(844) 786-8229 info@quotacy.com

Privacy Policy

Last Updated: January 1, 2023

Please carefully read this Privacy Policy and our Terms of Use before using our Sites

Highland Capital Brokerage, Inc. (future references to “Company” or “we” or “our” or “us” include Highland Capital Brokerage, Inc. and its subsidiaries and affiliates) care about your privacy and recognize the importance of protecting your personal information. This Privacy Policy describes the kinds of information we may collect during your visit to our websites www.highlandbrokerage.com, www.easylifeinsurance.com, and www.quotacy.com (“Site” or “Sites”), or when you communicate with us or seek to use our products and services; how we use your information; how we protect your information; and how you can exercise certain options regarding your information. For purposes of this Privacy Policy, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include de-identified or aggregate information, or publicly available information lawfully available from governmental records.

To better protect your privacy, we provide this Privacy Policy, which explains:

  • The information we collect through our Sites and why we collect it.
  • How we may use or disclose your information.
  • The choices you can make about the way your information is collected, used, maintained, protected, and disclosed.

Please carefully read this Privacy Policy and our Terms of Use. If you do not agree with our policies and practices, your choice is not to use our Sites or our services. By accessing or using our Sites, you agree to this Privacy Policy. This Privacy Policy may change from time to time. Your continued use of our Sites after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates. Furthermore, please see our Terms of Use for additional information applicable to the use of our Sites.

The Information We Collect About You and How We Collect It

Personal Information

Personal information is generally provided and collected when you search, post, register, participate in a questionnaire or communicate with customer service. As a result of those actions, you may supply us with such information as your name, address, phone numbers, email address, contact preferences and information relating to a support or service issue. This information may, alone or in combination with other data, constitute personal information. If we collect personal information from you, you are giving us permission to use that information for the specific purpose for which it is provided and to contact you regarding Site services, improve or enhance Site performance, to offer you information regarding products and services, improve our Site, to communicate to you about other matters that may be of interest to you and for any other purpose described in this Privacy Policy. Users unwilling to provide personal information online are free to contact us at compliance@highland.com.

Non-Personal Information

In addition, we may collect, store, and use certain non-personal information when you visit our Sites. This may include, information about your computer hardware and software, such as the type of browser you are using (e.g., Chrome, Internet Explorer, Firefox, etc.), the type of operating system you are using, (e.g., Windows, macOS, Linux, etc.), the domain name of your internet service provider (e.g., Comcast Xfinity, AT&T Internet Services, EarthLink, etc.), access times and referring Site addresses, and other information collected through cookies or other tracking technologies. In addition, we collect information about which pages you visit within our Sites. This Site visitation data is identified only by a unique ID number, and it is not linked with personal information unless a user consents, as described in this Privacy Policy.

How We May Use or Disclose Your Information

Overview of Potential Uses of Your Information

Information about you and our other customers is an important part of our business. We use your personal information for the following purposes:

  • To help us create, publish, and otherwise tailor the content of our Sites to ensure it is relevant to your needs.
  • To deliver services, such as newsletters, events, training, or software that you request or purchase.
  • To alert you to updated information and other new services from the Company if you so request.
  • To provide you with access to limited-entry areas of our Sites, as appropriate.

We may merge Site-visitation data with anonymous demographic information for research purposes, and we may use this information in the aggregate to provide more relevant content. In some limited-entry sections of our Sites, with your approval, we will combine Site-visitation data with your personal information in order to provide you with personalized content. If you decline permission, we will not provide you the personalized service and we will not merge your personal information with Site-visitation data.

We may send out periodic e-mails informing you of technical service or security issues related to a product or service you requested, or confirming you requested a product or service. You will not be able to choose to unsubscribe to these mailings, as they are considered an essential part of the service you have chosen.

Overview of Potential Disclosures of Your Information

Information about our customers is an important part of our business, and we are not in the business of selling personal information to unaffiliated third parties for their commercial use. When you register, or otherwise give us personal information, we will not disclose that information with third parties without your permission, other than as described herein.

  • In Compliance with Law or Court Order: We reserve the right to disclose your personal information with third parties if required to do so by law or if we believe such action is necessary in order to: (a) conform with the requirements of the law or to comply with legal process served upon us; (b) protect or defend our legal rights or property, the Sites, or our users; and (c) investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Use.
  • Agents: We employ or may employ other companies and individuals to perform functions on our behalf. Examples of such functions include removing repetitive information from customer lists, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links) and providing customer service. These companies and individuals have access to personal information needed to perform their functions but may not use it for other purposes.
  • Offers: We may send offers to selected groups of customers on behalf of other businesses. If we do this, we will not give that business your name and address.
  • Business Transfers: As we continue to develop our business, we might sell or buy subsidiaries or business units. In such transactions, customer information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless, of course, the customer consents otherwise). Also, in the event that we are acquired or assigned, customer information will of course be one of the transferred assets.
  • Protection of our Sites and Others: We reserve the right to release account and other personal information when we believe release is appropriate to comply with the law, enforce or apply our Terms and Conditions of Sites Use and other agreements, or protect the rights, property, or safety of the Company, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. However, this does not include selling, renting, sharing, or otherwise disclosing personal information from customers for commercial purposes in violation of the commitments set forth in this Privacy Policy.
  • With Your Consent: Other than as set out above, you will receive notice when information about you might go to third parties, and you will have an opportunity to choose not to disclose the information (“opt-out”).

Other Information about the Use and Disclosure of Your Information

We sometimes use the non-personal information that we collect to monitor user traffic patterns, analyze, and quantify user preferences, improve the design and content of our Sites, and enable us to personalize your user experience. All such usage data shall be the exclusive property of this Site.
Although we take appropriate measures to safeguard against unauthorized disclosures of information, we cannot assure you that personal information that we collect will never be disclosed or accessed by a third party in a manner that is inconsistent with this Privacy Policy.

We may on occasion combine information we receive online with outside records to enhance our ability to market to you those products and services that may be of interest to you. If you have signed up to receive our emails and prefer not to receive marketing information from this Site, please follow the “unsubscribe” instructions provided on any marketing email you receive from this Site.

Finally, this Site will not use or transfer personal information provided to us in ways unrelated to the ones described above without also providing you with an opportunity to opt out of these unrelated uses.

Rights Under California State Law

If you are a resident of California, you may have rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act in 2020, (collectively referred to herein as the “CCPA”), regarding your personal information. This section describes California residents’ CCPA rights and explains how to exercise those rights.

What is Covered by This Section of the Privacy Policy?

Most of the data that Highland collects is exempt from these provisions of the CCPA, which do not apply to personal information collected, processed, sold, or disclosed pursuant to the Gramm-Leach-Bliley Act and its implementing regulations or the California Financial Information Privacy Act. This section of our Privacy Policy therefore does not apply to such information. This section of the Privacy Policy also does not apply to other categories of information that are exempted from the Privacy Policy notification requirements of the CCPA.

Rights Under the CCPA and other California Laws

If your information is covered by the CCPA, you have the rights described in this section.

Right to Request Disclosure of Information We Collect (Access Rights)

Individuals whose personal information is covered by the CCPA have a right to request that Highland provide the information listed below. Our responses to these access requests will cover the personal information we have collected and maintain about the consumer on or after January 1, 2022, or for a shorter period if an exemption applies or if requested by the consumer.

  • The categories of personal information that Highland has collected about you.
  • The categories of sources from which Highland collected your personal information.
  • The business or commercial purposes for which Highland collected and/or sold the personal information.
  • The categories of any third parties with which Highland disclosed the personal information.
  • The specific pieces of personal information Highland collected over the past year.

Consumers may also submit a request for the following additional information:

  • The categories of personal information, if any, Highland has sold about you, the categories of third parties to which Highland sold that personal information, and the categories of personal information sold to each type of third party; and
  • The categories of personal information that we have disclosed for a business purpose, and the categories of third parties to whom each category of personal information was disclosed for a business purpose.

Right to Request the Deletion of Personal Information We Have Collected from You (Deletion Rights)

Individuals whose personal information is covered by the CCPA may also request deletion of information covered by the CCPA that we maintain, subject to certain exemptions. Upon receiving and verifying such a request, Highland will delete the personal information, unless that information is necessary for Highland to: complete the transaction for which we collected the information; provide you with a good or service you requested or reasonably anticipated within the context of Highland’s ongoing business relationship with you; perform a contract Highland entered into with you; to help ensure security and integrity (e.g., to prevent, detect, or investigate security incidents); maintain the functionality and security of Highland’s systems; comply with or exercise rights provided by the law; or use the personal information internally in ways that are compatible with the context in which you provided the information to Highland or that are reasonably aligned with expectations based on your relationship with Highland, among other things. We may also retain information where another exception to the deletion requirements in the CCPA applies. Please note that if you or your authorized agent request that your personal information be deleted, you may no longer be able to access or use certain parts of the Sites.

Right to Request Correction of Inaccurate Personal Information (Correction Right)

If you determine that Highland maintains inaccurate personal information about you, you have the right to request that Highland correct that inaccurate personal information, considering the nature of the personal information and the purposes of the processing of the personal information. If Highland receives a verifiable consumer request to correct inaccurate personal information, Highland will use commercially reasonable efforts to correct the inaccurate personal information as directed by you. We will consider any documentation that you provide in connection with your right to correct whether provided voluntarily or as required by Highland. We may require you to provide documentation if necessary to rebut our own documentation that the personal information at issue is accurate. We may delete the contested personal information as an alternative to correcting the information if the deletion of the personal information does not negatively impact you or you consent to the deletion.

How To Exercise These CCPA Rights

To exercise these CCPA rights, please email compliance@highland.com or call (833) 241-2643.

Our Processes for Responding to CCPA Requests

  • Response Format: If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
  • Timeline for responding: We endeavor to respond to a verifiable consumer request within the time periods provided by CCPA and CCPA regulations. We ordinarily process requests, within 45 days of its receipt. In some cases, we may extend this period to 90 calendar days. If we require more than 45 days, we will inform you or your authorized agent in writing of the reason we did so and the extension period. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
  • Verifying Requests: Depending on the nature of your request, we may ask you for information to verify your request and identity. We may ask you for additional information to verify your request and identity and a declaration attesting to your identity, signed under penalty of perjury.
  • Using an Agent: Requests by an authorized agent must include a written, notarized declaration which documents the authorized agent’s authority to act on the consumer’s behalf. The declaration must certify that (a) the authorized agent is a natural person over the age of 18 or a business entity, (b) the agent is authorized to make a request on behalf of the consumer, and (c) that such authorization is still in full force and effect. The declaration must further enclose an authorization to request personal information on behalf of the identified consumer along with a copy of the consumer’s valid government-issued photo identification. A declaration must include the sentence “I UNDERSTAND THAT THE INFORMATION PROVIDED HEREIN IS TO BE RELIED UPON BY HIGHLAND CAPITAL TO RESPOND TO A CALIFORNIA CONSUMER PRIVACY REQUEST IN ACCORDANCE WITH THE LAW.” An authorized agent must submit the written declaration to compliance@highland.com and respond to any questions required for Highland to verify the consumer’s identity. The authorized agent may include, but we do not require, a copy of a valid power of attorney in order for you to use an authorized agent to act on your behalf. Please note that this subsection of the Privacy Policy does not apply when an agent is authorized to act on your behalf pursuant to a valid power of attorney. Any such requests will be processed in accordance with California law pertaining to powers of attorney.

Information About the Personal Information We Collect

  • The following table categorizes the types of personal information we have collected in the last 12 months, and only with respect to categories of personal information for which the CCPA may require such disclosure in this Privacy Policy. The table also describes the information we may continue to collect and our uses of that information.
Category of Personal Information (PI) We May CollectCategories of Sources from Which PI Is CollectedPurposes of Collection (described below)Categories of Entities with Which PI Is Disclosed

Identifiers, such as name, postal address, email address, phone number, account name, registration numbers, tax identification number, Social Security number, driver’s license number, passport number, citizenship, date of birth, or other similar identifiers

From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

Automated collection on our Sites, services, products, applications, databases, devices, information systems and networks, and through cookies

Product sponsors, service providers, financial institutions, business partners and contacts

From our affiliations with our agents

Public sources

Government sources and records
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers

Regulators/government agencies and self-regulatory associations
Unique device and online identifiers, such as IP address, device IDs, or other similar identifiersAutomated collection on our Sites, services, products, applications, databases, devices, information systems and networks, and through cookies

Device inventories for company property
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers, analytics providers, services that advertise our products

Regulators/government agencies
Characteristics of protected classes and demographic information, such as age, sex, marital status; military or veteran status; criminal history; medical conditionsFrom our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

From our affiliations with our agents

Product sponsors, service providers, financial institutions, business partners and contacts

Public sources
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers, benefits providers

Regulators/government agencies
Commercial and financial information, such as records of personal property, products or services purchased, obtained, or considered, other purchasing or consuming histories or tendencies, information on investments, assets, expenses, net worth, tax status, holdings, account balances, transaction historyFrom our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

From our affiliations with our agents

Product sponsors, service providers, financial institutions, business partners and contacts

Public sources

Government sources and records
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers, benefits providers

Regulators/government agencies
Biometric information, such as fingerprint information from agentsFrom our affiliations with our agentsRegulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers

Regulators/government agencies
Internet or other electronic activity information, including information regarding an individual’s interaction with our Sites or application, calls and emails sent and receivedAutomated collection on our Sites, services, products, applications, databases, devices, information systems and networks, and through cookies.Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers, analytics providers, services that advertise our products

Regulators/government agencies
Audio, electronic, visual, thermal, or olfactory information, such as photographs or voicemail, emailFrom our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

Product sponsors, service providers, financial institutions, business partners and contacts

From our affiliations with our agents
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers, benefits providers

Business partners, financial services entities, product sponsors,

Regulators/government agencies
Professional or employment-related information, such as work historyFrom our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

Product sponsors, service providers, financial institutions, business partners and contacts

From our affiliations with our agents
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers, benefits providers

Business partners, financial services entities, product sponsors

Regulators/government agencies
Education information, such as information about schools attended and degrees and certifications obtainedFrom our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

Product sponsors, service providers, financial institutions, business partners and contacts

From our affiliations with our agents
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers

Business partners, financial services entities, product sponsors,

Regulators/government agencies
Associations and affiliations, such as whether client or personnel are related to someone who is employed in the securities industry, information about related parties to an account, and beneficiariesFrom our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us, including through our Sites and services

Product sponsors, service providers, financial institutions, business partners and contacts

From our affiliations with our agents
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal

Compliance and Oversight
Service providers, such as cloud storage providers

Business partners, financial services entities, product sponsors,

Regulators/government agencies
Inferences drawn from PI to create a profile about an individual reflecting, for instance, preferences, characteristics, behaviors, and aptitudes, such as credit history and risk toleranceWe may create analyses from information obtained about contractors, clients, and potential clientsClient Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal
Service providers, such as cloud storage providers

Business partners, financial services entities, product sponsors

Regulators/government agencies

Sensitive Personal Information, such as age, Social Security number, driver’s license number or other government-issued identification card information, passport number, race, ethnicity, national origin, citizenship and visa status, marital status, and sex (including gender).

From our affiliations with our agents and interactions with clients

Product sponsors, service providers, financial institutions, business partners and contacts

Public sources

Government sources and records
Client Services

Business Operations

Marketing

Protection and Defense

Regulatory and Legal
Service providers, such as cloud storage providers

Business partners, financial services entities, product sponsors

Regulators/government agencies and self-regulatory associations

Additional Information About How We Collect and Disclose your Personal Information

With respect to each of the categories of data above, we may also disclose personal information with any person to whom we transfer any of our rights or obligations under any agreement, or in connection with a sale, merger, or consolidation of our business or other transfer of our assets, whether voluntarily or by operation of law, or who is otherwise deemed to be our successor or transferee.

We do not use sensitive personal information to infer characteristics about you and typically limit our use of sensitive personal information to (1) perform services, such as to provide benefits to our customers; (2) to resist deceptive, fraudulent, or illegal actions; and (3) to ensure the physical safety of our personnel, customers, visitors, and others.

Retention Period

We retain your personal information for as long as reasonably necessary and proportionate to fulfill the purposes outlined in this Privacy Policy. Our retention of your information is governed by applicable law. We may retain personal information for longer to honor your requests, as applicable, and to comply with legal, regulatory, accounting or other obligations.

Sales and Sharing of Personal Information

In the preceding twelve (12) months, we have neither sold your personal information nor shared your personal information to a third party for cross-context behavioral advertising.

Minors Right to Opt In

Our Site is not directed to minors under the age of 16, and we do not knowingly collect information about minors. If we learn that we have erroneously collected personal information of a child under 16, we will take steps to delete such information from our files as soon as possible.

Do Not Track Requests

Currently there is no industry standard for “Do Not Track” signals, which are options on your browser that tell website operators that you do not wish to have online activity tracked. Because there is no industry standard concerning what, if anything, websites should do when they receive such signals, we currently do not take action in response to these signals.

Non-Discrimination

We are committed to complying with the law. If you exercise any of the rights explained in this Privacy Policy, we will continue to treat you fairly. You have a right not to be discriminated against for the exercise of the privacy rights conferred by the CCPA.

Accessibility

Highland is committed to ensuring that our communications, such our Sites, are accessible to individuals with disabilities. To submit accessibility-related requests or report barriers to accessibility, please contact us at 3535 Grandview Parkway, Suite 600, Birmingham, AL 35243, (833) 241-2643 or compliance@highland.com.

Changes to or Removal of Your Personal Information

If at any time you wish to change, correct, or update the personal information submitted to the Company, or otherwise have it removed from our database, you may do so at any time by submitting a request by email to compliance@highland.com. We do not sell or disclose your personal information to third parties for their direct marketing purposes.

How We Protect Personal Information

We have put in place what we believe to be reasonable physical, electronic, and managerial procedures to safeguard your personal information that we collect and to help prevent its unauthorized access and use. We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input. To assist in keeping your personal information safe, you must use an SSL-enabled browser.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Additionally, change your passwords often using a combination of letters and numbers, and make sure you use a secure web browser.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Sites. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites.

HIPAA Compliance

As a provider of services and products related to the healthcare industry, we have implemented programs to address the privacy and security implications of the rules promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

International Transfers of Data

We are based in the United States. The information you submit to us and that we collect as a result of using our Sites will be transferred to the United States. By using our Sites, products and services, you consent to the collection, international transfer, storage and processing of your information. If it is illegal to access our Sites or transfer your data to the United States, please do not use our Sites.

Usage Terms

Access to and use of this Site is subject to compliance with our Terms of Use.

Changes to this Privacy Policy

We reserve the right to make changes to our Privacy Policy from time to time for any reason. Such changes, modifications, additions, or deletions shall be effective immediately upon posting, unless otherwise indicated. We have no duty or obligation to inform prior visitors that changes have been made, regardless of the scope and importance of the changes. If we make material changes to our Privacy Policy, we will notify you through a notice on the Site’s home page. The date the Privacy Policy was last revised is identified on the Sites page which contains the Privacy Policy. You are responsible for periodically visiting our Sites and this Privacy Policy to check for any changes and notifying the Company with any issues.

We encourage you to periodically check back and review this Privacy Policy so that you always will know what information we collect, how we use it, and to whom we disclose it. Your continued use of the Sites after such changes are posted will be deemed to constitute your agreement to and acceptance of such changes.

How to Contact Us

If you have any additional questions or concerns about this Privacy Policy or its implementation, you may contact us directly by email at compliance@highland.com or (833) 241-2643.

Effective Date: January 1, 2023