A Decrease font size. A Reset font size. A Increase font size.

CCPA Privacy Notice

California Consumer Privacy Act (“CCPA”) Notice

We are Canopius Group Limited, which has its head office in Jersey and operates in the UK, Bermuda, Australia, USA and Singapore. The Canopius group is made up of a number of trading companies. For more information, please visit our website at www.canopius.com.

We act as the underwriters of your insurance policy. To find out more about how we might use your information within the London Insurance Market, please visit www.londonmarketgroup.co.uk/gdpr. For additional privacy information that may be relevant to you, please also see our Global Privacy Notice.

  1. SCOPE

    This California Privacy Notice (“Notice”) is specifically for California residents. It aims to help you understand how Canopius Group Limited (“Canopius,” “we,” “us,” or “our”) may collect, use, share, or otherwise process your personal information. Additionally, it explains how you can exercise your privacy rights under the California Consumer Privacy Act (“CCPA”).

    This Notice applies to information that we collect both online and offline. This includes information gathered on websites that expressly link to this Notice (“Sites”), including www.canopius.com and in connection with our products and services (collectively, the “Services”). Importantly, this Notice does not apply to:

    1. Exempt Information. This Notice does not cover information that falls under certain exemptions, including:
      • Financial. Information collected or subject to the federal Gramm-Leach-Bliley ‎‎Act or the California Financial Information Privacy Act.
      • Medical and Health. Medical and health information protected by the Health Insurance Portability and Accountability Act.
      • Public or De-identified. Information that is de-identified or publicly available.
    2. Worker or Job Applicant Data. This Notice does not apply to information collected in the context of job applicants or workers. For details on how we handle such information, please refer to our CA Worker and Applicant Privacy Notice.

    If you have a disability that prevents or limits your ability to access our privacy-related notices, please contact us at privacy@canopius.com. We will work with you to provide the notices in an alternative format.

  2. PERSONAL INFORMATION WE COLLECT

    How this Notice applies to you depends on your relationship with us and how you interact with our Services:

    1. Online Visitor: If you browse our Sites, interact with our content, inquire about our Services, or engage with us through online and digital marketing, you are considered an Online Visitor.
    2. Associated Individuals: Canopius provides insurance-related services to organizations and entities, referred to as “Clients” in this Notice. “Associated Individuals” are those connected with Clients who seek or obtain insurance services from Canopius. This includes employees, workers, brokers, and other representatives acting on behalf of an organization. Additionally, it encompasses individuals acting on behalf of our vendors and business partners from whom we acquire products and services. In this context, we collect information within a business-to-business setting.We collect personal information based on your interactions with us and your or our Clients’ use of our Services. This includes information you provide directly, such as details when Clients seek insurance services. We also gather information from other sources, like other insurance companies, data brokers, credit bureaus, and public databases. Additionally, we automatically collect data when you visit our Sites using online collection technologies. Below, we detail the types of personal information we collect from these various sources.
    3. Personal Information You Provide to Us Directly or Collected from Other Sources
      • Identifiers. This may include information such as your name, alias, postal address, Social Security number, driver’s license or other government identifier, signature, email address, phone number, or similar identifiers.
      • Commercial Information. This may include records of personal property, as well as details about products or services that have been purchased, obtained, or considered. It also encompasses purchasing or consumption histories and tendencies.
      • Financial-Related Information. This may include information pertaining to your bank or credit card accounts that are used to obtain our Services.
      • Characteristics of Protected Classifications. This may include age, national origin, religion, citizenship, marital status, physical or mental disability, genetic information or ancestry, sex, veteran or military status.
      • Sensory Data. This may include images, audio, video, or call recordings that are created or obtained as part of our business activities.
      • Professional or Employment-Related Information. This may include information such as your company name, industry, role within the company, business contact details (e.g., phone and email address), educational and professional background, and additional details related to the organization you are affiliated with.
      • Your Communications with Us: We may collect personal information, including your name, email address, postal address, and telephone number, when you use or request information about our Services, contact us for support, or exercise a privacy right.
      • Inferences Drawn from Other Personal Information. This may include insights about your preferences, characteristics, traits, tendencies, behaviors, or attitudes.
      • Sensitive Personal Information. This may include details such as your Social ‎Security number or other government ‎identifier, racial or ethnic origin, religious or philosophical beliefs, union membership, and account login information or financial account numbers with associated credentials, citizenship, or immigration status.
    4. Personal Information Collected Automatically
      We, along with third parties that provide content, advertising, or other functionalities on our Services, may use cookies, pixel tags, local storage objects, and other technologies (“Collection Technologies”) to automatically collect information during your use of our Services. The types of personal information we collect using Collection Technologies include the following:
      • Internet or Other Electronic Network Activity Information: This includes your Internet Protocol (IP) address and Internet Service Provider (ISP). We may also gather data regarding your interaction with our Sites, such as the pages you visit before, during, and after using our Sites, the content and links you engage with, the frequency and duration of your activities, and other related usage information.
      • Device Information: We may collect details such as your Media Access Control (MAC) address, mobile carrier, mobile advertising identifiers, and other unique identifiers. Additionally, we gather cookie identifiers, browser or device information, and information regarding your user settings.
      • Geolocation Information: We may collect approximate location data derived from your IP address.
        Our use of Collection Technologies generally falls into the categories listed below. Please note that these are the main ways of classifying Collection Technologies, although there may be others that will not fit neatly into these categories or may qualify for multiple categories.
      • Essential. These technologies are necessary for accessing our Sites. They help us identify irregular website behavior, prevent fraud, enhance security, and enable you to use the features we offer.
      • Performance and Functionality: These technologies are used to assess the performance of our Sites and to offer you enhanced functionality. This may include recognizing you when you sign in, as well as remembering your preferences, interests, and previously viewed items.
      • Analytics and Customization. We use these technologies to understand how our Sites are used and to evaluate our marketing campaigns. This helps us see how visitors interact with our Sites. For example, one of the analytics technologies we may use is Google Analytics. To better understand how Google uses your personal information (including for its own purposes, such as profiling or linking it to other data), you may wish to review Google Analytics’ Notice. To learn more about how to opt-out of Google Analytics’ use of your information, please click here. We also utilize LinkedIn Analytics. For more information about how LinkedIn uses your personal information, please visit LinkedIn Analytics’ Privacy Policy. To learn more about how to opt-out of LinkedIn’s use of your information, please click here.
      • Advertising (Targeting). We may use first-party and third-party technologies, including cross-device tracking, to show you content and ads relevant to your interests on our Sites or other websites. For example, we use Google’s Dynamic Remarketing. For more information on how Google uses your personal information, please visit Google’s privacy policy. To control how Google uses your information for ads, click here. We also rely on Bing Ads. For more information about Microsoft’s use of your personal information, please visit Microsoft’s privacy statement. To learn more about how to control Microsoft’s use of your information for ads, please click here.
      • Session Replay / Pixel Tracking.  We also rely on Collection Technologies, which collect detailed information about your activities on our Sites. These collect usage information that tracks your interactions with our website, including mouse ‎movements, text, and other information, associated with your visit to our website. This ‎information is used to help us improve our website, services, and to better provide you with information you ‎are interested in when you visit our website.

    For more information about how these technologies ‎process your information, please review our website cookies policy: Cookie Policy: Your Privacy Matters | Canopius.

  3. HOW WE USE PERSONAL INFORMATION

    We use personal information for a variety of purposes, including:

    • To develop and provide our Services, including to operate, troubleshoot, develop, improve, upgrade, or enhance our existing Services or those we are considering offering in the future.
    • For policy management purposes, including providing quotations and setting up policies, evaluating risks and matching them to appropriate policies and premiums, administering and managing policies (such as collecting and refunding premiums if necessary), actuarial analysis for risk and premium calculations, sending policy documents, and renewing policies while contacting entities for renewal.
    • For client setup and care, including conducting necessary fraud, credit, financial crime, anti-money-laundering, and sanctions checks, providing general client care, handling, investigating and responding to client concerns, and communicating about policy management and making requested changes.
    • For claims management, including processing and managing insurance claims.
    • To provide access to and maintain our Sites, including to provide access to certain areas, functionalities, and features of our Services to online visitors, and to maintain business continuity, system testing, privacy controls and network controls.
    • To respond to or notify you, including when you contact us with a comment, request, or question; request information about our Services; or to send you technical notices, updates, security alerts, and other administrative messages.
    • To personalize your experiences with us, including remembering your interests and preferences. This allows us to offer you customized content and other personalized features, making our Services more relevant to your interests and geographic location.
    • For research and analytical purposes, we aim to understand how you access and use our services, identify usage trends, and develop data analyses. This includes conducting research, audits, reporting, and other business operations, such as assessing the effectiveness of our promotional campaigns and evaluating our business performance. Additionally, for profiling purposes, we may compare personal information against industry averages when calculating insurance premiums and use this data to update industry averages, or other risk modeling and product/pricing refinement.
    • For marketing and advertising purposes, including to measure your interest in and engagement with our Services. This helps us offer new products, present promotional offers, and provide you with information about our products and services, as well as those of others. We may also use your information for short-term, transient purposes, such as customizing ads.We may also use your personal information to tailor your experience with our Services and deliver content and ads as allowed by law. Our marketing efforts may include email campaigns, text messages, custom audience advertising, and “interest-based” or “personalized advertising,” including through cross-device tracking. If you have questions about our marketing practices or wish to opt out, please refer to Section 5 (“Collection Technologies Preferences”) and Section 6 (“Your Privacy Rights”) of this Notice.
    • For our business purposes, including operate and improve our business, Services, in connection with potential business transactions (e.g., mergers, acquisitions, reorganizations, transfers), internal administration and auditing, quality assurance, financial accounting, managing commercial risk (insurance/reinsurance), administering business agreements, debugging to identify and repair our Sites or other Services-related errors; quality control, and data analysis; and for any other business purpose permitted by law.
    • For legal compliance and safety purposes, such as to operate, troubleshoot, repair, and improve our Sites; secure or enhance our Services administer and enforce our agreements and policies (including without limitation, this Notice and our Terms of Use) and notify you of changes; carry out activities that are required to comply with our legal obligations imposed by law, regulation, decree, court order, or legal settlement); investigate illegal activities, suspected fraud, or potential threats to the safety of any person; cooperate with U.S. regulatory authorities and law enforcement, provide evidence in litigation in which we or our clients are involved; and other legitimate business purposes as permitted by law.
    • For purposes that you have otherwise consented to, including at the time your personal information is collected.
    • For other purposes permitted by applicable law, including to create de-identified, aggregated, or anonymized information. To the extent we create any de-identified, aggregated, or anonymized information from personal information, we publicly commit to maintaining and using de-identified information without attempting to re-identify the data, except as permitted under applicable law.

  4. HOW WE DISCLOSE YOUR PERSONAL INFORMATION

    We may disclose any of the personal information we collect with third parties for various business purposes. This includes instances when you use or visit our Sites, when we provide our Services, to protect our interests or those of others, or in the event of significant business transactions such as mergers, sales, or asset transfers, as detailed below.

    1. Disclosures to Provide our Services and Operate Our Business
      The categories of third parties with whom we may share your personal information are described below.
      • Service Providers. We may share your personal information with third-party service providers and vendors that assist us in providing our Services. This includes providers offering IT support, data-storage providers, payment-card providers, claims handlers, customer service, and related services.
      • Business Partners. We may share your personal information with third parties that we work with to provide and deliver our Services, such as brokers, insurance producers, and other industry partners. Additionally, we may share your personal information with business partners when we jointly offer products or services.
      • Advertising Partners. We may share your personal information with third-party advertising partners through our Services. These partners may set Collection Technologies and other tracking tools on our Sites to collect information about your activities and your device (e.g., IP address, cookie identifiers, pages visited, location, time of day). They may use this information (and similar information collected from other services) for advertising purposes, including to deliver personalized advertisements to you when you visit digital properties within their networks. This practice is commonly known as “interest-based advertising,” “cross-contextual behavioral advertising,” or “personalized advertising.”
      • Canopius Companies. We may share your personal information with other companies within the Canopius group to assist in managing your policy and any related claims.
      • Professional Advisors. We may disclose your personal information to our professional advisors, such as lawyers, auditors, and insurers, when necessary. Our professional advisors use your personal information only as directed or authorized by us and are prohibited from using or disclosing your information for any other purpose.
      • Government Entities, Law Enforcement, and Similar Third Parties. We may share your personal information with regulatory, government, or other similar entities that may perform oversight, guidance, enforcement, or investigatory functions.
    2. Disclosures to Protect Canopius or Others

      We may access, preserve, and disclose personal information we receive from you, maintain about you, or have associated with you, including disclosing this information to external parties if we believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal processes, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; defend ourselves or others against legal actions; enforce our policies or contracts; assist with an investigation or prosecution of suspected or actual illegal activity; and as may otherwise be required or permitted by law.

    3. Disclosure in the Event of Merger, Sale, or Other Asset Transfers
      If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
    4. Selling or Sharing of Personal Information.
      Under the CCPA, we may “sell” or “share” personal information. The term “selling” is broadly defined and can include instances where we disclose information to third parties for analytics or other services. Similarly, we may “share” information with third parties for cross-context behavioral advertising purposes. You have the right to opt out of our selling and sharing practices, as detailed in Section 6 (“Your Privacy Rights”) of this Notice.

      Please note that we do not have actual knowledge of selling or sharing personal information about consumers under 18 years of age.

    5. Personal Information that May Be Sold.
      The chart below outlines the categories of personal information that may be sold and identifies the categories of third parties to whom this information may be sold. For more details on each category of personal information, please refer to Section 2 (“Personal Information We Collect”) of this Notice. To understand more about each category of third parties mentioned below, please review Section 4.1 (“Disclosures to Provide Our Services and Operate Our Business”) of this Notice.
      Personal InformationCategories of Third Parties to Whom Personal Information May Be Sold.
      Identifiers• Advertising Partners
      • Business Partners
      Internet or Other Electronic Network Activity Information• Advertising Partners
      • Business Partners
      Device Information• Advertising Partners
      • Business Partners
      Geolocation Information• Advertising Partners
      • Business Partners
    6. Personal Information that May Be Shared for Cross-Context Behavioral Advertising Purposes.
      The chart below outlines the categories of personal information that may be shared for cross-context behavioral advertising purposes and identifies the types of third parties with whom this information may be shared. For more details on each category of personal information, please refer to Section 2 (“Personal Information We Collect”) of this Notice. To understand more about each category of third parties mentioned below, please review Section 4.1 (“Disclosures to Provide Our Services and Operate Our Business”) of this Notice.
      Personal InformationCategories of Third Parties to Whom Personal Information May Be Shared.
      Identifiers• Advertising Partners
      • Business Partners
      Internet or Other Electronic Network Activity Information• Advertising Partners
      • Business Partners
      Device Information• Advertising Partners
      • Business Partners
      Geolocation Information• Advertising Partners
      • Business Partners

  5. COLLECTION TECHNOLOGIES PREFERENCES

    You can manage the personal information we collect through Collection Technologies as described below.

    • Opt-Out Preference Signals. You may opt out of our use of certain Collection Technologies by broadcasting an Opt-Out Preference Signal, such as the Global Privacy Control (“GPC”) on browsers and browser extensions that support such a signal. To download and use a browser supporting the GPC browser signal, please visit: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use. Importantly, a GPC signal opts you out of certain cookies, tracking, and the sale or sharing of site browsing information, but it does not opt you out of essential technologies necessary for running the Sites and Services or the information we provide as part of our Services.
    • Additional Collection Technologies Controls. You can control our use of certain Collection Technologies in the following ways:
      • Cookie Controls. When you first visit our website, you will be presented with a banner which offers you a choice about whether to accept or reject cookies or Collection Technologies of different types, except for those cookies and Collection Technologies that are essential for the operation of our Sites. You may choose to “Accept” or “Decline” our use of such cookies and Collection Technologies. To revisit your choice, you must first clear the cache and cookies in your web browser. Some browsers allow you to clear the cache and cookies by using the Windows keyboard shortcut, Ctrl + Shift + Delete. Once cleared, you will be presented with the banner on your next visit to our website through which you can update your preferences. You can also set your preferences by clicking on the pink tab in the bottom left of the screen. This will allow you to see what type of cookies you have allowed, change what you have consented to, or withdraw your consent entirely.
      • Browser Controls. You may also stop or restrict the placement of certain Collection Technologies in your browser or remove them by adjusting your preferences as your browser permits. These tools are generally available in the help section of browsers. You can also use the quick links, based on the browser type that you are using: Internet Explorer, Google Chrome, Firefox, and Safari.
      • Device Controls. You may opt-out of personalized advertisements on some mobile applications by following the instructions for Android, iOS, and others. Please note that cookie-based opt-outs may not stop all mobile tracking, such as tracking done on mobile applications.
      • Ad Industry Opt-outs. The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising, consumer choice, and privacy by visiting the Network Advertising Initiative and the Digital Advertising Alliance. Please note you must separately opt out in each browser and on each device.

  6. YOUR PRIVACY RIGHTS

    1. Consumer Rights
      California residents have specific privacy rights concerning certain types of personal information that we collect and process. These rights are detailed further below.

      • Request to Know. You may have the right to request confirmation of whether we are processing or have processed your personal information. Additionally, you may be able to request disclosure of the personal information we have collected about you, including:
        • The categories of personal information we have collected
        • The categories of sources from which such personal information is collected
        • The business or commercial purposes for collecting, selling, or sharing your personal information
        • The categories or specific third parties to whom we disclose or have disclosed your personal information
        • The specific pieces of your personal information that we have collected
      • Request to Delete. You may have a right to request that we delete the personal information that we may maintain about you.
      • Request to Correct Inaccurate Personal Information. You may have the right to request that we correct our copy of your personal information where it is inaccurate or incomplete.
      • Request to Opt-Out of Sale, Sharing, and Certain Profiling Activities. As explained in our Notice of Right to Opt-Out of Sale and Sharing of Personal Information, you may have the right to opt out of certain activities involving your personal information. Specifically, you can opt out of our “sale” of your personal information to third parties, the “sharing” of your personal information for targeted or cross-context behavioral advertising.

        Please note that we do not have actual knowledge that we “sell” or “share” personal information about consumers under 18 years of age, either as those terms are commonly understood or as they are defined under certain U.S. state privacy laws.

      • Request to Limit the use or processing of your sensitive personal information for specific purposes. However, please note that Canopius does not collect, process, or use sensitive personal information to profile or make inferences about you, so this does not apply to our business operations.
      • Right to No Retaliation. You have a right not to receive retaliatory treatment for the exercise of your privacy rights.
      • Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
    2. Exercise Your Privacy Rights
      1. Request to Know, Delete, or Correct Your Personal Information. If you want to know what personal information we have about you, delete it, or correct it, you can reach out to us at:
      2. Request to Opt Out.  We have set up the following methods for consumers to exercise their right to opt out of the selling or sharing of their personal information:
        • Opt-Out Preference Signals. You may opt out by broadcasting an Opt-Out Preference Signal, such as the Global Privacy Control (“GPC”) on browsers and browser extensions that support such a signal. To download and use a browser supporting the GPC browser signal, please visit: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use. Importantly, a GPC signal opts you out of certain cookies, tracking, and the sale or sharing of site browsing information, but it does not opt you out of essential technologies necessary for running the Sites and Services or the information we provide as part of our Services.
        • Cookie Controls. When you first visit our website, you will be presented with a banner which offers you a choice about whether to accept or reject cookies or Collection Technologies of different types, except for those cookies and Collection Technologies that are essential for the operation of our Sites. You may choose to “Accept” or “Decline” our use of such cookies and Collection Technologies. To revisit your choice, you must first clear the cache and cookies in your web browser. Some browsers allow you to clear the cache and cookies by using the Windows keyboard shortcut, Ctrl + Shift + Delete. Once cleared, you will be presented with the banner on your next visit to our website through which you can update your preferences. You can also set your preferences by clicking on the pink tab in the bottom left of the screen. This will allow you to see what type of cookies you have allowed, change what you have consented to, or withdraw your consent entirely.

          We encourage you to review Section 5 (“Collection Technologies Preferences”) of this Notice for additional ways you can control our use of certain Collection Technologies.

      3. How We Process Requests. We will process your requests in accordance with applicable laws, subject to the following:
        • Making a Request. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal ‎information.
        • Verification Methods. Once you submit a request, we will verify that you are the consumer to whom the request pertains by matching the identifying information provided by you (e.g., name, email address, phone number) to the information we maintain. Depending on the type of request you submit, we will attempt to match either two or three of the data points you provided. If we are unable to verify your request with the data points you provided, we may reach out to you for additional information to verify your request. Please note that opt-out requests do not require verification.
        • Authorized Agent. Your “authorized agent” can submit a request on your behalf using the same methods described above. We may ask the authorized agent to provide a signed authorization from you, confirming their authority to act on your behalf. Additionally, we might require you to verify your own identity directly with us or provide a power of attorney pursuant to California Probate Code Sections ‎‎4000 to 4465.‎

  7. SECURITY OF YOUR INFORMATION

    We take steps to ensure that your information is treated securely and in accordance with this Notice. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized access, use, disclosure, or loss of personal information.

  8. RETENTION OF PERSONAL INFORMATION

    We retain your personal information for the period necessary to fulfill the purposes outlined in our Notice, unless a longer retention period is required or permitted by law. Please note that in many situations we must retain all, or a portion, of your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, to protect against fraudulent, deceptive, or illegal activity, or for another legitimate business purpose.

  9. CHILDREN’S INFORMATION

    Our Services are not directed to individuals under the age of 18 (for purposes of this Notice only, a “child” or collectively, “children”). We do not knowingly collect, disclose, sell, or share personal information of children. If you are a parent or guardian and believe your child has uploaded personal information to any of our Sites without your consent, please contact us at privacy@canopiuis.com.

  10. THIRD PARTY WEBSITES/APPLICATIONS

    The Services may contain links to other websites/applications, and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage you to read the privacy policies of each website and application you may interact with. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of such other websites or applications. You agree that if you elect to provide personal information to third-party websites or applications encountered on our Sites or through our Services, you do so at your own risk.

  11. CHANGES TO OUR NOTICE

    We may revise this Notice from time to time in our sole discretion. If there are any material changes to this Notice, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Notice if you continue to use our Services after the new Notice takes effect.

  12. CONTACT US

    If you have any questions about our information practices or need further assistance, please don’t hesitate to contact us at privacy@canopius.com

Staff Bio Content