Quote Kings Media

Privacy Policy

Effective Date: 7th of July 2025

Kings Marketing Group LLC (“KMG,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in connection with our websites QuoteKings.com and Quote Kings Media.com (collectively, the “Sites”), as well as any offline interactions with us (such as by phone or email) in the course of our insurance lead generation marketing services. It also explains your rights under U.S. and international privacy laws. We adhere to applicable laws and regulations, including the California Consumer Privacy Act (CCPA) (as amended by the California Privacy Rights Act, CPRA), the EU/UK General Data Protection Regulation (GDPR), the U.S. Telephone Consumer Protection Act (TCPA), the CAN-SPAM Act, and industry guidelines (such as those recommended by the National Association of Insurance Commissioners, NAIC) to ensure your information is handled lawfully and ethically

By using our Sites or services, or by otherwise providing your information to us, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Sites or provide personal information.

1. Introduction and Scope

This Privacy Policy applies to both QuoteKings.com and Quote Kings Media.com, and any services, features, or content offered through these Sites. It covers personal information collected through:

Online interactions: information you provide on our Sites (for example, when requesting an insurance quote, filling out forms, or contacting us via web forms or email), as well as information collected automatically through your use of our Sites (such as via cookies or analytics trackers).
Offline interactions: information we may collect from you outside of the Sites in connection with our business, such as over the phone (for example, if you speak with our representatives or give information by phone) or by mail.

Scope of services: KMG specializes in insurance lead generation marketing, meaning we help connect consumers seeking insurance quotes or information with insurance providers (such as licensed insurance agents, brokers, or carriers). We collect personal information from consumers and, with their consent, share that information with our network of insurance partners to provide requested quotes or offers. This Policy covers how we handle that information at every step. It does not cover the practices of third-party insurance companies or other websites that may be linked from our Sites; those entities have their own privacy policies. We encourage you to review the privacy policies of any third-party sites or services before providing information to them.

We may update this Policy from time to time (see Section 15 on how we handle changes). This Policy is written in English, and while translations may be available, the English version will govern in case of any conflict.

2. Information We Collect

We collect various categories of information about you in the course of our lead generation and marketing activities. The types of personal information we collect, and have collected in the past 12 months, include:

Identifiers and Contact Information: Such as your name, postal address, email address, telephone number, and other basic contact details. We collect this information when you enter it on our Sites (for example, when requesting an insurance quote or subscribing to a newsletter) or provide it to us over the phone. This category may also include unique identifiers like an IP address or device ID when those can reasonably identify you
Personal Details for Insurance Quotes: Information related to your insurance needs or preferences that you choose to provide. For example, if you request an auto insurance quote, we may collect details like your vehicle information (make, model, year, VIN), driving history (accidents or violations), your age or date of birth, gender, marital status, home ownership status, or other details relevant to obtaining insurance quotes. For life or health insurance inquiries, we might collect information about your health or lifestyle (e.g., whether you use tobacco). We only collect this information if you voluntarily provide it as part of a quote request or inquiry. Sensitive Personal Information: We generally do not seek to collect sensitive identifiers (such as Social Security Numbers) or financial account information via our Sites. In certain cases, an insurance quote form might request limited sensitive data (for example, a driver’s license number or last four of SSN to retrieve insurance records or credit-based insurance score). We will only collect such sensitive data where necessary to process your quote request, and we handle it with enhanced care and use limitations (see Section 8 and Section 12 regarding additional rights and safeguards for sensitive data). We do not knowingly collect or process sensitive personal information revealing racial or ethnic origin, religious or philosophical beliefs, union membership, genetic data, biometric identifiers, or precise geolocation, as those terms are defined under applicable lawsunless you choose to provide such information (e.g., in a free-text field) or it is required by an insurance partner to provide a quote (which is rare, and would only be used for that specific purpose with your consent).
Technical and Usage Information: When you use our Sites, we automatically collect certain information about your device and how you interact with the Sites. This includes:
Device and Browser Data: Your device’s IP address, browser type, device type (e.g., mobile, desktop), operating system, unique device identifiers, and region or general location (e.g., city/state) inferred from your IP address.
Usage Data: Information about your activity on the Sites, such as pages or screens you view, how you navigate through the Sites, the date and time of your visits, the referring URL or advertisement that led you to our Sites, and crash/error logs.
Cookies and Tracking Technologies: We (and authorized third parties) use cookies, web beacons, pixels, session replay tools, and similar tracking technologies to collect data about your browsing actions and preferences. This may include your interactions with ads we place on third-party sites, which helps us understand the effectiveness of our marketing. For more details, see Section 10.
Third-Party Sourced Information: We may receive information about you from third parties, such as:
Marketing Partners and Lead Brokers: For instance, if you entered your information on a partner website or a comparison-shopping service that is affiliated with us, that partner might lawfully share your information with us (with your consent) so that we can reach out to you with insurance quotes or offers. This can include similar data categories as listed above (contact details, quote-related info, etc.). We treat such data per this Privacy Policy upon receipt.
Service Providers: We might also obtain additional information from service providers or data analytics firms to augment or verify the information you provided (for example, adding address details via a lookup service, or confirming phone numbers through a verification service).
Public Sources: In limited cases, we may collect information from public records or publicly available databases. For example, if you are an insurance agent or business partner, we might collect your business contact information from state licensing databases or public websites.
Communication Records: If you communicate with us, we collect the content of your communications. For example, if you send us an email or contact form, we will collect your message along with your name and contact information. If you call our customer service, we may record the call or retain call logs (we will inform you at the start of the call if it is being recorded). These records may be used for training, quality assurance, and addressing any issues or disputes.

We will indicate where information is mandatory or optional. If you choose not to provide certain information that is necessary (for example, essential details needed to obtain an insurance quote), we may not be able to fulfill your request or provide the related service.

3. Sources of Personal Information

We collect personal information from several sources:

Directly from You: The majority of information we collect comes directly from you. You provide information when you use our Sites (e.g., by filling out quote request forms, creating an inquiry, or entering your contact details to receive information). You also provide information when you communicate with us, such as through customer service calls, emails, or chat features. All of the categories listed in Section 2 may be collected directly from you.
Automatically from Your Device: As you interact with our Sites, we use automated data collection technologies (like cookies, log files, and pixels) to gather Technical and Usage Information (see above). For example, our web servers log device IP addresses and browser user-agent strings; our analytics tools capture how you navigate pages. This automated collection happens in the background as you use the Sites.
Through Cookies and Tracking Technologies: Some information is collected through first-party and third-party cookies and similar trackers. For instance, analytics providers like Google Analytics may set cookies on our site to collect usage data. Advertising networks or social media platforms may use pixels that collect data about your browsing behavior over time and across websites, used for targeted advertising. (See Section 10 for details and your choices.)
From Marketing Partners and Affiliates: We may receive personal information from third-party marketing partners, affiliates, or lead vendors who have obtained your information lawfully. For example, if you responded to an online advertisement on an affiliate’s website or filled out a form on a comparison site affiliated with us, that site might pass your inquiry information to us. We also might engage marketing agencies who run campaigns and send us the resulting leads. These partners are typically required to confirm that they have obtained your consent to share your data with us. We treat information obtained from partners the same as if you provided it directly.
From Data Brokers or Public Sources: In some cases, we might license or purchase data lists from data brokers or aggregators to use for marketing (for example, a list of individuals who have expressed interest in insurance products). Such data may include names and contact information. We only use such data where the third party represents it was collected in compliance with law. We also may collect information from public records (e.g., property records) or social media profiles if relevant to our marketing (for instance, to pre-populate certain fields or verify leads). If we combine or use data from brokers with personal information we have collected, such combined data will be handled under this Privacy Policy.
Through Insurance Partners: Generally, our insurance carrier or agent partners provide quotes and services directly to you, and they have their own privacy obligations. However, they might provide feedback or updates to us for business purposes – for example, notifying us that a lead we referred resulted in a policy purchase (so we can calculate commissions or analytics). Any such information received from partners about transactions or outcomes will be used solely for our internal purposes (like measuring performance of our services) or compliance (like keeping records of consents or opt-outs), and not for further unrelated marketing unless permitted by law or with your consent.

4. Purposes for Using Your Information

We use the personal information we collect for a variety of business and commercial purposes. The primary purposes for which we use your information are:

To Provide and Personalize Our Services: We use your information to operate our insurance lead generation services and fulfill your requests. For example, we use your personal details and insurance inquiry information to connect you with insurance providers and obtain insurance quotes or offers that you requested. This may include transmitting your information to relevant insurance partners (see Section 6) so they can provide accurate quotes. We may also use the information to tailor the user experience on our Sites – for instance, pre-filling forms if you’ve already provided data, remembering your preferences, or showing content relevant to your location or indicated interests.
To Communicate with You: We use contact information (like your phone number and email) to communicate with you regarding your quote requests, inquiries, or use of our services. This includes:
Service and Transactional Communications: Such as sending you quotes, policy information from partners, confirmations that we received your request, updates or status of your inquiry, and customer support responses. If you provide your phone number, we (or our insurance partners) may call or text you to discuss your inquiry (consistent with consent requirements – see Section 9).
Promotional Communications: With your consent or as otherwise permitted by law, we may send you marketing emails or text messages about new insurance products, special offers, newsletters, or other services that may be of interest to you. You can opt out of these communications at any time (see Section 9 and Section 8 regarding your choices). We abide by CAN-SPAM Act requirements for marketing emails and will include unsubscribe options and our contact information in such messages.
For Lead Generation and Transfer: As an insurance marketing intermediary, one of our key purposes is to share or sell your information to third-party insurance providers (carriers, agents, or brokers) so that they can offer you insurance quotes or related services at your request. When you submit information for an insurance quote through our Sites, you are instructing us to disclose that information to licensed insurance entities who can provide you with the quotes or information you seek. We use your data to identify appropriate partners (for example, matching you with auto insurance providers in your state) and then transfer your contact and quote details to those partners. This data sharing is done only in connection with your request and as part of our service; however, it may be considered a “sale” of personal information under certain laws (because we may receive compensation for the lead) – see Section 8 for how you can opt out of such sharing.
For Business Operations and Improvements: We use the information (especially Technical and Usage data) to operate, analyze, and improve our Sites and services. This includes:
Analytics and Performance: We analyze how users interact with our Sites (e.g., which pages are most visited, where users drop off in a form) to improve the design, navigation, and content. This helps us enhance usability and the effectiveness of our lead forms or marketing campaigns.
Developing New Features: Using feedback or usage patterns, we may develop new tools or features (for example, adding a new type of insurance service or improving our quote matching algorithm).
Testing and Quality Assurance: We might use data for testing, research, troubleshooting issues, and monitoring performance (e.g., debugging errors in form submission).
Personalization: To the extent permitted, we might use data to personalize what you see – for example, showing you a list of insurance providers available in your region, or pre-selecting options based on information you’ve provided or your past interactions.
Marketing and Advertising: We may use your information for our own marketing purposes, such as:
Look-alike or Targeted Advertising: We might use cookies and advertising identifiers to serve you targeted advertisements on our Sites or on third-party platforms (like Google or social media). For example, if you visited our Site and didn’t complete a form, we may show you an ad later to remind you to finish your quote. We may also use information about your characteristics to find similar audiences to advertise to (this is often done in aggregate or using hashed data).
Email Marketing: If you join our mailing list, we use your email and possibly information about your insurance interests to send tailored email offers.
Partner Promotions: We might use your contact info to send offers on behalf of our partners or to invite you to consider related services (for instance, home insurance offers if you requested auto insurance). We will do this in accordance with consent requirements and include opt-out mechanisms.
Referral Programs: If you use any refer-a-friend features (if available), we use any information you provide about your referral (like their email) only to send the invitation or referral message, and we may inform the recipient of your name or contact as the referrer (if required by law or our program terms).
Compliance and Legal Purposes: We may use and retain your information as necessary to comply with legal obligations, to resolve disputes, and to enforce our agreements. Examples include:
Regulatory Compliance: Adhering to laws applicable to our business, such as maintaining records for CCPA or GDPR compliance, honoring opt-out or deletion requests, responding to legally mandated consumer requests, or providing required notices. We also comply with telemarketing regulations (like maintaining do-not-call lists) and email regulations (CAN-SPAM) using your data (e.g., storing your email on an unsubscribe list to ensure we don’t send you further emails if you opted out).
Defense of Legal Claims: If a complaint or legal claim arises, we may use relevant personal information to defend our company (for example, to demonstrate that proper consent was obtained for communications or that we fulfilled a request properly).
Preventing Fraud and Misuse: We use data (like IP address, and submitted info) to detect and prevent fraudulent activities or spam. For instance, we may deploy tools to screen out bots or fake submissions. If we suspect someone is misusing our Sites (e.g., attempting to scrape data or submit fraudulent information), we may use and share data as necessary to investigate or block such activity.
Protecting Rights and Safety: We may use personal information as necessary to protect the rights, property, or safety of KMG, our users, our partners, or the public. This could include using your information to contact you with safety notices if a security incident occurs, or using records of interactions to investigate a security breach or other malicious activity.
Records and Administration: Internally, we use personal information for general business administration purposes. This includes maintaining accurate business records, conducting audits and internal reviews, paying taxes, and other typical corporate activities. If you are a business partner, vendor, or contractor, we may use your information in vendor management systems, invoicing, and contracting.
Other Purposes with Notice and Consent: If we intend to use your personal information for a purpose that is materially different from the purposes listed above, we will update this Privacy Policy and/or provide you with specific notice at the time of collection. In certain cases, we may also request your consent (if required by law or if we choose to do so) before using your data in a new way. For instance, if we ever wanted to collect biometric identifiers or precise GPS location for a new feature, we would only do so with your explicit consent.

We will not use the personal information we collected for materially different, unrelated, or incompatible purposes without updating you and, if required, obtaining your consent.

5. Legal Bases for Processing (GDPR Compliance)

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with similar data protection laws, we process your personal information based on valid legal bases under the GDPR and applicable laws. This means we only use your data as permitted by law, which includes the following legal groundsdataprotection.iedataprotection.ie:

Consent: In certain cases, we rely on your consent to process your personal data. For example, we will obtain your consent before sending you marketing communications (where required by law) or before placing non-essential cookies on your device (per EU ePrivacy laws). If we ask for consent, you have the right to withdraw it at any time. For instance, you can withdraw consent to marketing emails by clicking “unsubscribe” in the email or contacting us, and to cookies by adjusting your cookie settings (see Section 10). Withdrawal of consent will not affect the lawfulness of processing that occurred prior to the withdrawal.
Performance of a Contract or Pre-Contractual Steps: We process personal data as necessary to perform our contract with you or to take steps at your request before entering into a contract. In this context, the “contract” is typically the provision of services you request. For example, when you request insurance quotes through our Sites, we must process your personal information (and share it with insurance partners) to deliver the quotes you asked for. Similarly, if you contact us for customer service, processing your data is necessary to fulfill your service request.
Legitimate Interests: We process personal data as needed for our legitimate business interests, provided that those interests are not outweighed by your data protection rights. Our legitimate interests include providing and improving our services, marketing our services, preventing fraud, securing our systems, and conducting business analytics and operations. For instance, it is in our legitimate interest to analyze Site usage to improve functionality, or to share certain data with our partners in order to sustain our lead generation business model. We take steps to ensure we consider and balance any potential impacts on your rights before relying on legitimate interests. Note: If you are in the EEA/UK, you generally have the right to object to processing based on legitimate interests (see Section 7).
Legal Obligation: We process personal data to the extent necessary to comply with our legal obligations. For example, we may retain certain transaction records to meet tax or accounting rules, respond to valid requests from law enforcement, or process opt-out requests under privacy laws. If an EU or member state law requires us to collect or retain certain information, that is a legal obligation basis.
Vital Interests: In rare cases, we may process data to protect your vital interests or those of another person. This would apply only in critical situations, such as if the processing is necessary to protect someone’s life or health. (This basis is unlikely to be relevant to our typical operations, but we mention it for completeness.)
Public Interest: If we ever process personal data in the public interest or in the exercise of official authority (which is not applicable to our private business operations), we would rely on that legal basis as provided under Article 6(1)(e) GDPR. This is more relevant to governmental organizations, so it’s generally not applicable to KMG’s processing.

For Special Category Data (sensitive data) from EEA/UK individuals (for example, health information you provide for life insurance quotes), we will only process such data with your explicit consent (GDPR Art. 9(2)(a)), or if otherwise permitted by law (e.g., if necessary for an insurance contract you request, which may fall under substantial public interest in insurance context, or as necessary for legal claims). We will inform you and obtain consent when required. If you have any questions about the legal bases on which we collect and use your personal information, please contact us (see Section 16).

6. How We Share Information

We do not sell or disclose your personal information to unaffiliated third parties for their own independent marketing purposes without your consent. We do, however, share your information with various categories of third parties for business purposes, to serve you, and as otherwise described below. The following table summarizes categories of recipients with whom we share personal information and the purpose of such sharing:

Category of Third Party Recipient	Purpose of Disclosure
Insurance Partners (Carriers, Agents, Brokers)	Purpose: To fulfill your insurance quotes and service requests. When you request a quote or insurance information, we transfer your relevant personal information (contact details, insurance needs, etc.) to licensed insurance providers so they can provide you with quotes, policies, or follow-up services. We may receive compensation (a fee or commission) for these referrals, which may legally be considered a “sale” of personal information under certain laws. However, the primary purpose is to connect you with the services you requested. Note: These partners will use your information in accordance with their own privacy policies and may contact you directly.
Service Providers and Contractors (IT hosting, data storage, customer support tools, analytics providers, marketing email/SMS platforms, etc.)	Purpose: To perform services on our behalf and support our operations. Examples include: hosting companies that maintain our website and databases; cloud storage providers; analytics and advertising service companies (that process data to provide us insights or ad targeting); email/SMS delivery services that send out communications to you; customer relationship management (CRM) software; call centers or phone system providers if we call you; and other technical suppliers. These service providers are bound by contract to only use your data for our specified purposes and to protect it (they are typically considered “service providers” or “processors” under privacy laws, not independent owners of the data).
Affiliated Companies (within our corporate group, if any)	Purpose: For internal business purposes and record-keeping. If Kings Marketing Group LLC has any parent, subsidiary, or affiliated entities (under common ownership or control), we may share personal information with them. For example, if we operate multiple websites or lines of business under common ownership, your information may reside in a shared database accessible by our affiliates, or we might refer you across our family of services to better serve you. Any affiliated company receiving your information will honor the same commitments made in this Privacy Policy.
Marketing and Advertising Partners (including advertising networks, social media platforms, and data brokers)	Purpose: For advertising, analytics, and lead acquisition/sale purposes. We may allow third-party advertising networks and social media companies to collect information via cookies or pixels on our Sites to facilitate targeted advertising (see Section 10). For example, Google or Facebook may receive pseudonymous data that you visited our Site, which helps us advertise to you on their platforms. We may also share hashed or identifier information with such partners to create “custom audiences” for our ads. Additionally, if we acquire leads from or sell leads to reputable data brokers or lead marketplaces, it is for the purpose of expanding our consumer reach or fulfilling your requests (ensuring you are matched with an insurer). Such sharing may be deemed a “sale” or “share” under certain laws when done for cross-context behavioral advertising; we honor opt-out requests for these activities (see Section 8).
Business Transfers (Successors in interest)	Purpose: In the event of a corporate transaction. If we are involved in a merger, acquisition, sale of assets, bankruptcy, or reorganization, personal information may be transferred to a successor or affiliate as part of that transaction. The recipient would likely step into our shoes to continue the business, and your information would be one of the transferred assets so that the service can continue to be provided to you. In such case, we would ensure the new entity honors the materially same privacy commitments or provide notice and choice if required.
Law Enforcement, Regulators, and Others with Legal Rights	Purpose: To comply with legal obligations or protect rights. We may disclose personal information to courts, law enforcement, government authorities, or other third parties when we believe such disclosure is necessary to: (a) comply with a law, subpoena, regulation, or legal process; (b) respond to a government request or regulatory inquiry; (c) enforce our terms of service or other agreements; (d) detect or prevent fraud, security, or technical issues; or (e) protect the rights, property, or safety of our company, our users, our partners, or the public. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. We will only disclose what is reasonably necessary and will object to overly broad requests when appropriate.

Service Providers vs. Third Parties: When we use the term “service provider” (or “contractor” under some laws), we refer to companies that process personal information on our behalf, pursuant to a contract that restricts them from using the data for any purpose other than providing services to us. They are not allowed to use or share your data except as directed by us, subject to limited exceptions (like if required by law). In contrast, when we share information with other third parties (like insurance partners or advertising networks), those parties may use the data as independent businesses for their own purposes (for example, an insurance company will use your information to underwrite and offer a quote, and if you become their customer, they’ll handle your data under their own policy). We strive to contractually safeguard your data and ensure any third-party data sharing aligns with applicable privacy laws.

No Unauthorized Selling: We do not sell your personal information to data brokers or unrelated companies for money without your consent. The only “sales” of personal info that occur are inherent in our business model (transferring your info to insurance providers for quotes) or via advertising cookies as described – both of which you can opt out of as described in Section 8. Aside from that, we do not monetize your information by selling lists of our users or anything similar.

De-identified or Aggregated Data: We may share information that has been aggregated (combined with information of other users) or de-identified (stripped of personal identifiers) in such a way that it can no longer reasonably be used to identify you. Such information is not considered personal information under many laws. For example, we might share statistics about how many people in a certain state requested quotes, or general trends, with partners or in marketing materials. We commit that if we ever share de-identified data, we will maintain and not attempt to re-identify it, and will contractually prohibit recipients from trying to re-identify it. If you have questions about third parties that have received your information, you may contact us as described in Section 16. For California residents, see Annex A for a summary of what categories of personal information we disclose to what types of third parties.

7. Your Privacy Rights

Depending on your jurisdiction, you have certain rights regarding your personal information. We are committed to honoring applicable rights requests in accordance with applicable laws. This section describes:

The rights of individuals in the European Union, United Kingdom, and other GDPR-governed regions,
The rights of California residents under the CCPA/CPRA,
Similar rights under other U.S. state laws (which largely parallel California’s), and
How you can exercise those rights (the process to submit requests, identity verification, etc.).

Your Rights Under GDPR (EU/UK residents): If you are in the EEA, UK, or a comparable jurisdiction, you have the following rights under the GDPR (subject to certain exceptions and limitations):

Right to Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the personal data we hold about you, as well as supplementary information about how we use and share it. This is also known as a “Data Subject Access Request.”
Right to Rectification: You have the right to request that we correct or update any inaccurate or incomplete personal data we hold about youdataprotection.ie. For example, if you realize we have a misspelled name or wrong contact number, you can ask us to fix it, and we will do so without undue delay.
Right to Erasure: You have the right to request deletion of your personal data in certain circumstances (“Right to be Forgotten”). We will erase your data upon request if: the data is no longer needed for the original purpose, you withdraw consent (and no other legal basis applies), you object to processing and we have no overriding legitimate grounds, we processed data unlawfully, or erasure is required to comply with a legal obligation. Note that this right is not absolute – sometimes we may retain certain information as allowed by law (e.g., to comply with a legal obligation or for legal claims defense). If we deny a deletion request, we will inform you of the reason.
Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain scenarios. For instance, if you contest the accuracy of your data, you can request we restrict processing until the accuracy is verified; or if processing is unlawful but you prefer restriction over deletion; or if we no longer need the data but you need it for a legal claim; or if you have objected (see next bullet) and are awaiting verification of our interests. When processing is restricted, we will store your data but not use it except as allowed (e.g., to secure your rights or for important public interest reasons).
Right to Object to Processing: You have the right to object to our processing of your personal data when it is based on legitimate interests or public interest. If you object, we must stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or unless it’s needed for legal claims. Right to Object to Marketing: Specifically, you have an absolute right to object to processing of your personal data for direct marketing purposes at any time. This includes profiling to the extent it’s related to direct marketing. If you object, we will cease using your data for marketing purposes immediately.
Right to Data Portability: You have the right, in certain cases, to receive your personal data that you provided to us in a structured, commonly used, machine-readable format, and to request that we transmit it directly to another controller where technically feasible. This right applies when the processing is based on your consent or a contract and is carried out by automated means. For example, you could ask us to export the information you provided on a quote form so you can send it to another service.
Right not to be Subject to Automated Decision-Making: We do not engage in solely automated decision-making, including profiling, that produces legal or similarly significant effects on individuals. If we ever do, you would have the right not to be subject to a decision based solely on automated processing that significantly affects you, unless it is necessary for a contract, authorized by law, or based on your explicit consent. In such cases, you also have the right to human intervention and to contest the decision.
Right to Withdraw Consent: If we rely on consent for any processing, you have the right to withdraw that consent at any time (see above regarding consent in Section 5). Withdrawal will not affect the lawfulness of processing done before the withdrawal.
Right to Complain: You have the right to lodge a complaint with a data protection supervisory authority, particularly in the EU country of your habitual residence, place of work, or where an alleged infringement of data protection law occurred. We would appreciate the chance to address your concerns first by contacting us, but you can go directly to the authorities. For example, if you are in the UK, you can contact the Information Commissioner’s Office (ICO); if in France, the CNIL; if in Germany, your state’s DPA, etc.

Your Rights Under CCPA/CPRA (California residents): If you are a resident of California, you have the following rights with respect to your “personal information” (as defined under California law):

Right to Know (Access): You have the right to request that we disclose the specific pieces of personal information we have collected about you in the past 12 months, as well as additional details such as the categories of information, the categories of sources, the business or commercial purposes for collection, and the categories of third parties with whom we shared your information. You may request this information up to twice in a 12-month period, free of charge. Upon verification of your identity (and if applicable, your California residency), we will provide the requested information for the preceding 12 months (or longer period if required by law).
Right to Delete: You have the right to request that we delete personal information we collected from you and retained, subject to certain exceptions. Once we receive and verify a valid deletion request, we will delete (and instruct any service providers or contractors to delete) your personal information from our records, unless an exception applies. Common exceptions include: if the information is needed to complete a transaction or service you requested (for example, if you’re in the middle of getting quotes, we may need the data until that’s done), to detect security incidents, to exercise free speech or another legal right, to comply with a legal obligation (like maintaining records of your opt-out request), or for other internal uses that are lawful (like analytics, so long as the use is reasonably aligned with your expectations and the context you provided the data). We will specify in our response any information that we cannot delete due to an exception.
Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you. Upon verifying your identity and the accuracy issue, we will correct the information as you direct, or if appropriate, delete it or note it as disputed. We may request additional information to ensure correctness (for example, if our records show a certain address and you claim it’s wrong, we might ask for confirmation of the correct address).
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertisingv. “Sale” in CCPA is broadly defined to include many exchanges of data for valuable consideration (not just selling for money). “Sharing” is defined as disclosing data for targeted advertising purposes. As noted, our disclosure of your data to insurance partners for quotes may be considered a sale, and our use of advertising cookies or pixels may be considered sharing. You can opt out of these activities (see Section 8 for detailed instructions on how to exercise this right, including via the “Do Not Sell or Share My Personal Information” link on our Sites or through Global Privacy Control signals). Once you opt out, we will not sell or share your personal information unless you later provide consent (the law calls this “request to opt-in” after opting out). If you are under 16, sales/sharing are restricted by default (we do not knowingly sell or share data of consumers under 16 without affirmative authorization; see Children’s section).
Right to Limit Use of Sensitive Personal Information: The CPRA grants you the right to limit the use and disclosure of your sensitive personal information (SPI) if we use it for purposes beyond what is “reasonably necessary and proportionate” to provide the requested services. As noted, we do not collect or use SPI (like SSN, financial account, precise geolocation, etc.) except as necessary for the services (e.g., if needed for a specific quote) and for limited purposes allowed by law. In any event, if we were to use SPI for additional purposes (e.g., inferring characteristics), you would have the right to direct us to use it only for necessary services or purposes you authorize. We provide a “Limit Use of My Sensitive Personal Information” option if applicable (likely via the same mechanisms as Do Not Sell/Share), though currently we do not use your SPI in a way that triggers this right beyond what’s necessary to serve you.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you our services, charge you different prices, or provide a different level of quality of services just because you exercised your privacy rights. However, please note that if the exercise of your rights limits our ability to process your information (for example, if you request deletion of all your data), we may not be able to provide you with certain services that rely on that data. In such cases, we will inform you of the impact, and any difference in service is a direct result of your request, not a punitive action. California law does allow offering certain financial incentives that involve different prices, rates, or quality of goods/services if they are reasonably related to the value of your data (for example, loyalty programs). We do not currently offer such programs that require enrollment and opt-in consent, but if we do in the future, we will provide a detailed notice and obtain your affirmative consent.

Your Rights Under Other U.S. State Laws: Residents of certain other states (such as Virginia, Colorado, Connecticut, and Utah, under their respective privacy laws) have rights similar to those above, including the right to confirm if we process your data, to access and obtain a copy, to delete, to correct inaccuracies, to opt out of targeted advertising or sale of personal data, and to opt out of profiling in furtherance of legal or significant effects. We will honor those rights for eligible residents in line with those laws. For instance:

Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA): These states grant rights to access, correct, delete, obtain a portable copy, and opt out of processing for targeted ads, sale of personal data, or profiling for significant decisions. If you are a resident of these states, you can exercise those rights in the same manner described for California (even if some terminology differs, we will understand and process your request appropriately). Notably, these laws define “sale” and “targeted advertising” similarly to CPRA. We extend our opt-out processes to you as well. Additionally, these laws allow you to appeal our decision if we decline to act on a request – if applicable, we will include instructions in our response on how to appeal.
Utah (UCPA): The Utah law provides rights to access, delete, obtain a copy, and opt out of sale or targeted advertising. There is no correction right explicitly, but we will honor correction requests as a courtesy. Utah’s definition of “sale” is narrower (exchange for monetary consideration), and we believe any such “sale” of a Utah resident’s data would be covered by our existing opt-out mechanism.

In summary, no matter what U.S. state you reside in, you can request to access, delete, or correct your data, and opt out of sale/sharing/targeted ads, and we will accommodate to the extent required (and often even if not strictly required, as part of our commitment to user privacy).

Exercising Your Rights – How to Submit a Request: To exercise any of the applicable privacy rights described above, please submit a request to us by one of the following methods:

Webform: You may submit requests through our Privacy Request web form at [privacy request URL]. This form will prompt you to provide details necessary to process and verify your request.
Email: Send an email to privacy@Quote Kings Media.com with the subject line “Privacy Rights Request” and let us know what you would like to do (e.g., “I am a California resident and I would like to access my personal information” or “Please delete my information from your system”). Please include your name, the email address associated with your interactions with us, and if applicable, the specific site (QuoteKings or Quote Kings Media) you used, along with any other pertinent details that will help us verify and locate your information.

Verification Process: For your protection, we will need to verify your identity (and California residency, if applicable) before fulfilling certain requests, particularly access, deletion, or correction requests. The verification steps may vary depending on the sensitivity of the information and the type of request. Generally, we will ask you to provide at least two or three data points that we have on record (e.g., your full name, email address, phone number you used, or last interaction) to confirm we are dealing with the correct person. For example, if you request to know the data we have, we might ask for your name and email and send a verification link to that email to ensure you control it. If we cannot verify your identity from the information provided, we may ask for additional proof (such as a recent communication from us, or other identifier). Any information collected for verification will only be used for that purpose.

If you have an authorized agent (under CCPA) or an authorized representative (under other laws) submit a request on your behalf, we will require proof of their authority to act for you. For example, if a third-party or your attorney sends the request, they should provide a power of attorney or your written, signed permission along with verification of your identity directly to us. We will also verify the agent’s identity. This is to prevent fraud or unauthorized access to your data.

Response Timing and Process: We aim to respond to privacy requests promptly. Under CCPA, we will confirm receipt of your request within 10 business days and provide a substantive response generally within 45 calendar days of receiving a verifiable request. If we need more time (up to an additional 45 days, for a total of 90 days), we will inform you of the reason and extension in writing. GDPR requires response within one month (which we align with the 45-day timeline, often sooner). For other state laws, we also follow similar timing. Access and deletion requests are generally free of charge up to two times in a 12-month period. If requests are excessive or manifestly unfounded (as per law), we may decline or charge a reasonable fee, but we have no intention of doing so and will explain any such decision.

We will deliver our response via the same method you submitted (e.g., email) unless you request otherwise. For access requests, if provided electronically, we will, if possible, provide the information in a portable format (like a PDF or JSON file). For deletion, we will confirm that we have deleted your personal information (except for any retained under an exception) or, if not, the basis for refusal. For correction, we will confirm the data is corrected or if we can’t comply, an explanation.

If we cannot comply with a request, we will explain the reasons. Common reasons could be: we could not verify your identity, the request is unclear or overly broad, we do not have any data on you (e.g., if you used our service anonymously or under a different name), or an exception under the law applies. We will also instruct any service providers or contractors, and third parties (where required by law) to act upon your request (for example, telling our partners to delete data if they got it from us, unless an exception applies).

No Fee (Generally): We do not charge a fee to process your rights request.

For additional information about your rights or assistance with making a request, you may contact us at privacy@Quote Kings Media.com. We are here to help you exercise your privacy choices.

8. Do Not Sell or Share My Information (Opt-Out & GPC)

As described above, certain transfers of personal information we do as part of our business may be considered a “sale” or “sharing” under U.S. state privacy laws, even if we do not literally exchange data for money in the traditional sense. Specifically, selling under the CCPA/CPRA includes any exchange of personal information for valuable consideration (which can include lead generation fees), and sharing refers to providing personal information to third parties for cross-context behavioral advertising (targeted ads)https://oag.ca.gov/privacy/ccpa. We are fully committed to enabling you to opt out of these uses of your data.

Personal Information Sold/Shared: The categories of personal information we may “sell” (as defined by CCPA) include Identifiers and Insurance Quote Information (when provided to our insurance partners in exchange for commissions or fees) and Internet/Device Data (when shared with advertising partners for targeted advertising). For example, when you submit a quote request, we might sell that lead to an insurance agency who will then contact you – that is a sale in CCPA terms. Similarly, if we allow an advertising partner’s cookie on our site that tracks you for personalized ads, that is “sharing” for behavioral advertising.

If you are a California resident (or other user where applicable law gives an opt-out right), you have the right to opt out of the sale or sharing of your personal information at any time. We extend this right to all users as a matter of policy where feasible.

How to Exercise Do Not Sell/Share

“Do Not Sell or Share” Link: We provide a “Do Not Sell or Share My Personal Information” link in the footer of our Sites (as required by California law). By clicking that link, you will be taken to an opt-out form or page where you can submit a request that your data not be sold or shared. If you have cookies enabled, this may involve setting a special “opt-out” cookie on your browser to remember your preference for that device and browser.
Opt-Out Form or Toggle: You may be presented with an interactive form or toggle that allows you to opt out of sales/sharing. Follow the instructions on that page – usually, it may ask for your browser details or have a button to confirm your opt-out. We will process that and ensure any non-essential third-party trackers are disabled and refrain from selling your information going forward. If the opt-out is cookie-based, note it will only apply to the specific browser you use; you may need to opt out again if you clear cookies or use a different device/browser.
Global Privacy Control (GPC): We recognize and honor the Global Privacy Control signal. GPC is a privacy preference you can set in certain browsers or extensions that broadcasts an automated signal to websites of your choice indicating that you do not want your personal info sold or shared. If our Sites detect a GPC signal from your browser, we will treat it as a valid opt-out of sale/sharing for that browser or device, and will apply it broadly. In practical terms, this means we will disable third-party advertising/tracking cookies on our site for that session and going forward (for that browser), and we will record that choice so that if you submit forms on our site, we will refrain from selling those particular data points. Note: GPC opt-outs are browser-specific. To fully opt out on all devices, you should enable GPC on each browser you use or use our other opt-out methods.
Opt-Out by Email/Phone: If you prefer, you can contact us (via the methods in Section 7) and directly say “Do not sell my information” or “I want to opt out of targeted ads.” We will log your request and implement a block on selling/sharing linked to the identifying information you provide (such as your email or phone). For example, if you email us from your address saying you opt out, we will put that email on a suppression list and not share leads associated with it going forward.

Once we process your opt-out, we will stop selling or sharing your personal information. If you have an active transaction in process (like you just requested quotes), we may still forward those quotes to the partners you already requested, but will not include you in future “sold” leads or advertising profiles. We will also instruct our service providers and contractors not to use your info for any purpose outside what’s allowed (they shouldn’t anyway, but this reconfirms it).

Confirmation: We will confirm receipt of your opt-out request and, within at most 15 business days (typically much sooner), we will comply. You do not need to create an account to exercise the opt-out. If we have reasonable belief that a request is fraudulent (e.g., someone else not you, trying to sabotage), we may contact you to confirm.

Effect on Services: Opting out of sale/sharing will not affect our core services (you can still request quotes and we will fulfill them), but it may limit certain personalization. For instance, you might receive generic advertising instead of targeted content. Additionally, if you opt out and later request a quote, we will endeavor to respect your opt-out (which could mean we only send your data to partners as a “service provider” for fulfilling your request rather than as a sale – this area can be complex under the law, but we aim to err on the side of not sharing more than necessary after an opt-out).

Opt-In for Minors: We do not knowingly sell or share personal information of consumers under 16 years of age. Our Sites are not intended for anyone under 18 (see Section 14), and we do not knowingly collect such data. If we somehow have information of a minor under 16, we will not sell or share it unless we obtain affirmative authorization (opt-in) from the minor (if 13-15 years old) or from the parent/guardian (if under 13) in accordance with CCPA’s minor privacy provisions. If you are a parent or guardian of a minor and believe the minor has been erroneously included in our data sales, please contact us and we will remove and opt-out that data.

Other Opt-Out Mechanisms: In addition to the above, you can manage cookies and online data sharing through various means: For example, you can use industry opt-out tools like the NAI (Network Advertising Initiative) opt-out page or the DAA (Digital Advertising Alliance) WebChoices tool to opt out of targeted ads from participating companies. Keep in mind these tools are browser-specific as well. Also, browser settings can block third-party cookies or tracking scripts entirely (see Section 10).

We do not knowingly engage in “cross-context behavioral advertising” in ways beyond cookie-based sharing, but out of an abundance of caution we treat advertising tracking as subject to opt-out. We also do not sell personal data of any individual who we know is covered by an opted-out preference (like if a data broker gave us a list, we would scrub out any known opt-outs if applicable).

9. TCPA & CAN-SPAM: Notices and Consent to Contact

We value your preferences regarding how we communicate with you. If you provide us with your phone number or email address, we will handle that information in compliance with the Telephone Consumer Protection Act (TCPA) and CAN-SPAM Act, as well as other applicable communication laws. Here’s what that means:

Consent to Be Contacted (Telemarketing & Texts): By providing your telephone number to us (for example, when you fill out a quote request form), you acknowledge and agree that such act constitutes an established business relationship and, where required, express written consent for us and our insurance partners to contact you. This may include auto-dialed or pre-recorded calls and text (SMS/MMS) messages to the number you provided, for purposes of fulfilling your quote request, providing insurance offers, or related marketing. We will make it clear at the point of collection (e.g., on the web form) that you consent to these communications; typically, there will be language next to the phone number field or submit button indicating that by clicking “Submit” you agree to receive calls or texts about insurance products, even if your number is on a state or federal Do Not Call list. We do this to ensure compliance with TCPA’s requirements for consents. You are not required to agree to receive auto-dialed marketing calls or texts as a condition of using our services – if you prefer not to, you can always use our services solely via online channels. However, phone contact is often part of getting insurance quotes quickly, so consent is requested to serve you better.

Opting Out of Calls: You have the right to opt out of telemarketing calls at any time. If you no longer wish to receive our calls, simply inform the caller (whether it’s us or one of our insurance partners) that you do not want further calls. We (and they) are required under TCPA and “Do Not Call” rules to honor that request and place you on an internal Do Not Call (DNC) list. We maintain an internal DNC list of phone numbers that have opted out, and we use it to suppress future marketing calls to those numbers. Additionally, you can register your number on the National Do Not Call Registry at donotcall.gov; we honor the national DNC as well, except that by giving consent, you override the DNC for a period (which is allowed by law until you revoke consent). If you are receiving calls from a specific insurance provider and want them to stop, please inform that provider directly as well; however, feel free to notify us if any partner is not respecting your opt-out and we will assist.

Opting Out of Text Messages: If you receive a marketing or quote-related text (SMS or MMS) from us or our platform, it will include instructions to opt out, typically replying “STOP” (or “STOP ALL” to stop all texts, and keywords like HELP for info). You can simply reply STOP to any text we send, and we will treat that as an opt-out for text messages (and will confirm with a final message that you have been unsubscribed). Our texting system is set to recognize these standard opt-out requests and will automatically stop further messages. You can also request opt-out by contacting us via email or phone; we will manually add your number to our text DNC list. Please note that after opting out, you might receive one final confirmation text.

Message and Data Rates; Frequency: Standard message and data rates may apply for any texts we send (depending on your mobile plan). We aim to send texts only as needed – for example, to connect you with an agent or confirm info. We do not send “spammy” texts at odd hours. If you opted in to recurring messages (e.g., an SMS subscription for alerts), the frequency will be described at opt-in. Currently, we primarily send one-time texts in response to your specific inquiry and possibly follow-ups.

CAN-SPAM (Email Communications): For email, we comply with the Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (CAN-SPAM). This means:

We will not send you commercial email without providing you a clear opportunity to opt out of future emails. Any marketing or promotional email from us will include an “Unsubscribe” link or instructions, typically at the bottom of the email. You can click that link and follow the prompts to stop further emails to that address.
We include our physical mailing address in every commercial email (you’ll see our business name and address in the footer of the email) to comply with CAN-SPAM’s requirements.
We use accurate “From” and “Subject” lines that reflect the content of the email – no deceptive subject lines or fake sender names. You’ll easily recognize the email as coming from us (or a specific partner if applicable).
If you unsubscribe from our marketing emails, we will honor your opt-out request within 10 business days (usually immediately) and will not send you further marketing emails after that. (Do note that even after you opt out of promotional emails, we may still send you transactional or relationship emails as allowed by law – for example, a confirmation of a quote request, responses to customer service inquiries, or updates on an ongoing transaction, as these are not marketing messages.)
We do not share your email with unrelated third parties for their own marketing without your consent. If an insurance partner obtains your email through us because you requested a quote, they may send you emails regarding that quote or policy offerings, but they should also provide an opt-out in their emails and abide by CAN-SPAM. You may need to opt out with that partner separately if you no longer wish to hear from them.

Your Choice for Emails: If you want to opt out of all marketing emails from us, the quickest way is to use the unsubscribe link in an email you received. If that’s not available, you can contact us at privacy@Quote Kings Media.com and request removal of your email from our marketing list. Please note, if you provided multiple emails or aliases, specify which ones to remove. If you opt out but later fill out a new form on our Sites and consent to emails again, you may receive emails anew – so you might need to opt out again if you change your mind, or simply refrain from re-subscribing.

TCPA Consent Scope: When consenting to calls/texts, understand that the consent covers communications from us and our network of insurance partners that might fulfill your request. This could involve a limited number of partners contacting you to provide competing quotes. For example, if you request an auto insurance quote, you might receive calls from a handful of insurance agents or companies (perhaps 2-5) that we match you with. We try to limit the partners to those relevant to your request. All such contacts should be reasonable in frequency and within appropriate calling hours (we abide by calling-time restrictions under TCPA – typically no marketing calls before 8 a.m. or after 9 p.m. your local time). If any partner is overly persistent or you have an issue, please let us know.

Revocation of Consent: You can revoke your consent to be called or texted at any time. As mentioned, telling the caller to stop or replying STOP to a text will suffice. You can also reach out to us directly to revoke consent for any future communications from us or our partners. We will put your number on our Do Not Call list and communicate it to relevant partners if necessary. Please allow a short time for all partner systems to update.

Documenting Consent: We maintain records of the consents we obtain (such as form submission timestamps, consent language presented, etc.) to demonstrate compliance with TCPA. This is part of our compliance effort and also protects us and our partners. If you ever need details on when/how you consented (for example, if you don’t recall submitting a form and want to check), we can investigate and provide the source of that consent record.

CAN-SPAM Compliance by Partners: We require any email campaigns run by our affiliates or partners on our behalf to also comply with CAN-SPAM. If you believe you received an unsolicited or problematic email claiming to be related to KMG or QuoteKings that does not allow you to unsubscribe, please notify us and we will address it.

Important: While we strive to ensure all communications are compliant and welcome, scammers sometimes impersonate legitimate companies. If you receive any suspicious communication purporting to be from us (especially if it doesn’t sound right or is asking for sensitive info like your SSN or credit card over phone/email in a way unrelated to an insurance application you expect), please exercise caution. You can always contact us directly to verify if a communication was actually from us or an authorized partner.

In summary, we will only call, text, or email you in accordance with law and your preferences. You have full control to opt out of communications and we will honor that. Our goal is to provide you with timely insurance information, not to bombard or annoy you. If you have any issues with communications, please contact us so we can promptly resolve them.

10. Cookies and Tracking Technologies

Our Sites use cookies and similar tracking technologies to ensure the sites function properly, to analyze usage, and to support our advertising efforts. This section explains what these technologies are, how we use them, and your choices regarding them.

What Are Cookies? Cookies are small text files that websites send to your device (computer, smartphone, etc.) when you visit a site. They are stored by your web browser and hold a modest amount of data specific to you and the website. Cookies can be “first-party” (set by our domain) or “third-party” (set by a different domain, such as an analytics or advertising provider’s domain). Cookies have various lifespans: session cookies are temporary and deleted when you close your browser, whereas persistent cookies remain on your device for a set period or until you delete them.

Other Tracking Technologies: In addition to cookies, we and our partners may use technologies like web beacons (also known as clear GIFs or pixel tags), which are small invisible images or code embedded on pages or emails that track when they’re viewed; Local Storage (like HTML5 localStorage or browser cache); and device identifiers or fingerprints. If you use our mobile-responsive site or any future mobile app, there might be mobile-specific trackers or SDKs.

Types of Cookies We Use:

Essential / Strictly Necessary Cookies: These are cookies required for the technical operation of our Sites. For example, they might remember your input as you fill out a multi-step form (so you don’t lose info if you go to a previous page), or they enable core functionalities like user authentication (if applicable) or load balancing (to keep the site available). Without these cookies, the services you’ve asked for (like submitting a quote request) could not be provided properly. We do not need consent for strictly necessary cookies.
Functional Cookies: These cookies allow our Sites to remember choices you make and provide enhanced features. For instance, if our site offers a feature to save your information for later or personalize content to you, functional cookies might enable that. They may also remember your cookie preferences (so that, for example, if you declined certain cookies, we store that choice).
Analytics / Performance Cookies: We use these to collect information about how visitors use our Sites – which pages are visited, how long people stay, how they navigate, what errors might occur, etc. This helps us improve the site’s performance and your experience. For example, we use Google Analytics and similar tools to understand site traffic and usage patterns. These cookies typically collect aggregated statistics (e.g., total visits, traffic sources). However, even though we don’t learn who you specifically are from an analytics cookie, it may still collect some pseudonymous identifiers like your IP address or a unique cookie ID. We treat analytics data as personal data if local laws consider it so. Google Analytics may set cookies such as “_ga” to distinguish users, etc. We have configured these tools to respect Do-Not-Track or GPC signals to the extent available and/or to mask IP addresses where possible.
Advertising / Targeting Cookies: These cookies are used to deliver advertisements that are more relevant to you and your interests, and to measure the effectiveness of ad campaigns. They may be set through our site by advertising networks or social media platforms (third parties). For example, we might have a Facebook Pixel or Google Ads tag on our site that triggers when you perform certain actions (like visiting a certain page or submitting a form). This helps us later show you a targeted ad on Facebook or Google’s network relating to our services, or measure if our ad led you to do something on our site. These cookies can track your browser across different sites and build a profile of your interests. They often uniquely identify your browser and device. If enabled, these cookies “share” information that might be considered a sale/sharing under CPRA (hence why we allow opting out – see Section 8). Common advertising cookies/pixels we may use include Google Ads/DoubleClick, Facebook/Meta Pixel, and perhaps others like Bing Ads or LinkedIn Insights, etc. We do not serve third-party banner ads on our site, but these trackers assist with our external marketing.
Affiliate Tracking Cookies: If we run affiliate marketing or referral programs (where partners send us traffic and get credit), we might use cookies or pixels to track that attribution. For example, if you came to our site by clicking on a partner’s link, an affiliate cookie might record that referral so we can compensate the partner if you take certain actions.
Do Not Track: Web browsers can send a “Do Not Track” (DNT) signal to websites indicating you do not want to be tracked. Our Sites currently respond to DNT signals by treating them similar to an opt-out of cookies where feasible. However, not all third-party trackers recognize DNT. We are more focused on the newer Global Privacy Control (GPC), which we do honor (as described above).

Cookie Consent (for EU/UK): If you are visiting from the EU, UK or other jurisdiction that requires it, you will see a cookie consent banner or popup on your first visit, asking you to consent to non-essential cookies. You can choose to accept all, decline all, or customize your choices. We will not set analytics or advertising cookies until you have given consent (unless they are strictly necessary). Your preferences will be remembered via a cookie (ironically) so that we don’t ask every time. Note: If you clear cookies, we’ll ask again, because we lost that record.

Cookie Policy: We maintain a separate, detailed Cookie Policy which lists the specific cookies and trackers in use on our Sites, along with their purposes and expiration periods. You can find it here: [Link to Cookie Policy] (also accessible via a link on our site footer). That policy is incorporated into this Privacy Policy by reference. It includes more granular information, like the names of cookies (e.g., “_ga” for Google Analytics lasting 2 years) and how to manage each.

Managing Cookies – Your Choices:

Browser Settings: You can configure your web browser to block or delete cookies. Most browsers allow you to refuse new cookies, delete existing ones, or warn you when new ones are set. Please note, if you block all cookies (especially including strictly necessary cookies), our Sites may not function properly. At minimum, you might want to block or delete third-party cookies if you’re concerned about tracking. Check your browser’s help documentation for instructions (e.g., in Chrome, go to Settings > Privacy and Security > Cookies; in Safari, Preferences > Privacy; etc.).
Cookie Banner: If our cookie banner is present, you can use it to adjust which categories of cookies you permit. Many banners allow you to opt out of analytics or ads easily. If you need to change your choice later, some banners can be re-triggered by clicking a “Cookie Settings” link on the site (often in the footer). If not, clearing cookies will reset things so you’ll be prompted again.
Google Analytics Opt-Out: Google offers an Analytics Opt-out Browser Add-on you can install, which prevents Google Analytics from collecting data in your browser. It’s available at tools.google.com/dlpage/gaoptout.
Industry Opt-Outs: As mentioned, for advertising cookies, you can use tools from the Digital Advertising Alliance (optout.aboutads.info) or Network Advertising Initiative (optout.networkadvertising.org) to opt out of many participating ad networks. Also, adjusting your settings on individual services (like Google’s Ad Settings, or Facebook’s Ad Preferences) can reduce targeted ads.
Global Privacy Control (GPC): Ensure you have GPC enabled if you want a universal signal to block sharing – we honor it by not loading third-party marketing cookies when detected (see Section 8). You can enable GPC via some browser extensions or certain browsers (like Brave, or DuckDuckGo’s extension).

Note on Third-Party Sites: If you navigate to third-party websites from our Sites (for example, by clicking a link to an insurer’s site or social media page), those third parties may set their own cookies. Our Privacy Policy and Cookie Policy do not cover external websites – check the privacy/cookie notices on those sites for info.

Do Cookies Contain Personal Data? Cookies themselves typically identify your device, not you as a named individual. However, some cookies may be linked to other personal data we have about you (like if you log in or fill a form, we might connect that with an analytics ID). In such cases, we treat the combined data as personal. Also, under laws like CCPA, cookie IDs and IP addresses are considered personal information. We handle all data from cookies according to this Privacy Policy.

Retention of Cookie Data: Persistent cookies have various expiration times. For instance, some analytics cookies last 24 months unless cleared, advertising cookies might last a few weeks to a year, etc. You can see specifics in our Cookie Policy. We don’t control expiration of third-party cookies – those are set by the third party (but your browser will usually show an expiration if you inspect cookies). If you want them gone, manually delete them or use a browser setting to clear cookies upon closing your browser.

Cookies for Email/Tracking: We may include pixels in emails (to know if you open them) and unique tracking links (to know if you click). This helps us gauge engagement and refine our content. You can disable images in your email client to avoid pixel tracking, and of course, you can simply not click links or use a URL preview. But again, these are fairly standard and used to improve the content you get.

For more details or any questions about our use of cookies and tracking technologies, please see our Cookie Policy or contact us. By using our Sites with cookies enabled (and, where required, accepting cookies via our banner), you consent to the use of cookies as described.

11. Data Security Measures

We take the security of your personal information very seriously and have implemented a variety of administrative, technical, and physical safeguards designed to protect your data against unauthorized access, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, so while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

Technical Safeguards:

Encryption in Transit: Our Sites employ industry-standard SSL/TLS encryption (indicated by the “https://” in the URL and a padlock icon in most browsers) for any data transmitted. This means that when you submit personal information through our web forms (like your contact details or quote information), that data is encrypted while traveling between your device and our servers, making it much harder for anyone to intercept or eavesdrop on it.
Encryption at Rest: Sensitive personal data is stored in encrypted form in our databases or systems wherever feasible. For example, if we store passwords (for any account features), they are salted and hashed (not stored in plain text). Other sensitive fields may be encrypted at the database level, especially any field that might be highly confidential. Access to encryption keys is tightly controlled.
Network Security: We maintain firewalls and network segmentation to isolate our internal systems from the public Internet and to protect our data stores. We use intrusion detection and prevention systems to monitor for malicious activities. Regular security patches and updates are applied to our software and infrastructure to address known vulnerabilities. Our servers are hardened and configured following best practices to reduce attack surfaces.
Access Controls: Personal information within our organization is only accessible to those employees, agents, and service providers who need to know that information to perform their job duties (principle of least privilege). We employ authentication measures such as strong passwords, multi-factor authentication for administrative access, and unique user IDs. Access to systems is logged and monitored. We routinely review user permissions and revoke accounts that are no longer needed.
Monitoring and Testing: We conduct regular security assessments, which may include penetration testing by independent security experts and vulnerability scanning of our websites and networks. We also employ continuous monitoring solutions to detect anomalous behavior or potential breaches. Logs of critical systems are collected and analyzed for signs of unauthorized access.

Organizational & Administrative Measures:

Security Policies: We have internal policies and procedures governing how personal data must be handled and protected by our team. This includes guidelines for data classification, secure data handling, incident response, use of personal devices, and more. We reference industry guidelines and legal requirements (such as NAIC’s Model Laws for data security in the insurance sector, as well as FTC’s Safeguards Rule under Gramm-Leach-Bliley Act, etc.) in crafting our policies.
Employee Training: All employees and any contractors who may handle personal information are trained on confidentiality and data security practices. We provide training at onboarding and periodic refreshers covering topics like phishing awareness, proper data handling, password management, and incident reporting. Team members are taught to recognize and report any suspicious activity or potential security incidents immediately.
Vendor Management: When we use third-party service providers (such as cloud hosting or email platforms) to process personal data, we perform due diligence on their security practices and ensure they contractually commit to protecting data with appropriate safeguards. We prefer vendors who have industry-recognized security certifications or compliance (for example, ISO 27001, SOC 2, or who comply with applicable NAIC data security model regulations, etc.). We also ensure data sharing with them is minimized to what’s necessary.
Physical Security: Our company likely uses cloud infrastructure, but to the extent any physical servers or offices hold personal information, we secure those premises. Physical access to our computers, data centers, or file storage is restricted. Offices are access-controlled (e.g., key card entry) and have measures like alarms or security cameras if appropriate. For remote workforce or any employee devices, we have policies to secure laptops (full disk encryption, auto-lock, etc.) and safe practices when working from home or public spaces.
Data Minimization: We strive to collect only the personal information that we need. By limiting the amount and sensitivity of data we store, we inherently reduce security risk. We also pseudonymize or anonymize data if full details are not required for the task at hand (for example, using unique IDs instead of names in certain internal analytics).
Incident Response Plan: Despite best efforts, if a data breach or security incident occurs, we have a Data Breach Response Plan in place. This plan outlines the steps to take, including containment, investigation, notification, and remediation. We will notify affected individuals and relevant authorities of certain breaches as required by law (for instance, we comply with state data breach notification statutes, and if applicable, the GDPR’s 72-hour breach notification rule to supervisory authorities, etc.). Our plan is periodically tested and updated as needed.
Audit and Review: We periodically review our security measures for effectiveness. This can include third-party audits or self-assessments. We remain up-to-date on security threats and adjust our safeguards accordingly. Additionally, our compliance team may audit access logs and data practices to ensure rules are followed. Significant changes to systems undergo security review.

NAIC and Industry Standards: Because we operate in the insurance marketing space, we are mindful of industry-specific regulations. For example, as referenced earlier, all states have adopted the NAIC’s Privacy of Consumer Financial and Health Information Regulation (Model #672) which aligns with GLBA’s Safeguards Rule, requiring us to protect customer information. We align our Information Security Program with these requirements – identifying risks, designing and implementing safeguards, and adjusting as needed. We also follow any guidance from insurance regulators on data security best practices.

No Guarantee: While we work hard to protect your data, we cannot guarantee its absolute security. The technologies and methods we use are strong, but not infallible. There is always some risk inherent in providing personal information, especially if you access our Sites over a network we don’t control (like public Wi-Fi). You have a role in security too: please use a strong, unique password if any account is created, guard your account details, and be careful about phishing attempts (we will not ask you for sensitive info like passwords via email). If you suspect any security issues (like if someone unauthorized may have accessed your account or you notice a vulnerability), notify us immediately (see Section 16) so we can investigate.

By disclosing your personal info to us, you acknowledge this risk. In the event of a security breach that affects your personal information, we will notify you in accordance with applicable laws and work to remedy the situation.

12. International Data Transfers

Kings Marketing Group LLC is a company based in the United States, and the personal information we collect is primarily processed and stored in the United States. However, we serve individuals in various jurisdictions (including the EU/EEA, UK, and others). This means that if you are located outside the U.S., your personal data may be transferred to, or accessed from, the United States or other jurisdictions that may not be deemed to have equivalent data protection laws as your home country.

EU-U.S./UK-U.S. Data Transfers: The European Commission and UK authorities have determined that the United States does not (in general) provide an “adequate” level of data protection, due to differences in privacy laws. As a result, when we transfer personal data from the EEA, Switzerland, or the UK to the U.S., we take appropriate steps to ensure that your data is afforded a level of protection essentially equivalent to that in the EU, as required by GDPR Chapter V.

Safeguards for International Transfer:

Standard Contractual Clauses (SCCs): We rely on European Commission-approved Standard Contractual Clauses as a legal mechanism for data transfers from the EEA/Switzerland to the U.S. (or other countries not deemed adequate). These SCCs are contractual commitments between companies transferring personal data, binding the recipient (us, or our service providers) to protect the data according to EU privacy standards. For example, if we use an EU-based affiliate or partner and they send us EU consumer data, we likely have SCCs in place with them, obligating us to GDPR-level protections. Similarly, for any onward transfer to our U.S. service providers that assist us, we incorporate SCCs into our agreements unless they have an alternative compliance measure. The latest SCCs adopted by the European Commission (2021 versions) are used, as applicable.
UK Transfers: For data from the UK, we similarly utilize the UK’s International Data Transfer Addendum or the UK-approved versions of SCCs, as appropriate, since the UK post-Brexit requires its own mechanism. The effect is essentially the same – contractual commitments to protect data.
Data Privacy Framework (if applicable): The U.S. has established a new EU-U.S. Data Privacy Framework (DPF) in 2023 as an adequacy arrangement. At this time, Kings Marketing Group is not currently certified under the DPF. If we choose to participate in it in the future (or its UK extension), we will update our policy accordingly. In absence of that, we stick with SCCs and other measures.
Article 49 Derogations: In some cases, we may rely on specific derogations under GDPR Article 49 for transfers. For example, when you (the data subject) explicitly consent to the transfer after being informed of the possible risks (GDPR Art. 49(1)(a)), or when the transfer is necessary for the performance of a contract between us (Art. 49(1)(b)) – such as when you use our service to request quotes, the transfer of your data to U.S. insurance partners is necessary to fulfill your request. Also, if a transfer is necessary for the establishment, exercise or defense of legal claims (Art. 49(1)(e)), we could rely on that if relevant. These derogations are used only as needed, and not for routine, systemic transfers.
Supplementary Measures: In light of the Schrems II ruling (which invalidated Privacy Shield and emphasized evaluating U.S. surveillance laws), we have assessed our data transfers and implemented supplementary technical measures where appropriate. For instance, for certain data stored in the cloud, we may employ encryption such that only we hold the keys (minimizing exposure even if data is accessed under U.S. government demand). We also ensure that the data we transfer is limited to what’s necessary. We review whether any government access to our data is likely (in our case, we don’t handle highly sensitive data like comms content or such that would typically fall under FISA 702 surveillance). We believe the risk is low and that SCCs plus these measures suffice to protect EU personal data.

Other International Users: If you are located in other countries outside the EU/US, similar transfers will occur. For example, if you’re in Canada or Australia or elsewhere, your data will likely be transferred to the U.S. By using our services or providing your info, you acknowledge that your information will be processed in the U.S. and potentially other countries. These countries may have data protection rules different from your country. We will protect it as described in this Policy regardless of location.

Applicable Privacy Laws: We comply with applicable cross-border privacy requirements. For example, if you are in Canada, we process your data according to Canada’s PIPEDA or relevant provincial laws, and by providing information you consent to transfer outside Canada. If in Australia or other APAC region, similar principle applies. We also accommodate data subject requests globally, not just in the EU/CA (as described in Section 7).

Requesting Information on Transfers: If you would like more information about our transfer safeguards, you can contact us (see Section 16). For instance, we can provide a copy of the relevant SCCs or details on data storage locales, subject to confidentiality.

Important Note: While we strive to protect your personal data when it’s transferred internationally, certain foreign governments (including the U.S.) may be able to access personal data under local laws (for example, via lawful orders). For instance, data stored by U.S. service providers might be accessible to U.S. authorities under FISA or Patriot Act in certain conditions. Our policy is to carefully vet government requests and push back when appropriate, and only comply when legally compelled and after exhausting possible challenges. We have never received a government request for EU personal data to date, and if we do and are allowed, we will inform affected individuals or generally report it.

By using our Sites and providing information, you consent to the transfer of your information to the United States and other jurisdictions as described here. We will of course obtain separate consent from you if required by your jurisdiction’s laws (e.g., an explicit consent box for EU users if relying on Art.49 consent).

If any conflict arises between this Privacy Policy and the standard data protection clauses or other agreements governing the transfer of data, the latter will prevail for the data in question.

13. Data Retention and Deletion

We will retain your personal information only for as long as necessary to fulfill the purposes for which we collected it, as described in this Privacy Policy, and for legitimate business and legal purposes. Once personal information is no longer needed, we will securely delete it or anonymize it.

How long we keep data: The retention period can vary depending on the type of data and the purposes of processing. In general:

Consumer Quote Information: If you submit a request for an insurance quote, we will retain the personal information you provided (such as your contact details and quote parameters) for a period reasonably necessary to serve you and for our business records. Typically, we may retain quote request data for approximately 2 to 5 years. This retention allows us to: (a) follow up with you if needed (e.g., if new offers become available, subject to your communication preferences); (b) have records in case of customer service issues or disputes; (c) comply with legal obligations (like keeping proof of consent for communications, or maintaining records for financial auditing if a lead sale occurred). If you become a customer of an insurance partner via our referral, that partner will have their own retention policies for data you gave them directly.
Marketing Data: Email addresses or phone numbers collected for marketing (with consent) are retained until you opt out or until they bounce/are deemed inactive. If you unsubscribe from emails, we may move your email to a suppression list and retain that indefinitely (to ensure we continue honoring your unsubscribe request). If you opt out of calls/texts, we keep your number on our internal DNC list likewise indefinitely to avoid future contact. General marketing analytics data (like aggregated metrics) may be kept as long as useful, but those don’t identify you individually.
Website Usage Data: Analytics logs and website events (which may include IP addresses or cookie IDs) are typically retained for a shorter period unless needed longer. For instance, raw web server logs might be kept for a few months for security monitoring. Google Analytics data might be configured to auto-delete or aggregate after 14 or 26 months (or a timeframe we select) unless we have turned on longer retention for historical analysis. We periodically review these settings and make sure not to keep identifiable web browsing data longer than necessary.
Call recordings and communications: If we record calls (after notifying you), those recordings are usually kept for a set period (e.g., 90 days to 1 year) unless needed longer for training or dispute resolution. Emails you send us or chats might be stored in our support systems for a similar range of time, possibly longer if they contain valuable context for future interactions or legal records. But we will purge old support inquiries periodically.
Transactional and Business Records: We retain transactional records (e.g., records of leads delivered to partners, invoices, consents, etc.) for 7 years or more as required by law or standard accounting practices. For instance, if we paid a commission for a lead or need proof of compliance, we might hold those records for the statute of limitations period for contract claims or regulatory inquiries.
Legal Retention Requirements: Some laws mandate specific retention periods. For example, if considered a “data broker” under California law, we might keep records of consumer requests and our responses for 24 months to demonstrate compliance. Tax and financial laws might require retention of transactional data for e.g. 7 years. We adhere to any such requirements.
Anonymized Data: If we anonymize or aggregate personal data such that it can no longer identify you, we may retain that information indefinitely, as it no longer constitutes personal information and is useful for statistical analysis and business planning.

Criteria for Retention: When determining how long to retain personal data, we consider:

The volume, nature, and sensitivity of the data.
The potential risk of harm from unauthorized use or disclosure if retained longer.
The purposes we collected it for and if we can achieve those purposes through other means.
Our legal obligations (e.g., laws requiring data retention) and contractual obligations.
The statute of limitations for potential legal claims (for instance, if a user might raise an issue, we may keep relevant data until the window for claims passes).
Industry standards and guidelines (for instance, NAIC recommendations or standard practices in insurance for keeping application records).
Whether the user has taken action like opting out or account deletion – we strive to honor such requests as comprehensively as possible.

Secure Deletion: When we do delete personal data, we use methods appropriate to the medium. For digital data, deletion may involve securely overwriting or deleting from our active databases. We also ensure any backups are eventually purged or the data is rendered inaccessible when out of use. For physical media containing personal data (if any), we shred or incinerate it. We require service providers who may hold your data to follow similar practices of secure disposal.

Retention of Backups: It’s possible that even after deletion from our main systems, data could persist for a short time in encrypted backups. Our policy is that backups are cycled and pruned regularly. We do not restore personal data from backups except for legitimate business continuity needs, and if so, we re-delete the data as required.

Your Deletion Requests: If you request deletion of your personal info (for example under GDPR or CCPA via Section 7), we will delete your data from our live systems (and instruct partners if needed). However, as mentioned, there are exceptions – e.g., if a law requires retention or if the data is needed for a legal claim, we might retain that specific data. Additionally, certain residual data may remain in our archives or logs that cannot feasibly be deleted immediately. We maintain such data securely and restrict any further use except for the purposes necessary.

No Indefinite Retention Without Purpose: We do not keep personal data “just in case” we might find a use. We tie retention to concrete purposes. When those purposes are satisfied, we either erase the data or anonymize it. For instance, if someone filled a form but never responded to any follow-ups, after some time of inactivity we may purge that entry to reduce clutter and risk.

Account Data: (If applicable) If we had user accounts on our Sites (currently likely not, as we primarily facilitate one-time quote submissions), and you chose to close an account, we would delete or de-identify the personal info associated with that account, except for what we need to retain for legal or business reasons (like records of consent, transactions, etc.). We would inform you if that was the case.

Children’s Data: We do not knowingly collect minors’ data. In the event we find any, we will delete it as described in Section 14.

In summary, we try to retain personal data no longer than necessary and have a schedule and procedures to ensure data isn’t kept indefinitely. If you have specific questions about our data retention schedule for a certain type of data, you can contact us for more details.

14. Children’s Privacy

Our services are not directed to children, and we do not knowingly collect personal information from individuals under the age of 18. Insurance products and marketing services we provide are intended for adults (or at least, in jurisdictions where a minor can consent to insurance, typically those are 18 or older for contracts). By using our Sites, you represent that you are at least 18 years old.

No Under 18 Usage: We have designed our forms and content with the expectation that users are adults seeking insurance or marketing information. We do not target minors with any offers. For example, we do not offer products like life insurance directly to minors, nor do we solicit personal data from minors. We also avoid using platforms or content that would disproportionately attract those under 18. Additionally, under laws like the Children’s Online Privacy Protection Act (COPPA) in the U.S., we do not knowingly collect information from children under 13, and if we somehow were to, we would comply with COPPA’s parental consent requirements. Our stricter stance of “no under 18” is to err on the side of caution given the nature of our services.

If You Are Under 18: You should not use our Sites or submit any personal information to us. If you are interested in insurance, please ask a parent or guardian to assist you, as insurance contracts generally involve legal and financial considerations that require an adult.

No Sales to Minors: We do not sell or share the personal information of consumers we know are less than 16 years of age without affirmative authorization (as noted earlier regarding CCPA opt-in requirements for minors). However, since we don’t intend to have any minors’ data at all, this situation should not arise.

Parental Controls: Parents or legal guardians – if you believe that your child (under 18, and especially under 13) may have provided personal information to us (for example, if a teenager falsely represented themselves as an adult on our Site), please contact us immediately (see Section 16). We will take prompt steps to investigate and remove the information. Specifically, upon receiving a verifiable request from a parent/guardian regarding their child’s information, we will (in accordance with COPPA and similar laws) provide any pertinent information we might have and delete it. We won’t use it further or share it (if we even inadvertently collected it in the first place).

Age Verification Efforts: While we cannot fully verify age online, we attempt to discourage underage usage. For instance, our quote forms may ask for date of birth or age as part of the insurance quoting process. If a date of birth indicates the person is under 18, the form will not allow submission or will prompt that you must be 18+ to proceed. This helps filter out at least those who correctly provide their birth date. We also do not offer games, cartoons, or other child-enticing elements on our sites that could inadvertently lure minors.

Third-Party Content: We are not responsible for any third-party websites that might be accessible through our site (like via links) with respect to children’s content. If, for example, you followed a link to a third-party insurer’s site, they may have their own children’s privacy rules if any content is child-accessible. Always review third-party privacy policies.

Global Considerations: In some jurisdictions (like the EU under GDPR), the age for consent in online services is 16 by default (member states can lower to 13). We adhere to whichever is higher in spirit – since we require 18, we are above all those thresholds. If for any reason an EU user between 16 and 18 uses our site, under GDPR they might be allowed, but under our policy we still treat them as not intended and would remove their data on request. For consistency, we simply don’t want minors’ data.

No Profile Targeting of Minors: We do not segment or knowingly build profiles on individuals under 18. Our advertising and tracking also is not geared to minors. If ad platforms give us options to exclude audiences under a certain age, we utilize those to avoid marketing to minors.

In summary, please do not submit any personal information to us if you are under 18. If we discover personal data from someone under 18, we will delete it promptly. We take children’s privacy very seriously and support efforts to protect children online.

15. Changes to this Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we do so, we will post the updated Privacy Policy on this page with a new “Last Updated” date.

Material Changes: If we make any material changes to the way we collect, use, or share your personal information, we will take additional steps to notify you. What constitutes a “material” change is determined by applicable law. Examples might include: using your data for a new purpose that you haven’t been informed of, new categories of data we start collecting, changes in who we share data with that might affect you, or changes in your rights or choices.

Notification Methods: We may notify you of significant changes in various ways, depending on what contact information we have and what is appropriate:

On the Website: We might display a prominent notice on our homepage or at the top of this Privacy Policy page indicating that the policy has been updated and possibly summarizing the changes. This notice might be kept up for a period (say, 30 days) after the changes.
Email Notification: If you have provided us with an email address (and permitted us to contact you), we may send you an email notice informing you of the Privacy Policy update, especially if required by law for certain changes (for example, under some laws we need to get your consent for certain new uses of data; an email would alert you to review and consent or opt out).
In-App or Direct Notification: (If applicable) If we had a user account system or mobile app, we could send in-app notifications or push notifications about policy changes. Since our current service doesn’t have a user login, this likely doesn’t apply.

Advance Notice if Required: Where required by law, we will provide advance notice or obtain your consent before changes take effect. For instance, if we were to start processing data for a new purpose that requires consent, we would either not do it until consent is obtained or we would give you the choice to opt in/out. In many cases, an updated Privacy Policy can apply to all data including data collected before the change (because privacy policies are not typically contractual). However, if any change would retroactively materially reduce your privacy rights, we would either seek your consent or not apply that change to previously collected data.

Effective Date: The effective date of the Privacy Policy is at the top. We encourage you to review this Policy periodically to stay informed about how we are protecting your information. If you continue to use our Sites or services after a Policy update, it will signify your acceptance of the revised terms (except in cases where your express consent is required, in which case we will specifically seek it).

Archived Versions: For transparency, we maintain archives of previous versions of this Privacy Policy. Upon request, we can provide you with a copy of earlier versions. In some jurisdictions, it’s required that we keep old privacy policies publicly accessible (e.g., California Online Privacy Protection Act encourages noting historical versions). We may directly link an archive or “Last updated on X, previous version effective Y-Z available here” etc., or just have them ready internally.

Minor Updates: Not all updates will be significant. We might update wording for clarity, or address minor changes such as updating our contact information, and those might not warrant an explicit notice. Nonetheless, the new version will always reflect the changes in the “Last Updated” date.

By continuing to use our services after those changes become effective, you are deemed to have agreed to the updated Privacy Policy. If you do not agree with the changes, you should stop using our services and contact us if you wish to exercise any rights (like deleting your data).

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please do not hesitate to contact us:

Kings Marketing Group LLC

FULL ADDRESS

Email:
Contact Form:
Data Protection Officer: email.

We welcome your feedback. If something is unclear in this Privacy Policy or you need further information, contacting us will allow us to clarify and assist. Additionally, if you have any complaints about how we’ve handled your personal data, we’d appreciate the chance to address them directly.

Regulatory Contacts: If you are not satisfied with our response to a privacy concern, you may have the right to contact your local data protection authority or attorney general’s office. For example, California residents can reach out to the California Privacy Protection Agency (CPPA) or the state Attorney General; EU residents can contact their country’s Data Protection Authority. We can provide guidance on the relevant authority if needed.

Please note that for security and verification purposes, we may need to verify your identity before disclosing or discussing any personal data-related specifics, to ensure we don’t give information to an unauthorized person.

We appreciate your trust in Kings Marketing Group LLC. Protecting your privacy and being transparent is important to us, and we are here to answer any questions you have about this Privacy Policy or our data practices.

17. Annex A: CCPA Notice at Collection

Under the California Consumer Privacy Act (as amended by the CPRA), we are required to provide a “Notice at Collection” outlining the categories of personal information we collect, the purposes for which we use them, and whether we sell or share those categories of information. The following table summarizes the categories of personal information (as defined by CCPA) that Kings Marketing Group LLC may collect from California consumers, the purposes for which each category is collected and used (see Section 4 above for more detail), and the categories of third parties to whom we disclose each category of information.

This notice covers the past 12 months and will be updated every 12 months or as needed.

Category Personal Information

Purposes of Collection and Use

Third Parties to Whom Disclosed (and if Sold/Shared)

Identifiers (e.g., real name, postal address, email, phone number, unique online identifiers like IP address)

- To provide our services (facilitate insurance quotes and respond to your requests)

– To communicate with you (send quotes, updates; marketing with consent)

– For lead generation (connecting you with insurance partners)

– For fraud prevention and security (verify identity, prevent duplicate submissions)

– For legal compliance (maintain records of consents/opt-outs)

- Disclosed to Insurance Partners that provide quotes (Yes, this is a sale under CCPA, as we may receive compensation)

– Disclosed to Service Providers for communications (e.g., email/SMS platforms) or verification (No, service use only)

– Shared with Marketing/Advertising Partners to match and contact you on other platforms (Yes, if used for cross-context ads, treated as sharing)

– May be disclosed for Legal Reasons (e.g., if required by law or during compliance audits)

Customer Records Information (as in Cal. Civ. Code §1798.80(e)) – e.g., information you provide on forms like insurance details, account credentials if any, or payment info if collected (note: we typically do not collect SSN, driver’s license, or financial account info online; but insurance details like vehicle/home info fall here)

- To process your insurance inquiries (use details like vehicle, home, demographics to obtain quotes)

– To improve our services (analyze common inputs for better matching)

– To provide customer support or follow-up with relevant info

– [If payment info was ever collected for a service, to process transactions securely]

Disclosed to Insurance Partners as needed for quoting (Yes, if part of lead sold)

– Disclosed to Service Providers like cloud databases or CRM tools for storing form info (No sale; service use)

– Not shared with data brokers or unrelated third parties other than in context of your request.

Protected Class Characteristics (e.g., gender, marital status, age, etc., if volunteered)

- Some insurance forms ask about marital status, age/DOB, gender, or veteran status as it may affect rates. We use these to obtain accurate quotes.

– For compliance with anti-discrimination laws (we don’t use these to discriminate, only for legitimate quote purposes)

– Age is used to ensure eligibility (18+ requirement)

-Disclosed to Insurance Partners as part of quote data (Yes, if part of lead sold)

– Not sold separately; only in context of full lead to partners

– Service Providers processing the form might handle this (No sale)

Commercial Information (e.g., records of products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies)

- We may infer or collect data on what insurance products or services you’re interested in (auto, home, life insurance) based on your site activity or requests.

– To personalize offers (if you looked at auto insurance, we might suggest related products)

– For analytics to see which services are popular

-Insurance Partners: We share the fact you are in market for certain insurance with partners who provide that service (Yes, as part of lead sale/share)

– Advertising Partners: If you browsed our site, we might share that behavior via cookies for retargeting (Yes, counts as sharing for ads)

– Internally and with analytics providers (No sale; service purpose)

Internet or Other Electronic Network Activity (browsing history, search history, and interactions with our website, advertisements, or communications)

– To maintain and improve our website (analyze usage patterns, fix technical issues)

– For analytics (understand how users find us, which pages are effective)

– For behavioral advertising (serve you ads on other sites based on your interaction with ours)

– To remember preferences (through cookies)

- Analytics Providers: e.g., Google Analytics receives this data (No sale; they act as service provider under our config, or as shared as per their terms)

– Advertising Networks: e.g., Google Ads, Facebook Pixel get info on your site activity via cookies (Yes, this is considered sharing for cross-context advertising, and maybe sale if identifiers are exchanged)

– Service Providers: hosting and security services that see logs (No sale

Geolocation Data (precise location if ever collected, or general location from IP)

- We do not collect precise GPS location from your device. We may derive general location (city/state/ZIP) from your IP address or from info you input (address, ZIP for insurance quotes). This is used to match you with local insurance providers and provide region-specific content (insurance rates vary by location).

– Fraud prevention (certain locations might flag risk if inconsistent with form)

- Insurance Partners: receive your address/ZIP as part of quote data (Yes, sold as part of lead if applicable)

– Advertising Partners: may receive IP-based location for ad targeting (Yes, shared in cookie context for ads)

– Service Providers: CDN or network services to route you efficiently (No sale)

Sensory Data (audio, electronic, visual, etc.)

- Call recordings: If you speak with us by phone, calls may be recorded for quality assurance and compliance. We use these recordings internally to review agent performance or resolve disputes.

– We generally do not collect visual or biometric data (no face ID, fingerprints, etc.). If we ever host a video call or similar, that would be optional and not stored without notice.

– If you leave a voicemail or send a video, that content is used to address your inquiry

- Call recordings are generally not disclosed externally, except to service providers that facilitate our phone system (No sale; e.g., our telephony provider stores the recording as a service).

– We do not sell or share audio/visual data. If needed for legal purposes, may be shared with law enforcement or legal counsel.

Professional or Employment Information (job title, employer, income, if provided)

- Typically not collected unless relevant (for example, some life insurance forms might ask for occupation or income range to tailor coverage). If provided, we use it to help get appropriate quotes or analyze customer demographics for marketing strategy.

– Also if you were to apply for a job with us through our site (employment info), that’s a different context which would be covered under a separate applicant privacy notice, not this consumer policy.

-Insurance Partners: If occupation or homeowner status etc. is part of quote criteria, we pass that to them (Yes, as part of lead sale if applicable).

– Not sold standalone. Not shared with others except service providers processing the data or as legally required.

Education Information (as defined in CPRA: information not publicly available personally identifiable education records

-We do not request or intentionally collect education history for our services. (Maybe an insurance form could indirectly reveal level of education if asking profession or if you’re a student for discount reasons, but generally not.)

– If ever collected (e.g., you mention it in a comment), we have no use for it in our process and would likely ignore it.

-We do not disclose or sell any education info. (No applicable recipients, aside from it being part of a general lead if you somehow provided it to an agent. Our partners don’t typically use education except possibly for certain policy discounts – but that’s rare and within that transaction.)

Inferences drawn from personal information to create a profile about a consumer (e.g., preferences, characteristics, predispositions

- We might internally derive simple inferences like “you are interested in auto insurance” because you visited our auto insurance page, or “likely homeowner” if you requested home insurance. These are used to personalize your experience (e.g., show relevant content) and for marketing (e.g., if we think you prefer online quotes vs. phone, we tailor approach).

– For advertising, our partners might classify you (e.g., Google’s algorithms might tag your browser as interested in insurance), but we ourselves keep profiling minimal and relevant to insurance needs.

- Advertising Partners: Inferences used for ad targeting are effectively shared when we retarget ads (Yes, sharing if those inferences are used by third-party cookies). Example: Facebook might receive a hash that indicates “this user is looking for auto insurance”.

– Insurance Partners: We may tell a partner an inferred intent (e.g., “high intent lead”) or priority level based on your interactions (Yes, as part of lead info sold/shared).

– Service Providers: Data processors might see or generate inferences in analytics reports for us (No sale).

Notes:

We do not collect certain CCPA categories at all, such as Biometric Information (e.g. fingerprints, facial recognition), or Sensitive Personal Information like Social Security Number, driver’s license number, financial account info, precise geolocation, or information about race/ethnicity, health, or sexual orientation – except as noted if a quote form incidentally requests something like driver’s license or basic health info, which in any case is used only to obtain your requested quotes. We also do not collect Insurance Policy Numbers or claims history directly (those would be handled by the insurer once you’re connected).
The Purposes of Collection are summarized; for full context, refer to Section 4. The purposes include business and commercial purposes such as performing services for you, marketing, analytics, and compliance with laws.
Sale/Sharing: “Yes” indicates that the category might be sold or shared under CCPA definitions. For those categories, California consumers have the right to opt-out (as described in Section 8). Specifically, Identifiers and Quote Information are sold to insurance partners when you request our service (that’s inherent to how we connect you), and online identifiers/Internet activity are shared with ad partners for advertising. “No” means we only disclose to service providers or others in ways not considered a sale (e.g., purely for our operational purposes).
Third-Party Disclosure: Where we list categories of third parties, see Section 6 for a broader description of these entities and the strict conditions under which service providers handle data.

This Annex A is provided to help you understand what information we collect at the point of collection and your opt-out rights. It is not a standalone privacy notice but part of our comprehensive Privacy Policy. For California residents: For more details or to exercise your rights, please review Section 7 and Section 8 of the Privacy Policy, or contact us at the information provided in Section 16.