Privacy Policy

Privacy Policy

NettShield Global Privacy Policy

Effective Date: December 18, 2025
Last Updated: December 18, 2025

1. Introduction and Scope
NettShield ("we," "us," or "our") is committed to protecting the privacy and security of the data entrusted to us. This Privacy Policy explains how we collect, use, and disclose personal information in two distinct capacities:

  • As a Data Controller: Regarding information collected through our website, marketing activities, and business relationships.
  • As a Data Processor: Regarding the "Client Content" (policyholder data, claims, and underwriting information) processed on behalf of our insurance partners via the NettShield SaaS platform.

2. Information We Collect
We categorize data collection into:

  • Direct Information: Name, professional email, job title, and company details provided during inquiries or account setup.
  • Automated Information: IP addresses, browser types, and usage patterns collected via cookies and telemetry to optimize platform performance.
  • Client Content (SaaS Platform): We process personal identifiers (PII), financial records, and claims history solely under the instruction of our clients to facilitate Policy Management, Billing, and Underwriting.

3. Legal Basis for Processing (GDPR/CCPA Compliance)
We process data based on:

  • Contractual Necessity: To deliver the services defined in your Subscription Agreement.
  • Legitimate Interests: To ensure platform security, prevent fraud, and improve our no-code/low-code configuration tools.
  • Legal Obligation: To comply with regulatory reporting requirements inherent in the E&S and Specialty markets.

4. Data Isolation and AI Governance
NettShield implements the following:

  • Tenant Isolation: Client Content is logically separated. Your underwriting rules and data are never "pooled" or used to train public AI models.
  • AI Integrity: Our AI-enabled solutions operate on a "Human-in-the-Loop" basis, providing explainable insights for claims and underwriting without compromising data sovereignty.

5. Third-Party Integrations and Sub-Processors
NettShield utilizes a curated list of sub-processors and third-party data enrichers:

  • We execute Data Processing Addendums (DPAs) with all vendors.
  • Data is only shared via secure, encrypted APIs for specific functional purposes (e.g., hazard mapping or credit scoring).

6. International Data Transfers
For our global partners, we ensure that data transfers outside the EEA or UK are governed by Standard Contractual Clauses (SCCs) and comply with the latest "Data Privacy Framework" requirements, ensuring a level of protection equivalent to local laws.

7. Security and Compliance Certifications
NettShield maintains an enterprise security posture, including:

  • Encryption: AES-256 at rest and TLS 1.2+ in transit.
  • Audits: Regular SOC 2 Type II audits and penetration testing.
  • Data Masking: Non-production environments utilize advanced data masking to protect PII during implementation and testing.

8. Your Privacy Rights
Depending on your jurisdiction (e.g., CCPA/CPRA, GDPR), you have the right to:

  • Access, correct, or delete your personal data.
  • Object to or restrict processing.
  • Request data portability.
  • Note: For policyholder data, requests should be directed to the respective Insurer or MGA (the Data Controller).

9. Contact Information
For inquiries regarding this policy or to exercise your rights, please contact our Data Protection Officer (DPO) at: privacy@nettshield.com

Scroll to Top

Get In Touch