IMAC
Privacy Policy
1. INTRODUCTION AND SCOPE
International Marketing, Administration & Insurance Brokerage Corporation of Massachusetts (“IMAC,” “Company,” “we,” “us,” or “our”) operates the website located at IMACO.com (the “Site”). This Privacy Policy describes how we collect, use, disclose, and safeguard information when business representatives, brokers, insurance carriers, employers, associations, and other authorized entities (collectively, “Business Users” or “you”) visit or interact with the Site.
This Site is not directed to individual consumers. IMAC provides tailored insurance-related services exclusively to brokers, insurance carriers, employers, trade associations, and similar business entities. We do not knowingly solicit or collect personal information from individual consumers, minors under the age of eighteen (18), or any persons accessing this Site in a personal, non-commercial capacity. If you have accessed this Site as an individual consumer, please discontinue use and contact us at the information provided below.
This Privacy Policy is designed to comply with applicable law, including but not limited to: (i) the Massachusetts Standards for the Protection of Personal Information of Residents of the Commonwealth, 201 CMR 17.00; (ii) the New York Department of Financial Services Insurance Regulation 169, 11 NYCRR Part 420; (iii) the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA/CPRA”); and (iv) and the federal Gramm-Leach-Bliley Act (15 U.S.C. § 6801 et seq.).
2. INFORMATION WE COLLECT
a) Information You Voluntarily Provide. The Site is primarily informational and marketing-oriented. We do not operate portals, user accounts, or online application systems. To the extent that the Site includes a contact form, email link, telephone number, or other inquiry mechanism, information voluntarily submitted by Business Users — such as a name, business email address, company name, phone number, job title, and the substance of your inquiry — will be received and retained by us.
b) Automatically Collected Technical Information. When you visit the Site, certain technical information may be collected automatically through standard web server logs, cookies, pixel tags, or similar technologies. This may include: your Internet Protocol (IP) address; browser type and version; operating system; referring URL; pages viewed; time and date of your visit; and other standard clickstream data. This information is collected for security, analytics, and Site performance purposes.
c) Cookies and Tracking Technologies. The Site may use first-party session cookies and, depending on the configuration of our hosting provider or analytics platform, third-party analytics cookies (e.g., Google Analytics). You may configure your browser to refuse cookies; however, doing so may affect the functionality of certain features of the Site. We do not engage in cross-context behavioral advertising as defined under the CCPA/CPRA.
d) Information We Do Not Collect. We do not collect Social Security numbers, financial account numbers, payment card numbers, government-issued identification numbers, medical or health information, biometric data, or any other categories of sensitive personal information as defined under applicable state law through this Site.
3. HOW WE USE INFORMATION
We use the information collected through this Site solely for the following purposes:
a) To respond to your business inquiries and communicate with you about our services;
b) To maintain and improve the security, performance, and functionality of the Site;
c) To analyze aggregate, non-identifying traffic patterns and usage trends for internal business intelligence;
d) To comply with applicable federal, state, and local laws, regulations, legal process, and governmental requests, including regulatory obligations applicable to licensed insurance agencies;
e) To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity;
f) To enforce our Terms of Use and protect the rights, property, and safety of IMAC, our business partners, and others; and
g) For other purposes with your consent, or as otherwise permitted or required by law.
We do not sell, rent, or lease personal information collected through this Site to any third party.
4. DISCLOSURE OF INFORMATION
We may disclose information collected through this Site in the following circumstances:
a) Service Providers. We may share information with third-party vendors and service providers (e.g., website hosting providers, IT support firms, and analytics platforms) that perform services on our behalf and have agreed, by contract, to maintain the confidentiality and security of such information consistent with applicable law, including the requirements of 201 CMR 17.03 (Massachusetts) and 16 C.F.R. Part 314 (FTC Safeguards Rule). We require such providers to use personal information only for the specific business purpose(s) for which it is disclosed.
b) Legal Process and Regulatory Compliance. We may disclose information as required by applicable law, regulation, court order, subpoena, or other legal process, or when we reasonably believe disclosure is necessary to: (i) comply with applicable law; (ii) respond to claims or legal process; (iii) protect the rights, property, or safety of IMAC, our business partners, or others; or (iv) respond to requests from regulators, including state insurance departments.
c) Business Transfers. In the event of a merger, acquisition, reorganization, dissolution, or sale of all or substantially all of IMAC’s assets, information held by us may be among the assets transferred to the acquiring entity, subject to the same confidentiality obligations set forth herein.
d) With Your Consent. We may disclose information with your express consent or at your direction. We do not disclose nonpublic personal financial information to nonaffiliated third parties for marketing purposes without providing appropriate notice and opportunity to opt out, to the extent required by the Gramm-Leach-Bliley Act and applicable state insurance privacy regulations.
5. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)
Although this Site is not directed to individual consumers, to the extent natural persons who are California residents access this Site in any capacity and their information is collected, the following disclosures apply pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (Cal. Civ. Code § 1798.100 et seq.):
a) Categories of Personal Information Collected. In the preceding twelve (12) months, we may have collected the following categories of personal information (as defined under Cal. Civ. Code § 1798.140): (i) Identifiers, such as name, email address, and IP address; and (ii) Internet or other electronic network activity, such as browsing history on this Site.
b) Business or Commercial Purpose for Collection. We collect such information for the business purposes described in Section 3 above.
c) Categories of Third Parties with Whom Information is Shared. We may share such information with service providers, as described in Section 4(a) above.
d) No Sale or Sharing of Personal Information. IMAC does not sell personal information, and does not share personal information for cross-context behavioral advertising purposes, as those terms are defined under the CCPA/CPRA. Accordingly, we do not offer an opt-out from the sale or sharing of personal information at this time.
e) California Consumer Rights. To the extent applicable, California residents may have the right to: (i) Know what personal information we have collected about them; (ii) Delete personal information we have collected (subject to certain exceptions); (iii) Correct inaccurate personal information; (iv) Opt out of the sale or sharing of personal information (not applicable here); and (v) Non-discrimination for exercising their rights.
f) How to Submit a Request. Requests may be submitted by contacting us using the information provided in Section 9 below. We will verify your identity before processing your request, to the extent reasonably feasible. We will respond to verifiable consumer requests within forty-five (45) days, with a possible extension of an additional forty-five (45) days where reasonably necessary.
g) B2B and Employee Exemptions. To the extent personal information is collected in the context of a business-to-business transaction or in connection with IMAC’s employment relationship with its personnel, such information is subject to any applicable exemptions under the CCPA/CPRA.
6. MASSACHUSETTS PRIVACY RIGHTS AND DATA SECURITY
Pursuant to 201 CMR 17.00, IMAC has implemented a written comprehensive information security program that contains administrative, technical, and physical safeguards appropriate to the size, scope, and nature of our business and the sensitivity of personal information about Massachusetts residents that we maintain. This program is designed to:
a) Ensure the security and confidentiality of personal information;
b) Protect against anticipated threats or hazards to the security or integrity of such information; and
c) Protect against unauthorized access to or use of such information in a manner that creates a substantial risk of identity theft or fraud.
In the event of a breach of security involving personal information of Massachusetts residents, IMAC will provide notification to affected individuals and the Massachusetts Attorney General’s Office and the Director of Consumer Affairs and Business Regulation, as required. “Personal information” under Massachusetts law means a Massachusetts resident’s first name (or first initial) and last name in combination with any one or more of the following: (i) Social Security number; (ii) driver’s license number or state-issued identification card number; or (iii) financial account number, or credit or debit card number. We do not collect such information through this Site.
7. NEW YORK PRIVACY RIGHTS AND DATA SECURITY
Pursuant to the New York SHIELD Act, IMAC implements and maintains reasonable safeguards to protect the security, confidentiality, and integrity of “private information” of New York residents. These safeguards include reasonable administrative, technical, and physical measures commensurate with the size and complexity of our business.
To the extent IMAC operates as a licensed insurance entity subject to the New York Department of Financial Services Insurance Regulation 169 (11 NYCRR Part 420), we provide or make available to our customers, as applicable, appropriate initial and annual privacy notices describing our policies with respect to the collection and disclosure of nonpublic personal financial information, in accordance with the Gramm-Leach-Bliley Act and 11 NYCRR Part 420.
In the event of a breach of the security of a system that contains private information of New York residents, we will provide notification to affected New York residents and to the New York State Attorney General’s Office, the New York State Department of State, the New York State Division of State Police, and the New York Department of Financial Services, as required.
8. DATA RETENTION AND SECURITY
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal and regulatory obligations, to resolve disputes, and to enforce our agreements. When personal information is no longer needed, we take reasonable steps to destroy or de-identify such information in accordance with applicable law and our internal information security program.
Although no method of transmission over the Internet or electronic storage is completely secure, IMAC employs commercially reasonable security measures to protect information from unauthorized access, disclosure, alteration, or destruction, consistent with our obligations applicable federal and state law.
9. CONTACT INFORMATION
For questions, concerns, or requests regarding this Privacy Policy, or to submit a privacy rights request, please contact us at:
IMAC
275 Turnpike Street, Suite 300
Canton, MA 02021 USA
Email: info@IMACO.com
Telephone: 781-963-2269
10. CHANGES TO THIS PRIVACY POLICY
We reserve the right to update or modify this Privacy Policy at any time. Changes will be effective upon posting of the revised policy to this Site with an updated “Last Updated” date. We encourage Business Users to review this Privacy Policy periodically. Your continued use of the Site following the posting of any changes constitutes your acceptance of such changes.
11. GOVERNING LAW
This Privacy Policy shall be governed by and construed in accordance with the laws of the Commonwealth of Massachusetts, without regard to its conflict of law principles, except to the extent that the laws of the State of New York or the State of California impose mandatory requirements on the processing of personal information of residents of those states, in which case such state law shall govern as to those residents and those specific requirements.
Effective Date: June 2, 2026
Last Updated: June 2, 2026