Privacy Policy

Effective Date: January 1, 2024  |  Last Updated: January 1, 2024

1. Who We Are

Baker Insurance ("we," "us," or "our") is an independent insurance agency operated by a licensed insurance agent in the Commonwealth of Pennsylvania. We act as an intermediary between insurance applicants and insurance carriers; we are not an insurance carrier ourselves.

Contact Information:
Baker Insurance
Pennsylvania, USA
Email: privacy@bakerinsurance.com

2. Information We Collect

We collect the following categories of information when you submit an inquiry, contact us, or schedule a consultation:

a. Personal Identification Information

• Full name, date of birth, gender
• Email address, phone number, mailing address
• Social Security Number (only if voluntarily provided for formal application processing)

b. Health and Medical Information

• Any health notes voluntarily shared on our intake form
• Pre-existing conditions, medications, or medical history provided during consultation

c. Financial and Coverage Information

• Desired coverage type and estimated monthly budget
• Beneficiary information

d. Technical and Usage Information

• IP address at time of form submission (for consent and fraud prevention purposes)
• Browser type, referring URL (collected automatically by our servers)

e. Call Recordings

• When you call or are called by our agency, calls may be recorded with prior notice and your consent. Recording URLs are stored encrypted in our database.

3. How We Use Your Information

We use your information exclusively for:

• Providing insurance quotes from carriers appropriate to your needs
• Contacting you to discuss coverage options and answer questions
• Submitting formal insurance applications to carriers on your behalf (only with your explicit consent)
• Maintaining records of our communications as required by state insurance regulations
• Improving our services and complying with legal obligations

We do not use your information for automated decision-making, profiling, or targeted advertising. We do not sell, rent, or trade your personal information to third parties.

4. HIPAA Notice of Privacy Practices

Specifically:

• Health information you share is encrypted at rest using industry-standard Fernet (AES-128) encryption.
• Access to health data is restricted to the licensed agent and authorized staff only.
• We will disclose your PHI to insurance carriers only as necessary to obtain quotes or process applications, and only with your consent.
• We will not disclose PHI for marketing purposes without your explicit written authorization.
• You have the right to request access to your PHI, request corrections, and request restrictions on use.

To exercise any HIPAA rights or to file a complaint regarding our privacy practices, contact us at privacy@bakerinsurance.com. You may also file a complaint with the U.S. Department of Health & Human Services, Office for Civil Rights, at www.hhs.gov/ocr.

5. Data Sharing

We may share your information only in the following limited circumstances:

• Insurance Carriers: To obtain quotes or process applications with your consent.
• Technology Service Providers: Our hosting infrastructure (encrypted at rest and in transit). We use Twilio for call management; call recording metadata may be stored on Twilio's servers per their Privacy Policy.
• Legal Requirements: If required by law, court order, or regulatory authority.
• Business Transfers: In the event of a merger or acquisition, with advance notice to you.

6. Data Security

We implement the following security measures to protect your data:

• Field-level encryption (Fernet / AES-128-CBC + HMAC-SHA256) for sensitive fields including date of birth, SSN, health notes, and call recording URLs.
• bcrypt password hashing for all agent accounts.
• TLS/HTTPS encryption for all data in transit.
• Access controls limiting sensitive data to authorized personnel only.
• Regular security reviews and updates.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this policy and to comply with our legal obligations:

• Client records: Retained for a minimum of 7 years following the last active policy or inquiry, as required by Pennsylvania insurance regulations.
• Call recordings: Retained for 3 years unless a longer period is required by applicable law.
• Inquiry-only records (no policy issued): Retained for 2 years from last contact, then securely deleted.

8. Your Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your data, subject to legal retention requirements.
• Opt-out of Communications: Unsubscribe from non-essential communications at any time.
• Data Portability: Request your data in a structured, machine-readable format.

To exercise any of these rights, contact us at privacy@bakerinsurance.com. We will respond within 30 days.

9. Cookies and Tracking

Our website uses only essential session cookies required for form submission and security purposes. We do not use third-party tracking cookies, advertising cookies, or analytics services that collect personal information.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has submitted information to us, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of our services after any changes constitutes your acceptance of the updated policy.

12. Contact Us

For questions, concerns, or to exercise your data rights, please contact:
Baker Insurance
Pennsylvania, USA
Email: privacy@bakerinsurance.com