personal Data about you to persons and/or entities whom we determine have a legitimate business purpose to access such information in connection with the provision of products or services to you. The Company employs security techniques designed to protect our customer data. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of Personal Data, we have put in place reasonable physical, electronic, and managerial procedures in line with generally accepted industry standards to safeguard and secure the Personal Data we collect online, and we make good faith efforts to store your Personal Data in a secure operating environment.
You must also seek to protect against unauthorized access to any information that you use in connection with the Website, and you should remember to close the browser when you step away from your computer and when you have completed your activities on the Website. If you choose to create an account on the Website (an “Account”), such as an Account for access to the Insured Portal or the Agent Portal, you must treat your user name, password or any other piece of information related to your Account (“Account Information”) as confidential, and except as otherwise stated herein, you must not disclose Account Information to any other person or entity.
A Producer may only disclose Account Information and/or grant access to such Producer’s Account on the Agent Portal to individuals employed by such Producer: (i) that are authorized by law, and by each Customer whose Personal Data is contained on such Account, to receive access to all information provided on the relevant Account; (ii) that are authorized by law to submit requests for Policy quotes, submit Policy applications, issue Policies, or report claims information; (iii) have agreed, in writing, to refrain from disclosing Account Information or any information obtained through the Account to any unauthorized person and to refrain from providing any unauthorized person with access to the Account; and (iv) whose access is necessary in order for Producer to perform its responsibilities under the Producer Agreement. The employees of a Producer that satisfy the requirements described in this paragraph are referred to herein as “Authorized Employees.”
You agree to notify us immediately of any unauthorized access to or use of your user name or password or any other breach of security. You also agree to ensure that you exit from your Account at the end of each session. Producers and Authorized Employees should refrain from accessing the Agent Portal from public or shared computers and should only access the Agent Portal from a personal computer located at the Producer’s office. Similarly, Customers or Insured Parties should only access the Insured Portal from a secure network connection and not from public or shared computers. When accessing other parts of the Website, you should use particular caution when logging into and viewing your Account, and when submitting Personal Data through the Website using public or shared computers so that others are not able to view or record your password or other information on your Account or otherwise.
In the event that we determine that there has been a security breach resulting in the unauthorized disclosure of Personal Data to a third party, we will notify individuals whose Personally Identifiable Information has been so disclosed as required by law.
Unfortunately, no data transmission over the Internet can be guaranteed to be absolutely secure. As a result, while we strive to protect Personal Data you submit to us, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us as set forth in the “How to Contact Us” section.
Use and Sharing of Information
The Company facilitates the sale of insurance products offered by Third-Party Carriers and offers you the opportunity to conveniently store information on the Website, including your or your Customer’s contact information, insurance quotes previously obtained, insurance application statuses, Policy summaries, billing statuses and other information. If you request to purchase a Policy offered by a Third-Party Carrier, we will share this information with the Third-Party Carrier, solely in connection with providing the requested products and services.
On occasion, we may collect Personal Data from you in connection with optional special offers or promotions. We will share such information with necessary third parties for the purpose of carrying out the special offer or promotion.
The Website Is Not Intended For Use By Individuals Under 18 Years of Age
No one under the age of 18 may provide any personal information on or through the Website. We do not knowingly collect personal information, including Personal Data, from anyone under 18. If you are under 18, do not: (i) use or provide any information on the Website or, on or through any of the features available on the Website; (ii) use any interactive features on the Website; or (iii) provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received personal information from an individual under 18 without verification of parental consent, we will take appropriate steps to delete that information. If you are a parent or guardian and believe we might have any information from or about an individual under 18, please contact us via email at firstname.lastname@example.org
If you are located outside the United States, we may transfer, process and store Personal Data we collect from you through the Website in centralized databases and with service providers located in the United States.
We may provide Personal Data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, we may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by us and they must either:
a. Comply with the Privacy Shield principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Data; or
b. Agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy
Data Controller and Data Processor
We process Personal Data as both a processor and a controller as defined in the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”). For those located in the European Union, all processing of Personal Data performed in accordance with privacy rights and regulations in accordance with the GDPR.
For those located in the United States, we process data solely in data centers located in the US. We have adopted reasonable physical, technical and organizational safeguards that substantially mirror the European Union safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the data in our possession. Our policy is to protect and safeguard any Personal Data we obtain in accordance with United States state or federal laws governing the protection of personal information and data. Accordingly, we adhere to practices and policies that aim to safeguard the data.
Retention of Information
We only retain your Personal Data for as long as we need it to fulfill the purposes for which we have initially collected it, or such longer period as may be required by applicable law pertaining to records retention for our industry. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Electronic Communications and Opting in and Opting Out
We would like to send you information about the products we offer and other information about your Policy by mail, telephone and/or e-mail. We will not send such communications to you unless you opt-in to receive this information. You should have been given the option to opt-in to these communications when you provided us with your Personal Data. If you have not already opted-in and would like to receive this information, please refer to our GDPR form to opt-in.
Cookies and Other Technologies
The Website may use “cookies” and/or other technologies or files (collectively, “cookies”) to identify how visitors make use of the Website. Cookies are small text files stored on your device when you are on the Internet, including the Website. You have the ability to delete cookies from your device at any time or avoid cookies by configuring your browser to reject them or to notify you when a cookie is being placed on your device. By rejecting the cookies, however, you may be unable to fully access the offerings on the Website.
Additionally, we may use IP address information to count and track aggregate visits to the Website, to help diagnose problems with our server, and to administer the Website. We do not link IP addresses to anything personally identifiable, so while a particular user’s session can be tracked, the user remains completely anonymous.
Other Website and Links
The Website may include links to pages on third party websites, such as the Company’s social media pages, or other websites that we think will be of interest to you and are not operated by the Company. These third-party websites have separate data collection and privacy practices independent from ours, and the Company is not responsible for the policies or activities of such other websites. Please contact such third parties directly if you have questions about their privacy policies.
At any point while we are in possession of, or processing your Personal Data, you, the data subject, have the following rights:
– Right of access: You have the right to request a copy of the data we hold about you. Please contact our Data Protection Officer at email@example.com if you wish to access the personal information the Company holds about you.
– Right of rectification: You have the right to correct data we hold about you that is inaccurate or incomplete. If that data has been passed on to a third party with your consent or for legal reasons, then we must also ask them to rectify the data. Please contact Please contact our Data Protection Officer at firstname.lastname@example.org if you need us to rectify any of your information.
– Right to be forgotten: This is sometimes called the ‘right to erasure.’ In certain circumstances, you can ask for the data we hold about you to be erased from our records. If you want us to erase some or all of your Personal Data, and we do not have a legal reason to continue to process or hold it, please contact our Data Protection Officer at email@example.com
– Right to restriction of processing: You have the right to ask us to restrict how we process your data. This means we are permitted to store your data, but not further process it. We will keep just enough data to make sure we respect your request in the future. If you want the Company to restrict the processing of your data, please contact our Data Protection Officer at firstname.lastname@example.org.
– Right of portability: We are required to allow you to obtain and reuse your Personal Data for your own purposes across multiple services in a safe and secure way without affecting the usability of your Personal Data. If you want information on how to port your data to another organization, please contact our Data Protection Officer at email@example.com. Please note that this right only applies to Personal Data that you have provided to us as the Data Controller and that this data must be held by us by either your consent or for the performance of a contract.
– Right to object: You have the right to object the Company processing your Personal Data, even if it is based on our legitimate interests, the exercise of official authority, direct marketing (including data aggregation) and the processing for the purposes of statistics. If you wish to object to the processing of your Personal Data, please contact our Data Protection Officer at firstname.lastname@example.org.
– Right to object to automated processing, including profiling: You have the right not to be subject to the legal effects of automated processing or profiling. If you wish to object to the processing of your Personal Data, please contact our Data Protection Officer at email@example.com.
– Right to review: In the event we refuse your request under any of the above rights, we will provide you with a reason as to why. You will also have the right to lodge a complaint, as outlined below.
– Right to withdraw consent: If you have given us your consent to process your Personal Data but change your mind later, you have the right to withdraw your consent at any time and we must stop processing your data upon request. If you wish to withdraw your consent, please contact our Data Protection Officer at firstname.lastname@example.org.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. Should we determine that you are not entitled to exercise that right, we will provide you with the reason(s) for the denial. Also, please note that the erasure of your data may be subject to our records retention policy or applicable law. Should the data you seek to have erased fall within an area where we are under a legal requirement to retain such data for a certain period of time, we will retain that data in accordance with our legal obligations.
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Website.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact our Data Protection Officer at email@example.com. You also have a right to lodge a complaint with data protection authorities.
How to Contact Us
FedNat Holding Company
14050 NW 14th Street, Suite 180
Sunrise, FL 33323
Telephone: (800) 293-2532
We value our relationship with you and appreciate the opportunity to bring you quality products and services.