Privacy Policy

1. Who We Are

Just Insurance Svcs ("Company," "we," "us," or "our") is a Florida-licensed insurance agency located at 28927 S Dixie Hwy, Homestead, FL 33033 (License #L047919). We provide health, Medicare, life, auto, home, and commercial insurance services to individuals and families throughout Florida.

This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit our website at justinsurancesvcs.com, contact us by phone or email, or use any of our services.

2. Information We Collect

2.1 Information You Provide Directly

• Contact Information: Name, mailing address, email address, telephone number.
• Demographic Information: Date of birth, gender, household size, income range (for ACA eligibility purposes).
• Health Information: Current health coverage, medical conditions disclosed voluntarily for insurance quoting purposes, Medicare eligibility status.
• Financial Information: Payment information for premium processing (processed through secure third-party payment processors; we do not store full card numbers).
• Insurance Information: Current policy details, coverage preferences, claims history as disclosed by you.
• Employment Information: Submitted via our Careers application form.
• Electronic Signature: Captured on our Health Insurance Consent Form for CMS compliance.

2.2 Information Collected Automatically

• Log Data: IP address, browser type, operating system, referring URLs, pages visited, time and date of visit.
• Cookies and Tracking Technologies: We use Google Analytics 4 (GA4) with IP anonymization enabled. GA4 uses cookies to analyze website traffic and user behavior in aggregate. You may opt out via the Google Analytics Opt-out Browser Add-on.
• Device Information: Device type, screen resolution, and browser language.

2.3 Information from Third Parties

• Insurance carriers and the Health Insurance Marketplace (Healthcare.gov) may share enrollment confirmation data with us as your authorized agent of record.
• EZlynx, our agency management and quoting platform, processes quote requests on our behalf.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Insurance Services: To provide insurance quotes, process applications, manage policies, and assist with claims on your behalf.
• CMS Compliance: To fulfill our obligations as a CMS-regulated agent/broker, including maintaining records of scope-of-appointment forms, consent documentation, and enrollment activities as required by 42 CFR § 422.2274 and § 423.2274.
• Communications: To respond to your inquiries, send appointment confirmations, policy reminders, and renewal notices. We will only contact you by phone, text, or email with your prior express consent as required by the TCPA.
• Marketing: To send you information about insurance products and services that may interest you, subject to your consent and applicable CMS marketing guidelines. You may opt out at any time.
• Legal Compliance: To comply with applicable federal and state laws, including HIPAA, FIPA, CMS regulations, and Florida Department of Financial Services (DFS) requirements.
• Security and Fraud Prevention: To detect, investigate, and prevent fraudulent transactions and other illegal activities.
• Business Operations: For internal analytics, quality assurance, staff training, and service improvement.
• Recruitment: To evaluate employment applications submitted through our Careers page.

4. How We Share Your Information

We do not sell your personal information. We may share your information only in the following circumstances:

• Insurance Carriers: We share your information with insurance carriers and the Health Insurance Marketplace as necessary to obtain quotes, submit applications, and manage your coverage. This sharing is authorized by your signed consent or scope-of-appointment form.
• Service Providers (Business Associates): We share information with trusted third-party vendors who assist us in operating our business, including EZlynx (agency management), email service providers, and IT support. These vendors are contractually required to protect your information and may not use it for their own purposes. Where required by HIPAA, we execute Business Associate Agreements (BAAs).
• Legal Requirements: We may disclose your information if required by law, court order, subpoena, or government regulation, including disclosures to the Florida Department of Financial Services, CMS, or HHS Office for Civil Rights.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to the same privacy protections.
• With Your Consent: We may share your information for any other purpose with your explicit written consent.

5. Health Information — HIPAA Considerations

When you provide health-related information to us for the purpose of obtaining health insurance, we treat that information with the same protections required by the HIPAA Privacy Rule (45 CFR Part 164), even where HIPAA may not directly apply to us as an insurance agent.

• Health information is used only for the purpose for which it was provided — obtaining insurance coverage on your behalf.
• We do not disclose health information to employers, family members, or other third parties without your written authorization, except as required by law.
• We maintain physical, electronic, and administrative safeguards to protect health information from unauthorized access, use, or disclosure.
• Electronic health information is transmitted using industry-standard encryption (TLS 1.2 or higher).

For a full description of your rights regarding protected health information, please review our HIPAA Notice of Privacy Practices.

6. Cookies and Tracking Technologies

Our website uses the following types of cookies and tracking technologies:

You may disable cookies in your browser settings. Note that disabling essential cookies may affect website functionality. We do not use cookies for advertising or cross-site tracking.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

• Insurance Records: Minimum 5 years from policy expiration, or as required by Florida DFS regulations (Fla. Admin. Code Rule 69B-231).
• Medicare/CMS Records: Minimum 10 years, as required by CMS regulations (42 CFR § 422.504(d)).
• Consent and Scope-of-Appointment Forms: Minimum 10 years per CMS requirements.
• Website Analytics: 26 months (Google Analytics default).
• Employment Applications: 2 years from date of submission.

8. Your Rights and Choices

Depending on your state of residence and the type of information involved, you may have the following rights:

• Right to Access: Request a copy of the personal information we hold about you.
• Right to Correction: Request correction of inaccurate or incomplete information.
• Right to Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Right to Opt Out of Marketing: Unsubscribe from marketing communications at any time by clicking "unsubscribe" in any email or contacting us directly. Opting out of marketing does not affect service-related communications.
• Right to Opt Out of Analytics: Use the Google Analytics Opt-out Add-on to prevent GA4 data collection.
• HIPAA Rights: If your information constitutes Protected Health Information (PHI), you have additional rights under HIPAA. See our HIPAA Notice of Privacy Practices.
• Florida FIPA Rights: Florida residents have the right to be notified of a security breach involving their personal information within 30 days of discovery (Fla. Stat. § 501.171).
• CCPA Rights (California Residents): California residents have the right to know, delete, and opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at [email protected] or call (716) 424-5479. We will respond within 30 days.

9. Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your personal information, including:

• TLS 1.2+ encryption for all data transmitted to and from our website.
• CSRF (Cross-Site Request Forgery) protection on all form submissions.
• Rate limiting and input validation on all API endpoints.
• Role-based access controls limiting staff access to personal information on a need-to-know basis.
• Regular security reviews and updates.
• Secure, encrypted storage of electronic records.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.

10. Children's Privacy

Our website and services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us immediately and we will promptly delete such information.

11. Third-Party Links

Our website may contain links to third-party websites, including insurance carrier portals, Healthcare.gov, and Medicare.gov. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the privacy practices of third parties.

12. Telephone and Text Message Communications

By providing your telephone number and consenting to be contacted, you agree that Just Insurance Svcs may contact you by telephone, text message (SMS), or automated dialing system for insurance-related purposes. Standard message and data rates may apply.

You may opt out of text messages at any time by replying "STOP" to any text message from us. You may opt out of phone calls by requesting to be placed on our internal Do Not Call list. We comply with the Telephone Consumer Protection Act (TCPA), 47 U.S.C. § 227, and the FTC's Telemarketing Sales Rule.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated Policy on this page with a revised "Last Updated" date. For material changes, we will provide additional notice (such as an email notification or a prominent notice on our website). Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Policy.

14. Governing Law

This Privacy Policy is governed by the laws of the State of Florida and applicable federal law, including but not limited to HIPAA (45 CFR Parts 160 and 164), the Florida Information Protection Act (Fla. Stat. § 501.171), CMS regulations (42 CFR Parts 422 and 423), the TCPA (47 U.S.C. § 227), and the CAN-SPAM Act (15 U.S.C. § 7701 et seq.).

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:

You also have the right to file a complaint with the Florida Department of Financial Services at myfloridacfo.com or with the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr .