Privacy Policy

Effective as of July 1, 2026. We review and update this policy at least every 12 months.

Note: Insure Things is a demonstration website. This privacy policy is a sample adapted from Osano's template and is provided for testing purposes only — it is not legal advice. Any production policy should be reviewed by your own counsel.

This Privacy Policy applies to the information and data that Insure Things (“Insure Things,” “we,” “us,” or “our”), [full legal entity name and registered address], collects when you use our website at insurethings.forestrylabs.io or our products and services.

Summary

This policy applies to:

The purpose of this Privacy Policy is to let you know how we collect, use, store, share, retain, transfer, and process your Personal Information. It also describes your choices and rights with respect to your Personal Information and how to exercise those rights. “Personal Information” is any information relating to an identified or identifiable individual.

We may amend this policy from time to time. We encourage you to review it periodically, as changes will be posted on this page. If we make any material changes, we will provide a prominent notice. If you do not agree with this policy, you should not use our website, products, or services.

What Personal Information We Collect

We collect various types of information depending on how you interact with us and what products or services you use.

Personal Information you provide to us

If you fill out a form on our website — for example, requesting a quote, submitting a request for information, or signing up for updates — we will collect and process that information to provide you with the communication, products, or services. This may include your name, email address, company name, job title, physical address, and payment and billing information.

Personal Information collected when you visit our website

When you use our website, we may automatically collect Personal Information such as IP address, user-agent information (automatically sent by your web browser, which may include device type), and information collected by cookies and similar technologies. See Cookies and Tracking Technologies below.

Personal Information collected when you use our products or services

When you use our products and services, we may collect:

We may also collect usage data regarding your use of our products and services, which may contain Personal Information. We collect payment and billing information when you register to use our products and services, and use it solely to process payments and deliver our products and services.

If we need sensitive personal information (such as health information, government-issued identification, or information about your race, religion, or political opinions), we will only collect such information with your explicit consent.

Unless otherwise noted in this policy, we act as the “controller” of the personal data that we collect and process.

How We Collect Information

We collect Personal Information from you when you visit our website or use our products and services. Some of this information is provided directly by you (for example, when you complete a form), and some is collected automatically (for example, through cookies and server logs).

We may also collect personal information from other sources, such as [public databases, affiliates, and third-party partners — list as applicable].

How We Use Your Information

We process your personal information for the following purposes:

We rely on the following legal bases for collecting and processing Personal Information:

How We Share Information

We share Personal Information with our affiliates and partners as needed to provide our services, and with service providers such as accountants, payment processors, and other vendors we use to operate our website and provide our products and services.

Our vendors and service providers are not permitted to use your personal information for any purpose other than to provide contracted services. They may not use your personal information for their own marketing, and are not allowed to share your information for marketing purposes.

We may share personal information in response to a legal summons or subpoena, or if required by law enforcement agencies.

How Long We Retain Your Information

How long we keep Personal Information depends on the type of information and the purpose for which it was collected. After a reasonable period of time, or the completion of the purpose for which it was collected, we will either delete or anonymize the information.

We retain Personal Information where we have an ongoing legitimate business purpose to do so — for example, to resolve disputes or comply with ongoing legal obligations — and for a reasonable period after our services to you are completed.

Cookies and Other Tracking Technologies

Cookies are small files stored in your web browser when you visit our website. Some cookies last only as long as you remain on the website; others (“persistent cookies”) may be stored for longer periods. Cookies can make browsing easier by storing your preferences, and they collect information such as your IP address, browser settings, and information about how you use the website. Your general location may be estimated from your IP address. Some cookies track activity across websites in order to deliver personalized advertising.

Our website uses, among others:

We use the Osano consent management platform to obtain and record your cookie preferences. You can review and change your choices at any time using the Cookie preferences link. You may also change your browser settings to reject or delete cookies, and find more information about cookies — including how to opt out of interest-based advertising — at www.cookiesandyou.com.

Your Rights Regarding Access to and Control over Personal Information

If you reside in the EU/EEA, you may have the following rights with regard to your personal information:

To exercise any of these rights, please [submit a request via your DSAR form or contact us using the details below]. We may charge a reasonable fee if your request is not valid under applicable law, or is repetitive or excessive, and we may request additional information to verify your identity before processing your request.

Information for California Residents

The California Consumer Privacy Act (CCPA), as amended by the CPRA, applies to information collected from California residents. If you are a California resident, you have the following rights:

You may be asked for more information so that we can verify your identity when you make a request. You may exercise your rights by [insert two methods, e.g., a toll-free number and an email address / online form].

We do not sell or share Personal Information to or with third parties within the meaning of the California Consumer Privacy Act. The categories of Personal Information we have collected in the preceding 12 months are described in “What Personal Information We Collect” above. [If applicable, add CPRA disclosures on sale/share by category, sensitive data handling, and retention periods per category.]

International Data Transfers

Personal Information may be transferred from users residing in the European Union to our servers, partners, or vendors located in the United States and other non-EU countries where an adequacy decision may not be in place. When we transfer Personal Information of individuals in the EEA, Switzerland, or the United Kingdom to the US, we make use of the Standard Contractual Clauses and the UK Addendum, along with additional safeguards where appropriate. To obtain a copy of the safeguards we use, please contact us at [privacy contact].

Security

We take reasonable steps to protect the information we receive from you from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. We have put in place appropriate physical, technical, and administrative measures to safeguard your information, but no security measures are perfect and the risk of a data breach cannot be entirely eliminated. Measures we use include:

Automated Decision Making and Profiling

We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing, including profiling. [If your organization does perform such processing — including uses of AI — describe the logic involved and the potential consequences for the individual.]

Children's Privacy

We do not knowingly collect or solicit personal information from children under age 13 without parental consent, unless permitted by law. If we become aware that we have collected personal information from a child under 13 without parental consent, we will delete it. If you believe a child may have provided us with personal information, please contact us.

California consumers: We will not sell the information of California consumers who are 16 or younger unless we have prior parental authorization (for consumers under 13) or opt-in consent from the minor (for consumers aged 13–16).

EU residents: We do not collect or process the personal information of data subjects in the EU under the age of 16 without explicit consent from a parent or guardian.

Sensitive Information

Unless specifically requested by us or required by law, we ask that you do not send us, or disclose on or through our website, any sensitive personal information (such as health information, government identifiers, or information about race, religion, or political opinions).

Contact Us

If you have any questions about this privacy policy, or if you want to exercise your privacy rights as outlined above, please contact us at:

Insure Things
Email: privacy@insurethings.forestrylabs.io
[mailing address]
[phone number]

Additional Information

Where we are the data controller located outside of the EU/EEA, our designated European Union representative is [name and contact details of EU representative].

If you are unsatisfied with our response to a privacy complaint, you may contact our dispute-resolution organization at [dispute-resolution provider].