Note: Guardian Ridge Insurance LLC began operations in July, 2025. The disclosures in this section reflect our data collection and use practices since the start of operations and may not cover a full 12-month period.
This section supplements the information contained in our Privacy Policy and applies solely to residents of the State of California, in accordance with the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”), and as it may be further amended from time to time. Unless otherwise defined, any terms defined in the CCPA have the same meaning when used in this notice.
1. Categories of Personal Information Collected
In the preceding 12 months, depending how you interact with our services, we have collected the following categories of personal information, as defined by the CCPA:
| Categories of Personal Information | Examples |
|---|---|
| Identifiers | Name, email, address, phone number, unique personal identifier |
| Financial Information | Bank account number, credit card number, debit card number, or any other financial information |
| Sensitive Personal Information | Social Security Number, driver’s license, passport number |
| Customer Records | Insurance quotes, claims, applications, coverage information |
| Protected Classification Characteristics | Age, gender, marital status |
| Professional or Employment-Related Information | Work history and prior employer |
| Commercial Information | Products/services purchased or considered |
| Internet or Network Activity | Browsing history, IP address, cookies, analytics, interactions with our website |
| Geolocation Data | Approximate location based on IP |
| Sensory Data | Phone call recordings (when applicable and permitted by law) |
| Inferences | Preferences, interests, predictive profiles (planned) |
2. How We Collect Information
We obtain personal information about California consumers from the following categories of sources:
- Information you provide to us directly, including for example, information provided in your insurance application or other forms;
- Information we collect or receive from third parties, including other insurers, brokers and/or insurance support organizations who you have communicated with about your policy or claim, insurance applications you have completed or that brokers have completed on your behalf, your business dealings with us and other companies including, but not limited to, your claims and payment history, transactions, limits and rates, information required for billing and payments to/from motor vehicle departments, anti-fraud databases, sanctions lists, court judgments and other databases, government agencies, open electoral register, advertising networks, data analytics providers, and data brokers;
- Publicly available sources; and/or
- Our affiliates.
3. Use of Personal Information
| Business Purpose | Categories of Data | Disclosed to these Categories of Third Parties |
|---|---|---|
| Market, sell and provide insurance to California consumers |
|
|
| Day to Day Business and Insurance Operations |
|
|
| Security and Fraud Detection |
|
|
| Regulatory and Legal Requirements |
|
|
| Improve Your Customer Experience and Our Products |
|
|
| Customer service and technical support |
|
|
| Cross-Context Behavioral Advertising |
|
|
We use sensitive personal information strictly for permitted business purposes as defined in Cal. Civ. Code § 1798.121 and do not use it to infer characteristics.
4. Sharing Personal Information
We do not sell your personal information.
We may share personal information with:
- Insurance carriers and third-party service providers (e.g., for underwriting or claims processing)
- Marketing and advertising platforms (e.g., Google Ads, Facebook Pixel)
- Subcontractors assisting with business operations
Such sharing may constitute “cross-context behavioral advertising” under California law.
5. Your Rights Under the CCPA/CPRA
Subject to certain exceptions, California consumers have the right to make the following requests:
| Right | Description | Timeframe |
|---|---|---|
| Right to Know/Access | You have the right to request from us (up to twice per year and subject to certain exemptions and carveouts):
| Within 45 days upon receipt of the request |
| Right to Correct | Subject to certain restrictions, you have the right to request that we correct inaccuracies in your Personal Information. | Within 45 days upon receipt of the request |
| Right to Delete | Subject to certain conditions and exceptions, you have the right to request deletion of your Personal Information that we have collected about you. | Within 45 days upon receipt of the request |
| Right to Opt-Out of Sharing | You have the right to opt-out of “sales” and “sharing” of your Personal Information, as those terms are defined under the CCPA. While we do not sell Personal Information, our use of certain third-party analytics and advertising cookies may constitute “sharing” under the CCPA. | Within 15 days upon receipt of the request |
| Right to Limit Use of Sensitive Info | We do not engage in uses or disclosures of Personal Information that would trigger the right to limit use of sensitive Personal Information under the CCPA | Within 15 days upon receipt of the request |
| Right to Non-Discrimination | You will not receive discriminatory treatment for exercising any of your privacy rights | Ongoing |
6. Exercising Your California Privacy Rights
If you are a California resident and would like to exercise your CCPA rights, you may do so via any of the methods described below:
- Completing our Data Subject Request form,
- Email us at: support@grinsured.com, or
- Call us at: 800-570-8200
We may require verification of your identity before fulfilling your request. If you are using an authorized agent, we may require a signed authorization or legal documentation.
7. Opt-Out of Sharing
If you would like to opt-out of the sharing of your personal information for cross-context behavioral advertising, you may:
- Email us at support@grinsured.com with the subject line: “Opt-Out Request”
- Adjust your cookie preferences via our cookie banner when visiting the website
We honor browser-based Global Privacy Control (GPC) signals where feasible.
8. Data Retention
We retain the Personal Information we collect only as reasonably necessary for the purposes described in this Privacy Policy or otherwise disclosed to you at the time of collection. For example, we will retain certain identifiers for as long as it is necessary to comply with our tax, accounting and recordkeeping obligations, to administer certain policies and coverage, and for research, development and safety purposes, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, and to comply with our legal obligations. From time to time, we may also deidentify your Personal Information, retain it and use it for a business purpose in compliance with CCPA.
9. Contact Us
If you have any questions about this section of the Privacy Policy, our privacy practices, or if you wish to exercise your rights under California law, please contact us at:
Guardian Ridge Insurance LLC
3556 S Highland Drive, Salt Lake City, UT 84106
Email: support@grinsured.com
Phone: 800-570-8200
Additional Notice to Individuals in EEA, UK and Switzerland
This section only applies to individuals using or accessing our services while located in the European Economic Area, the United Kingdom, or Switzerland (collectively, the “European Countries”) at the time of personal data collection. Pursuant to the General Data Protection Regulation (“GDPR”), for the sake of clarity, references to personal information in this Privacy Notice concern personal data as this term is defined under the GDPR.
We may ask you to identify which country you are located in when you use or access some of our services, or we may rely on your IP address to identify which country you are located. If any terms in this section conflict with other terms contained in this Privacy Notice, the terms in this section shall apply to individuals in the European Countries.
1. Controller
GRI is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.
2. Marketing
Based on your consent, we may inform you about our services via email, online advertising, social media, telephone, or postal mail. You may withdraw your consent for receiving marketing messages from us at any time by using the unsubscribe function in the email you receive from us.
3. Legal Bases for Processing Your Personal Information
| Purpose of Processing | Legal Bases for Processing |
|---|---|
| Based on our legal obligations. Article 6(1) lit.(c) GDPR. |
| Based on our contract with you or to take steps at your request prior to entering a contract. Article 6(1) lit.(b) GDPR. |
| Based on our legitimate interest to operate our business and not overridden by your data protection interests or fundamental rights and freedom. Article 6(1) lit.(f) GDPR. |
| Based on your consent. Article 6(1) lit.(a) GDPR. |
4. Special Conditions for Processing Your Sensitive Information
In some cases, we may process sensitive Personal Information. This type of information is afforded extra protection due to its sensitive nature. For the purposes outlined herein, the conditions we may rely upon as the legal basis for processing sensitive Personal Information are the following:
- Explicit consent – Article 9(2)(a) GDPR
- Processing necessary to protect the vital interests of an individual – Article 9(2)(c)
- Processing of data that has been manifestly made public – Article 9(2)(e)
- Processing that is necessary for the establishment, exercise, or defense of legal claims/judicial acts – Article 9(2)(f); and
- Processing is necessary for reasons of substantial public interest (with a basis in law) – Article 9(2)(g).
5. Your Privacy Rights
If you are located in European Countries at the time we collect your personal information, you have certain rights in relation to your personal information which are listed below. These rights are not absolute.
- Right to Access. You have the right to obtain a copy of your personal information that we hold about you, as well as other supplementary information.
- Right to Rectification. You have the right to request us correct any of your personal information in our files that is inaccurate.
- Right to Erasure. Under certain circumstances, you may have the right to request erasure of your personal information that we hold about you.
- Right to Restriction. You have the right to request that we restrict our processing of your personal information in certain circumstances.
- Right to Object to Processing. You have the right to object to our processing of your personal information at any time and as permitted by applicable law.
- Right to Portability. Under circumstances, you may have the right to receive personal information we hold about you in a structured, commonly used, and machine-readable format.
6. Submitting a Request to Exercise Your Privacy Rights
To assert your privacy rights noted above, or if you have a question about our data processing activities please email us at privacy@guardianridge.com and indicate which rights you would like to exercise or your questions.
7. International Transfer of Your Personal Data
We may, subject to applicable law, transfer your information, to our affiliates or selected third parties outside the country where you are located and where information protection standards may differ (e.g., your information may be stored on servers located in other jurisdictions). We will utilize appropriate safeguards governing the transfer and usage of your personal information.
8. Contact
If you have any questions about the Privacy Policy, our privacy practices, please contact us at:
Guardian Ridge Insurance LLC
3556 S Highland Drive, Salt Lake City, UT 84106
E-mail: privacy@guardianridge.com
