For licensed annuity specialists
Your data security obligations.
When you purchase a lead, you receive a consumer’s nonpublic personal information (NPI): name, contact details, and the contents of their retirement map. From that moment, protecting it is your responsibility. This is a plain-English summary; the binding terms are in Section 10 of the Terms of Service.
GLBA Safeguards Rule (16 C.F.R. Part 314)
As a financial institution handling consumer NPI, you must maintain a written information-security program proportionate to your size: access controls, encryption of NPI at rest and in transit, oversight of any vendor that touches the data, and a written incident-response plan. A solo producer with a laptop and a password manager can meet this, but it must be written down and followed.
State privacy laws
CCPA/CPRA and the comprehensive state privacy laws give consumers rights over their data. Honor deletion and opt-out requests, limit your use of the data to the purpose the consumer consented to (discussing annuity-based retirement income), and never repurpose or resell it.
Breach notification
If consumer data you hold is exposed, you are responsible for notifying the affected consumers and the relevant regulators within the timelines your state requires, and for notifying Advisor Atlas Leads so we can coordinate.
Retention & suppression
Keep NPI only as long as you have a legitimate need for it, and honor suppression requests promptly. If a consumer opts out, stop contacting them and delete their data on the schedule your retention policy defines.
Your contract with us (Section 10)
By buying a lead you agree to keep the data confidential, use it only in your annuity-producer capacity, never resell or re-list it, and return or delete it on termination. These obligations survive the end of your account.