CROSS INSURANCE PRIVACY POLICY

Last Updated: [1/10/2023]

This Privacy Policy describes the privacy practices of Cross Financial Corp. and its affiliated companies and subsidiaries (“Cross Insurance,” “Cross,” “we,” “us,” or “our”) and how we handle personal information that we collect through our website (the “Site).

This Privacy Policy does not apply to any personal information we may collect from you offline or through other sources, such as any related services we offer to you on behalf of other vendors.

If you have applied for or taken steps to establish an account with us, please also review our GLBA Consumer Privacy Notice.

We provide additional information for California users below.

Personal information we collect

Information you provide to us:

  • Contact and account information, such as your first and last name, email and mailing addresses, phone number, username and password.
  • Employment information. If you apply for a career on our website, we may collect the following information from you: Name, address, email address, phone number, licenses, credits, and degrees, and information regarding employment that you are interested in.
  • Policy information, including information regarding insured items, properties, plan and pricing information, and information regarding claims and claims history, if applicable.
  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, product reviews, or otherwise correspond with us online.
  • Usage information, such as information about how you use the Services and interact with us, including information you provide when you use any interactive features of the Services.
  • Marketing information, such as your preferences for receiving communications about our activities, events, and publications, and details about how you engage with our communications.
  • Payment and transactional information needed to pay your premiums on or through the Site (including name, payment card information, bank account number, billing information) and your purchase history. Payment card information is processed by our payment service provider, Stripe, and we do not have access to payment card numbers. Please see the “Paying bills” section below for additional information.
  • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.

Information we obtain from third parties:

  • Social media information. We may maintain pages on social media platforms, such as Facebook, LinkedIn, Instagram, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.

Automatic data collection. We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with our Services, our communications and other online services, such as:

  • Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 4G), and general location information such as city, state or geographic area.
  • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.

We use the following tools for automatic data collection:

  • Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping
    you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.

How we use your personal information

To operate our Site:

  • Maintain, provide, secure, and improve our Site, including, but not limited to, providing policy estimates, and processing claims

  • Provide information about our services

  • Communicate with you about our services, including by sending you announcements, updates, security alerts, and support and administrative messages

  • Understand your needs and interests, and personalize your experience with our services and our communications

  • Respond to your requests, questions and feedback

For research and development. To analyze and improve the Site and to develop new products and services, including by studying use of our Site.

Marketing and advertising. We and our advertising partners may collect and use your personal information for marketing and advertising purposes, including:

  • Direct marketing. We or our advertising partners may from time-to-time send you direct marketing communications as permitted by law, including, but not limited to, notifying you of special promotions, and offers via email. You may opt out of our marketing communications as described in the “Opt out of marketing communications” section below.
  • Interest-based advertising. We engage our advertising partners, including third party advertising companies and social media companies, to display ads around the web. These companies may use cookies and similar technologies to collect information about your interaction (including the data described in the “Automatic data collection” section above) over time across our services, our communications and other online services, and use that information to serve online ads that they think will interest you. This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms. You can learn more about your choices for limiting interest-based advertising in the “Online tracking opt-out” section below.

To comply with law. As we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention, and safety. To: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern our services; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

To create anonymous data. To create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve our services, conduct research, and promote our business.

How we share your personal information

Affiliates. We may share your personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers. We may share your personal information with third party companies and individuals that provide services on our behalf or help us operate our services (such as customer support, hosting, analytics, email delivery, marketing, and database management services).

Advertising partners. We may share your personal information with third party advertising companies, including for the interest-based advertising purposes described above.

Insurance carriers. We may share your personal information with insurance carriers in order to obtain quotes to provide to you.

Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where appropriate in the course of the professional services we obtain from them.

For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.

Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Your choices

Access or update your information. If you have used our payment portal or registered for an account with us, you may review and update certain information in your account profile by logging into the payment portal or your account.

Opt out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email or by contacting us at privacy@crossagency.com.. You may continue to receive service-related and other non-marketing emails.

Online tracking opt-out. There are a number of ways to opt out of having your online activity and device data collected through our Sites, which we have summarized below:

  • Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.

  • Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.

  • Using privacy plug-ins or browsers. You can block our Sites from setting cookies used for interest- based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGo, Ghostery or uBlock Origin, and configuring them to block third party cookies/trackers.

  • Platform opt-outs. The following advertising partners offer opt-out features that let you opt out of use of your information for interest-based advertising:

  • Advertising industry opt-out tools. You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies:

Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Paying bills

Payments for insurance policies secured through Cross or our affiliates are handled by Stripe, and the information you provide to Stripe in connection with your payment information and transactions is handled in accordance with Stripe’s Terms of Service and Privacy Policy. Your payment data is stored by Stripe. For more information, please read Stripe’s Services Agreement here and Privacy Statement here.

Please note that any payments made directly to the carriers who write the policies, rather than through Stripe on our Site, are handled in accordance with the carriers’ respective Terms of Service and Privacy Policies. We encourage you to review those policies prior to using their bill pay systems.

Other sites, mobile applications and services

Our Sites may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

Security practices

We use reasonable organizational, technical and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information.

Children

Our Site is not intended for use by children under 13 years of age. If we learn that we have collected personal information through the Site from a child under 13 without the consent of the child’s parent or guardian as required by law, we will use our best efforts to delete it, consistent with applicable law.

Notice To California Residents

We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide this CCPA notice (“CCPA Notice”) to California residents to explain how we collect, use, and share their personal information, and the rights and choices we offer California residents regarding our handling of their personal information.

  • CCPA Scope And Exclusions. This CCPA Notice, including the description of our privacy practices and your privacy rights, apply only to California residents whose interactions with us are limited to:

    • visiting our website or otherwise communicating with us;

    • applying for our job openings on our website (however, note that the CCPA limits some of the privacy rights for job applicants).

This CCPA Notice does not apply to the personal information we collect, use, or disclose about:

    • consumers who initiate or complete the process of applying for financial products or services. This is because this information is subject to the federal Gramm-Leach- Bliley Act and implementing regulations (for additional information relating to your choices about this information specifically, see our Consumer Privacy Disclosure); or

    • representatives of businesses that seek to obtain our products or services, or to provide products or services to us.

  • Privacy Practices. Like many companies, we may use third-party cookies for our advertising purposes. If you would like to learn how you may opt out of our (and our third party advertising partners’) use of cookies and other tracking technologies, please review the instructions provided in the Online Tracking Opt-Out Guide.

  • Privacy Rights. The CCPA grants individuals the following rights:

    • Information. You can request information about how we have collected, used and shared your personal information during the past 12 months. For details about the personal information we have collected over the last 12 months, including the categories of sources, please see the sections above. We collect this information for the business and commercial purposes described above. We share this information with the categories of third parties described above. 

    • Access. You can request a copy of the personal information that we maintain about you.

    • Deletion. You can ask us to delete the personal information that we collected or maintain about you.

Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request.

  • How To Submit A Request. If you would like to submit a request for information, access, or deletion, please contact us at privacy@crossagency.com.

  • Identity Verification. The CCPA requires us to verify the identity of the individual submitting a request to access or delete personal information before providing a substantive response to the request. You may only make a verifiable request for access twice within a 12-month period. We will ask you to verify your identity when you submit a request. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable request does not require you to create an account with us.

  • Authorized Agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.

Do Not Sell My Personal Information

Although we do not sell personal information, like most websites, we use cookies and other online tracking technologies on our websites. You may limit our use of online tracking technologies as described in the Online Tracking Opt-Out Guide section above.

International users

By using our Site, you understand and acknowledge that your personal information will be transferred from your location to our facilities and servers in the United States.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our Site. We may also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through our Site.

Any modifications to this Privacy Policy will be effective upon our posting the policy and/or upon implementation of the new changes on our Site (or as otherwise indicated at the time of posting).

How to contact us

Please direct any questions or comments about this Policy or privacy practices to

Any modifications to this Privacy Policy will be effective upon our posting the policy and/or upon implementation of the new changes on our Site (or as otherwise indicated at the time of posting).

How to contact us

Please direct any questions or comments about this Policy or privacy practices to privacy@crossagency.com. You may also write to us via postal mail at:

Cross Insurance Agency
491 Main Street
P.O. Box 1388
Bangor, ME 04402
Attn: Privacy Officer