Averon Insurance (Sergei Nesterov, LLC) values your trust and is committed to handling personal information responsibly. This Privacy Policy applies to the following company services: the website, Telegram bot, CRM system, and other digital platforms and tools used in the course of providing services.
What Information We Collect
We collect personal information necessary to provide insurance services, process requests, and operate our services. The scope of information we collect depends on how you interact with us.
Information You Provide
When arranging insurance policies, we collect personal information, including first name, last name, date of birth, gender, and employment type; contact information, including email address, telephone number, residential address, and preferred contact time; as well as citizenship information, immigration status, and supporting documents. We may also request information about marital status, dependents and their personal information, household income, number of income sources, expected annual income, information about employer-sponsored coverage, and the basis for submitting an application.
Through a form, personal account, support chat, or email client, you may provide uploaded documents to us, including identification documents, tax forms, immigration documents, and other files. When you create an account, we store your email address and password; the password is stored only in encrypted form. During communications with the company through any communication channel, we may record messages, call recordings, notes, and the history of interaction with an insurance agent.
We do not accept or process payments for insurance policies. Payment is made directly through the insurance company or an authorized platform; we do not have access to your payment credentials.
Information Collected Automatically
When you use the services, we automatically receive technical information, including your IP address, browser type and version, operating system, device type, language settings, and time zone. We may also record the referral source (referrer URL), visited pages, session time and duration, de-identified data about actions in the interface, technical access and error logs, and identifiers of cookies and similar technologies. Geolocation is determined approximately based on the IP address, such as country, region, and city, and is not precise.
Categories of Personal Information Under the CCPA / CPRA
For purposes of the CCPA / CPRA, we may collect the following categories of personal information: identifiers, including name, email address, telephone number, address, IP address, account identifiers, and device identifiers (Category A); information described in Cal. Civ. Code § 1798.80(e), including name, address, telephone number, SSN / ITIN, driver's license number, insurance information, and other administrative data necessary to arrange or service an insurance product; protected classification characteristics, including age, gender, marital status, and immigration status (Category C); commercial information, including policies and inquiries (Category D); internet activity information, including website interaction, visit logs, and cookies (Category F); approximate geolocation based on IP address, or precise geolocation only if expressly provided by you (Category G); professional information, including income and employer information, particularly for ACA purposes (Category I); and inferences for product selection and assessment of offer relevance (Category K).
We do not collect biometric identifiers, sensory data, or education information (Categories E, H, and J under the CCPA / CPRA).
How We Collect Information
We receive personal information in different ways depending on how you interact with us. All information is collected with your knowledge and used solely for the purposes described in this Privacy Policy.
Information You Provide Directly
Most information comes to us directly from you when you interact with our services. You provide information when completing forms, applications, and inquiries on our website, during personal consultations with an insurance agent, and when sending messages to our email address. This category includes both information that you enter yourself, such as contact details and information for arranging a policy, and documents that you upload or send to us through communication channels.
Information Collected Automatically
When you use our website, certain information is collected automatically through cookies, analytics systems, and similar technologies. This includes technical information about your device and browser, information about visited pages, session duration, and the nature of your interaction with the interface. A detailed list of automatically collected information is provided in the section titled “What Information We Collect.”
Information From Third Parties
We do not receive personal information about you from third parties. All information we hold comes exclusively from you, either directly or through our services in the course of your interaction with them.
How We Use Information
We use the personal information we collect solely for purposes related to providing insurance services and ensuring a high-quality client experience. Information is processed on lawful grounds and to the extent necessary to achieve the purposes described below.
Providing Insurance Services
The primary purpose of processing information is to calculate insurance policy costs and create personalized offers. Based on the information you provide, we select insurance options from different insurance companies, compare policy terms and costs, and then provide you with a selection from which you may choose the option that best suits your needs. To obtain quotes and arrange a policy, we transmit the necessary information to partner insurance companies selected by you or relevant to your request.
Client Communications
We use your contact information to communicate with you about matters related to selecting and arranging policies, including clarifying application details, sending offers, responding to your inquiries, informing you about application status, and providing support at all stages of interaction. Communication may take place through any of the communication channels you provide, including telephone, email, and messengers, at a time convenient for you.
Analytics and Service Improvement
De-identified information about interactions with our website and services is used for analytics, evaluating offer effectiveness, improving the user experience, and developing the functionality of our platforms. This information helps us make the service more convenient and select relevant products more accurately.
Marketing
With your consent, we may use contact information to send informational and marketing messages, such as notices about new insurance products, Open Enrollment periods, or promotions. You may opt out of receiving such messages at any time without losing the ability to use our services.
Compliance With Law and Fraud Prevention
We process personal information to comply with applicable law, including insurance and tax regulations, and to prevent fraudulent activity, protect the rights and legitimate interests of the company, clients, and third parties. Where appropriate legal grounds exist, information may be transferred to authorized government authorities.
Your Rights
Averon Insurance respects every user's right to privacy and control over their personal information. The rights listed below are provided to all our clients and website visitors regardless of place of residence, in addition to specific rights that may arise under the laws of individual states. Exercising any of these rights will not affect the quality of services provided to you, the cost of insurance products, or the terms of your interaction with Averon Insurance.
We strive to process every request in good faith and within the time limits established by law. At the same time, please note that the exercise of certain rights may be limited by applicable law, including obligations to retain data under tax, insurance, and other regulatory laws of the United States. In such cases, we will provide a reasoned response stating the legal grounds for refusal.
Right of Access to Information
You have the right to request and receive confirmation from us as to whether we process your personal data, as well as a copy of such data. A request for access may include information about the categories of data collected, sources of collection, purposes of processing, categories of third parties to whom data is transferred or disclosed, and the specific pieces of personal data we hold.
When processing access requests, we take reasonable measures to protect the data of third parties that may be contained in our records. If a copy of the requested data contains information relating to other persons or information protected by trade secret, we redact such information before providing a response.
Right to Correct Inaccurate Data
You may request correction of inaccurate or incomplete personal data that we store about you. After receiving such a request, we will conduct a reasonable review of the accuracy of existing data and, if inaccuracy is confirmed, make the appropriate changes. You will be notified of the results of the request review within the applicable time limits.
If corrected data was previously transferred to partner insurers or other recipients, we will make reasonable commercial efforts to notify such recipients of the changes, provided that doing so does not require disproportionate effort.
Right to Delete Data
You have the right to request deletion of personal data that we collected from or about you. After receiving such a request and verifying your identity, we will delete personal data from our systems and transmit a similar request to our service providers and contractors.
The right to deletion is not absolute. We may refuse to delete personal data if retaining it is necessary to complete the transaction for which the data was collected; detect and prevent fraud or unlawful activity; comply with legal obligations, including data retention requirements established by insurance laws, tax codes, and other regulations; protect the legal rights of Averon Insurance, our clients, or third parties; or for internal use aligned with the reasonable expectations of the client in the context of our relationship with them. In the event of refusal, we will provide a justification specifying the relevant legal grounds.
Right to Data Portability
You may request a copy of your personal data in a structured, commonly used, and machine-readable format, allowing you to transmit that data to another controller of your choice. This right applies to information provided by you personally and does not extend to derived data, analytical inferences, or information obtained by us from third-party sources.
Right to Limit the Use of Sensitive Information
You have the right to limit the use and disclosure of sensitive personal information to only those purposes necessary to provide the services you requested. We treat as sensitive information your Social Security number, driver's license number, financial information, precise geolocation data, and other categories recognized as sensitive under applicable state law.
Exercising this right does not affect our ability to use sensitive information for purposes expressly permitted by law, including underwriting, fraud prevention, and security.
Right to Opt Out of Automated Decision-Making
Where we use automated data processing technologies, including profiling, to make decisions that have legal or similarly significant effects on you, you have the right to receive meaningful information about the logic involved in such processing and to request review of the decision with human involvement. This right is exercised in accordance with the specific requirements of the law of your state of residence.
Right to Non-Discrimination
Averon Insurance will not discriminate against you for exercising any of the rights listed in this section. In particular, we will not deny services to you, reduce the quality of services, or provide goods or services of a different quality or level in response to your request to exercise privacy rights.
Right to Appeal
If your request to exercise any of the rights listed above has been denied in whole or in part, you have the right to appeal that decision. The appeal will be reviewed within sixty calendar days from receipt of the relevant appeal. Following review of the appeal, we will provide you with a written reasoned response. If the result of the appeal review is also unsatisfactory to you, you have the right to contact the office of the attorney general of your state with a corresponding complaint.
Additional Rights for Residents of Certain States
In addition to the general rights described above, the laws of individual U.S. states provide their residents with certain specific rights. Details for residents of states with active comprehensive privacy laws as of the last updated date of this Policy are provided below.
For California Residents (CCPA / CPRA)
If you are a resident of California, you have an expanded set of rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act. In addition to the general rights described above, you have the right to request disclosure of the categories and specific pieces of personal information collected about you over the preceding twelve months, or a longer period upon an appropriate request, and the right to receive information about the categories of sources from which information was collected and the categories of third parties to whom data was disclosed.
California residents also have a right known as the “Shine the Light Law,” which allows them to request, once per year, information about personal data disclosed by us to third parties for their direct marketing purposes. A request under this right may be sent to our official mailing address with the subject line “California Shine the Light Request.”
As of January 1, 2026, updated California rules regarding automated decision-making technology (ADMT), mandatory risk assessments, and phased cybersecurity audits entered into force. If we use such technologies, you have the right to receive meaningful information about the processing logic used and to request human review of the decision.
California residents may exercise their rights independently or through an authorized agent. To appoint an authorized agent, written permission signed by you or a notarized power of attorney is required. We reserve the right to request confirmation that such permission exists and to independently verify your identity.
For Texas Residents (TDPSA)
If you are a resident of Texas, you have rights provided by the Texas Data Privacy and Security Act, effective July 1, 2024. The Texas Data Privacy and Security Act gives Texas residents the right to confirm whether personal data is being processed, access such data, correct inaccuracies, request deletion, obtain a copy of data in portable format, and opt out of processing for purposes of targeted advertising, sale of personal data, and profiling with significant effects.
Sensitive data of Texas residents is processed only on the basis of your explicit prior consent. Under the TDPSA, certain categories of data may be considered sensitive, including data revealing racial or ethnic origin, religious beliefs, mental or physical health, sexual orientation, citizenship or immigration status, genetic or biometric data, data concerning minors, and precise geolocation data. Averon Insurance does not request medical history, diagnoses, treatment information, or other clinical medical data through its own services.
Where we sell sensitive personal data or biometric data, we provide the corresponding notice in the manner required by the TDPSA. As of the last updated date of this Policy, Averon Insurance does not sell such data.
For Virginia Residents (VCDPA)
Residents of Virginia have rights provided by the Virginia Consumer Data Protection Act, effective January 1, 2023. These include the right to confirm processing and access data, the right to correction, deletion, and portability, the right to opt out of data processing for purposes of targeted advertising, sale, and profiling with legal or similarly significant effects, and the right to appeal a refusal to exercise other rights.
Sensitive data of Virginia residents is processed only with prior explicit consent.
For Residents of Other States With Active Privacy Laws
As of the last updated date of this Policy, residents of the following states are also granted rights under the laws in force in their states, which are primarily based on the Virginia Consumer Data Protection Act model: Oregon (OCPA), Montana (MCDPA), Delaware (DPDPA), New Hampshire, New Jersey (NJDPA), Iowa (ICDPA), Nebraska (NDPA), Tennessee (TIPA), Minnesota (MCDPA), Maryland (MODPA), Indiana (ICDPA), Kentucky (KCDPA), and Rhode Island (RIDTPPA). Residents of these states have the right to confirm processing, access, correction, deletion, portability, opt out of sale and targeted advertising, and appeal a refusal to exercise other rights.
Residents of Florida have a limited set of rights under the Florida Digital Bill of Rights, effective July 1, 2024. That law applies primarily to large technology companies, and in most cases Averon Insurance may not be subject to it. Nevertheless, we voluntarily provide Florida residents with the ability to exercise the general rights described in the first part of this section.
Residents of Maryland have expanded rights under the Maryland Online Data Privacy Act, effective October 1, 2025, including with respect to the data minimization principle and stricter restrictions on the processing of sensitive personal data and minors' data.
Because the laws of individual states contain specific nuances that are not reflected in this general description, if you have questions about the exact scope of your rights, we recommend contacting us directly using the contacts provided.
How to Exercise Your Rights
A request to exercise any of the rights listed above may be submitted in one of the following ways: by completing the online form at the dedicated address [averoninsurance.com/privacy-request]; or by email at [email protected]. For requests under California's Shine the Light Law, use of the postal channel is recommended with the appropriate notation in the subject line.
If you are dissatisfied with the result of our review of your request or appeal, you have the right to file a complaint with the office of the attorney general of your state of residence. Contact information for state attorneys general is available on the official website of the National Association of Attorneys General (naag.org).
Identity Verification
To protect your personal data from unauthorized access, we are required to verify your identity before processing a request. The level of verification depends on the nature of the requested information and the potential risks associated with its disclosure. For most requests, we will ask you to confirm elements of information already contained in our records, such as name, contact details, date of birth, and information about previously requested insurance products.
For requests involving disclosure of sensitive data or deletion of information, additional supporting documents or a written statement signed under penalty of perjury may be required. Requests submitted through an authorized agent require additional verification of that agent's authority.
If we cannot reliably verify your identity based on the information provided, we may refuse to process the request and will state the corresponding grounds.
Review Timeframes
Confirmation of receipt of a request will be sent to you within ten business days from receipt. A substantive response to the request will be provided within forty-five calendar days from receipt. Where objectively necessary due to the complexity or volume of requests, this period may be extended by an additional forty-five days, with prior notice to you explaining the reasons for the extension.
Authorized Agents
You may appoint an authorized agent to submit requests on your behalf. To do so, the agent must provide us with written permission signed by you or a notarized power of attorney. We reserve the right to independently verify your identity and confirm the agent's appointment by contacting you directly.
Fees
Exercising the rights described in this section is free of charge. In exceptional cases where requests are manifestly unfounded, excessive, or repetitive, we reserve the right to charge a reasonable fee reflecting the administrative costs of processing such a request or to refuse to process it. You will be notified in advance of any such fee or refusal, with an explanation of the legal and factual grounds.
Recordkeeping
Averon Insurance keeps records of all privacy rights requests received, actions taken to review them, and responses provided, in accordance with regulatory requirements. This information is retained for the period established by applicable law and is used solely to confirm our compliance with personal data protection laws.
Data Security
Averon Insurance understands that in the course of providing insurance brokerage services, we gain access to one of the most sensitive categories of personal information in civil commerce. Social Security numbers, immigration documents, tax data, income information, household composition information, and insurance application information require a special level of protection, and we take this fact very seriously.
We apply a multi-layered system of administrative, technical, physical, and organizational safeguards developed with consideration of the requirements of the Gramm-Leach-Bliley Act, the Texas Insurance Code, the Texas Data Privacy and Security Act, and applicable privacy laws of individual states. This system is regularly reviewed in light of changes in the technological landscape, the evolution of threats, and updates to the regulatory framework.
In this section, we describe the general principles and categories of safeguards we apply. Specific technical implementation details are intentionally not disclosed because public discussion of such details could create unreasonable risks to the security of our clients' data.
Protection of Data in Transit
All data transmitted between your device and our Services is protected using modern transport-layer encryption protocols. This applies to data entered into application and inquiry forms, as well as interaction with the personal account, chat, document uploads, and any other operations involving information exchange with our servers.
Data transfer between Averon Insurance and our partners is carried out through secure channels using modern transport-layer encryption standards. In the course of providing brokerage services, certain operations, such as submitting applications for health insurance through the Health Sherpa platform, may involve manual transfer of information you provide by our specialists into systems of insurance partners through secure web interfaces of the corresponding platforms. This practice is standard in the insurance brokerage industry and provides access to insurer platform functionality where direct broker integrations are not available.
Email may be used to communicate with clients and receive certain documents. Averon Insurance corporate email is hosted by a provider that ensures encryption of the connection between the email client and the provider's servers, as well as encryption of stored messages on the server side. At the same time, we draw your attention to the fact that email as a data transmission technology generally does not provide full end-to-end encryption between sender and recipient because protection on intermediate routing segments between mail servers of different providers depends on their configuration.
To reduce these risks, we recommend that you upload sensitive documents through your personal account on our website whenever possible, which provides secure upload to encrypted storage. If you prefer to send documents by email, we recommend password-protecting files and transmitting the password through a separate channel, such as by telephone. Regardless of the transmission method you choose, after receipt, documents are moved to secure storage with restricted access, and the original communications are processed in accordance with our internal retention and deletion procedures.
The transfer of sensitive information by Averon Insurance employees outside the organization is carried out only through approved corporate channels and tools. Internal procedures prohibit employees from using personal email accounts, personal messengers, or other unauthorized channels to transmit clients' personal data.
Data Retention
Averon Insurance retains personal information only for as long as necessary to achieve the purposes for which it was collected or to comply with legal, regulatory, and other lawful obligations. After the applicable retention period expires, data is deleted, de-identified, or transferred to restricted-access archival storage depending on the category of information and the grounds for its retention.
We strive not to retain personal information longer than objectively necessary and apply the principle of minimizing retention periods wherever compatible with our legal obligations and legitimate business needs. At the same time, the specific nature of insurance and financial regulation in the United States requires the retention of significant volumes of documentation for extended periods, and we are required to comply with those requirements regardless of individual client preferences.
Criteria for Determining Retention Periods
When determining a specific retention period for each category of information, we consider a combination of factors. These include the nature and sensitivity of the data, the purposes for which the data was collected, the existence of active contractual or client relationships, applicable legal requirements for retaining insurance and financial documentation, tax law requirements, limitation periods for potential claims and disputes, needs for data for purposes of fraud prevention and audit, and applicable state consumer protection requirements.
Retention periods may differ significantly for different categories of data. Information related to insurance relationships is generally retained significantly longer than general contact information or website visit data. This is due both to objective requirements of insurance regulation and to the need to preserve documentation confirming our actions in the event of claims, audits, or regulatory requests.
Retention Periods for Main Categories of Information
Information related to arranged insurance products. Documents related to submitting insurance applications, arranging policies, communications with insurers, and processing client inquiries are retained for the periods established by the insurance laws of Texas and other applicable states, requirements of federal regulators in the insurance field, and the relevant internal procedures of Averon Insurance. In most cases, this period is at least five years from the termination of the insurance policy or another applicable event. Longer retention periods established by federal law may apply to certain health insurance products regulated by the Centers for Medicare & Medicaid Services and to documentation related to ACA Marketplace programs.
Tax and financial documentation. Documents relevant for tax reporting and financial audit purposes, including information about clients' income, immigration status for ACA purposes, tax forms, and related communications, are retained for the periods established by the Internal Revenue Code and applicable state law. In general, such periods range from seven to ten years from the relevant event.
Sensitive client documents. Documents you upload, such as identification documents, immigration documents, tax forms, and income verification documents, are stored in encrypted form for the period necessary to arrange and service the relevant insurance products and for applicable mandatory retention periods after the relationship ends. After those periods expire, such documents are subject to secure deletion.
Personal account data. Client accounts that do not have active policies or current inquiries may be moved to inactive status after an extended period of inactivity. Despite account inactivity, insurance and financial documentation associated with the account continues to be retained for applicable regulatory periods. Account reactivation is possible at the client's request in accordance with our procedures.
Client communications. The content of email correspondence, chat messages, broker notes, and other communications related to the provision of services is retained for a period that enables confirmation of the nature and content of client interactions for purposes of resolving potential disputes, audits, and regulatory oversight. The retention period for communications corresponds to the retention period for the related insurance and financial documentation.
Technical journals and server logs. Information recorded in the logs of our Services, including IP addresses, information about visited pages, and other technical data, is retained for a limited period that enables diagnosis of malfunctions, identification and investigation of security incidents, and compliance with legal requirements. After that period expires, such data is deleted or de-identified.
Requests to exercise privacy rights. Records of received requests to exercise the rights described in the “Your Rights” section, including the nature of the request, actions taken to review it, and responses provided, are retained for the period established by applicable state law, generally for no less than two years. These records are used solely to confirm our compliance with personal data protection laws.
Retention After the End of the Relationship
After our relationship with a client ends, including in cases of withdrawal of consent to data processing, account deletion, or refusal of our services, a significant portion of documentation related to the client continues to be retained in accordance with applicable regulatory requirements. This is not our choice or a sign of disregard for the client's decision; it is a direct requirement of insurance, tax, and financial law that we are required to follow.
In such cases, we transfer personal information to restricted-access archival storage. Access to archived data is granted only in cases directly related to the purposes for which it is retained, such as a regulatory request, audit, investigation of possible fraud, or the need to defend against legal proceedings. Archived data is not used for marketing, analytics, or other purposes outside the grounds for its continued retention.
Methods of Ending Retention
After the applicable retention period expires, data is processed in one of the following ways depending on its nature and the grounds for any possible further use.
Secure deletion applies to data for which all applicable retention periods have expired and no other grounds for retention exist. Deletion is performed using methods that prevent recovery of information from both primary systems and backups within the time limits established by procedures.
De-identification applies to data that may retain value for analytical purposes provided that the ability to identify specific individuals is completely eliminated. After de-identification, such data ceases to be personal information within the meaning of applicable law and may be used for statistics, internal analytics, and improvement of our Services.
Transfer to archival storage applies to data that must be retained for an extended period due to regulatory requirements but is not used in current operations. Archived data is stored using safeguards no less protective than those applied to data in active circulation and is accessible only to a limited group of persons upon justified requests.
Exercise of the Right to Deletion in the Context of Retention Periods
As described in the “Your Rights” section, you have the right to request deletion of personal data that belongs to you. This right is exercised subject to the limitations established by applicable law and the retention criteria described above.
When we receive a deletion request, we analyze which categories of data can be deleted immediately and which data we are required to retain and for how long. Based on the results of that analysis, we provide you with a reasoned response specifying the categories of data that were deleted and the categories of data retained on legal grounds. Data that we are required to continue retaining is transferred to restricted archival storage, with its use limited to the purposes that justify its retention.
Children's Data Protection
Averon Insurance services, including the website, personal account, insurance application forms, and communication channels, are intended for use by adults who have reached eighteen years of age. We do not offer account registration, insurance application submission, or any other independent use of our Services to persons under eighteen years of age.
When creating an account and submitting an insurance application, you confirm that you are at least eighteen years old and have the legal capacity necessary to enter into contractual relationships under the applicable law of your state of residence.
Processing of Minors' Data Within Family Insurance Products
Certain insurance products that we help select, including ACA Marketplace health insurance plans, Medicare, Medicaid, dental insurance, vision insurance, and other family coverage products, by their nature may involve including minor family members as insured persons. In such cases, we receive certain information about minors not directly from them, but from their parents, legal guardians, or other authorized adults arranging family insurance.
Depending on the type of product, such information may include the child's name, date of birth, gender, relationship to the primary applicant, residential address, household composition information, and other administrative data necessary to submit an application to an insurer or authorized platform. This information is processed by us solely for purposes of arranging and servicing the relevant insurance products and is not used for marketing, profiling, or other purposes outside the basis on which it was collected.
When processing information about minors, we apply the same protection standards as for information about adult insured persons and, in certain cases, enhanced protection measures in accordance with applicable state laws on the protection of minors' data.
Consent of Parents and Legal Representatives
When arranging an insurance product that involves including minors as insured persons, the parent or legal representative initiating the arrangement confirms that they have the authority to act on behalf of the relevant minor and provide the minor's personal information for purposes of arranging insurance. This confirmation is an essential condition for our processing of such information.
Where applicable law requires separate consent from the second parent, legal guardian, or another person in addition to the consent of the initiating parent, the initiating parent is responsible for obtaining such consent. Averon Insurance does not verify the existence of third-party consents for arranging family insurance and relies on the representations provided by the person requesting the services.
Compliance With the Children's Online Privacy Protection Act
Averon Insurance complies with the requirements of the federal Children's Online Privacy Protection Act as applied to its own Services. Because our Services are not intended for use by persons under thirteen years of age and do not directly collect information from children of that age through interactive functions, direct COPPA obligations regarding verification of parental consent for online collection of data from children under thirteen generally do not apply to our Services.
If we become aware that we inadvertently received personal information directly from a child under thirteen, without the involvement of a parent or legal representative in the context of arranging insurance, we will take steps to delete such information in accordance with COPPA requirements. Parents or legal representatives who discover that their child provided personal information to us outside parental control may contact us using the contacts listed in the “Contact Information” section to confirm and delete the relevant data.
Protection of Data of Teenagers Aged Thirteen to Seventeen
With respect to teenagers aged thirteen to seventeen whose information may be processed by us as part of family insurance products, we comply with enhanced protection standards established by the laws of individual states. In particular, the laws of California, Connecticut, Colorado, Oregon, Delaware, New Jersey, Maryland, and a number of other states contain special requirements for processing data of minors under eighteen years of age.
Depending on the state, these requirements include a prohibition on using teenagers' information for targeted advertising without obtaining the relevant consent, a prohibition on selling teenagers' personal information, restrictions on profiling with significant effects, and enhanced data minimization requirements. Averon Insurance complies with these restrictions in full with respect to information about minors processed as part of family insurance.
Privacy Rights of Minors
With respect to information about minors processed by Averon Insurance in connection with arranging family insurance, the privacy rights described in the “Your Rights” section of this Policy are exercised by their parents or legal representatives. Requests to access information about a minor, correct it, delete it, or take any other action provided by applicable law are submitted and processed in the manner established for requests from an authorized representative.
When processing requests concerning information about minors, we apply additional procedures to verify the authority of the person submitting the request in order to protect the interests of the minor. These procedures may include requesting documents confirming parental rights or legal guardianship, as well as other reasonable verification measures.
Reaching the Age of Majority and Data Transition
When an insured person reaches eighteen years of age, privacy rights with respect to that person's personal information transfer directly to them. If such person wishes to create their own account in our Services, arrange insurance independently, or otherwise interact with Averon Insurance, they may do so in the general manner provided for adult clients.
Information about a previously minor person accumulated as part of family insurance remains subject to the retention rules described above. A client who has reached the age of majority has the right to independently exercise any privacy rights applicable to them with respect to such information.
Notice of Possible Violations
If you have reason to believe that a minor's personal information has been processed by Averon Insurance in violation of applicable law or this section of the Privacy Policy, please notify us immediately using the contacts listed in the “Contact Information” section. We will carefully review such notice and take all reasonable measures to remedy any possible violation.
Contact Information
For all questions related to processing personal information of minors, exercising privacy rights on their behalf, or other aspects of children's data protection, please contact our Privacy Officer using the contacts listed in the “Contact Information” section of this Policy.
Links to Third-Party Resources
Averon Insurance services contain links to third-party websites and online resources that are not under our control. These resources include websites of partner insurance companies, specialized platforms for arranging insurance products, informational resources of regulators and government agencies, educational and reference sources that we may cite in our materials, social networks, and other external services.
Our placement of a link to a third-party resource does not constitute endorsement, support, or a guarantee of the accuracy of the information contained there, and does not imply the existence of business, contractual, or other formalized relationships between Averon Insurance and the owner of the relevant resource unless expressly stated otherwise. Links are provided solely for users' convenience.
Navigation to Websites of Partner Insurance Companies
In the course of selecting and arranging insurance products, you may be directed from our website to resources of insurance companies or specialized platforms that facilitate policy arrangement. Such resources include, in particular, insurer websites where final arrangement of the selected policy is completed, the Health Sherpa platform for arranging health insurance plans, Centers for Medicare & Medicaid Services platforms, and other resources necessary to provide insurance brokerage services.
From the moment you navigate to a third-party resource, the processing of your personal data is governed by the privacy policy and terms of use of that resource, not this Policy. This means that the types of data collected, purposes of use, retention periods, privacy rights, and other aspects of processing may differ from those described in this Policy. Before providing information to a third-party resource, we strongly recommend that you review its privacy policy.
Averon Insurance does not control and is not responsible for the data processing practices of insurance companies, specialized platforms, or other third parties whose resources you access through links from our Services. If you have questions about the processing of your data by a specific insurer, we recommend contacting that insurer directly using the contacts listed in its documentation.
Specifics of Interaction With the Health Sherpa Platform
In the course of providing brokerage services for health insurance products, certain enrollment steps may be carried out through the Health Sherpa platform, an authorized partner of the Centers for Medicare & Medicaid Services for the sale of ACA Marketplace plans. When interacting with Health Sherpa as your broker, we may transfer the information you provide into that platform or direct you to its resource to independently complete certain enrollment steps.
The processing of personal data by Health Sherpa is governed by that platform's privacy policy, available on its official website. Health Sherpa is an independent data controller with respect to information processed on its resources and applies its own data protection standards and its own procedures for exercising users' privacy rights. Requests related to the processing of your data on the Health Sherpa platform should be directed to Health Sherpa directly.
Similar principles apply to other specialized platforms through which insurance products may be arranged as part of our services.
Links in Marketing and Informational Materials
Educational and informational materials posted on our website, in newsletters, or in other communications may contain links to third-party resources, including analytical publications, news materials, and other sources. Such links are provided solely for informational purposes and do not imply our endorsement of all content of the relevant resources or the positions of their authors.
The reliability, relevance, and accuracy of information on third-party resources are outside our control. Before making any decisions based on information obtained through links from our Services, we recommend that you independently assess its relevance and, where necessary, consult professional advisors.
Technical Aspects of Link Navigation
When you follow links to third-party resources, the technical characteristics of such navigation, including the possible transmission of referrer headers, information about your browser, and other technical data, are determined by your browser configuration and the settings of the relevant resources. Averon Insurance does not transmit personal information about visitors to our website to third-party resources beyond the minimum technical data that may be automatically transmitted during a standard hyperlink navigation.
Where navigation to a third-party resource is associated with transmitting information provided by you through our Services to that resource, for example when redirecting your policy application to an insurer's system, the transfer is carried out in accordance with the provisions described in the “With Whom We Share Information” and “Data Security” sections of this Policy.
Termination of Applicability of This Policy When Navigating to Third-Party Resources
This Policy ceases to apply from the moment you navigate to a third-party resource. Your subsequent use of the third-party resource, including account registration, completing forms, arranging products, or other actions, is carried out in accordance with the terms of that resource. We recommend carefully reviewing the privacy policies and terms of use of all third-party resources with which you interact in the course of arranging insurance products.
Changes to the Policy
Averon Insurance reserves the right to periodically make changes to this Privacy Policy to reflect changes in our data processing practices, development of the Services we provide, the appearance of new functions or categories of processed data, changes in applicable personal data protection laws, updates to industry standards and regulator recommendations, and for other justified reasons.
The right to make changes to the Policy does not limit your rights guaranteed by applicable law, does not release us from obligations to you that arose before the relevant changes were made, and does not allow us to process data in violation of applicable legal requirements.
Regular Review of the Policy
Averon Insurance regularly reviews this Policy for compliance with applicable law, actual data processing practices, and industry standards. The Policy is reviewed no less than once every twelve months and also outside the planned schedule when circumstances arise that require prompt updating, such as material changes in applicable law or material changes in our Services.
The last updated date of the Policy is stated at the beginning of the Policy and is updated each time changes are made, regardless of their nature or materiality.
Categories of Changes and Notice Procedure
The nature and method of notice regarding changes depend on their materiality and potential impact on users' rights.
Material changes. Material changes include modifications to the Policy that may affect the scope of data we collect, purposes of processing, categories of data recipients, your privacy rights or the procedure for exercising them, and other aspects that materially affect users' interests. We notify you of material changes in advance, generally no less than thirty calendar days before the changes take effect, unless another period is established by applicable law.
Notice of material changes is provided by one or more of the following methods: posting a prominent notice on the homepage of our website for a reasonable period before the changes take effect; sending a notice by email to the address you provided during registration or otherwise gave to us; providing notice through the personal account upon your next login; or other methods that provide a reasonable likelihood that the intended recipients will receive the notice.
Where applicable law requires your consent to changes related to the processing of your data, we will request such consent before making the corresponding changes to processing practices with respect to your information.
Non-material changes. Non-material changes include editorial corrections, clarifications of wording that do not change the substance of the described practices, addition of explanatory examples, updates to contact information, and other modifications that do not materially affect your rights or the procedure for processing data. We may not notify you separately of non-material changes and may limit ourselves to updating the last updated date of the Policy on our website.
At the same time, we recommend that you periodically review the current version of this Policy to stay informed about the current state of our practices.
Archive of Previous Versions
Averon Insurance maintains internal records of previous versions of this Policy. Upon request sent using the contacts listed in the “Contact Information” section, you may be provided access to previous versions of the Policy for purposes of comparing changes and understanding the history of development of our data processing practices.
Changes Required by Law
Changes made to the Policy in connection with the entry into force of new legal requirements or the application of such requirements to Averon Insurance may take effect simultaneously with the applicable legal requirements, without observing the usual advance notice period. In such cases, we make reasonable efforts to inform users in a timely manner of the relevant changes; however, the priority of complying with legal requirements may require accelerated implementation of changes.
Your Actions if You Disagree With Changes
If you disagree with changes made to the Policy, you have several options. You may stop using our Services and related insurance products to the extent possible within existing insurance relationships. You may contact us using the contacts listed in the “Contact Information” section to discuss your concerns and possible ways to resolve them. You may exercise your privacy rights described in the relevant section of the Policy, including the right to delete your data subject to applicable limitations.
Continued use of the Services after the changes take effect is treated as your consent to the updated version of the Policy to the extent such consent may be expressed through implied conduct under applicable law. For matters requiring explicit consent by law, continued use of the Services does not replace the need to obtain such explicit consent.
Continued Applicability of Previous Versions
With respect to data processing operations carried out during the period when previous versions of the Policy were in effect, the applicable provisions are those of the relevant versions in effect at the time those operations were carried out, unless applicable law provides otherwise. New versions of the Policy apply to data processing operations carried out after they take effect.
Contact Information
Averon Insurance values your trust and strives to provide an open and accessible communication channel for all matters related to processing your personal data. This section describes ways to contact us for purposes of exercising your privacy rights, submitting questions, complaints, and other inquiries related to data protection.
Designated Privacy Officer
To provide a single point of contact for privacy and data protection matters, Averon Insurance has appointed a Privacy Officer responsible for overseeing compliance with our Privacy Policy, processing requests to exercise privacy rights, interacting with regulators on data protection matters, and ensuring that our activities comply with applicable personal data laws.
The Privacy Officer is the primary contact person for any matters described in this Policy and ensures coordination of review of your inquiries within Averon Insurance within the timeframes established by applicable law.
Contact Methods
Email.
For general questions related to data protection and this Policy: [email protected]
For requests to exercise privacy rights described in the “Your Rights” section: [email protected] with the subject line “Privacy Request” followed by a clarification of the nature of the request.
For appeals of refusals to exercise privacy rights: [email protected] with the subject line “Privacy Appeal,” attaching information about the initial request and the grounds for disagreement.
For reports of possible confidentiality violations or security incidents affecting your data: [email protected] with the subject line “Security Concern.”
Telephone.
For general questions and to submit requests to exercise privacy rights by voice channel: +1 (512) 781-3199.
This telephone channel provides one of at least two methods for submitting requests required by the California Consumer Privacy Act. Calls are accepted during Averon Insurance business hours, information about which is available on our website.
Mailing Address.
Written inquiries regarding privacy and data protection may be sent to the following address:
Sergei Nesterov, LLC
Attn: Privacy Officer
3118 County Road 172, Apt 8206
Round Rock, Texas 78681
United States of America
When sending written inquiries, we recommend indicating on the envelope and in the inquiry itself a notation reflecting the nature of the request, such as “Privacy Request,” “Privacy Appeal,” or “Security Concern,” to ensure prompt routing of the inquiry to the appropriate specialist.
Website.
Additional information about our services and contact channels is available on our official website: https://averoninsurance.com.
Information Needed to Process an Inquiry
To ensure prompt and accurate review of your inquiry, we recommend including the following information: your full name, contact information for sending a response, including email address, a clear description of the nature of the inquiry and the substance of the request, information that allows us to identify you in our systems, such as the email address associated with your account or an inquiry number, and, where necessary, documents confirming the basis for the inquiry or the authority of the person submitting it.
The completeness and accuracy of the information you provide directly affect the timing of review and our ability to provide you with a comprehensive response. Requests that do not contain sufficient information to verify identity or determine the substance of the request may require additional communication with you to clarify the necessary information.
Response Timeframes
Confirmation of receipt of privacy-related inquiries is sent within ten business days from receipt. A substantive response to the inquiry is provided within forty-five calendar days from receipt, with the possibility of extending that period by an additional forty-five days in cases justified by the complexity of the request or other objective factors, with prior notice to you of such extension.
Timeframes for reviewing inquiries may vary depending on the law of your state of residence and the nature of the inquiry. We comply with the timeframes established by the law applicable to each specific inquiry.
Inquiries in Other Languages
The primary language of Averon Insurance documentation is English. This Privacy Policy may be available in additional languages for user information purposes. In the event of discrepancies between versions of the Policy in different languages, the English-language version prevails unless expressly stated otherwise.
We strive to process inquiries submitted in other languages in the ordinary course; however, to ensure maximum accuracy of communication, we recommend submitting inquiries in English whenever possible.
Inquiries From Authorized Representatives
If you wish to submit an inquiry through an authorized representative, such representative must provide documentary confirmation of their authority to act on your behalf. Acceptable forms of confirmation include a notarized power of attorney, other documents confirming legal representation, or written permission signed directly by you and describing the scope of authority granted to the representative.
Averon Insurance reserves the right to independently verify the appointment of the representative by contacting you directly in addition to reviewing the documents provided by the representative.
Contacting Regulatory Authorities
If you are dissatisfied with the result of our review of your inquiry, or if you prefer to contact a regulator directly without first contacting us, you have the right to submit a complaint to the appropriate government authorities.
Texas Department of Insurance. As an insurance broker registered in the State of Texas, Averon Insurance is subject to supervision by the Texas Department of Insurance. Complaints related to insurance activities and the handling of client information in an insurance context may be submitted to TDI through its official website or using the contact information posted there.
Office of the Attorney General of Your State. Complaints related to violations of state personal data protection laws may be submitted to the office of the attorney general of your state of residence. Contact information for attorneys general is available on the official website of the National Association of Attorneys General, naag.org.
California Privacy Protection Agency. California residents may submit complaints related to violations of the California Consumer Privacy Act and the California Privacy Rights Act to the California Privacy Protection Agency through its official website, cppa.ca.gov.
Federal Trade Commission. Complaints related to alleged violations of federal consumer protection laws and handling of financial information may be submitted to the Federal Trade Commission through reportfraud.ftc.gov.
Confidentiality of Your Inquiries
Information provided by you in privacy-related inquiries is processed by us using the same data protection standards described in this Policy for any other personal information. The content of your inquiries and information provided for identity verification are used solely for purposes of reviewing the relevant inquiries and are not used for marketing or other commercial purposes unrelated to the direct substance of the inquiry.
Last Updated: 06/01/2026