Effective Date: December 1, 2021
Privacy and security are very important to us at Trellis. This Policy is meant to help you understand how we at Trellis collect, use, and share end user information in our possession to operate, improve, develop, and protect our services, and as otherwise outlined in this Policy. Please take some time to read this Policy carefully.
For information about the relevant Trellis entity that is responsible for processing your information, please see the Contacting Trellis section below.
A quick note about Trellis
Our mission at Trellis is to enable modern distribution of home and auto insurance. Our technology makes it easier for you (the “end user”) to get and maintain the best insurance coverage by making it safer and easier to connect your personal insurance information to software applications that help you do things like save money, buy a car, or understand and select coverage options. These software applications are built and provided by our business customers (we’ll call them “developers” here) and are powered by Trellis. By delivering, with your consent, access to high-quality, usable insurance data that we’ve translated and standardized, we enable our developers to build, simplify, and improve experiences that benefit you.
About this Policy
Please note that this Policy only covers the information that Trellis collects, uses, and shares, and it does not explain what our developers do with any end user information we provide to them (or any other information they collect about you, their end user). This Policy also does not cover any websites, products, or services provided by others. We encourage you to review the privacy policies or notices of our developers or those third parties for information about their practices.
Information We Collect
Information you provide. When you connect your insurance accounts with a developer application or otherwise connect your insurance accounts through Trellis, we collect login information required by the provider of your account, such as your username and password, answers to challenge questions, or a security token. When providing this information, you give the developer and Trellis the authority to act on your behalf to access and transmit your information from the relevant insurance institution.
Information collected from your insurance institutions. The information we receive from the insurance institutions that maintain your insurance accounts varies depending on the information made available by those institutions. But, in general, we collect the following types of information from your insurance institutions:
- Account information
- Information about auto, home and medical insurance policies, vehicles, and personal information (including drivers license, social security, medical and financial information contained within your policies) related to providing an accurate insurance quote;
How We Use Your Information
We use the information we collect to operate, improve, and protect the services we provide, and to develop new services. More specifically, we use your information:
- To operate, provide, and maintain our services;
- To improve, enhance, modify, add to, and further develop our services;
- To protect you, our developers, our partners, or Trellis from fraud, malicious activity, and other privacy and security-related concerns;
- To develop new services;
- To provide customer support to you or to our developers, including to help respond to your inquiries related to our service or our developers’ applications;
- To investigate any misuse of our service or our developers’ applications, including violations of their agreements with us, criminal activity, or other unauthorized access to our services; and For any other purpose with your consent.
How We Share and Store Your Information
We take deliberate steps designed to protect end user information in our possession. These steps include maintaining information security controls such as data encryption, firewalls, logical and physical access controls, and continuous monitoring. These controls are regularly evaluated for effectiveness against industry standards internally and by independent security auditors.
We do not sell or rent end user information to marketers or other third parties. But we do share end user information with third parties as described in this Policy. For example, we share your information with the developer of the application you are using and as directed by that developer (such as with another third party if so directed by you). We also share your information:
- With your consent;
- With our service providers, partners, or contractors in connection with the services they perform for us or our developers;
- If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (such as a court order or subpoena);
- In connection with a change in ownership or control of all or a part of our business (such as a merger, acquisition, reorganization, or bankruptcy);
- Between and among Trellis and our current and future parents, affiliates, subsidiaries and other companies under common control or ownership; or
- As we believe reasonably appropriate to protect the rights, privacy, safety, or property of you, our developers, our partners, or Trellis.
We may collect, use, and share information in an aggregated or anonymized manner (that does not identify you personally) for any purpose permitted under applicable law. This includes creating or using aggregated or anonymized data based on the collected information to develop new services and to facilitate research.
We retain information we collect about you for as long as necessary to fulfill the purposes for which we collected it, unless a longer retention period is required or permitted under applicable law. As permitted under applicable law, even after you stop using an application or terminate your account with one of our developers, we may still retain your information (for example, if you still have an account with another developer). However, your information will only be processed as required by law or in accordance with this Policy.
Trellis’ Security Policy
We have implemented reasonable administrative, technical and physical security measures to protect Personal Information against unauthorized access, destruction or alteration.
Response To “Do Not Track” Signals
“Do Not Track” is a feature enabled on some browsers that sends a signal to request that a website disable its tracking or cross-website user tracking.
Trellis shall treat any user-enabled global privacy controls, such as a browser plug-in or privacy setting, device setting, or other mechanism, that communicate or signal the consumer’s choice to opt-out of the sale of their Personal Information as a valid request submitted pursuant to the CCPA for that browser or device, or, if known, for the consumer.
Changes To This Policy
We may change this Policy from time to time. If we make changes, we will post the new policy on Trellis’s website at https://trellisconnect.com/legal and update the effective date at the top of this Policy. We will also notify our developers of any material changes in accordance with our developer agreements, as they are generally best positioned to notify their end users about such changes to this Policy, as appropriate.
If you have any questions or complaints about this Policy, or about our privacy practices generally, you can contact us at firstname.lastname@example.org or by mail at:
Trellis Technologies, Inc. Attn: Legal, 340 South Lemon Avenue #8735 Walnut CA 91789 or email@example.com
What Are Cookies
Cookies are small data files stored on your browser or device. They can be in the form of session cookies (which expire once you close your web browser) or persistent cookies (which stay on your browser for a set period of time or until you delete them).
Cookies may be served by the entity that operates the website you are visiting (“first-party cookies”) or by other companies (“third-party cookies”). For example, we use first-party cookies to remember your settings and preferences, such as language and location. We also integrate third-party analytics cookies, like Google Analytics, onto our websites to help us understand how you are using our websites so that we can improve them.
We also use other technologies that function similarly to cookies. For instance, we use web beacons (also called pixels), which are small images on a web page or in an email. Web beacons collect information about your browser or device and can set cookies. In addition, we use local storage, which allows data to be stored locally on your browser or device.
|CATEGORY OF COOKIES||HOW WE USE THESE COOKIES|
|Essential||These cookies are strictly necessary for our Services to function properly.|
|Preferences||We use these cookies to remember your settings and preferences, such as language and location.|
|Security||We use these cookies to help identify and mitigate potential security risks.|
|Analytics||We use these cookies to better understand how you interact with our Services so that we can improve them. For example, we may use these cookies to determine if you have interacted with certain content or features. We can also use these cookies to learn more about which features are the most popular with our users and where we may need to make improvements.|
|Advertising||We and our trusted advertising partners use these cookies to display advertisements, to make advertisements more relevant to visitors to our websites, and to track the efficiency of any advertising campaigns, both on our Services and on other websites.|
You have the right to choose whether or not to accept cookies. However, since cookies can be an important part of how our Services work, if you remove or reject cookies, this could affect the availability and functionality of our Services.
Below are some options to control or limit how cookies are used on our Services:
- Although most browsers and devices accept cookies by default, you can usually manage settings to remove or reject browser cookies manually within your browser’s configuration settings. Please note that if you remove or reject cookies some of the features of our website may not function properly.
Your California Privacy Rights
This California Privacy Rights Notice (“Notice”) addresses Trellis’s disclosure obligations under the California Consumer Privacy Act of 2018 (“CCPA”) and the California Civil Code Section 1798.83. For purposes of this section, “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA. For instance, the CCPA does not apply to personal information collected or disclosed in connection with financial products or services that are used primarily for personal, family, or household purposes.
A. Personal Information Collected and Disclosed:
Trellis’s practices regarding the collection, use and/or disclosure of Personal Information currently and during the past twelve months are as follows:
Personal Information Collected, Used and/or Disclosed in Preceding 12 Months
|CCPA Category||Source of Collection||Business Purpose||Disclosed or Shared for Business Purpose?|
|Identifiers (such as name/alias, email, address, cell or telephone number, IP address, unique online ID)||You; service providers, devices||Respond to requests for information, provide services, auditing, analytics, marketing||Yes; service providers; insurance companies; insurance marketing partners|
|Civil Code Section 1798.140 information (such as name, address, cell or telephone number, driver’s license or state identification card number, insurance policy number, financial information, medical information)||You; service providers, devices||Respond to requests for information and provide services||Yes; service providers; insurance companies; insurance Marketing partners|
|Commercial information (such as products/services purchased, obtained or considered)||Devices||Analytics||Yes; service providers|
|Online identifiers (such as IP address or other unique online ID, browsing history, interaction with our website and advertisements)||You, service providers, devices/td>||Respond to requests for information, provide services, analytics, marketing and tracking website usage||Yes; service providers; insurance companies; insurance marketing partners|
|Medical information||You; service providers||Respond to requests for information and provide services||Yes; service providers; insurance companies|
|Geolocation data||You; service providers||Analytics||Yes; service providers|
Other Potential Third Party Disclosures: Personal Information may also be disclosed as described in the “Other Potential Disclosures” section above.
Sale of Personal Information
In the last 12 months, Trellis has shared, with your express consent, certain Personal Information listed in Section 5.A above pursuant to requests such as a rate comparison for insurance product(s). Trellis may receive a fee for the transfer of that data. See below for information on opting out of the sale of your personal information.
Your Rights Under CCPA
California residents may exercise the following CCPA rights:
Request for Information:
You can request the following information about our practices during the past 12 months:
- The categories of Personal Information that we have collected.
- The categories of sources from which we collected Personal Information.
- The business or commercial purpose for collecting and/or disclosing Personal Information.
- The categories of third parties with whom we share Personal Information.
- The categories of Personal Information that we sold or disclosed for a business purpose, and if so, the categories of Personal Information received by each category of third-party recipient.
Request to Access:
You can request a copy of the Personal Information that we have collected about you during the past 12 months.
Request to Delete:
You can ask us to delete the Personal Information that we have collected from you.
Right to Opt-Out – Do Not Sell My Personal Information
You have the right to opt out of the “sale” of Personal Information as that term is defined by the CCPA. You may do so through either of the following methods:
- Submit a request through our “” Web Form.
- Email firstname.lastname@example.org with a subject heading “Do Not Sell My Personal Information”
How to Exercise Your Rights to Know, Access and Delete:
You can request to exercise your information, access and deletion rights by emailing email@example.com.
We will need to verify your identity to process your information, access and deletion requests and reserve the right to confirm your California residency. To verify your identity, we may require you to provide government identification, give a declaration as to your identity under penalty of perjury and/or provide additional information.
Under the CCPA, you may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465. If you have not provided your agent with such a power of attorney, you must provide your agent signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity, and provide us with written confirmation that you have given the authorized agent permission to submit the request.
You are entitled to exercise the rights described above free from discriminatory treatment as prohibited by the CCPA.
Your Rights Under California’s Shine the Light Law
Under California’s Shine the Light law, you may also ask companies with whom you have formed a business relationship primarily for personal, family or household purposes to provide the names of third parties to which they have disclosed certain personal information (as defined under the Shine the Light law) during the preceding calendar year for their own direct marketing purposes and the categories of personal information disclosed. You may send us requests for this information to firstname.lastname@example.org. In your request, you must include the statement “Shine the Light Request,” and provide your first and last name and mailing address and certify that you are a California resident. We reserve the right to require additional information to confirm your California residency.
Accessibility of this CCPA Policy.
You can download and print a copy of this Notice here: California Consumer Privacy Rights Notice
Last Updated December 1, 2021