Privacy Policy



This Privacy Notice describes the information handling and privacy practices of Hyla Mobile, Inc. (an Assurant group company)  (hereinafter referred to as "Assurant" or “We”, “Us”, “Our” or “Company”) in connection with your submission of a New Buyer Application and your use of (the “Services”). We respect your concerns about privacy.  This Privacy Notice describes how We will collect, access, use, disclose, retain, transfer, otherwise process and protect personal information when you use the site to access Our Services or to submit a New Buyer Application via the Service. For information about other services of Hyla Mobile, Inc. or its subsidiaries and affiliates, please refer to the respective privacy notices applicable to such services.

If you have any concern about providing information to Us or your information being used in any manner permitted by this Privacy Notice and the Terms of Service, you should not use the Services.

1. What Information Do We Collect?

When you submit a New Buyer Application We collect:

  • Business Contact Information which includes the following: company name, business contact first and last name, address, e-mail address, fax number; and phone number;
  • Business Profile Information which includes the following: company website address, company type or structure, establishment dates, locations, US Tax ID, and parent company information;
  • Business Accounts Payable Contact Information which includes the following: first and last name of company accounts payable contact, title, phone number, e-mail address and fax number;  
  • Financial Information which includes, phone number,bank name, SWIFT code and bank telephone number;
  • Company Principals Information which includes: principal’s first and last name, title, address, country and signature;
  • Business References which includes: business reference name, phone number address, country, email address, company account number and fax number;
  • New Customer Setup Information includes: company location, company registration number, R2 certification information, first and last name of company contact who would receive bids and invoices and contact details (e.g., phone number and email address), shipping information, as well as a copy of contact’s government-issued identification card or driver’s license (US customers), copy of the identification page of contact’s government-issued passport (non-US customers). Note: government-issued identification cards, driver’s licenses and passports may contain any of the following information: first and last names, date of birth, address, birth country, country of residence, dates of issue and expiration, unique ID numbers (for example – passport number or driver’s license number), gender, eye color, hair color, height, signature, veteran or military status, etc.); and
  • Device Information such as your Internet Protocol address, the type of browser, devices and operating systems you use; identifiers associated with the device(s) you use to access the Services; and information regarding your internet service provider.

When you communicate with Us or contact Us in regard to your New Buyer Application (for example – when you send us a message through Our “Contact Us” function) We may collect information that you provide to Us in your communications (such as the query or issue that you have raised).  

We collect the information described above from you and the device that you use to access the Services and from third parties such as service providers, affiliates, consumer reporting agencies and public records.

With your permission We will access the information contained within your application. We will process your data on basis of Article 6 para. 1 sentence 1 lit. b GDPR in order to process your query and/or answer your questions.  You may report any problems or security concerns with the site by sending an email to [email protected].

2. How Do We Use Your Information?

We collect information from you to:

Fulfil a contract with you or take steps related to a contract with you including:

  • Providing the Service, to you;
  • Reviewing your application information; and
  • Communicating with you.

We process information for these purposes in accordance with GDPR Article 6 [1] (b), the fulfilment of a contract, or, pursuant to GDPR Article 6 [1] (f), our legitimate interest in preventing fraud.  

  • To support Our provision of the Services to you, in particular:
  • To recognize you when you use our Service;
  • To increase the security of Our networks and systems;
  • For investigating complaints received from you and others about the Service, and tracking potential issues and trends to better serve you;
  • For making decisions about, and implementing, reorganizations or sales of all or part of Our business;
  • To monitor customer applications to prevent, investigate and/or report fraud, misrepresentation, or crime, in accordance with applicable law;

We process information for these purposes in accordance with GDPR Article 6 [1] (b), the fulfilment of a contract; pursuant to GDPR Article 6 [1] (f), our legitimate interest in preventing fraud and GDPR Article 6 [1] (a), with your consent, as applicable.

To ensure our compliance with law such as:

  • In response to requests by government or law enforcement authorities conducting an investigation; and
  • Responding to complaints where We are under a legal or regulatory obligation to adhere to a complaints handling procedure.

We process information for these purposes in accordance with GDPR Article 6 [1] (c).

We may communicate with you through email and other means available to Us. Examples of these communications include: (1) application status, and (2) Service-related communications. These messages will be sent to you based on your application information. Please be aware that you cannot opt out of receiving Service-related messages from Us.

3. How We Share Your Information?

We share your personal information with the following recipients under the following circumstances:

  •  Affiliates. We share your personal information with Our parent company Assurant, Inc. <> and its affiliates and subsidiaries (meaning entities controlled by, controlling, or under common control with Assurant, Inc.) for the purposes stated in this Notice. For example, your enquiry may be handled by staff located within or outside the European Union and/or United Kingdom (such as in the United States). Your personal information may be shared with an Assurant group company, such as Hyla Mobile, Inc. through which you accessed this Service, and for customer relationship management purposes (for example – when you enquire about the status of your application). In accordance with Art. 28 of the GDPR, we concluded necessary commissioned data processing agreement(s) with our affiliates.
  • Service Providers. We employ third party companies and individuals to facilitate the Service (for example - database hosting) within and outside the United States. These third parties have limited access to your information only to perform these tasks on Our behalf and are obligated to Us. The personnel of such third parties who use your personal information is limited to those individuals which are authorized to do so on a need-to-know basis and as necessary to provide these business services to Us. We do not authorize such third parties to disclose or use it for other purposes.  Please see Our List of Service Providers to learn more about the service providers We use and the services that they provide to Us. 
  • Public Authorities. We may disclose your personal information to public authorities or other third parties as necessary to comply with regulatory oversight of Our business; to protect Our own and others’ rights and property, including protection of Our affiliates, customers and members of the public; if mandated by law or if required for the legal protection of Our legitimate interests in compliance with applicable laws. 
  • Investment/Change of Control: We may also disclose your personal information to parties acquiring part or all of Our assets, as well as to attorneys and consultants. If any bankruptcy or reorganization proceeding is brought by or against Us, your information may be considered a company asset that may be sold or transferred to third parties.

4. Cookies and Analytics

We do not place cookies or use similar technologies on this site. We do not use automatic decision making or profiling.

5. Data processing Outside of Your Country

In providing the Service, and the site, personal information may be transferred to, and processed in, countries where data protection and privacy regulations do not offer the same level of protection as the European Economic Area (“EEA”) and other parts of the world:

Sharing personal information with Our affiliates as noted in Section 3 involves transfers outside the EEA to the US and to the UK (following the withdrawal of the UK from the European Union) to provide the Service (for example – to respond to your application enquiry).

Sharing personal information with Our service providers involves transfers to the US (for example database hosting) and India (for example – application processing).

Where personal information is transferred outside the EEA to a country that is not subject to an adequacy decision by the EU Commission, it is adequately protected by European Commission approved standard contractual clauses or a vendor’s Processor Binding Corporate Rules. To obtain a copy of the relevant transfer mechanism or additional information on the transfers, please address these requests to Us.

6. Consent

We may process your personal information based on your consent, where required by law. If We request your consent, We will inform you of the purposes for which your information will be processed. Wherever We rely on your consent, you can always withdraw your consent at any time with effect for the future by contacting Us via any means.

7. Your Choices and Rights

If you are a resident of certain countries, including but not limited to the European Economic Area, the United Kingdom, or Switzerland you have certain data protection rights, which may be limited by law.

You may request access to, modify, correct, delete or limit the use and disclosure, where required by applicable law, of your account information or close your account. You can also request additional information We may have about your account.

General rights

You have the following rights with regard to the data processed by us:

  • The right of access to your personal data stored by us in accordance with Art. 15 GDPR;
  • If necessary, the right to rectify incorrect or complete correct personal data stored by us in accordance with Art. 16 GDPR;
  • the right to erasure (“right to be forgotten”) with regard to your personal data stored by us in accordance with Art. 17 GDPR;
  • the right to restrict the processing of your personal data pursuant to Art. 18 GDPR;
  • the right to data portability in accordance with Art. 20 GDPR;
  • the right to object to the processing of your personal data pursuant to Art. 21 GDPR (see 4.2 immediately below);
  • the right to revoke any consent granted pursuant to Art. 7 para. 3 GDPR;
  • the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

Right of objection pursuant to Art. 21 GDPR.

You have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data by us or by a third party on the basis of a legitimate interest (in particular for the purposes of usage analysis and the needs-based design of the mobile app), insofar as there are reasons to do so which result from your particular situation. We no longer process the relevant personal data unless we can prove compelling grounds for processing worthy of protection which outweigh your affected interests, rights and freedoms, or if the processing serves the assertion, exercise or defense of legal claims.

8. Additional information

You can exercise any of your rights by contacting Us via any means. In order to safeguard your personal information from unauthorised access, We may ask that you provide sufficient information to identify yourself prior to providing access to your personal information.

In certain situations, and subject to applicable laws, including data protection laws, We may not be able or obliged to comply with all or part of your request. For example, We may not comply with an access request if doing so would reveal personal data about another person, or comply with a deletion request relating to information which We are required by law to keep or have compelling legitimate interests in keeping.

If you have unresolved concerns, you have the right to complain to an EU data protection authority (‘supervisory authority’) where you live, work or where you believe a breach may have occurred.


Legal Basis We Rely On

We process information about you in regard to your New Buyer application where such processing is necessary for performance of a contract, or steps taken to enter into a contract, with you. Further, we may share information about you with your consent, where it is necessary to carry out the Service or as required by law, and We will always let you know when We make significant changes to this Privacy Notice. We protect your personal information and will only provide it to third parties:

(1) with your consent on basis of Article 6 para. 1 sentence 1 lit. a GDPR;

(2) where it is necessary to carry out your instructions on basis of Article 6 para. 1 sentence 1 lit. b GDPR;

(3) as reasonably necessary in order to provide the Service on basis of Article 6 para. 1 sentence 1 lit. b GDPR;

(4) to Our service providers (as described in Section 3.2) in connection with providing the Service on basis of Article 6 para. 1 sentence 1 lit. b GDPR;

(5) when We reasonably believe it is required by law, subpoena or other legal process on basis of Article 6 para. 1 sentence 1 lit. c GDPR;

(6) as necessary to enforce our Terms of Service, to protect the rights of the Company, or to prevent physical harm or financial loss on basis of Article 6 para. 1 sentence 1 lit. f GDPR; or

(7) as part of a reorganization or sale of all or part of Our business on basis of Article 6 para. 1 sentence 1 lit. f GDPR.


Links to other Websites

​The site may contain links to other websites that may have online information practices different from Ours. We are not responsible for the privacy and security practices of those websites, and We encourage you to learn about the privacy and security practices of those websites if you choose to access and use them.

9. Data Retention

We keep your information for as long as your application is active and for up to 7 years from the initial submission of your application. In addition, We may keep certain information even after your application is processed if it is necessary to comply with Our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce this agreement.

10. Security Procedures

We have measures in place to restrict access to information to those employees and individuals whom We know have a valid business purpose to have access to such data. We maintain physical, electronic and procedural safeguards. We follow generally accepted standards designed to protect the personal information submitted to Us, both during transmission and once We receive it. We require those who provide services for Us and to whom We provide information collected through the Service to keep such information safeguarded and confidential. However, no method of transmission over the Internet or method of electronic storage is totally secure. Therefore, We cannot guarantee its absolute security.

11. Additional Notice for California Consumers

This section of our Privacy Notice applies to Consumers who reside in the State of California and is included to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws.  It applies to Our processing of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household subject to the CCPA (“Personal Information”).


  • Information We Collect.

We describe the Personal Information we have collected from consumers and the sources from which we collect this information, in the twelve (12) months preceding the effective date of this Privacy Notice, in the section of our Privacy Notice titled “What Information Do We Collect.” The information we collect includes the following:

Identifiers such as company name, first and last name, address, e-mail address, fax number and phone number, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number or other similar identifiers.

Personal Records under Cal. Civil Code § 1798.80(e) such as name, signature, Social Security number, passport number, driver's license or state identification card number, physical characteristics, address, telephone number, insurance policy number, employment, employment history, bank account number, SWIFT code and other financial information.

Characteristics of Protected Classifications under California or Federal Law such as age (40 years or older),  national ancestry, national origin, citizenship, gender, veteran or military status.

Commercial Information such as customer account details, records of personal property, products or services purchased or obtained, transaction records.

Internet and other Electronic Network Activity Information such as Internet Protocol address,  browser, devices and operating system types; device identifiers; and information regarding your internet service provider.

Geolocation Data such as data relating to your computer or device when you interact with the Services.

Audio, Visual, or other Sensory Data including but not limited to customer submitted photographs.

Professional or Employment-related Information such as current employment and employment history.

Inferences from Personal Information Collected such as Inferences drawn from any of the information described in this section about a consumer including inferences reflecting the consumer’s preferences, characteristics, behavior and abilities.

For information regarding the purposes for which we collect and use the Personal Information we collect, please see “How Do We Use Your Information?”

We have disclosed Personal Information in all or substantially all of the categories identified in this Additional Notice for California Consumers for various business purposes. For more information about the categories of Personal Information we have disclosed, the categories of entities with which we have disclosed this information, and the purposes for which we have disclosed the information, please see “How We Share Your Personal Information.”

In the last 12 months we have not sold any Personal Information.   

We do not sell any Personal Information to third parties for a business or commercial purpose, and we have not sold any Personal Information to third parties for a business or commercial purpose within the past 12 months. Additionally, we do not sell the Personal Information of minors under the 16 years of age.


  • Your Rights and Choices

The CCPA provides consumers with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise your rights.


Exercising CCPA Rights

To exercise the rights afforded to you under the CCPA, please submit a verifiable consumer request to us by either:

Only you or a registered agent may make a verifiable consumer request related to your Personal Information. If applicable, you may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access or disclosure twice within a 12-month period, and the request must: 

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information; and
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

In order to process your request safely and protect your Personal Information, it is required that you go through an identification verification process that will ask you for certain required information (including but not limited to your name, your date of birth, the last four digits of your SSN, your email address, your Assurant product, your address, your photo, and a copy of your photo ID). In the instance that your identification can not be verified, you will be contacted. We cannot respond to requests if we cannot verify your identity. Making a verifiable consumer request does not require you to create an account with us.


Response Timing and Format

We will respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and the extension period in writing. Any disclosures we provide will only cover the 12-month period before the date the verifiable consumer request was received. If we cannot process your request, we will explain the reasons why we cannot comply with the request. All responses will provide your Personal Information in an easy to read format.

We will not charge a fee to process or respond to your request provided, however, in certain circumstances we may charge a fee if permitted under applicable law.


Deletion Request Rights

You have the right to request that we delete Personal Information that we collected from you, subject to certain exceptions. Please note that even if you make a request to delete your Personal Information, applicable law may permit or require us to retain Personal Information that was collected to complete transactions and services you have requested or that are reasonably anticipated, for security purposes, for legitimate internal business purposes, including maintaining business records, to comply with law, to exercise or defend legal claims, to cooperate with law enforcement and for other legally permissible reasons.


Right to Know About Personal Information Collected, Disclosed, or Sold

If we use your Personal Information for a business purpose or if we sell your Personal Information, you have the right to request the following to be disclosed:

  • The categories of Personal Information that the business collected about you;
  • The categories of Personal Information that the business sold about you and the categories of third parties and/or service providers to whom the Personal Information was sold;
  • The categories of Personal Information that the business disclosed about you for a business purpose.


Authorized Agent

Under California law, you may designate an authorized agent to make a request on your behalf. You may make such a designation by providing the agent with written permission to act on your behalf. As permitted by law, we may require you to verify your own identity in response to a request even if you choose to use an agent. We may choose to deny a request from an agent

that does not submit proof that they have been authorized by a consumer to act on their behalf.



We will not discriminate against you for exercising any of your CCPA rights. This means, unless permitted by the CCPA, we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services; or
  • Suggest that you may receive a different price or rate for goods or services, or a different level or quality of goods or services.

12. Contact, Data Controller and Data Protection Officer

If you have questions or comments about this Privacy Notice, please contact Us online or by postal mail.


  • For users within the United States, Latin America, Middle East, Africa Asia-Pacific:

We welcome your questions or comments regarding this Notice. Please write to Us at Assurant Privacy Office, 260 Interstate North Circle SE, Atlanta, Georgia 30339, USA or send Us an email at [email protected].


  • For users within the European Economic Area

Assurant is the data controller of the personal information provided to or collected by the Hyla Mobile New Buyer Application site. Assurant has appointed an EU Data Protection Officer. Customers who feel that the rights afforded to them under the GDPR or applicable data protection law have been infringed, or that the data controller is processing personal information in contravention of the GDPR or applicable data protection law, may submit complaints or inquiries to:

Data Protection Officer, Lifestyle Services Group Limited, Emerald Buildings, Westmere Drive, Crewe, Cheshire, CW1 6UN, United Kingdom, or send Us an email at [email protected].


You also have the right to file a complaint directly with the local Supervisory Authority, as relevant, under EU data protection law.

13. Changes to this Privacy Notice

We may update this Notice from time to time. As We may make changes to this Notice, We suggest that you review this Notice each time you access and use this site. Please review changes carefully. If any changes are made to this Privacy Notice, We will revise the Effective Date that is indicated on the Privacy Notice.


Effective Date: September 1, 2021


List of Service Providers

This List of Service Providers identifies the third party service providers (who are not considered to be part of the Assurant group companies) We use in connection with the HYLA Mobile New Buyer Application site:


Service Provider (Name)

  1. Formstack
  2. Location (Country)
  3. United States
  4. Service Provider’s Processing Purposes
  5. New Buyer Application Provider


Service Provider (Name)

  1. EXL
  2. Location (Country)
  3. India
  4. Service Provider’s Processing Purposes
  5. Application Processing



Effective Date: September 1, 2021