LOG IN

Privacy Policy

Last Updated: January 1, 2026

Who Are We?

Knighthead Life is the brand name for Knighthead US Holdings, Inc. and its subsidiaries, Knighthead American Life Insurance Company and Merit Life Insurance Co. Knighthead Life provides the following notice regarding its data practices:

  • Collectively, Sections I-VI are our “Privacy Policy”. Additional notices of our data practices may be made at the point of collection, in which case those will supplement this Privacy Policy and govern the collection in the event of a conflict with this main Privacy Policy. 
  • Section II of this Privacy Policy describes our collection, use, and disclosure of Consumers’ “Personal Information,” as the term is defined under State Privacy Laws (defined below) (the “Enterprise Privacy Notice”). The Enterprise Privacy Notice provides notice of our Personal Information practices through Knighthead Life’s online and offline business activities.
  • Section III of this Privacy Policy applies to all users of, and visitors to, our online services (including websites, and emails) that post a link to this Privacy Policy (“Online Service(s)”). Do not use our Online Services if you do not accept our data practices as described in this Privacy Policy and agree to our Terms of Use. 
  • Section IV of this Privacy Policy describes Consumers’ privacy rights under State Privacy Laws that apply to us (“State Privacy Rights”) and how to exercise them. Our application of the rights in this section to residents of other jurisdictions is discretionary.
  • Section V includes information regarding changes to these policies and Section VI lists our contact information.

If you have any questions or comments or requests about this Privacy Policy or our practices you may contact us at:

Knighthead Life
1900 South Blvd, Suite 300
Charlotte, NC 28203
P: 833-637-4854
E: complliance@knightheadinsurance.com

To see and print our full Privacy Policy, click here. You can also request disability access assistance by contacting us as set forth above.


Enterprise Privacy Notice

This Enterprise Privacy Notice is designed to provide Consumers, as defined under State Privacy Laws with notice of our Personal Information practices, including through our online and offline business activities (the “Business Activities”), and to meet the notice requirements of state consumer privacy laws (e.g., the California Consumer Privacy Act (“CCPA”) and the Oregon Consumer Privacy Act (“OCPA”)), and all laws implementing, supplementing, or amending the foregoing, including regulations promulgated thereunder (collectively, “State Privacy Laws”). In California, the term “Consumer” is not limited to data subjects acting as individuals in a household goods and services context and includes individuals acting in a business-to-business context. 

If Knighthead Life’s processing materially changes between updates to this Enterprise Privacy Notice, we will provide a supplemental notice when or before the changes apply. Otherwise, this Enterprise Privacy Notice serves as our notice at collection (i.e., pre-collection notice). Capitalized terms used not defined in this Notice shall have the meanings given to them under the State Privacy Laws.

Notice of Collection and Privacy Practices

This Enterprise Privacy Notice does not apply to data that is not treated as Personal Information, or to the extent the data is subject to an exemption, under applicable State Privacy Laws.

Personal Information Processing Purposes

The Processing Purposes for which we collect, retain, use, disclose and otherwise Process your Personal Information in connection with our Business Activities include Business Purposes and Commercial Purposes. This may include disclosing or otherwise making available Personal Information to our Vendors that perform services for us in their role as “Service Providers” or “Processors”, as the terms are defined under State Privacy Laws (collectively, “Processors”) and other third parties.

Generally, we collect, retain, use, and disclose your Personal Information to provide you our products and services, or information about them, and as otherwise related to the operation of our business, including for one or more of the following “Business Purposes”:

  • Providing Products or Services: Operating or distributing products and services, processing or fulfilling transactions, administering accounts, providing customer service, verifying customer information, and processing payments.
  • Managing Interactions and Transactions: Performing services on behalf of the business, including maintaining or servicing accounts and providing customer service, verifying customer information, processing payments, providing analytics services, and customizing your experience, offers and content.
  • Security and Debugging: Helping to ensure the security and integrity of our systems and data to the extent the use of the Consumer’s Personal Information is reasonably necessary and proportionate for these purposes. Debugging to identify and repair errors that impair existing functionality.
  • Advertising and Marketing: Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with State Privacy Laws. Short-term transient use including, but not limited to, for providing advertising and marketing services, except for cross-context behavioral advertising (i.e., targeted advertising), which is a separate commercial purpose described below for which there is a right to opt-out). Customizing your experience, offers, and content.
  • Quality Assurance: Undertaking activities to verify or maintain the quality or safety of our products and services, and to improve, upgrade, or enhance our products or services.
  • Research and Development: Undertaking internal research for technological development and demonstration.
  • Operation of our Business: For our additional legitimate Business Purposes that are compatible with the purposes of collecting your Personal Information and that are not prohibited by law in the context that is not a “Sale,” “Share” or “Targeted Advertising” under State Privacy Laws, such as disclosing it to a person that processes Personal Information on our behalf, such as our Processors, to the Consumer, or to other parties at the Consumer’s direction or through the Consumer’s action; for additional purposes explained at the time of collection (such as in the applicable privacy policy or notice); as required or permitted by applicable law; to the government or private parties, including litigants, to comply with law or legal process or to protect or enforce legal rights or obligations or prevent harm (“Legal Process Entities”); and to assignees as part of an acquisition, merger, asset sale, or other transaction where another party assumes control over all or part of our business (“Corporate Transaction”) or otherwise with your consent (collectively, “Additional Business Purposes”). Subject to restrictions and obligations under State Privacy Laws, our Processors may also use your Personal Information for Business Purposes and other purposes permitted by law and may engage their own vendors to enable them to perform services for us.

We may also use and disclose your Personal Information, regardless of the other purposes for which we collect it, for “Commercial Purposes,” which may be considered a “Sale” or “Share” or “Targeted Advertising” under applicable State Privacy Laws, when Third-Party Digital Businesses collect your Personal Information, including via third-party cookies, or we otherwise make it available to them. Under State Privacy Laws some of these processing disclosure activities do not qualify as Business Purposes disclosures and are subject to a right to opt-out.  The specific purpose for this Selling or Sharing is to help us and others provide you with more relevant content and marketing messages (e.g., Targeted Advertising), and related activities and when we and third parties process your Personal Information for certain advertising purposes (e.g., creating profiles and inferences, measurement, some types of analytics, conversion tracking, audience extension, etc.) and the parties we disclose it to are detailed, by type of Personal Information, in Section A.3 below. For more information on the meaning of Selling, Sharing, and Targeted Advertising and how to adjust your preferences with respect to such processing, please refer to the Do Not Sell/Share/Target Opt-out subsection of the State Privacy Rights Section.

The Business Purposes and Commercial Purposes for processing described above may apply to all categories of your Personal Information, other than Sensitive Personal Information, but we detail our disclosures (including Selling and Sharing), and also detail our Sensitive Personal Information processing purposes, by Personal Information type in the chart that follows in the next section for additional transparency.

Collection, Disclosure and Retention of Personal Information – By Category of Personal Information

The table below describes the categories of Personal Information we collect and examples of data types that fit within each category and corresponding categories of recipients of Personal Information to which we disclose for Business Purposes and/or Sale or Share if applicable.  For Sensitive Personal Information we identify processing purposes for each type of Sensitive Personal Information.

 

Category of Personal Information Examples of Personal Information Collected and Retained Categories of Recipients
Identifiers First and last name, postal address, unique personal or online identifier, IP address, email address, and account name.

Disclosures for Business Purposes:

  • Processors (e.g., cloud storage vendors, IT vendors, email/messaging, customer support providers, data analytics and marketing vendors)(“Operational Service Providers”);
  • Other members of our corporate group, and/or other parties in connection with a Corporate Transaction (“Intra-group Recipients”);
  • Legal Process Entities; and/or
  • Other parties (e.g., professional advisors (accountants and lawyers), litigants and where you have directed or caused the disclosure) within the limits of Additional Business Purposes (“Other Business Recipients”).

Sale/Share: Third-Party Digital Businesses
Personal Records Name, signature, address, telephone number, financial information (e.g., payment card information). Some Personal Information included in this category may overlap with other categories.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Personal Characteristics or Traits In some circumstances, we may collect Personal Information that is considered protected under U.S. law, such as age, gender, nationality, race, or information related to medical conditions, but only when the information is relevant for our Business Activities. We abide by the legal requirements imposed under applicable law regarding such information.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Commercial Information Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: Third-Party Digital Businesses
Internet or Other Electronic Network Activity Information Browsing or search history, information regarding the Consumer’s interaction with online services or advertisements.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: Third-Party Digital Businesses
Geolocation Data If you interact with us online, we may gain access to the approximate location of the device you are using.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: Third-Party Digital Businesses
Audio, Electronic, Visual, or Sensory Information Such as CCTV recordings in our offices and customer service recordings.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Professional or Employment Information Professional, educational, or employment-related information

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Inferences from Personal Information Collected Inferences drawn from Personal Information to create a profile about a consumer reflecting their preferences.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: Third-Party Digital Businesses

 

We collect and process Personal Information that is “Sensitive” under State Privacy Laws (“Sensitive Personal Information”). The table below describes the categories and examples of Sensitive Personal Information we collect and the processing purposes for and recipients of the same.

 

Category of Sensitive Personal Information Examples of Sensitive Personal Information Categories of Recipients
Government Issued Identifiers Social Security number, driver’s license, state identification card, or passport information

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Account Log-in Username and password to online account with Knighthead Life

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Financial Data Your account log-in, financial account, debit or credit card number in combination with any required security or access code, password, or credentials allowing access to an account

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None
Sensitive Personal Characteristics A Consumer’s racial or ethnic origin, citizenship or immigration status.

Disclosures for Business Purposes:

  • Operational Service Providers;
  • Intra-group Recipients;
  • Legal Process Entities; and/or
  • Other Business Recipients.

Sale/Share: None

 

There may be additional information we collect that meets the definition of Personal Information under applicable State Privacy Laws but is not reflected by a category above, in which case we will treat it as Personal Information as required, but will not include it when we describe our practices by Personal Information category. 

Because there are numerous types of Personal Information in each category, and various uses for each Personal Information type, actual retention periods vary by purpose not by data type and, accordingly, the retention periods cannot be meaningfully provided by category of Personal Information. We retain specific Personal Information pieces based on how long we have a legitimate purpose for the retention, which includes the period of time we need to process the Personal Information to meet the processing purposes, plus limited retention thereafter to comply with law, maintain business and legal records and defend or bring potential legal claims.

Online Services Privacy Notice

This Online Services Privacy Notice applies to all users of our Online Services, regardless of if you are a resident of a state with State Privacy Laws. This Online Services Privacy Notice is a supplement to our other privacy policies and notices, and is part of our main Privacy Policy. In the event of a conflict between any other Knighthead Life policy, statement, or notice and this Online Services Privacy Notice, this notice will prevail as to data collected by our Online Services, except where additional notices are posted at collection that are said to modify or supplement this notice.

This Online Services Privacy Notice applies to information that is collected through the Online Services (“Online Services Personal Data”). To the extent we combine your Online Services Personal Data with information we receive outside of the Online Services or with deidentified data, we will treat the combined information as Online Services Personal Data under this Privacy Policy and apply this Privacy Policy to such combined information, unless we have disclosed otherwise. As permitted by applicable law, we do not treat information that has been deidentified or aggregated as Online Services Personal Data that is subject to this Online Services Privacy Notice and we reserve the right to convert, permit others to convert, your Online Services Personal Data into deidentified or aggregate data. We will not attempt to reidentify information that we maintain as deidentified.

What Personal Information Do We Collect, From Where, and Why?

Knighthead Life and the third parties we have retained to perform or provide certain services or functions to use (“Vendors”) collect Online Services Personal Data in a number of ways:

Data That You Provide

The Online Services are publicly available. We collect Online Services Personal Data from you when you interact with, or submit data through, the Online Services, such as when you fill out forms (e.g., Contact Us form); correspond with us by e-mail or otherwise; submit a job application through our Careers page;  and when you report a problem with our Online Services. The Online Services Personal Data you provide us through the Online Services may include, but is not limited to, your name, email address, address, phone number, date of birth, Social Security Number, account information, and the content of your communication to us, and any other data you choose to provide to us. You are responsible for ensuring the accuracy of the data you submit to Knighthead Life. Inaccurate data may affect your ability to use the Online Services, the information you receive when using the Online Services, and our ability to contact you. For example, the email address associated with your account should be kept current so you can receive communications about the Knighthead Life products and services you have requested.

Other Data Collected About You

When you access or use the Online Services, Knighthead Life, our Vendors, and/or third-party websites, apps, locations, platforms, code (e.g., plug-ins, application programming interfaces (“API”), or other services (each a “Third Party Service(s)”), may automatically collect the following Online Services Personal Data (note, however, that the privacy policy of that Vendor and/or Third Party Service also apply to your interaction):

  • Usage data, including the URL from which you linked to the Online Services, how you use and interact with the Online Services, what pages you visit, and which hyperlinks you click. We and others may collect usage data to analyze usage trends to understand how individuals use the Online Services to help us improve the user experience, better serve you more relevant content and ads, and to provide customer assistance and technical support. 
  • Technical data, including data regarding your Internet Protocol (“IP”) address, device type, device operating system, browser type you use to access the Services, the unique device identifier (“UDID”) or mobile equipment identifier (“MEID”) for your mobile device, and other data (“Device Identifiers”). We and others may use such Device Identifiers to associate data collected via different devices, or during separate interactions with us on the Online Services on the same device. 
  • Data about you from cookies and other similar tracking technologies (e.g., pixels, embedded scripts, etc.), which may be considered personal data under applicable laws, to distinguish you from other users of the Online Services, to improve your experience on and off of the Online Services, including to serve you more relevant content and ads, to improve the Online Services, and our other products and services, and for other functions.

 

Knighthead Life, and our Vendors and Third Party Services, may use cookies and other tracking technologies to help us collect data about interactions with the Online Services, other online services, and/or our emails, including data about your browsing and information or service request behaviors. These methods enable Knighthead Life to serve you better and more efficiently, and to personalize your experience. These methods may include:

 

  • Cookies. A cookie is a small text file that is stored on a user’s device, which may be session ID cookies or tracking cookies. Session cookies make it easier for you to navigate the Online Services and expire when you close your browser. Tracking and other persistent cookies remain longer and help in understanding how you use the Online Services, enhance your user experience, and perform other functions such as facilitating analytics and Targeted Advertising and remembering you and your preferences when you return. Persistent cookies may remain on your device for an extended time. The Online Services may associate some or all types of these cookies with your devices.  If you use your browser’s method of blocking or removing cookies, some but not all types of cookies may be deleted and/or blocked, which may cause some of the Online Services’ features and functionalities to not work. 

 

  • Web Beacons/Tracking Pixels (“Pixels”). Pixels are small graphic images, also known as “Internet tags” or “clear gifs”, embedded in webpages and e-mail messages. Pixels may be used, without limitation, to count the number of visitors to the Online Services, to monitor how users navigate the Online Services, to determine if our emails are opened, and to count content views.

 

  • Embedded Scripts. An embedded script is programming code designed to collect information about your interactions with the Online Services. It is temporarily downloaded onto your device from Knighthead Life’s web server, or from a third party with which Knighthead Life works, and is active only while you are connected to the Online Services and deleted or deactivated thereafter.

 

  • Device Recognition Technologies. Technologies, including application of statistical probability to data sets, as well as linking a common unique identifier to different device use (e.g., Facebook ID) that attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user or household) (“Cross-device Data”).

 

  • Device and Activity Monitoring . Technologies that monitor, and may record, certain of your interactions with the Online Services, nd/or collect and analyze information from your device, such as, without limitation, your operating system, plug-ins, system fonts, and other data, for purposes such as identification, security, fraud prevention, troubleshooting, tracking and/or improving the Online Services and customizing or optimizing your experience on the Online Services. 

 

We are giving you detailed notice of the tracking technologies and your choices regarding them so that your consent is meaningfully informed. For information on how to exercise preferences as to our features, functionality, and communications, see the Choices: Tracking and Communications Options section below. For more information on Third Party Services’ data collection and practices, and the choices they may offer you, please refer to the Third Party Services section below.

Data We Receive From Other Than the Online Services 

Knighthead Life may receive information about you from third parties, including your contacts and others who use the Online Services, when they submit information to us or otherwise interact with the Online Services. For example, we may receive information about your name, gender, address, telephone number, email address, date of birth, Social Security Number, signature, financial account numbers, account balances, account values, investments, financial or banking information, contained in communications with third parties. We may also collect your information from other sources, including from companies that can help us correct or supplement our records, improve the quality or personalization of our Online Services to you, and help prevent or detect fraud. To the extent we combine your information with other data, we will treat it as Online Services Personal Data and apply this Privacy Policy to such combined information, unless we have disclosed otherwise. 

How We Use Your Online Services Personal Data

Knighthead Life may use information about you, including Online Services Personal Data, for any purposes that are not inconsistent with our statements in this Privacy Policy, or otherwise made by us in writing at the point of collection, to the extent permitted by applicable law.

We may use your Online Services Personal Data to, for example:

  • Determine when you are eligible for payment on a claim, to make payments on claims, and disburse proceeds;
  • Administer contracts;
  • Process your job application; and
  • Respond to inquiries and requests we receive from third parties acting on your behalf, such as your spouse, power of attorney, authorized representative, legal custodians, wealth management advisor, attorney, or other legal representative.

We may also use your Online Services Personal Data for the following, non-exhaustive list of purposes:

  • To operate and improve the Online Services;
  • To provide you with information, products and services you request, view, or engage with;
  • To communicate with you regarding information, products and services you request, view, or engage with;
  • To send you offers and promotions for our products and services or third-party products and services;
  • To facilitate, manage, personalize and improve your online experience;
  • To market our products and services, including by providing you with advertising based on your activity on the Online Services and on third-party websites and applications;
  • To send you notices and information about important changes and updates to the Online Services;
  • To operate, optimize, analyze the use of, improve and enhance the Online Services, including by using surveys, and research and analytics tools; 
  • For auditing, compliance and legal purposes, to protect the rights and property of Knighthead Life, its partners and customers and other users of the Online Services and to investigate potential violations of and to enforce our Terms of Use;
  • To detect, investigate and prevent activities that may violate our policies, pose safety issues or be fraudulent and illegal; 
  • To respond to requests from legal and regulatory enforcement authorities; and/or
  • For all other purposes related to our business that are reasonably proportional to the foregoing purposes, or otherwise subject to your consent.

How We Disclose Your Online Services Personal Data

We may disclose your information, including Online Services Personal Data, as described in this Privacy Policy, and for any purpose not inconsistent with our statements in this Privacy Policy, or statements otherwise made by us in writing at the point of collection, and not prohibited by applicable law. We disclose Online Services Personal Data to Vendors. Other instances when we may disclose any Online Services Personal Data to outside parties include, but are not limited to, the following:

  • We may disclose your information, including Online Services Personal Data, to third parties, subject to your instruction and prior consent for disclosure.
  • When we reasonably believe that such disclosure is: (i) permitted or required by law or pursuant to legal process; (ii) necessary in connection with actual or threatened litigation; or (iii) necessary to protect Knighthead Life or third parties.
  • In connection with a Corporate Transaction, such as the sale, purchase, merger, reorganization, liquidation, or dissolution of Knighthead Life, or under similar circumstances.
  • In connection with the purposes set forth in the How We Use Your Online Services Personal Data section above.

Choices: Tracking and Communications Options

Tracking Technologies Generally

Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options, so you may need to set them separately. Please be aware that if you disable or remove these technologies, some parts of the Online Services may not work when you revisit the Online Services. Your ability to limit browser-based tracking technologies is subject to your browser settings and limitations. Accordingly, you may want to consider the more limited opt-out choices noted in the next section.

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many online services, Knighthead Life currently does not alter Knighthead Life’s practices when we receive a “Do Not Track” signal from a visitor’s browser. However, we do honor browser signals known as “Global Privacy Controls” and provide cookie preference tools on our Online Services as more fully explained in the Do Not Sell/Share/Target Opt-out subsection at Section IV.A.

Some third parties, however, may offer you choices regarding their tracking technologies. For specific information on some of the choice options offered by third party analytics and advertising providers, see the next section. We do not represent that these third party tools, programs or statements are complete or accurate. 

You will need to set preferences on each device that you use to access our Online Services and clearing cookies on your browser(s) may disable some preference settings.

Analytics and Advertising Tracking Technologies

Knighthead Life may engage and work with Vendors and other third parties to serve advertisements on the Online Services and/or on other online services. Some of these ads may be tailored to your interest based on your browsing of the Online Services and elsewhere on the Internet, which may include use of precise location and/or Cross-device Data, sometimes referred to as “interest-based advertising” and “online behavioral advertising” (“Interest-based Advertising”). This may include sending you an ad on another online service after you have left our Online Services (i.e., “retargeting”). 

You may choose whether to receive some Interest-based Advertising by submitting opt-outs through the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, including use of Cross-device Data for serving ads, visit http://www.aboutads.info/choices/,. Please be aware that, even if you opt-out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads, including Targeted Advertising. Opting out only means that those selected DAA members should no longer deliver certain Interest-based Advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks) or have your personal data “sold,” “shared,” or “processed,” as those terms are defined under applicable laws, for Targeted Advertising. Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web browser or use a non-browser-based method of access (e.g., mobile app), your DAA browser-based opt-out may not, or may no longer, be effective. Knighthead Life supports the DAA’s Self-regulatory Principles for Online Behavioral Advertising and expects that ad networks Knighthead Life directly engages to serve you Interest-based Advertising will do so as well, though Knighthead Life cannot guaranty their compliance. Also note that the DAA program is national and not the same as Do Not Sale/Share/Target Opt-out Rights under State Privacy Laws described in the Enterprise Privacy Notice.  

We may also use Google Ad Services. To learn more about the data Google collects and how your data is used by it and to opt-out of certain Google browser Interest-Based Advertising, please visit: http://www.google.com/settings/ads.

In addition, we may serve ads on other online services that are targeted to reach people on those services that are also identified on one of more of our data bases (“Matched List Ads”). This is done by using tracking technologies or by matching common factors between our databases and the databases of the other online services. For instance, we may use such ad services offered by Meta (Facebook and Instagram) or X (f/k/a Twitter) and other Third Party Services, which may offer user controls that you can use to limit Matched List Ads. We are not responsible for these Third Party Services, including without limitation their security of the data or their failure to comply with your or our opt-out instructions, they may not give us notice of opt-outs to our ads that you give to them, and they may change their options without notice to us or you. 

Knighthead Life may use Google Analytics or other Vendors for analytics services. These analytics services may use cookies and other tracking technologies to help Knighthead Life analyze users and how they use the Online Services. Data generated by these analytics services (e.g., your IP address and usage data) may be transmitted to and stored by these Vendors on servers in the U.S. (or elsewhere) and these Vendors may use the data for purposes such as evaluating your use of the Online Services, compiling statistic reports on the Online Services’ activity, and providing other services relating to Online Services activity and other Internet usage. Knighthead Life is not responsible for, and makes no representations regarding, the policies or business practices of any third parties, including, without limitation, analytics Vendors and Third Party Services associated with the Online Services, and encourages you to familiarize yourself with and consult their privacy policies and terms of use. 

You may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout or downloading the Google Analytics Opt-out Browser Add-on. 

Knighthead Life is not responsible for effectiveness of, or compliance with, any third parties’ opt-out options or programs or the accuracy of their statements regarding their programs.

 

Residents of certain U.S. states have additional, more comprehensive, rights more fully explained in the Do Not Sell/Share/Target Opt-out subsection of Section IV.A. 

Communications

You can opt-out of receiving certain promotional communications (emails or text messaging) from us at any time, as applicable. 

Promotional Emails. To opt out of promotional emails, follow the instructions provided in emails or by clicking on the “Unsubscribe” link

Please note that your opt-out is limited to the email address or phone number used and will not affect subsequent subscriptions. If you opt-out of only certain communications, other subscription communications may continue. Even if you opt-out of receiving promotional communications, we may, subject to applicable law, continue to send you non-promotional communications, such as those about your account, transactions, servicing, or our ongoing business relations.

Third Party Services

This Online Services Privacy Notice only applies to the processing activities of Knighthead Life through the Online Services. The Online Services may include or link to third-party websites, apps, locations, platforms, code (e.g., plug-ins, application programming interfaces (“API”), [and software development kits (“SDKs”))] or other services (“Third-Party Service(s)”). These Third-Party Services may use their own cookies, web beacons, and other tracking technologies to independently collect data about you and may solicit Personal Information from you. 

Certain functionalities on the Online Services permit interactions that you initiate between the Online Services and certain Third-Party Services, such as third-party social networks (“Social Features”). Examples of Social Features include:enabling you to send content between the Online Services and a Third-Party Service; and “liking” or “sharing” Knighthead Life’s content. If you use Social Features, and potentially other Third-Party Services, information you post or provide access to may be publicly displayed on the Online Services or by the Third-Party Service that you use. Similarly, if you post information on a Third-Party Service that references the Online Services (e.g., by using a hashtag associated with Knighthead Life in a post or status update), your post may be used on or in connection with the Online Services or otherwise by Knighthead Life. Also, both Knighthead Life and the third party may have access to certain data about you and your use of the Online Services and any Third-Party Service.

If you follow a link to any Third Party Services (including the “Careers” website that is linked on the Online Services, which is hosted by a third party), please note that those websites have their own privacy statements and that we do not accept any responsibility or liability for those practices. Please check the privacy statements, terms of use and other notices posted by those other third parties before visiting the third party’s website or submitting any personal data via Third-Party Services.

Additional Notices for Users Outside of the U.S.

We are based in the U.S. and the information we and our Vendors collect via the Online Services is governed by U.S. law. If you are accessing our Online Services from outside of the U.S., please be aware that information collected through the Online Services may be transferred to, processed, stored, and used in the U.S., which may be different from those of your country of residence. Your use of the Online Services, or provision of any information therefore, constitutes your acknowledgement of the transfer to and from, processing, usage, sharing, and storage of your information, including Personal Information, in the U.S. (and potentially other territories worldwide) as set forth in this Privacy Policy.   

Data Retention, Security and Monitoring

Knighthead Life will retain the Online Services Personal Data that is subject to this Online Services Privacy Notice for as long as reasonably necessary to achieve the purpose for which you provided it, or to the extent necessary for Knighthead Life to protect its rights, or as otherwise permitted or required by applicable laws.

Knighthead Life maintains reasonable administrative, technical and physical safeguards to protect your Personal Information against loss, misuse, unauthorized access, disclosure, alteration or destruction. Nevertheless, transmission via the Internet and online digital storage are not completely secure and Knighthead Life does not guarantee the security of your Personal Information or of the Online Service.

To help protect you and others, Knighthead Life and its Vendors may (but make no commitment to) monitor use of the Online Service, and may collect and use related information for all purposes not prohibited by applicable law or inconsistent with this Privacy Policy, including, without limitation, to identify fraudulent activities and transactions; prevent abuse of, and investigate and/or seek prosecution for, any potential threats to or misuse of the Online Service; ensure compliance with the Terms of Use investigate violations of or enforce these policies; improve the Online Services and your user experiences, and to protect the rights and property of Knighthead Life, third parties, and other users.  Monitoring may result in the collection, recording, and analysis of online activity or communications through our Online Services. If you do not accept  these conditions, you must discontinue your use of the Online Services.

Children and Teens

Our Online Services are intended for individuals who are of the age of majority in the jurisdiction in which they reside, and are not directed at, marketed to, or intended for children or other minors.  Knighthead Life does not knowingly collect any data, including Online Services Personal Data, from children or other minors. If you believe that we have inadvertently collected data from a child under 13 years of age, please contact us, and we will take immediate steps to delete or otherwise treat the data as required by applicable law. Some State Privacy Laws provide additional consideration for children and teens. More information on the privacy of the Personal Information of / from children and, where regulated by State Privacy Laws, teens (collectively “Child-Aged”) Consumers is included in the Child-Aged Consumers of Certain States subsection of Section IV.C.

State Privacy Rights

Subject to meeting the requirements for a Verifiable Consumer Request (defined below) and limitations permitted by State Privacy Laws, Knighthead Life provides Consumers residing in states with applicable State Privacy Laws to which we are subject the privacy rights described in this section. 

For residents of states without applicable State Privacy Laws, or where we are not subject to a state’s jurisdiction (e.g., we do not meet applicability thresholds) we will consider requests but will apply our discretion with respect to if and how we process such requests. We will consider applying state law rights prior to the effective date of such laws but will do so in our discretion.

To submit a request to exercise your Consumer privacy rights, or to submit a request as an authorized agent, complete our Consumer Rights Request Form and return it to us via email to compliance@knightheadinsurance.com  or contact us via phone by calling 1-833-637-4854. We do not accept or process Consumer privacy rights requests through other means (e.g., via fax, chats, or social media, etc.). Please respond to any follow-up inquiries we make to help us complete your request.

Your Consumer Privacy Rights

Subject to state-specific conditions and limitations, we provide Consumers the following rights:

Right to Limit Sensitive Personal Information Processing

We only process sensitive Personal Information for purposes that are exempt from Consumer choice under State Privacy Laws. For example, we process your Sensitive Personal Information to perform the services/provide the goods that you requested. We may process Consumers’ Sensitive Personal Information with their consent where required by State Privacy Laws. If a Consumer provides us with their Sensitive Personal Information through the Services they will have consented to such processing.

Right to Know/Access

(i) Confirm Processing / Categories 

You may request to confirm if we are processing your Personal Data, we will treat such requests as a Categories request, but our response may not provide the category level information.

California residents have a right to submit a request for any of the following for the period that is 12-months prior to the request date:

  • The categories of Personal Information we have collected about you.
  • The categories of sources from which we collected your Personal Information.
  • The Business Purposes or commercial purposes for our collecting, Selling, or Sharing your Personal Information.
  • The categories of third parties to whom we have disclosed your Personal Information.
  • A list of the categories of Personal Information disclosed for a Business Purpose and, for each, the categories of recipients, or that no disclosure occurred.
  • A list of the categories of Personal Information sold or shared about you and, for each, the categories of recipients, or that no sale or share occurred.

For Oregon residents, you may request a list of the specific third parties with whom we have disclosed your Personal Information, if we are able to, or Personal Information, generally.

(ii) Specific Pieces

You may request a transportable copy in a readily usable format that allows transmission to another controller without hindrance, subject to applicable request limits, of your Personal Information that we have collected and are maintaining. For your specific pieces of Personal Information, as required by applicable State Privacy Laws, we will apply the heightened verification standards. We have no obligation to re-identify information or to keep Personal Information longer than we need it or are required to by applicable law to comply with access requests.

Do Not Sell/Share/Target Opt-out

Consumers of certain states have a right to opt-out of Personal Information “Sales”; provided, however, that Nevada residents are only entitled to the non-cookie opt-out explained below. California also has an opt-out for “sharing” for cross-context behavioral advertising (i.e., the use of Personal Information derived from different businesses or services to target advertisements). Non-California State Privacy Laws provide for an opt-out of Targeted Advertising (defined differently but also addressing tracking, profiling and targeting of advertisements). 

Third-party digital businesses may associate cookies and other tracking technologies that collect Personal Information about you on our Online Services, or otherwise collect and process Personal Information that we make available about you, including digital activity information and identifiers (“Third-Party Digital Businesses”). We understand that giving access to Personal Information on the Online Service or otherwise, to Third-Party Digital Businesses could be deemed a sale/sharing under the State Privacy Laws and as such, we will treat such Personal Information (e.g., cookie ID, IP address, and other online IDs and Internet or other electronic activity data) collected by Third-Party Digital Businesses, where not limited to acting as our Processor, as a sale/sharing that is subject to a Do Not Sell/Share/Target opt-out request under applicable State Privacy Laws. 

Opt-out for Non-Cookie Personal Information: If you would like to submit a Do Not Sell/Share/Target request for your non-cookie Personal Information (e.g., your email address), you must submit an opt-out request by completing our Consumer Rights Request Form and returning it to us via email to compliance@knightheadinsurance.com.

Opt-out for Cookie Personal Information: If you would like to limit our processing of your cookie-related Personal Information for Targeted Advertising or opt-out of the Sale/Sharing of such data, you must exercise a separate opt-out request via our consent management tool, which is accessible via the “Your Privacy Choices” link on the footer of our websites . This is because we must use different technologies to apply your opt-out of cookie Personal Information and opt-out of non-cookie Personal Information. Our consent management tool enables you to exercise such an opt-out request and enable certain cookie preferences on your device. You must exercise your preferences on each of our Online Services you visit, from each browser you use, and on each device you use. Since your browser opt-out is designated by a cookie, if you clear or block cookies, your preferences will no longer be effective, and you will need to enable them again via our consent management tool. Note that if you use ad blocking software, our cookie banner and/or the “Your Privacy Choices” link may not appear when you visit our Online Services. 

Opt-out Preference Signals (also known as global privacy control or “GPC”): 

The State Privacy Laws require businesses to process GPC signals, referred to as opt-out preference signals in California, which are signals sent by a platform, technology, or mechanism, enabled by individuals on their devices or browsers, that communicate the individual’s choice to opt-out of the sale or sharing of Personal Information. To use a GPC, you can download an internet browser or a plugin to use on your current internet browser and follow the settings to enable the GPC. We process GPC with respect to sales and sharing that may occur in the context of collection of Cookie Personal Data, discussed above, and apply it to the specific browser on which you enable GPC. We process GPC for opt-outs of sales and sharing in other contexts (e.g., non-cookie Personal Data). We do not: (1) charge a fee for use of our service if you have enabled GPC; (2) change your experience with any product or service if you use GPC; or (3) display a notification, pop-up, text, graphic, animation, sound, video, or any interstitial in response to the GPC, except that we may provide a notification that we recognized the GPC signal.

We may disclose your Personal Information for the following purposes, which are not a sale or sharing: (i) if you direct us to disclose Personal Information; (ii) to comply with a Consumer rights request you submit to us; (iii) disclosures amongst the entities that constitute Knighthead Life as defined above, or as part of a Corporate Transaction; and (iv) as otherwise required or permitted by applicable law.

Child-Aged Consumers of Certain States

We do not knowingly Sell or Share, or use for Targeted Advertising, the Personal Information of / from Child-Aged or other similar term (as defined by the applicable State Privacy Law) Consumers who are residents of certain states, unless we receive affirmative opt-in authorization from (i) the applicable Consumer if the Consumer is at least 13 years of age and Consumer consent is required under the applicable State Privacy Law; or (ii) the parent or guardian of the Consumer if the Consumer is less than 13 years of age. If you think we may have unknowingly Sold or Shared Personal Information, or used Personal Information for Targeted Advertising, of / from a Consumer under the threshold age (as set by the applicable State Privacy Law) without the appropriate affirmative opt-in authorization, please Contact Us.

Right to Delete

Consumers have the right to request that we delete any of your Personal Information that we have collected and retained, subject to certain exceptions; provided, however, that depending on where you reside (e.g., California), we may not be required to delete your Personal Information that we did not collect directly from you. Once we receive and confirm your Verifiable Consumer Request, we will delete (and direct our Processors / Service Providers to delete) your Personal Information, unless an exception applies.  If an exception applies, we will limit Processing to permitted purposes and to the duration of those purposes.

We may deny your request to delete your Personal Information if retaining the data is necessary for us or our Processor(s) / Service Provider(s):

  • to complete transactions and services, you have requested;
  • for security purposes;
  • for legitimate internal business purposes (e.g., maintaining business records);
  • to comply with law and to cooperate with law enforcement; 
  • to exercise or defend legal claims; and
  • certain other permitted purposes under State Privacy Laws. 

    Please be aware that making a deletion request does not ensure complete or comprehensive removal or deletion of Personal Information or content that you may have posted. 

    Right to Correct Your Personal Information

    Consumers may bring inaccuracies they find in their Personal Information that we maintain to our attention, and we will act upon such complaint as required by applicable law. 

    Automated Decision Making (“ADM”) / Profiling

    We do not engage in automated decision making or profiling as those terms are defined State Privacy Laws.

    How to Exercise Your Consumer Privacy Rights

    To submit a request to exercise your Consumer privacy rights, or to submit a request as an authorized agent, complete our Consumer Rights Request Form and return it to us via email to compliance@knightheadinsurance.com or contact us via phone by calling 1-833-637-4854. However, to submit a Do Not Sell/Share/Target regarding your cookie data, you must exercise a separate opt-out request via our consent management tool, which is accessible via the “Your Privacy Choices” link on the footer of our websites or use GPC signals as explained in the section above.  Please respond to any follow-up inquiries we make to help us complete your request. We do not accept or process requests through other means (e.g., via fax, chats, or social media, etc.), except that notices of Child-aged Personal Information issues and general privacy inquiries may be directed to us by Contacting Us.

    Verification of Your Request 

    We do not verify Do Not Sale/Share/Target opt-outs unless we suspect fraud.  As permitted or required by State Privacy Laws, any other request you submit to us must be a “Verifiable Consumer Request,” meaning when you make a request, we may ask you to provide verifying information, such as your name, email, phone number, account and/or transaction information. We will review the information you provided and may request additional information (e.g., customer history) via email or other means to ensure we are interacting with the correct individual. We will not fulfill your Right to Know (Confirm/Categories), Right to Know (Specific Pieces), Right to Delete, or Right to Correct request(s) unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we collected Personal Information. Only you, or someone legally authorized to act on your behalf (your authorized agent), may make a Verifiable Consumer Request related to your Personal Information or the Personal Information of your child. 

     

    We verify each request as follows:

    • Right to Know/Access (Confirm/Categories): We verify your request to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us that we have determined to be reliable for the purpose of verifying you. If we cannot do so, we will refer you to this Privacy Policy for a general description of our data practices.
    • Right to Know/Access (Specific Pieces): We verify your request to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us that we have determined to be reliable for the purpose of verifying you. If you fail to provide requested information, we will be unable to verify you sufficiently to honor your request, but we will then treat your request as a Right to Know (Confirm/Categories) request.
    • Do Not Sell/Share/Target: No specific verification required unless we suspect fraud.
    • Limit Sensitive Personal Information Processing / Withdraw Consent: No specific verification required unless we suspect fraud.
    • Right to Delete: We verify your request to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, or to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us, depending on the sensitivity of the Personal Information and the risk of harm posed by unauthorized deletion. If we cannot verify you sufficiently to honor a deletion request, you can still make a Do Not Sell/Share/Target opt-out request.
    • Right to Correct: We verify your request to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, or to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us, depending on the sensitivity of the Personal Information and the risk of harm posed by unauthorized correction.

    To protect Consumers, if we are unable to verify you sufficiently, we will be unable to honor your request. We will use Personal Information provided in a Verifiable Consumer Request only to verify your identity and authority to make the request and to track and document request responses unless you also gave it to us for another purpose.

    Authorized Agent Requests

    Only you, or someone legally authorized to act on your behalf, subject to our verification of the agent, the agent’s authority to submit requests on your behalf, and of you, in accordance with the Verification of Your Request section above, may make a Verifiable Consumer Request where we need to verify the request as explained above. Once your agent’s authority is confirmed, they may exercise rights on your behalf subject to the agency requirements of applicable laws.

    Appeals

    You may appeal Knighthead Life’s decision regarding a Consumer privacy rights request you submitted (or that was submitted on your behalf by your authorized agent) by following the instructions provided in our response to your request.

    Response Timing and Formats

    We endeavor to respond to Verifiable Consumer Requests within the applicable timeframe under the State Privacy Laws. As permitted by State Privacy Laws, if we require more time, we will inform you of the reason and extension period in writing.

    Any disclosures we provide will cover the 12-month period preceding our receipt of the Verifiable Consumer Request, or longer if we are able to. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily usable and that allows you to transmit the information from one entity to another without hindrance.

    We do not charge a fee to process or respond to your Verifiable Consumer Request unless it is excessive, repetitive, technologically infeasible, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

    Consistent with applicable State Privacy Laws and our interest in the security of your Personal Information, we will not deliver you information regarding your Social Security number, driver’s license number, or other government-issued ID number, financial account number, an account password, or answers to security questions in response to a Consumer rights request; however, you may be able to access some of this information yourself through your account if you have an active account with us.

    Non-Discrimination / Non-Retaliation

    We will not discriminate or retaliate against you for exercising any of your Consumer privacy rights. Unless permitted by applicable State Privacy Laws, we will not do the following if you exercise your Consumer privacy rights:

    • Deny you goods or services.
    • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
    • Provide you a different level or quality of goods or services.
    • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

    Our Rights and the Rights of Others

    Notwithstanding anything to the contrary, we may collect, use, and disclose your Personal Information as required or permitted by applicable law and this may override your rights under State Privacy Laws. In addition, we are not required to honor your requests to the extent that doing so would infringe upon our or another person’s or party’s rights or conflict with applicable law.

    Additional Notice for California Residents

    California’s “Shine the Light” law (Civil Code section 1798.83) permits California residents to request certain information regarding our disclosure of Personal Information to third parties (including our affiliates) for those third parties’ own direct marketing purposes. We do not currently disclose Personal Information to third parties other than our affiliates for those third parties’ direct marketing purposes. To make such a request, please send an email to compliance@knightheadinsurance.com or write us at 1900 South Blvd., Suite 300, Charlotte, NC 28203. You must put the statement “Shine the Light Request” in the body of your correspondence. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. This right is different than, and in addition to, the State Privacy Rights detailed in Section C, and must be requested separately. We will not accept Shine the Light requests by telephone or by fax and are not responsible for requests not labeled or submitted properly, or that are incomplete.

    Changes to These Policies

    We reserve the right to change this Privacy Policy prospectively effective upon the posting of the revised Privacy Policy. We also reserve the right to update and modify this Privacy Policy at any time without other form of notice, but from time to time, we may also notify you by email, or otherwise, when appropriate.  Additional or different practices may be disclosed at the point of collection without changing the main Privacy Policy.  Any modifications will apply only to Personal Information we collect after posting the updated Privacy Policy unless we obtain your consent.  Please check frequently to see any updates or changes to this Privacy Policy. To the extent any provision of this Privacy Policy is found by a court of competent jurisdiction, such provision shall be severed to the extent necessary for the remainder to be valid and enforceable.

    Contact Us

    If you have any questions or comments about this Privacy Policy or the Service, please contact us: 

    Knighthead Life
    1900 South Blvd, Suite 300
    Charlotte, NC 28203
    P: 833-637-4854
    E: compliance@knightheadinsurance.com