Legal – Privacy Policy

Privacy Policy

Effective Date: January 1, 2025

Insurance Brokers Company, Inc., operating as Brokers & Insurance Company by J.D. ("Company," "we," "us," or "our"), is committed to protecting the privacy of our corporate clients, prospects, and website visitors. This Privacy Policy describes how we collect, use, share, and protect information in connection with our services and website at johndilloninsurance.com.

1. Introduction & Scope

This Privacy Policy applies to all individuals and entities who interact with us in the following capacities:

  • B2B Corporate Contacts: Representatives of businesses that inquire about, apply for, or hold insurance coverage through our services.
  • Website Visitors: Any individual who accesses johndilloninsurance.com, regardless of whether they submit a form or initiate a coverage inquiry.
  • Claimants: Authorized representatives of corporate policyholders who submit or manage claims through our portal or account management team.

This Policy does not apply to personal insurance products, as our services are exclusively available to legally registered corporations and institutional entities.

2. Information We Collect

Business Contact Information

We collect the name, professional title, employer/company name, business email address, business phone number, and business mailing address of individuals who contact us on behalf of their organizations.

Corporate Information

We collect information about the organizations we serve, including annual revenue range, employee headcount, industry classification, countries of operation, and entity structure as relevant to underwriting and risk assessment.

Insurance-Related Information

We collect information directly relevant to the provision of insurance services, including coverage types requested, current and prior policy details, claims history, incident documentation, risk exposure descriptions, and underwriting data provided during the application and renewal process.

Website Usage Data

We collect standard technical data from website visitors, including IP addresses, browser type and version, operating system, referring URLs, pages visited, and time and duration of visits. We use essential cookies only – cookies strictly necessary for the website's basic functionality. We do not use tracking or advertising cookies.

Communication Preferences

We collect records of your expressed communication preferences, including consent to receive SMS messages, email communications, and telephone contact, along with any opt-out requests and the dates on which they were received and processed.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Processing corporate insurance inquiries and applications for coverage
  • Policy administration, including issuance, renewal, endorsement, and cancellation
  • Claims management, including FNOL processing, adjuster assignment, investigation, and settlement
  • Account management services, including dedicated account manager coordination
  • Compliance with regulatory requirements in all 28 jurisdictions in which we hold active insurance licenses
  • Communication about policy updates, renewals, coverage changes, and regulatory developments relevant to your sector
  • Risk assessment and underwriting analysis using our proprietary actuarial methodology
  • Coordination with reinsurance partners for capacity placement and claims oversight
  • TCPA compliance – telephone and SMS contacts are made only to individuals who have provided prior express written consent

4. TCPA Compliance

We take Telephone Consumer Protection Act (TCPA) compliance seriously. The following policies govern all telephone, automated, and SMS communications:

  • We will only contact you by telephone, email, or SMS if you have provided prior express written consent through our inquiry form, a signed agreement, or another documented consent mechanism.
  • All SMS communications include opt-out instructions. You may reply STOP at any time to opt out of SMS messages from us.
  • Autodialer Disclosure: We may use automated telephone dialing systems or pre-recorded voice messages when permitted by applicable law and only in connection with individuals who have provided the required level of consent for such communications.
  • Opt-out requests received via SMS (STOP), email (unsubscribe link), or verbal request will be honored within 10 business days of receipt.
  • Consent to receive marketing communications is not a condition of purchase or obtaining coverage through our services.

5. CAN-SPAM Act Compliance

All commercial email communications from Brokers & Insurance Company by J.D. comply with the CAN-SPAM Act:

  • Every commercial email clearly identifies Brokers & Insurance Company by J.D. as the sender.
  • Subject lines accurately reflect the content of the email and are not deceptive.
  • Every commercial email includes our physical mailing address: 1016 Brookstown Ave, Winston-Salem, NC 27101.
  • Every marketing email includes a clear, functioning opt-out mechanism (unsubscribe link).
  • Opt-out requests submitted via the unsubscribe link will be honored within 10 business days.

6. California Consumer Privacy Act (CCPA)

California residents have the following rights under the CCPA:

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, our business purpose for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: You may request deletion of personal information we have collected, subject to certain exceptions (including information required for insurance administration, claims processing, and legal compliance).
  • Right to Opt Out of Sale: We do not sell personal information. We have not sold personal information in the preceding 12 months.

To exercise any of these rights, contact us at (336) 725-3541 or write to 1016 Brookstown Ave, Winston-Salem, NC 27101. We will respond to verified requests within the timeframes required by applicable law.

7. GDPR – European Clients

For individuals located in the European Union or United Kingdom, the General Data Protection Regulation (GDPR) and UK GDPR govern the processing of personal data. The following provisions apply:

Legal Basis for Processing

  • Contract Performance: Processing necessary to provide insurance services under a policy agreement or in preparation for entering into one.
  • Legitimate Interest: Processing for risk assessment, fraud prevention, claims management, and compliance monitoring.
  • Consent: Processing for marketing communications, for which consent may be withdrawn at any time without affecting the lawfulness of prior processing.
  • Legal Obligation: Processing required by applicable insurance regulation in the relevant jurisdiction.

Data Subject Rights

EU and UK data subjects have the right to: access their personal data; rectify inaccurate data; request erasure (subject to legal retention obligations); obtain portability of data provided by consent or contract; restrict processing in certain circumstances; and object to processing based on legitimate interest.

International Data Transfers

Transfer of personal data from the European Economic Area or UK to our offices in the United States is governed by Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent UK mechanisms, ensuring an adequate level of protection.

8. HIPAA Awareness

We recognize that our corporate clients operate in heavily regulated healthcare environments. Our handling of health-related business information reflects the following practices:

  • We handle health-related business information (such as facility incident reports and aggregate claims data) in an administrative capacity as an insurance service provider.
  • We implement appropriate administrative and technical safeguards to protect health-related business information from unauthorized access, disclosure, or misuse.
  • In the normal course of our operations, we do not receive or maintain individually identifiable protected health information (PHI) as defined by HIPAA. Where we are required to handle PHI in specific claims contexts (e.g., medical malpractice claims), we do so under Business Associate Agreement terms as applicable.

9. Information Sharing

We share information only in the following limited circumstances:

  • Reinsurance Partners: Munich Re, Swiss Re, and Hannover Re receive relevant underwriting and claims data under confidentiality agreements, as required for capacity placement, treaty compliance, and major claims coordination.
  • Legal and Claims Professionals: Attorneys, adjusters, appraisers, and other specialists engaged for specific claims may receive relevant claim file information under professional confidentiality obligations.
  • Regulatory Authorities: We disclose information to insurance regulators and governmental authorities as required by law in each of our 28 licensed jurisdictions.
  • Service Providers: Operational service providers (such as IT systems and document management vendors) who process information on our behalf are bound by contractual data protection obligations.

We do not sell, rent, or otherwise transfer personal information to third parties for marketing or commercial purposes.

10. Data Retention

We retain information for the following periods:

  • Active Client Files: Duration of the policy plus 7 years following policy expiration or termination.
  • Prospect Information: 3 years from the date of last meaningful contact or inquiry.
  • Claims Records: Duration of the applicable statute of limitations in the relevant jurisdiction plus 3 years.
  • Website Analytics: 26 months from the date of collection.
  • Communication Consent Records: Duration of the business relationship plus 5 years, as required for TCPA and GDPR compliance documentation.

11. International Data Transfers

In connection with our international operations across 28 licensed jurisdictions, information may be transferred to and processed in our offices in the United States, United Kingdom, Germany, UAE, and Singapore. Such transfers are protected by appropriate legal safeguards including Standard Contractual Clauses, adequacy decisions where applicable, and contractual confidentiality obligations with all offices and service providers involved.

12. Your Rights & Opt-Out

Regardless of your location, you may exercise the following rights at any time:

  • SMS Opt-Out: Reply STOP to any SMS message from us. We will process the opt-out within 10 business days.
  • Email Opt-Out: Click the unsubscribe link included in every marketing email we send. We will process the opt-out within 10 business days.
  • Data Access or Deletion Requests: Contact us at (336) 725-3541 or in writing at 1016 Brookstown Ave, Winston-Salem, NC 27101. We will respond to verified requests within 30 calendar days.
  • Withdrawal of Consent: You may withdraw consent to marketing communications at any time without affecting the lawfulness of processing carried out before withdrawal, and without affecting any ongoing insurance policy or claims process.

13. Contact for Privacy Matters

For questions, requests, or concerns regarding this Privacy Policy or our privacy practices, please contact us:

  • Company: Insurance Brokers Company, Inc.
  • Address: 1016 Brookstown Ave, Winston-Salem, NC 27101
  • Phone: (336) 725-3541
  • Website: johndilloninsurance.com

This Privacy Policy was last updated on January 1, 2025. We reserve the right to update this Policy at any time. Material changes will be communicated to active policyholders by email or through the client portal.

TCPA Compliant HIPAA Aware GDPR Aware A+ S&P Rated Progressive Agent Certified Munich Re Partner Swiss Re Partner Licensed in 28 Countries