Taven is a wholesale insurance broker. That means we handle sensitive information about insureds, retail agencies, and risks every day. This notice tells you exactly what we collect, what we do with it, and. Maybe more importantly. What we refuse to do with it.
What we collect.
We collect only what's needed to place, service, and defend an account. Specifically:
| Category | Examples | Why we need it |
|---|---|---|
| Agency & agent data | Agency name, NPN, licenses, E&O details, contact info | Verify appointment eligibility & route submissions |
| Insured submission data | Business name, operations, revenue, loss history, exposure detail | Underwriting, market selection, bind |
| Uploaded documents | Loss runs, prior policies, applications, schedules | Market release & quoting |
| Site usage | Pages visited, submission form progress, IP address | Make the site work; no behavioral ad tracking |
How we use it.
Submission and agency data is used only for insurance brokerage purposes. Placing the risk, servicing the policy, handling claims, and meeting our regulatory obligations. Site usage data is used only to operate the site and diagnose problems.
Who we share with.
Taven shares submission data only with the parties required to get the risk placed and serviced:
- Markets you've authorized. Before releasing a submission to any carrier, we confirm the release with you. You see every market before it sees your file.
- Carrier-appointed MGAs & binding facilities, where required to execute a placement.
- Regulatory bodies, where required by law. State DOIs, NAIC, or in response to lawful subpoena.
- Our own service providers. AMS, document storage, payment processor. All of whom are bound by written confidentiality agreements.
What we don't do.
A short list of things Taven has never done and has no plans to do:
- Sell submission, agency, or insured data to any third party, at any price.
- Share data with marketing platforms, ad networks, or behavioral retargeters.
- Use insured data to train AI models. Ours or anyone else's.
- Share prior carrier pricing with competing markets without your explicit written release.
- Contact an insured directly without the retail agent's prior knowledge.
Retention & deletion.
Submission data for bound risks is retained for the longer of (a) the state-mandated retention period for surplus lines records. Typically 5 years after expiration. And (b) the applicable statute of limitations for coverage disputes. Submission data for non-bound risks is retained for 18 months unless you request earlier deletion.
You can request deletion of any non-regulated data at any time by emailing submissions@taven.insure. We'll confirm deletion in writing within 10 business days.
Security.
All submission data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is restricted to the named account team plus operations and compliance staff on a need-to-know basis. We run third-party penetration testing annually and maintain a SOC 2 Type II report, which is available to appointed agencies under NDA.
Your rights.
Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data. California residents have additional rights under the CCPA/CPRA, including the right to know categories of data collected and a right to opt out of "sharing" (which. See Section 04. We don't do).
To exercise any of these rights, email submissions@taven.insure. We respond to verified requests within 30 days.
Cookies & the site.
taven.insure uses a small number of first-party cookies. One to remember your form progress if you refresh the submission page, one to remember whether you've dismissed the site-wide banner. That's it. No Google Analytics, no Facebook Pixel, no ad network tags. Submission form drafts are stored in your browser's localStorage and never transmitted until you click Submit.
Contact & changes.
Privacy questions go to submissions@taven.insure. A human will read your email and a human will respond. Usually within one business day.
Material changes to this notice are posted here with a new effective date and. For appointed retail agencies. Communicated by email at least 30 days before taking effect.