PRIVACY POLICY

Lamb Insurance Services (“Lamb”) is committed to protecting your privacy. This privacy policy (“Policy”) sets out details of the information that we may collect from you and how we may use that information. Please take your time to read this notice carefully. When using a Lamb website, this Policy should be read alongside the website terms and conditions. This Policy applies only to information collected through Lamb-owned platforms that reference this Policy, including the following websites (“Site”):

We may change the provisions of this Policy at any time and will indicate when changes have been made by revising the date at the top of this Policy and on this website.

We may revise and update the provisions of this Policy from time to time at our sole discretion. All changes are effective immediately when posted. Your use of the Services following the posting of such changes shall constitute your consent to such changes. We encourage you to review this Policy whenever you access the Services to see if it has changed and make sure that you understand the most current information about your privacy.

Children’s Information. We do not knowingly collect or use any information from children (we define “children” as minors younger than 13) on our online environments. We do not knowingly allow children to order our products or services, communicate with us or use any of our online environments. If you are a parent and become aware that your child has provided us with information, please contact us using one of the methods specified below, and we will work with you to address this issue.

What personal information do we collect and use?

Lamb is dedicated exclusively to non-profit and social service organizations. We provide property casualty, employee benefits, and risk management solutions to organizations of any size and budget. Your protection is our mission.
For us to provide you with a quote and then insurance, and deal with any claims or complaints that might arise, we need to collect and process data about you.
If you provide personal information to us about other individuals (for example, members of your family) you will inform them about the contents of this notice and obtain any required consent in accordance with this Policy.

What information does Lamb collect?

Lamb collects information: (1) you provide when you use the Services; (2) automatically from you through the use of the Services; and (3) gathered from third parties in connection with your use of the Services.

Information that you provide

Lamb may collect information that you provide when you use the Services. This information collection may occur, for example, when you: (1) fill out online forms or applications; (2) create an online account or register to use the Services; (3) make a purchase; (4) send questions or comments via email, text messaging or live chat to customer support; (5) submit your resume to us online; (6) fill out online surveys; and (7) otherwise communicate or interact with us through the Services.

The types of information that you provide may include your name, postal address, email address, telephone number, insurance policy number(s), financial account number, Social Security number, credit card information, gender, birth date and other contact or identifying information. We may combine this information with other personal information now or in the future. Some of the information you may provide is considered Personal Information. This includes Personally Identifiable Information (PII), Payment Card Information (PCI) or Personal Health Information (PHI). The term PII refers to information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. It is important to recognize that non-PII can become so whenever additional information is made publicly available — in any medium and from any source — that, when combined with other available information, could be used to identify an individual. You may also provide PCI such as card number, expiration date and security code or PHI as defined in HIPAA regulations. You will only be asked to provide this information if required for the completion of the intended services.

Information we collect automatically through collection technologies
When you access or use our Services, we may also automatically collect information about you, such as the type of computer you are using, its operating system, Internet Protocol (IP) address, access times, browser type and language and the URL of the website you visited before navigating to our Services.

To collect these types of information, we may use the technologies, including those identified below:

Browser Cookies: Cookies are small data files stored on your computer or mobile device by a website. Among other things, cookies help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. In addition, when you view a video on our Services, we may set a cookie on your computer or device. For more information about cookies, and how to disable them, please see What are your information sharing choices? below.
Storage Cookies: Certain features of our websites may use locally stored objects (storage cookies) to collect and store information about your preferences and navigation to, from and on this website. Such cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons: Pages of our website and our emails may contain small electronic files known as web beacons (also referred to as web bugs, clear gifs. pixel tags and single-pixel gifs) that permit the Company, for example, to monitor user behavior, deliver cookies, collect information, count visits, understand usage and campaign effectiveness, to tell if a recipient has opened and acted upon an email and verifying system and server integrity.

Website Analytics: Lamb uses analytics services and software provided by third parties to help us understand how users access and use the Services. These tools and services place cookies, web beacons and other devices or technologies on our Services to enable them to track traffic data. The data collected typically includes information such as your IP address, your Internet Service Provider, your web browser, the time spent on web pages, the links clicked, and the advertisements viewed on those pages. We use this information to improve our Services and your experience, to see which areas and features of our Services are popular, and to count visits.

How does Lamb use the information it collects?

We may use the information including PII that we collect or you provide as described in this Policy for the following purposes:

  • To monitor and evaluate trends, usage and activities in connection with our Services;
  • To improve the Services and customer service;
  • To monitor performance and usage of the Services, identify problem areas with the Services, and inform design development for future Services and updates to existing Services;
  • To provide and deliver the products and services you request, process transactions, and to send you related information, including expiration and renewal notices, confirmations and invoices;
  • To send you advertising or promotional materials, including information about new products, contests, features and enhancements, special offers and other events of interest from Lamb and our select partners;
  • To respond to your comments, questions and requests;
  • To notify you about changes to this website or any products or services we offer or provide though it;
  • To allow you to participate in interactive features on this website;
  • For any other purpose with your consent.

What marketing activities do we carry out?

We may use your personal information to provide you with information about products or services that may be of interest to you when you are an existing customer or when you have provided your consent for us to do so. We may do this by mail or email.

We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you wish to opt out of marketing, you may do so by clicking on the “unsubscribe” link that appears in all emails or telling us when we call you. Otherwise you can always contact us using the details set out in section 6 to update your contact preferences.

Please note that, even if you opt out of receiving marketing messages, we may still send you service related communications where necessary.

How long do we keep personal information for?

We will only keep your personal information for the minimum periods required to fulfill the relevant purposes set out in this Policy.

We are also required to keep certain information to comply with our legal and regulatory obligations.

The exact time period will depend on your relationship with us and the type of personal information we hold. For example, if you take out an insurance policy with us, we will keep your personal information for longer than if you obtain a quote from us but do not take out a policy.

 

How do we protect your information?

We maintain administrative, physical, and technological measures to protect the confidentiality and security of personal information you submit to us. We use a range of organizational and technical security measures to protect your information, including:

  • Network security measures such as intrusion detection systems;
  • Access controls such as password protection and user logging; and
  • Virus and malware controls on our systems.

We review our security measures periodically. We also ensure that our employees receive appropriate data security training.

California Privacy Supplement

This California Privacy Supplement (“Supplement”) supplements the information otherwise contained in this Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this Supplement to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this Supplement.

Lamb collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Personal Information”). In particular, Lamb has collected (or not collected, if indicated below) the following categories of personal information from its consumers in the past twelve (12) months:

Category Examples Collected
A. Identifiers A real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) A name, signature, address, telephone number, education, employment, employment history, credit card number (if applicable), debit card number (if applicable), or any other methods of payment (if applicable) for our products, or medical information (if applicable).

Some personal information included in this category may overlap with other categories.

YES
C. Protected classification characteristics under California or federal law Age (40 years or older), medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), veteran or military status. NO
D. Commercial information Records of products or services purchased, obtained, or considered. YES
E. Biometric information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. NO
F. Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data Physical location or movements. NO
H. Sensory data Audio, electronic, visual, thermal, olfactory, or similar information. We record our customer interactions with our call centers. NO
I. Professional or employment-related information Current or past job history or performance evaluations. YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other personal information Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. NO

Lamb obtains Personal Information from categories of sources as set forth in the “How will we collect your personal information” subsection above. Lamb will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you with additional notice.

Deletion Request Rights

You have the right to request that Lamb delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us
  • Comply with a legal obligation
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.

 

Contacting us

If you would like further information about any of the matters in this notice or have any other questions about how we collect, store or use your personal information, or to exercise your rights under the California Consumer Privacy Act (California Residents only), you may contact us by telephone at (949) 329-3000.