Get Started → Business Owner's Policy Commercial P&C Certificate of Insurance Life Insurance Health Insurance About Coverage Area Request Information
Legal

Privacy Policy

We do not sell your information. Ever. This policy explains exactly what we collect, how we use it, and your rights.

Effective Date: January 1, 2025  ·  Last Updated: 2025  ·  Governing Law: State of Maryland

We Do Not Sell Your Information

Lotus Legacy Insurance Advisors does not sell, rent, lease, or trade your personal information to any third party for any purpose, at any price, under any circumstances. Your information is used solely to respond to your inquiry and, if you become a client, to service your coverage.

Table of Contents

  1. Who We Are
  2. Information We Collect
  3. How We Use Your Information
  4. We Do Not Sell Your Information
  5. Information Sharing — Limited Circumstances Only
  6. GLBA Compliance — Financial Privacy
  7. HIPAA Notice of Privacy Practices
  8. TCPA Compliance
  9. Data Security
  10. Data Retention
  11. Your Rights
  12. Children's Privacy
  13. Maryland Resident Rights
  14. Changes to This Policy
  15. Contact Us

1. Who We Are

Lotus Legacy Insurance Advisors LLC is a Maryland limited liability company operating as a licensed independent insurance agency. We hold active producer licenses in Maryland (, License: 2190567), Connecticut, and Delaware. This Privacy Policy applies to information collected through our website at lotuslegacy.org and in connection with our insurance advisory services.

2. Information We Collect

2.1 Information You Provide Directly

When you submit an inquiry, request information, or request a Certificate of Insurance through our Site, we collect the information you provide, which may include:

  • Full name and contact information (email address)
  • State of residence
  • Type of coverage you are seeking
  • Whether you are currently insured
  • Business type and size (for commercial inquiries)
  • Descriptive information about your coverage needs
  • Policy number (for Certificate of Insurance requests)
  • Certificate holder information (for COI requests)
  • Any other information you voluntarily include in your submission

2.2 Information Collected Automatically

When you visit our Site, we may collect certain technical information automatically, including your IP address, browser type, operating system, referring URL, pages visited, and time of visit. This information is used for site security, performance monitoring, and aggregate analytics only. We do not use this information to identify you individually.

2.3 Health Information

If you submit an inquiry regarding health insurance or Medicare products, you may voluntarily provide information about your health status or coverage needs. We treat all health-related information with the highest level of confidentiality as described in Section 7 of this Policy.

3. How We Use Your Information

We use the information you provide solely for the following purposes:

  • To respond to your inquiry and provide the information or assistance you requested
  • To prepare and deliver a Certificate of Insurance (COI) that you requested
  • To contact insurance carriers on your behalf to obtain quotes or coverage information, with your consent
  • To comply with applicable legal and regulatory requirements
  • To maintain records as required by Maryland Insurance Administration regulations
  • To improve the quality and accuracy of our services

We do not use your information for automated decision-making, profiling, or marketing to third parties.

4. We Do Not Sell Your Information

Lotus Legacy Insurance Advisors does not sell, rent, license, trade, or otherwise transfer your personal information to any third party for monetary or other consideration. This prohibition is absolute and applies to:

  • Data brokers and information resellers
  • Marketing companies and advertising networks
  • Lead generation services
  • Any other third party seeking to use your information for commercial purposes unrelated to servicing your insurance inquiry

This commitment does not expire. Information you provide to us today will never be sold, regardless of any future change in ownership, management, or business model of the Company, except as may be required by applicable law.

5. Information Sharing — Limited Circumstances Only

We share your information only in the following limited circumstances:

  • Insurance Carriers: With your consent, we share relevant information with licensed insurance carriers for the purpose of obtaining quotes, binding coverage, or servicing your policy. We share only the minimum information necessary for this purpose.
  • Service Providers: We use third-party form processing services (including Formspree) to receive and transmit inquiry submissions. These providers are contractually prohibited from using your information for any purpose other than transmitting your submission to us.
  • Legal Compliance: We may disclose your information if required to do so by law, court order, subpoena, or regulatory requirement, including requirements of the Maryland Insurance Administration.
  • Business Transfer: In the event of a merger, acquisition, or sale of all or substantially all of the Company's assets, your information may be transferred to the successor entity, subject to the same privacy protections described in this Policy.

6. GLBA Compliance — Financial Privacy

As a licensed insurance agency, the Company is subject to the Gramm-Leach-Bliley Act (GLBA), 15 U.S.C. §§ 6801-6809, and applicable state financial privacy laws. In compliance with GLBA:

  • We collect nonpublic personal information (NPPI) only as necessary to provide insurance advisory services
  • We do not disclose NPPI to nonaffiliated third parties except as permitted under GLBA and applicable state law
  • We implement and maintain a comprehensive written information security program appropriate to the size and complexity of our operations
  • You have the right to opt out of certain information sharing with nonaffiliated third parties to the extent required by GLBA. To exercise this right, contact us at info@lotuslegacy.org

7. HIPAA Notice of Privacy Practices

Key Commitment: We apply HIPAA minimum necessary standards to all health information, regardless of whether we are technically a covered entity under the law.

HIPAA Status Notice

Lotus Legacy Insurance Advisors is not a Covered Entity under HIPAA for purposes of treatment, payment, or health care operations as those terms are defined under 45 C.F.R. § 160.103. However, we voluntarily adopt HIPAA Privacy Rule standards as our minimum operating standard for all health-related information.

To the extent we receive or handle Protected Health Information (PHI) in connection with health insurance applications or Medicare advisory services:

  • Minimum Necessary Standard: We access, use, and disclose only the minimum PHI necessary to accomplish the intended purpose of the inquiry or service
  • No Sale of PHI: We never sell PHI under any circumstances
  • Permitted Disclosures: PHI is disclosed only to insurance carriers and their authorized representatives as necessary to obtain or service health insurance coverage on your behalf, with your knowledge and consent
  • Security Safeguards: We implement reasonable administrative, physical, and technical safeguards to protect PHI from unauthorized access, use, or disclosure
  • Retention: Health-related information is retained only as long as necessary to service your inquiry or maintain required regulatory records

8. TCPA Compliance

The Company complies with the Telephone Consumer Protection Act (TCPA), 47 U.S.C. § 227, in all communications. We contact you by email only in response to your inquiry or to service your coverage, and only where you have provided express written consent through our form submissions. You may withdraw email consent at any time by contacting us at info@lotuslegacy.org. We do not use automated dialing systems or send unsolicited text messages.

9. Data Security

We implement commercially reasonable administrative, technical, and physical security measures to protect your personal information against unauthorized access, use, alteration, or destruction. These measures include encrypted data transmission (HTTPS), access controls limiting information access to authorized personnel only, and vendor due diligence for third-party processors. However, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

10. Data Retention

We retain your information for as long as necessary to: (a) fulfill the purpose for which it was collected; (b) comply with applicable legal and regulatory record-keeping requirements, including Maryland Insurance Administration requirements; and (c) resolve any disputes or enforce our agreements. Inquiries that do not result in a client relationship are retained for a minimum of two (2) years for compliance purposes. Active client records are retained for the duration of the relationship and for a minimum of seven (7) years following termination.

11. Your Rights

Subject to applicable law, you have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete personal information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Opt-Out: Opt out of any permissible information sharing with nonaffiliated third parties under GLBA
  • Withdrawal of Consent: Withdraw consent for email communications at any time

To exercise any of these rights, contact us at info@lotuslegacy.org. We will respond to verifiable requests within thirty (30) days.

12. Children's Privacy

This Site is not directed to children under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a child under 18, please contact us immediately at info@lotuslegacy.org and we will promptly delete such information.

13. Maryland Resident Rights

Maryland residents may have additional rights under Maryland law, including the Maryland Personal Information Protection Act and Maryland Insurance Article privacy provisions. Maryland residents who believe their privacy rights have been violated may file a complaint with the Maryland Insurance Administration at: 200 St. Paul Place, Baltimore, Maryland 21202, or at mdinsurance.state.md.us.

14. Changes to This Policy

We reserve the right to modify this Privacy Policy at any time. Changes become effective upon posting to the Site. We will update the "Last Updated" date at the top of this Policy when changes are made. Your continued use of the Site following any modification constitutes your acceptance of the modified Policy.

15. Contact Us

For questions, concerns, or requests related to this Privacy Policy, including requests to access, correct, or delete your personal information:

Lotus Legacy Insurance Advisors LLC
Baltimore, Maryland
Email: info@lotuslegacy.org