Privacy Policy | InsurerCIO

Privacy Policy

Updates and changes made to this Privacy Policy go into effect on March 24, 2026 and supersedes any previous privacy policy for InsurerCIO.

This policy provides an overview of the information collected by this site, how it is stored and secured, the limited instances collected information may be disclosed, and how we comply with various privacy laws.

What information do we collect?

We collect information from you when you register on our site, subscribe to our newsletter, fill out a form, view any page or link on our site, or interact with the Manager Select database, or anonymously submit prompts and responses into the IIFOnline platform (“IIFOnline.ai” or “IIFOnline”).

When registering on our site, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, job title, company name or phone number. You may, however, visit our site anonymously. Only an email address and username is required for registration. All other information is optional. When submitting a web form, you give us this and other certain information voluntarily.

The IIFOnline platform is accessible only to qualified or paid subscribers. An email address, username, password, mailing and/or billing address, company name, and phone number are required for subscribers of this module.

When accessing IIFOnline, you are able to anonymously enter prompts (i.e. questions, inquiries, etc.) into an educational A.I. chatbot to define terms and identify resources. IIFOnline also provides interactive games and modules which were developed with the assistance of A.I. You are able to provide responses to these games or modules via multiple choice options. The tools on IIFOnline are for educational purposes only and do not offer investment advice. You may use IIFOnline anonymously, but certain areas may require you to register or a subscription. When submitting prompts or providing responses, you give us this and any other information voluntarily. Below is an overview of how long this data within and related to the delivery of IIFOnline is maintained:
Account and profile data: Duration of active subscription + 90 days after cancellation.
Module Completion and Certificate Records: 2 years after account closure (for certificate verification)
‘A.I. Facilitator’ Inputs: Not stored after session delivery — deleted immediately
Assessment Scores and Simulation History: Duration of active subscription; anonymized or deleted on closure
Billing and Payment Records: 7 years (legal financial recordkeeping requirement)
Upon account closure or subscription cancellation, SAA will provide a 30-day window during which your Administrator can export completion records and certificate data before deletion begins.

InsurerCIO does not process transactions and does not collect transaction related information.

InsurerCIO does not utilize targeted or personalized advertisements in any way. InsurerCIO does not sell, rent, license, or monetize your data to any unaffiliated third-party.

InsurerCIO does not share identifiable organizational or portfolio information with other subscribers, investment managers, or data brokers

InsurerCIO does not share information it collects with any Artificial Intelligence or A.I.-related tools, such as chatbots or LLMs. User inputs may be passed onto A.I.-related tools via API to generate answers or discussion questions. Inputs are not retained after the session is delivered. Your inputs and session content are never used to train, fine-dune, or improve any A.I. model.

What do we use your information for?

Any of the information we collect from you may be used in one of the following ways:

; To personalize your experience

(your information helps us to better respond to your individual needs by customizing the content visible to you on the homepage or sidebars and allowing access to restricted areas)

(In the IIFOnline Platform, your information helps support your progress of learning tracks, assessment responses, and simulation decisions. This includes generating recommended learning modules based on your assessment scores and simulation history. Session inputs are not saved or shared in any capacity)

; To improve our website

(we continually strive to improve our website offering, compliance, and security, based on the information and feedback we receive from you)

; To improve support and service

(your information helps us to more effectively respond to your service requests and support needs)

; To send periodic emails

(The email address you provide during registration may be used to send you information and updates provided to all InsurerCIO Members or participants of Manager Select (or other related tools)

; Billing

(Information provided by subscribers will be used to process subscription payments via Invoice (provided outside of this website). This information will also be used to help maintain your subscription status)

Note: If at any time you would like to unsubscribe from receiving future emails, you can email us at saa@saai.com

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

InsurerCIO takes the security of your personal information very seriously. We use website security measures consistent with current best practices. These measures include advanced access controls to limit personal information access to only internal personnel who require access to that information.

We offer the use of a secure server. All supplied sensitive is transmitted via Secure Socket Layer (SSL) technology.

InsurerCIO’s security measures include the mitigation of A.I.-related risks to protect collected information or any other sensitive/non-public information from being shared with any A.I.-related tool.

Do we use cookies?

Yes (Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

We use cookies to help us remember, understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction, so that we can offer better site experiences and tools in the future.

Do we disclose any information to outside parties?

Outside parties are defined as any entity not related to InsurerCIO or its affiliates Strategic Asset Alliance, Inc. or SAA Advisors. We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This includes email addresses, mailing addresses, phone numbers, IP addresses, page views or usernames. This does not include trusted third parties who assist us in conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.

The IIFOnline platform utilizes the following third-party services to deliver its platform. These third-parties do not access data from any other part of InsurerCIO, except for the IIFOnline platform.

Anthropic (Claude API), OpenAI (ChatGPT), or Alphabet (Gemini): One or more of these tools may be used to generate A.I.-assisted discussion questions or responses on games, quizzes, etc.
Supabase: This database is used for secure hosting and authentication related to user profiles, completion records, and assessment data.
Lovable: This is used to assist in hosting and deliver the IIFOnline platform (only).
Resend: This is used for email management.
These third-parties are all based in the United States. If your organization is subject to data residency requirements, please contact saa@saai.com to discuss your specific situation before subscribing.

Do we use Artificial Intelligence (A.I.)?

InsurerCIO does not utilize A.I. to generate proprietary content on its website, such as articles, white papers, primers, or analytical tools. InsurerCIO may utilize A.I. to assist with its UX Design (“User Experience”). InsurerCIO does provide access to a separate, subscriber-only platform that includes an A.I chatbot and educational games & modules via its IIFOnline platform (“IIFOnline.ai”). This platform is the only area within InsurerCIO that has any direct utilization of A.I. or A.I.-related tools.

The IIFOnline platform is accessible only to qualified or paid subscribers. This platform may use any of the three tools to generate A.I. assisted discussion questions or responses on games, quizzes, etc.:

How this module uses this API: it generates governance discussion questions, counterarguments, and regulatory perspective prompts based on the scenario context you describe. It does not access your actual portfolio data, market data feeds, or any external regulatory database.
Limitations: All ‘A.I. Facilitator’ outputs and other AI generated content must be reviewed by a qualified professional before use in actual board or committee discussions. Do not treat AI outputs as verified analysis.
No Fiduciary Decisions: no governance, investment, or fiduciary decision should be based solely on ‘A.I. Facilitator’ or other AI generated content or outputs. These outputs should be treated as a brainstorming tool. Human judgment and human accountability must remain in place at all times.
Exporting Sessions: PDFs exported from sessions utilizing the ‘A.I. Facilitator’ tool include a timestamp and a disclosure that the content was AI-generated using IIFOnline.ai powered by an AI model.
Your inputs and Anthropic: when you use the AI Facilitator, your session input is transmitted to an offsite AI model to generate a response. The model owner and developer does not store your input for model training purposes under SAA's commercial API agreement. Data processing terms for each of the model providers that may be used are:
OpenAI Data Processing Addendum | OpenAI
Commercial Customers | Anthropic Privacy Center
Cloud Data Processing Addendum | Google Cloud

Prior to accessing these resources, users will be notified that they are entering a website that uses A.I. to generate at least some of its contents. These resources may have used InsurerCIO, or its affiliates, as a source of its contents.

We do not share or transfer your personally identifiable information with any A.I.-related tools.

Prompts and responses entered into IIFOnline are automatically deleted after 180 days. All prompts and responses entered into IIFOnline are gathered or stored anonymously.

InsurerCIO does not utilize or provide access to any A.I. tool that intends to, or is capable of, meeting users’ social needs. Any current or future utilization of A.I. by InsurerCIO shall be for the purposes of productivity and analysis related to source information, internal research, or technical assistance.

Third-party links

Occasionally, at our discretion, we may include or offer third-party content, products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites, including if or how third-party sites utilized A.I. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

For Subscribers - User Data Rights

The following rights apply to all IIFOnline.ai subscribers. To exercise any right, contact saa@saai.com. Requests are acknowledged within 5 business days and fulfilled within 30 days.

Access: request a copy of the personal data we hold about you in a readable format.
Correction: update or correct your profile information at any time through account settings, or by contacting us
Deletion: request deletion of all identifiable personal data. We will complete deletion within 30 days, except for billing records retained under legal obligation and anonymized aggregate data that contains no personal identifiers
Export: download your assessment scores, completion records, and AI Facilitator session PDFs at any time through your account dashboard
Opt out of analytics: request that your data be excluded from the anonymized benchmarking dataset used in aggregate reports. Your platform access is not affected by this choice.
Restrict processing: request that we limit how we use your data while a dispute or correction request is pending

European General Data Protection Regulation (GDPR)

This website is intended for U.S.-domiciled institutional investors and not intended for consumers or other users outside of the U.S., including the E.U.

Additionally, this website is operated by an organization with fewer than 250 employees and is further exempt from certain requirements of this regulation.

This website only utilizes cookies necessary to operate the site; it does not utilize targeted or personalized advertisements. This website also does not process, collect or store any transaction-related information. All users of our site may contact us to make any requests or changes to their information at any time by emailing us at saa@saai.com

California Online Privacy Protection Act Compliance

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.

As part of this act, all users of our site may contact SAA to make any requests or changes to their information at any time by emailing us at saa@saai.com.

New York Shields Act Compliance

As previously detailed in this Privacy Policy, we implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

Colorado Privacy Act