Last Modified: June 10, 2020
Kin is Committed to Protecting your Privacy
Kin is committed to protecting and respecting your privacy. We are providing you with this Policy to communicate our policies with respect to your information when you use our website located at kin.com (the “Website”) or any product or service made available through the Website (together with the Website, the “Services”). This Policy applies to our processing of personal data about you, our customers, our potential customers, and visitors to our Website.
Who is Kin?
References made in this Policy to “Kin” mean Kin Insurance, Inc., a Delaware corporation doing business in California as Kin Insurance Services; Kin Risk Management, LLC, a Florida limited liability company; and Kin Insurance Technology Hub, LLC, a Delaware limited liability company (these entities are collectively referred to as “Kin”, “we”, “us”, or “our”). In the context of this Policy, “processing” means any activity relating to personal data, including, by way of example, collection, storage, use, consultation, disclosure, sharing and transmission for the purposes described below.
Please read this Policy carefully to understand our treatment and use of personal data. By accessing the Website or using the Services, you agree to this Policy. This Policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
What Types Of Personal Data Do We Collect, Where Do We Get It From, And Why?
In general, we collect personal information to issue you an insurance policy, and to provide you with support in connection with an insurance policy (for example, if you need to file a claim or make changes to your policy). We also use this information to make recommendations of other products to you.
We collect personal data directly from you, such as when you type in your name and address or when you call us. We may also collect personal data about you through your interactions with our information technology resources. In addition, we may collect personal data about you from third-parties, including government agencies and third-parties who provide services to us. We will also create records of personal data about you in the course of providing services or products to you, either directly or through our service providers.
Our Website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from its consumers within the last twelve (12) months:
|Category of Personal Information||Collected?||Basis for Collecting and Processing||Purpose of Collection and Processing||Examples of Information Collected from Category of Personal Information|
|Identifiers.||Yes.||It is necessary for the performance of our contracts, or the contracts of the companies whose insurance products we sell, with you, or to take steps necessary to enter into such a contract; or is necessary for us to comply with a legal obligation.||Certain of this data is used to provide you with the Services, and to ensure our compliance with regulations.||Your name, postal address, online identifier such as account information, internet protocol address, and email address.|
|Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||Yes.||It is necessary for the performance of our contracts, or the contracts of the companies whose insurance products we sell, with you, or to take steps necessary to enter into such a contract; or is necessary for us to comply with a legal obligation.||Certain of this data is used to provide you with the Services, and to ensure our compliance with regulations.||Your name, signature, address, telephone number, insurance policy number, bank account number, credit card number, debit card number, or any other financial information.Some personal information included in this category may overlap with other categories.|
|Protected classification characteristics under California or federal law.||Yes.||It is necessary for the performance of our contracts, or the contracts of the companies whose insurance products we sell, with you, or to take steps necessary to enter into such a contract; or is necessary for us to comply with a legal obligation.||Certain of this data is used to provide you with the Services, and to ensure our compliance with regulations.||Your age.|
|Commercial information.||Yes.||Records of personal and real property, products or services purchased, obtained, or considered, or other purchasing or consuming histories.|
|Biometric information, such as your genetic, physiological, behavioral, and biological characteristics.||No.||N/A||N/A||N/A|
|Internet or other similar network activity.||Yes.||Your interaction with our Website or other websites.|
|Geolocation data, such as your physical location and movements.||Yes.||It is necessary to provide certain self-inspection services to you, with your consent.||With customer consent, we use self-inspection software that produces data as to your physical location during a home self-inspection.|
|Sensory data, such as audio, electronic, visual, thermal, olfactory, or similar information.||Yes.||Your voice recordings when you interact with us over the phone, and photos you choose to send us.|
|Professional or employment-related information.||Yes, but only for applicants for employment with Kin.||It is necessary for us to comply with a legal obligation.||We ensure that applicants are qualified before we hire them.||Current or past job history or performance evaluations.|
|Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||No.||N/A||N/A||N/A|
|Inferences drawn from other personal information.||No.||N/A||N/A||N/A|
We may collect non-personal statistical information that does not individually identify you. This includes non-personal statistical information about your internet connection, the equipment that you use to access our Services, and how you use our Services. We refer to this information as “Usage Information.” This information allows us to optimize the Services to the internet connections and equipment that are used to visit the Website. For instance, in order to make the Services better, we may collect information on: how long you use the Services; whether you have used the Services before and on how many occasions; how frequently you use the Services; and at which point you exit the Services. We collect this information directly from you when you provide it to us and automatically as you navigate through and interact with our Services. Information collected this way includes: (a) details of your visits to our Services, including traffic data, location data, logs, other communication data, and the resources that you access and use on the Website; and (b) information about your computer and internet connection, including your IP address, operating system, and browser type. The technologies we use for this automatic data collection of usage information may include
- Pixel Tags / Web Beacons: Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email. We may also use these web beacons for other related Website statistics (e.g., recording the popularity of certain content and verifying system and server integrity).
- Device identifiers: When you use a mobile device like a tablet or phone to access our Services, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers.” Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by us.
Do Not Track Signals
Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our services do not currently respond to browser DNT signals. For more information on DNT, see https://allaboutdnt.com/.
Who Do We Share Your Personal Information With, And Why?
We may disclose your personal information to our affiliates and service providers for the purposes set out above. For example, using service providers may be necessary for the administration and maintenance of our IT systems. We may also transfer information, including your personal information, to third parties necessary to fulfill the purposes set out above, such as providing products or services to you that you requested. For example, we send your personal information to underwriters of insurance products we provide. We require our services providers to provide assurances regarding the protections they will provide for any personal data transferred to them, and their compliance with our security requirements and any applicable international data transfer restrictions.
In certain circumstances, we share or are obliged to share your personal data with third parties for the purposes described above and in accordance with applicable data protection laws. These third parties include:
- regulatory authorities;
- our auditors and legal advisors;
- relevant industry self-regulatory bodies; and
- others, where it is permitted by law, or where we have your consent.
We do not disclose your personal data to non-affiliated third parties for those third parties’ direct marketing purposes, nor do we sell your personal data. If you would like information about opting out of other discretionary sharing of your personal information with third parties please contact us at 855-717-0022, or email us at email@example.com.
We may share your information with our corporate affiliates (e.g., our parent company, sister companies, subsidiaries, joint ventures, or other companies under common ownership or control of our ultimate parent company). This sharing is done so that these affiliates can provide services to us, and may be necessary to provide you with services, products, or information you have requested or expressed an interest in.
Right to Access Your Personal Information
As a California consumer, you have the right to request that we disclose certain information about our collection and use of your personal information over the past twelve months, including:
- the categories of personal information collected about consumers,
- the specific pieces of personal information we have about you,
- the categories of sources from where personal information was collected,
- the business purpose for collecting the personal information, and
- the categories of third parties with whom we share personal information.
To submit an access or deletion request, please call us at 855-717-0022, or email us at firstname.lastname@example.org. Responses to a request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period.
To better protect you and your personal information, we will only respond to access or deletion requests that we have been able to properly verify through our authentication processes. To verify your identity, you will be asked to provide certain information, which we will only use to verify your identity or authority to make the request.
Right to Deletion of Personal Information
As a California consumer, you have the right to request we delete the personal information we collected, with certain exceptions. We will delete your personal information in response to a verifiable request unless needed for the following:
- To complete a transaction for which we collected the personal information, provide a good or service you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
- Debug products to identify or repair errors that impair functionality;
- Exercise free speech ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
- Comply with a legal obligation, including compliance with the California Electronic Communications Privacy Act; or
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
As a California consumer, you have the right not to receive discriminatory treatment by us for the exercise of your California privacy rights.
How is personal data secured?
We are committed to the protection of the personal data we collect and process. We have appropriate measures in place to prevent personal data from being lost, or from being used or accessed in an unauthorized way. We limit access to personal data to those who have a business need for such access. Those individuals who process personal data on our, our affiliates, or our customers’ behalf, may do so only in an authorized manner. They are also subject to a duty of confidentiality. We have policies in place that regulate how our employees and contractors must handle data, including personal data about you. We limit access to our premises and to our computer networks, and take appropriate steps to safeguard against unauthorized access to such premises and networks. We have procedures in place to manage any suspected data security breach and will notify you and any applicable regulator of a suspected data security breach consistent with legal requirements.
Children and Minors
We do not knowingly collect personal information directly from individuals under 18 years of age. Our Services are not intended for individuals under 18 years of age. No one under 18 years of age should submit or post personal information through our Services.
Rights Relating to Non-California Jurisdictions, Including the European Economic Area
In all cases, we will collect personal data about you in accordance with the principles outlined in this Policy and applicable local law. You should be aware that our “lawful basis” for processing personal data about you may be impacted by the legal requirements in the country in which you reside. As such, outside of the European Economic Area (EEA), we may at times rely on consent to process personal data about you, whereas within the EEA we will seldom rely on consent as the lawful basis for processing personal data about you, except as indicated below.
Your information may be transferred to another country for processing. Consistent with our Policy, we will seek consent for the transfer or rely on another lawful basis if that is required under applicable law with respect to that transfer. Those other bases may include: where the relevant regulator has determined that the country to which the data will be transferred provides an adequate level or legal protection for personal data, where an approved legal mechanism is in place to affect such transfers, or where you have provided your consent. For any transfers of personal data from the EEA to the U.S., we take additional steps in line with applicable data protection legislation. We have put in place adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights; e.g., when we transfer data from the EEA to the U.S. we use European Commission approved standard contract clauses to provide appropriate protections.
You may also raise a concern or lodge a complaint with a data protection authority or other official with jurisdiction. This usually means the data protection authority in the country where you are habitually resident, where you work, or where the alleged infringement took place.
Changes to this Policy
We update this Policy when necessary in response to changes in our data collection or processing practices or policies, changes to our products or services, or other changes to our business practices. If we make changes, we will post the revised policy here, and will change the “Last updated” date at the top of this Policy, so that you can see what information we gather, how we might use that information, and in what circumstances we may disclose it. If there are material changes to this Policy, we will notify you either by prominently posting a notice of such changes before they take effect, or by directly sending you a notification.
How to contact us
To ask questions or comment about this Policy and our privacy practices, contact us at email@example.com.
55 W. Monroe St., Suite 2200
Chicago, IL 60603
For purposes of this Policy, Kin Insurance Services is the controller of personal data we collect as described above.
Start Saving on Your Home Insurance