Please review our privacy notice information carefully.

Purpose Of This Notice

This Privacy Notice (“Notice”) applies to information Unison Risk Advisors Inc. (“Unison”, “URA”, “we”, “us”, or “our”) and its subsidiaries/affiliates may collect and otherwise process, through our websites, any other mobile website, mobile application, portal, media channel, related or connected media form (including other sites that link to this Notice), or by any other means, such as email, telephone, text message, or otherwise (collectively, the “Platforms”) for those who inquire about or obtain (or seek to obtain) products or services from us. This Notice is designed to help you understand how we collect, use, and protect the information we obtain through the Platforms and to assist you in making informed decisions when using our Platforms.

California residents can learn more about their rights and choices under California law in our California Privacy Notice here: California Privacy Notice

Individuals can learn more about their rights and choices under the Gramm-Leach-Bliley Act here: Financial Privacy Notice

Contents

• Purpose Of This Notice
• Contents
• What Information We Collect and From Whom We Collect It
• What Information We Disclose and To Whom We Disclose It
• Our Use of Cookies
• Our Practices Regarding Information Confidentiality and Security
• Information for Users Outside the United States
• Updates, Questions, and Contact Information
• Financial Privacy Notice
• California Privacy Notice

What Information We Collect and From Whom We Collect It

“Personal Data” includes Nonpublic Personal Information and Personal Information:

• “Nonpublic Personal Information” is nonpublic information about you that we obtain in connection with providing a financial product or service to you pursuant to the Gramm-Leach-Bliley Act (“GLBA”).
• “Personal Information” means information that identifies, relates to, or could reasonably be linked with you or your household. Personal Data does not include: publicly available information; de-identified or aggregated consumer information; or information excluded from the scope of applicable state privacy law, such as health or medical information covered by the Health Information Portability and Accountability Act (HIPAA) or information covered by certain sector-specific privacy laws, such as the Fair Credit Reporting Act (FCRA), or the GLBA.

We may collect Personal Data about you, your family members, or members of your household (collectively “you”) from the following sources:

• Directly from you, such as from applications, forms, our Platforms, personal interviews or otherwise
• Automatically about your interaction with the Platforms when you visit us
• Clients and partners, insurance carriers, (re)insurers, network partners, employers, benefit plan sponsors, benefit plan administrators, premium finance companies, health service providers, data/marketing list providers and third-party service providers
• Publicly available sources such as social media platforms, property and asset registers, and claims and convictions records
• Affiliate or subsidiary companies
• Government authorities, such as police and regulators
• Background check providers and screening tools
• Medical records or medical professionals
• Individuals who assist in handling claims
• Non-affiliated third parties such as HR Departments, employers, and insurance carriers
• Non-affiliated service providers, such as business, data, rating, information, and web services providers

Personal Data we may collect (depending on the nature of your interaction with us (e.g., as a business contact, customer, claimant, insured, etc.) includes:

• Identifying and demographic information, such as your name, date of birth, age, gender, marital status
• Contact information, such as your address, telephone number and email address
• Unique identifiers, such as identification numbers issued by government bodies or agencies (e.g., your national identifier number or social security number, passport number, ID number, tax identification number or driver’s license number) and web identifiers (e.g. IP address).
• Employment information, such as your job title, employer, employment status, salary information, employment benefits, employment history and professional certifications
• Financial information, such as your bank account numbers, credit card numbers, brokerage account numbers, transaction information, tax information, details of your income, property, assets, investments, pension and benefits, debts and creditworthiness
• Policy and underwriting information, such as information necessary for the placement or underwriting of your policy, your policy number, policy start and end dates, premiums, individual terms, claims history and claims data, mid-term adjustments, premium audit information, reasons for cancellation, risk profile and details of policy coverage
• Claim information, such as claimant’s relationship to a policyholder/insured, and the date and particulars of such claim, including causes of death, injury or disability and claim number
• Commercial information, such as records of your personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
• Events or meeting information, such as details about your visits to our offices, your interest in and attendance at events or meetings, audio recordings, photographs or videos captured during meetings, events or calls with you
• Special category data and sensitive personal data, such as data relating to your health (including protected health information), genetic or biometric data, sexual orientation, sexual activity, gender identity, racial or ethnic origins
• Criminal records information, such as criminal charges or convictions, including driving offenses, or confirmation of clean criminal records
• Professional disciplinary information
• Personal information received from background checks and sanctions screenings
• Marketing information, such as your consent to or opt out from receiving marketing communications from us and/or third parties, your marketing preferences, or your interactions with our marketing campaigns and surveys, including whether you open or click links in emails from us or complete surveys
• Platforms and communication usage information, such as your username, your password, other information collected by visiting our sites or collected through cookies and other tracking technologies, including your IP address, domain name, your browser version and operating system, traffic data, location data, browsing time, pages you viewed, links you clicked, referring links, usage preferences, and social media information, such as with our social media presence

What Information We Disclose and To Whom We Disclose It

In the course of our general business practices, we use the Personal Data that we collect (as described above) to provide products or services to you, as well as to facilitate internal business functions such as managing business operations, communicating and marking to you, complying with legal obligations, monitoring and preventing fraud, improving our services, and mergers and acquisitions.

We may also disclose the information that we collect (as described above) about you or others to:

• Third parties if the disclosure will enable that party to perform a business, professional, sales, marketing, or insurance function for us or to you or your household
• Insurance institutions, agents, credit reporting agencies, TPAs, and financial services companies for either URA and its affiliates, or the entity to whom we disclose the information to perform a function in connection with an insurance or financial service or transaction involving you or your household
• Insurance institutions, agents, credit reporting agencies, TPAs, and financial services companies in order to detect or prevent criminal activity, fraud or misrepresentation in connection with an insurance transaction
• Third parties in order to assist in the resolution of claims
• Medical care institutions to medical professional in order to verify coverage and/or benefits, or to conduct an audit that would enable us to verify treatment
• Insurance regulatory authorities, law enforcement, or other governmental authorities in order to protect our interests in preventing or prosecuting fraud
• Group policyholders for the purpose of reporting claims experience or conducting an audit of our operations or services
• Actuarial or research organizations for the purpose of conducting actuarial or research studies
• Insurance carriers for the purpose of securing competing quotes prior to the renewal of an existing insurance policy
• Your employer and/or the employer of the primary insured or primary participant on the policy
• Third party analytics providers to customize the Platforms and improve your experience
• To communicate with third-parties in possession of Personal Data when you exercise a right (e.g. right of deletion request)

Our Use of Cookies

We may use cookies, web beacons, tracking pixels, and other tracking technologies (collectively, “Cookies”) when you visit the Platforms to help customize the Platforms and improve your experience.

Use of Cookies

We use Cookies on the Platforms to, among other things, keep track of services you have used, record registration information, record your user preferences, keep you logged into the Platforms, track the pages you visit, and provide marketing and advertising services. Cookies help us understand how the Platforms are being used and improve your user experience. Our Platforms do not currently respond to do not track requests.

We use automatically collected information to improve your user experience. For example, the information provided through Cookies may be used to recognize you as a previous user of one of our Platforms. This means you do not have to enter your Personal Data every time you visit or select the same setting repeatedly. Using Cookies, we can offer personalized content to you based on your location or interests. We may combine automatically collected information with other Personal Data we obtain about you, which may include data we obtain from others. Cookies on our Platforms may be used to collect Personal Data about your online activities over time and across different online services.

First-Party and Third-Party Cookies

First-party Cookies are set by URA on our Platforms and are commonly required for the Platforms to function and to be protected and secure. Third-party Cookies are set by our partners and service providers, including those who provide analytics, personalization, marketing, advertising, or interactive content on our Platforms. Third-party Cookies are governed by each third party’s respective privacy policy.

Types of Cookies

Cookies may be session or persistent Cookies. Session Cookies are deleted from your device when you close your browser. Persistent Cookies remain stored on your device until deleted or until they reach their expiration date. We may use:

• Advertising Cookies, which allow us to deliver advertisements, customize advertisements for users, and track advertising campaign efficiency. We may use third parties to provide targeted advertising for us. These third-party advertising partners may use information from Cookies to help build visitor profiles and deliver relevant advertising on other websites and apps.
• Analytics Cookies, which allow us to understand, improve, and research features and content on the Platforms, including how visitors navigate the Platforms and our popular content and features.
• Functional and Performance Cookies, which provide functionality to the Platforms, help us deliver our products and services, and monitor Platforms’ performance. For example, these technologies route traffic between servers, retain user preferences, and facilitate account log ins.
• Security Cookies, which enable security features and allow us to detect activity that might violate our rules and Terms and Conditions, such as unauthorized access or activity.
• Location Cookies, which permit us to use your approximate location, including using your IP address to derive your location, for purposes such as verifying your region and delivering or restricting content based on your location.

Control of Cookies

You may manage your Cookie preferences by clicking the opt-out ribbon.

Note that most browsers are set to accept cookies by default and you can remove or reject cookies in your browser’s settings. Most browsers allow you to review and delete Cookies stored on your device and to disable or prevent Cookies on the websites you visit. Cookies are generally easy to disable or delete, but the method varies depending on your browser. If you typically use more than one browser, you will need to disable or delete Cookies separately on each browser you use. If you disable Cookies, you may not be able to use certain features on our Platforms and disabling Cookies may invalidate your other opt outs that rely on Cookies to function.

Your browser may have settings that allow you to transmit a “Do Not Track” signal when you visit a website or use online services. Like many websites, our Platforms are not designed to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, visit www.allaboutdnt.com.

Your device settings may allow you to manage Cookies, including by adjusting or resetting the advertising identifiers on your mobile device. iOS and Android devices allow you to use your privacy settings to control whether partners can use information about your app activity for advertising purposes.

Please be aware that disabling Cookies could affect the availability and functionality of the Platforms. Check your browser or device’s settings for how you can control or reject cookies. Please be aware that disabling Cookies or limiting targeted advertising will not stop you from seeing advertisements online or in apps. The advertisements you see will, however, likely be less relevant to you.

Third-Party Opt-Out Mechanisms

Some of the vendor we work with offer tools that you can use to limit or opt out of their Cookies, such as Google Analytics (for more information about how Google uses data it collects from our Platforms, visit www.google.com/policies/privacy/partners/ to opt out of Google Analytics, visit tools.google.com/dlpage/gaoptout to adjust your Google advertising settings, visit adssettings.google.com).
Some vendors we work with may participate in the Digital Advertising Alliance (“DAA”) and its AdChoices opt-out program. For more information about the DAA and its opt out tool, you can visit youradchoices.com/ for web browsers or aboutads.info/appchoices for mobile apps. Other advertising networks and exchanges may participate in the Network Advertising Initiative (“NAI”). To learn more about opting out of targeted advertising or to use the NAI opt-out tool, visit networkadvertising.org/choices/ for web browsers or networkadvertising.org/mobile-choice/ for mobile apps.
We are not responsible for the effectiveness of, or compliance with, opt-out options or tools offered by others or the accuracy of their statements regarding their programs.

Our Practices Regarding Information Safeguards

We restrict access to your Personal Data to those employees who need to know that information in order to provide products or services to you and your household. We maintain physical, electronic, and procedural safeguards to protect your Personal Data. Unfortunately, no data stored, and no data transmitted over or accessible through the internet can be 100% secure. As a result, while we attempt to protect all Personal Data, we cannot ensure or warrant that Personal Data will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network. We will notify you as required by applicable law in the event we become aware of a security breach involving your Personal Data (as defined by applicable law) stored by or for us.

We may, from time to time, transmit your Personal Data across borders, including between affiliate companies, and certain third-parties, including our partners and service providers. This sharing of data allows us to provide you with services as set out in our underlying agreement or as otherwise indicated in this Privacy Notice. Transfers of personal data will be subject to appropriate safeguards, level of protection, and compliance with applicable law.

As indicated in this Privacy Notice, we collect Personal Data about you, and this information may be disclosed to third-parties for purposes outlined in this Privacy Notice. If you prefer that we not disclose this information, knowing that it may restrict our ability to provide services or conduct business, you may opt-out of such disclosures by contacting us with appropriate instructions by writing to Privacy Management, c/o Compliance Officer, Unison Risk Advisors; 950 Main Ave., Suite 1800, Cleveland, Ohio 44113, via email to or by calling 1.855.467.9253. You can also use the webform on the Platform.

For each category of information, our retention period is determined by the purposes for which we use the information and any legal obligations that require or authorize us to retain it.

Information for Users Outside the United States

If you are visiting the Platforms from outside the United States, please be aware that information we obtain about you will be processed in the United States or other jurisdictions. By using the Platforms, you acknowledge your Personal Data may be transferred to and processed in jurisdictions outside your own as described in this Notice. Please be aware that the data protection laws and regulations that apply to the country where the data is transferred may not be equivalent to the laws in your country of residence (or in the jurisdiction in which we provide services).

Updates, Questions, and Contact Information

We reserve the right to change our privacy policies, practices and this notice at any time. Updated copies of this notice will be posted at this location.

If you have a comment, question, or request related to the Privacy Notice or your Personal Data, please contact us by writing to Privacy Management, c/o Compliance Officer, Unison Risk Advisors; 950 Main Ave., Suite 1800, Cleveland, Ohio 44113, via email to or by calling 1.855.467.9253. You can also use the webform on the Platform.

Financial Privacy Notice

The Gramm-Leach-Bliley Act (GLBA) generally prohibits any financial institution, directly or through its affiliates, from sharing Nonpublic Personal Information about you with a third party unless the institution provides you with a notice of its privacy policies and practices, such as the type of information that it collects about you and the categories of persons or entities to whom it may be disclosed. In compliance with the GLBA, we are providing you with this document, which notifies you of the privacy policies and practices of URA.

California Privacy Notice

This section applies to Personal Information that is not covered by the GLBA or other applicable law for residents of California. This California Privacy Notice (“CA Notice”) is provided pursuant to the California Consumer Privacy Act (“CCPA”) and describes how URA processes Personal Information of California consumers. This CA Notice supplements our other privacy policies and notices, including our main Privacy Notice above.

In the event of a conflict between any other policy, statement, or notice and this CA Notice, this CA Notice will prevail as to California residents.

Unless otherwise noted, the disclosures that describe how and why we collect, use, and disclose your Personal Information also describe how and why we collected, used, and disclosed your Personal Information within the past twelve (12) months.

Your Privacy Rights

If you are a resident of California, you have the right to submit certain requests relating to your Personal Information as described below. You have the following rights:

• Know: You have the right to know what Personal Information that we hold about you, upon receipt of a verified request, which includes:
• Accuracy: You have the right to request that we correct any inaccurate or out of date Personal Information.
• Deletion: You have the right to request that we delete your Personal Information, with some exceptions.
• Non-Discrimination: You have the right to equal treatment regardless of your exercise of your privacy rights.
• Sensitive Personal Information: You have the right to direct us to limit, with some exceptions, our use and disclosure of your Sensitive Personal Information, as defined below, to uses or disclosures of your Sensitive Personal Information to those uses or disclosures that are reasonably necessary to provide our goods and services, or as needed to perform certain other services.
• Opt Out: You have the right to opt out of the sale of your Personal Information and the sharing of your Personal Information for cross-context behavioral advertising. We do not presently sell, use for profiling, or share Personal Information for targeted or cross-context behavioral advertising.

You, or a person authorized by you under the laws of your state to act on your behalf, may request the following information or exercise any of the above rights by writing to Privacy Management, c/o Compliance Officer, Unison Risk Advisors; 950 Main Ave., Suite 1800, Cleveland, Ohio 44113, via email to compliance@unisonriskadvisors.com or by calling 1.855.467.9253. You can also use the webform on the Platform.

We may provide this information in a standardized format that is not entirely specific to you. Before we may fulfill a request to access, correct, limit the use of, or delete your information, we may be required to verify your identity. If you submit a request to know, request to delete, or request to correct, we will ask you to verify your identity, which may include your name, address, date of birth, and government-issued identification number. You may designate an authorized agent to make a request on your behalf; however, you will still need to verify your identity directly with us before your request can be processed.

Personal Information We Collect and Why We Collect It

We share the following categories of Personal Information from the sources and for the purposes listed above. We collect the following categories of Personal Information from our California consumers. The Personal Information we collect about you may vary depending on the nature of your interactions with us and may not include all of the examples listed below.

We do not use or disclose Sensitive Personal Information for purposes to which the right to limit use and disclosure applies under the CCPA.

How Long We Keep Your Personal Information

For each category of information, our retention period is determined by the purposes for which we use the information and any legal obligations that require or authorize us to retain it.

How We Sell and Share Personal Information

We do not, and within the past twelve (12) months, have not, sold or shared Personal Information of California consumers.

Disclosures for a Business or Commercial Purpose

We may disclose and, during the last twelve (12) months, have disclosed the above categories of Personal Information to our service providers, contractors, vendors, and others for the following business purposes:

• Ensuring security and integrity of Personal Information
• Debugging to identify and repair errors that impair existing intended functionality
• Short-term, transient use
• Performing services on our behalf
• Providing advertising and marketing services for us (except for cross-context behavioral advertising)
• Undertaking internal research for technological development and demonstration
• Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us
• Processing, maintaining, or collecting Personal Information on our behalf
  Detecting or protecting against malicious, deceptive, fraudulent or illegal activity
• To communicate with third-parties in possession of Personal Information when you exercise a right (e.g. right of deletion request)

Revision date: 9/2025