Privacy Policy

1. Who We Are

Angela Pacheco Insurance (“we,” “us,” or “our”) is an independent life insurance agency operated by Angela Pacheco. We are licensed to sell insurance products in multiple states and act as an independent broker — meaning we represent you, the client, not any single insurance carrier.

This Privacy Policy describes how we collect, use, store, and protect personal information gathered through our website at angelaplans.com (the “Site”) and the services we provide.

Contact information:
Angela Pacheco Insurance
Phone: (720) 879-1296
Email: [email protected]

2. Information We Collect

We collect information you voluntarily provide through the following features of our Site:

Quote / Lead Request Form

When you request a quote we collect: first name, last name, email address, and phone number. You may also optionally provide a coverage amount and an insurance type (Life Insurance, Medicare, Final Expense, Mortgage Protection, Indexed Universal Life, Health Insurance, Annuities, Financial Planning, or Retirement Insurance).

Contact Form

When you send a message we collect: your first name, optional last name, email address, optional phone number, and the content of your message.

Appointment Booking

When you book an appointment through our multi-step scheduling form, we collect: first name, last name, email address, phone number, appointment date and time, appointment type (e.g., Discovery Call, Strategy Session, Policy Review), insurance interests, age range, household size, current coverage status, timeline, goals, and any notes you provide. This data is stored in our database. We also use the Google Calendar API (a Google LLC service) to create a calendar event and check scheduling availability — your name, email, appointment time, and selected interests are transmitted to Google for this purpose. This data is subject to Google’s Privacy Policy.

Estimate Popup

When you request an estimate through the multi-service popup on our homepage, we collect: your email address, name, and the insurance services you are interested in. Depending on the services selected, we may also collect: age, smoker status, coverage amount, mortgage balance, household size, investment amount, retirement timeline, coverage goals, and current coverage information. This data is used to provide you with personalized cost estimates or to schedule a follow-up consultation.

Coverage Calculator

When you use our coverage calculator, we collect: annual income, total debt, number of dependents, and years of coverage desired. You may also optionally provide your email address. The calculator computes a recommended coverage amount based on the data you enter. If you provide your email, the results are sent to you and we may follow up regarding your coverage needs.

Landing Page Forms

We operate dedicated landing pages for specific insurance campaigns (Life Insurance, Medicare, Final Expense, Health Insurance, and a general insurance quote page). These pages collect the same basic information as our quote form (name, email, phone), plus campaign-specific qualifying questions such as age range, current coverage status, desired coverage amount, and household size. This information is used to provide you with a tailored insurance consultation.

Email Subscription

When you opt in to receive emails — through a subscribe checkbox on our quote or contact forms, or by being added manually — we collect your email address and record the source of your subscription (e.g., “quote_form,” “contact_form,” or “manual”). Subscribing is always optional.

SMS / Text Message Subscription

When you opt in to receive text messages — through a separate SMS consent checkbox on our quote, contact, or estimate forms — we collect your phone number and record the source of your consent. SMS consent is always optional, separate from email consent, and requires your affirmative action (checking the box). We record the date and time of your consent for compliance purposes.

Advertising Click & Campaign Data

When you arrive at our Site from a Google Ads advertisement, your browser URL may contain a Google Click Identifier (GCLID) and campaign parameters (UTM source, medium, campaign, content, and term). We capture these identifiers and store them alongside your lead record so we can measure which advertising campaigns are effective. This data does not contain your name or contact information on its own — it is only linked to you if you subsequently submit a form on our Site.

We also report certain conversion events (such as form submissions and appointment bookings) back to Google Ads and Google Analytics 4 from our server using the GCLID and anonymized identifiers. This allows Google to attribute conversions to specific ad clicks for campaign optimization. No additional personal information beyond what Google already associates with the ad click is transmitted.

Automatically Collected Information

Like most websites, our server may automatically log standard technical data including your IP address, browser type, operating system, referring URL, pages visited, and timestamps. This information is used for security monitoring and aggregate analytics only and is not linked to your identity.

Data Collected	Source	Required?
First name	Quote form, Appointment form, Contact form	Yes
Last name	Quote form, Appointment form; optional on Contact form	Varies
Email address	All forms, Subscriber sign-up	Yes
Phone number	Quote form, Appointment form; optional on Contact form	Varies
Coverage amount	Quote form, Estimate popup, Landing pages	Optional
Insurance type / interests	Quote form, Appointment form, Estimate popup	Optional
Age / age range	Estimate popup, Landing pages, Appointment form	Varies
Smoker status	Estimate popup	Optional
Household size	Landing pages, Appointment form	Optional
Income, debt, dependents	Coverage calculator	Yes (to generate result)
Appointment date, time, type & notes	Appointment form	Yes
Timeline, goals, current coverage	Appointment form, Estimate popup, Landing pages	Optional
Message text	Contact form	Yes
Newsletter subscription preference	Quote form, Contact form	Optional opt-in
SMS / text message consent	Quote form, Contact form, Estimate popup	Optional opt-in
IP address, browser/device info	Server logs	Automatic
Google Click ID (GCLID)	URL parameter from Google Ads clicks	Automatic (if present)
UTM campaign parameters	URL parameters (source, medium, campaign, content, term)	Automatic (if present)

3. How We Use Your Information

We use the personal information we collect for the following purposes:

• To respond to your inquiry — We use your name, email, and phone to follow up on quote requests, contact form messages, and appointment bookings, typically within 24 hours.
• To provide insurance services — Your coverage preferences and contact details allow us to shop rates with our carrier partners and present you with personalized options.
• To send transactional emails — We send automated confirmation emails when you submit a form or book an appointment. These are not marketing emails and cannot be opted out of while the transaction is pending.
• To send marketing communications — If you subscribe to our email list, we may send you educational content about insurance, policy renewal reminders, and promotional offers. These emails may be personalized using your first name and, for clients, renewal date information. You may unsubscribe at any time via the link in every email.
• To send SMS / text messages — If you separately opt in to receive text messages, we may send you appointment reminders, birthday greetings, insurance-related updates, and other communications via SMS. Messages are sent only to mobile phone numbers. You may opt out at any time by replying STOP to any message (see Section 6).
• Automated follow-up sequences — When you submit a form or your inquiry status changes, we may trigger automated email and/or SMS sequences (if you have opted in to each channel). These sequences may include timed delays (e.g., a follow-up email sent 2 days after your inquiry) and are designed to ensure you receive timely information. Automated sequences are paused if you reply to us and stopped if you unsubscribe.
• Birthday greetings — If you become a client and we have your birth date on file, we may send you an automated birthday email and/or SMS (if opted in). You or we can disable birthday messages for your account at any time.
• For analytics and improvement — Aggregated, anonymized data helps us understand how visitors use our Site and improve its content.
• For legal compliance — We may retain records as required by applicable insurance regulations, state licensing laws, or to respond to legal processes.
• To prevent fraud and ensure security — Server log data and rate-limiting information is used to detect and block abusive traffic.

We do not use your information for automated decision-making or profiling that produces legal or similarly significant effects.

4. Sharing & Disclosure

We do not sell, rent, or trade your personal information.

We may share your information only in the following limited circumstances:

Insurance Carriers

To obtain quotes on your behalf, we may share relevant information (such as your age, health status, coverage needs, and contact details) with licensed insurance carriers and their representatives. This sharing is necessary to fulfill the service you requested and is governed by each carrier’s privacy practices.

Service Providers

We use a small number of trusted third-party services to operate our Site. These providers act as data processors and are contractually prohibited from using your data for any purpose other than providing services to us:

• Resend (resend.com) — transactional and marketing email delivery. Your email address is transmitted to Resend when we send you a confirmation, newsletter, or renewal reminder.
• Twilio (twilio.com) — SMS / text message delivery and phone number validation. If you opt in to receive text messages, your phone number and message content are transmitted to Twilio for delivery. We also use Twilio’s phone lookup service to verify phone number type (mobile, landline, or VoIP) to ensure messages are only sent to SMS-capable numbers. Twilio processes this data under its own privacy policy.
• Railway (railway.app) — cloud hosting and infrastructure for our website and database.
• PostgreSQL database — hosted on Railway; stores all form submissions securely.
• Google Tag Manager (Google LLC) — tag management container (GTM-MM69MPF2) loaded on every page. Manages the loading of our Google Ads tracking script. Google Tag Manager may set its own cookies and collect page interaction data. See Google’s Privacy Policy.
• Google Tag / Google Ads (Google LLC) — conversion tracking script (AW-922099691) loaded on every page via Google Tag Manager. Fires a conversion event when a form is successfully submitted or the appointment button is clicked. Google processes this data under its own privacy policy. See Google’s Privacy Policy and Ad Settings.
• Google Calendar API (Google LLC) — used to create calendar events and check scheduling availability when you book an appointment through our /appointment page. Your name, email, appointment time, and selected interests are transmitted to Google to create the event. See Google’s Privacy Policy for details.
• Cloudflare Web Analytics (Cloudflare, Inc.) — privacy-focused analytics beacon that collects anonymous page view data. No cookies are set and no personally identifiable information is collected. See Cloudflare’s Privacy Policy.

Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our legal rights, the safety of any person, or to investigate fraud.

Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site if such a transfer occurs.

5. Email Communications (CAN-SPAM Act)

We comply with the federal CAN-SPAM Act. Our commercial email practices are as follows:

• We will not use false or misleading subject lines or sender names.
• Every marketing email we send will identify itself as an advertisement where required.
• Our physical mailing address will be included in every commercial email.
• Every marketing email will include a clear, working “unsubscribe” mechanism.
• Opt-out requests will be honored within 10 business days.

Transactional emails (appointment confirmations, quote acknowledgments) are not subject to opt-out under CAN-SPAM because they are triggered by your own actions and contain information necessary to fulfill your request. You may still contact us to request that we not send you any further emails.

To unsubscribe from marketing emails, click the “Unsubscribe” link included at the bottom of every marketing email we send. You will be immediately removed from our mailing list. You may also email us at [email protected] with “Unsubscribe” in the subject line.

6. Phone & Text Communications (TCPA)

By providing your phone number and submitting a form on our Site, you consent to be contacted by Angela Pacheco Insurance at the number provided. We may contact you by:

• Direct phone call (manual dialing)
• Text/SMS message, if you have expressly opted in

We comply with the federal Telephone Consumer Protection Act (TCPA). We do not use automated telephone dialing systems (auto-dialers) or pre-recorded voice messages without your prior express written consent.

SMS / Text Message Consent

We will only send you text messages if you provide separate, express written consent by checking the SMS consent checkbox on one of our forms. Your consent to receive text messages is:

• Voluntary — Opting in to SMS is not required to receive our services or obtain an insurance quote.
• Separate from email consent — Subscribing to emails does not subscribe you to text messages, and vice versa. Each channel requires its own opt-in.
• Revocable at any time — You may withdraw consent by replying STOP to any message (see “How to Opt Out” below).

Types of Text Messages

If you opt in, you may receive text messages including:

• Follow-up messages about your quote request or inquiry
• Birthday greetings (if you are a client with birthday SMS enabled)
• Insurance-related updates, educational content, and promotional offers
• Appointment reminders and confirmations

Message Frequency & Costs

Message frequency varies. You may receive up to approximately 10 text messages per month, depending on the services you have requested and any active automated workflows. Message and data rates may apply depending on your mobile carrier and plan. We are not responsible for any charges your carrier may impose for receiving text messages.

How to Opt Out of Text Messages

You may opt out of text messages at any time using any of the following methods:

• Reply STOP — Text the word STOP (or UNSUBSCRIBE, CANCEL, END, or QUIT) to any message from us. You will receive a one-time confirmation and no further messages will be sent.
• Unsubscribe page — Use the unsubscribe link at the bottom of any marketing email from us, then check the “Also unsubscribe from text messages” option.
• Contact us directly — Email [email protected] or call (720) 879-1296 and request to be removed from SMS communications.

After opting out, you may opt back in at any time by texting START (or YES or UNSTOP) to our number or by re-checking the SMS consent box on any of our forms.

Phone Number Verification

To ensure text messages are delivered only to mobile phones capable of receiving SMS, we may use a third-party phone lookup service (Twilio Lookup) to verify that your phone number is a mobile number. We will not send text messages to numbers identified as landlines or invalid numbers. Phone lookup results (line type, carrier, and validity) are cached for up to 90 days.

Sending Hours

We will not send text messages outside of the hours of 8:00 AM to 9:00 PM Mountain Time, in compliance with TCPA quiet-hours guidelines.

SMS Data Retention

We retain records of all text messages sent and received (including your phone number, message content, delivery status, and timestamps) for up to 3 years for compliance and audit purposes. SMS consent records (including when you opted in or out) are retained indefinitely as part of our TCPA compliance documentation.

Opt-Out of Phone Calls

To opt out of phone calls, contact us at [email protected] or call (720) 879-1296.

7. Financial Privacy (Gramm-Leach-Bliley Act)

As an insurance agency, we are subject to the Gramm-Leach-Bliley Act (GLBA), which governs how financial institutions handle consumers’ nonpublic personal information (NPI).

The types of nonpublic personal information we may collect include:

• Information you provide on applications or other forms (income, coverage needs, health information submitted to carriers)
• Information about your transactions with us or our carrier partners (policies purchased, premiums, claims history)

We limit the disclosure of this information to what is necessary to provide you with insurance products and services, and we maintain physical, electronic, and procedural safeguards that comply with federal standards to protect your NPI.

You have the right to opt out of certain disclosures of your NPI to non-affiliated third parties. To exercise this right, contact us using the information in Section 17.

8. Cookies & Tracking Technologies

Our Site uses minimal tracking technologies:

Strictly Necessary

Our server may set session-related cookies required for the Site to function (e.g., CSRF tokens for form security). These cannot be disabled.

Google Tag / Google Ads Conversion Tracking

Our Site uses Google Tag (gtag.js, Tag ID: AW-922099691) provided by Google LLC. This script loads on every page and fires a conversion event when you successfully submit a quote request, send a contact message, or click the appointment booking button. Google uses this data to report conversion activity back to us so we can measure the effectiveness of our advertising campaigns.

Google Tag may set cookies (such as _gcl_au) and collect information including your IP address, browser type, pages visited, and whether a conversion action occurred. This data is sent to and processed by Google. We do not receive personally identifiable information from Google through this tag — we only receive aggregate conversion counts. Google may use this data in accordance with its own policies.

For more information or to opt out of Google’s advertising features, visit adssettings.google.com or install the Google Analytics Opt-out Browser Add-on.

Server-Side Conversion Tracking

In addition to client-side tracking via Google Tag, our server reports certain conversion events directly to Google Ads (via the Google Ads API) and Google Analytics 4 (via the Measurement Protocol). This ensures conversions are accurately recorded even when browser-based tracking is blocked by ad blockers or privacy extensions.

The events reported include: form submissions, appointment bookings, and quote/policy outcomes. When a Google Click ID (GCLID) is present, it is included in the server-side report so Google can attribute the conversion to the original ad click. For Google Analytics 4, we send anonymized event data (event name, conversion value) using a server-generated identifier — no cookies or personally identifiable information are transmitted through this channel.

We may also periodically upload hashed (SHA-256, one-way encrypted) email addresses to Google Ads for the purpose of creating advertising audience lists (e.g., excluding existing customers from ad campaigns). Google cannot reverse these hashes to obtain your email address; they are used solely for audience matching within Google’s advertising platform.

Google Tag Manager

Our Site loads Google Tag Manager (container ID: GTM-MM69MPF2) on every page. GTM manages the deployment of our Google Ads conversion tracking script. GTM itself may set cookies and transmit page load data to Google. For more information, see Google’s Privacy Policy.

Cloudflare Web Analytics

Our Site loads the Cloudflare Web Analytics beacon (static.cloudflareinsights.com), which collects anonymous, aggregate page view data without setting cookies or collecting personally identifiable information. See Cloudflare’s Privacy Policy.

Advertising Cookies

Google Tag may set cookies associated with Google Ads in order to measure conversions as described above. We do not use any other advertising networks or allow other ad networks to track you through our Site. You may opt out of Google’s ad personalization at adssettings.google.com.

Most browsers allow you to refuse or delete cookies through their settings. Disabling cookies may affect the functionality of certain features on our Site (such as form submissions).

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Data Type	Retention Period
Quote / lead submissions	5 years from submission, or as required by state insurance regulations
Contact form messages	3 years from submission
Appointment records	3 years from the appointment date
Email subscriber list	Until you unsubscribe; inactive subscribers purged after 3 years
Email logs (sent emails)	3 years from the date sent
SMS logs (sent & received texts)	3 years from the date sent/received
SMS consent & opt-out records	Retained indefinitely for TCPA compliance
Phone lookup cache (line type, carrier)	90 days from lookup date
Client records (policy, renewal info)	5 years from last interaction, or as required by state insurance regulations
Calculator submissions	3 years from submission
Advertising click & campaign data (GCLID, UTM parameters)	Stored with lead record; follows lead retention period
Server logs (IP addresses)	90 days, then automatically purged

You may request deletion of your personal information at any time (see Section 11).

10. Security

We implement industry-standard security measures to protect your personal information, including:

• TLS/HTTPS encryption for all data transmitted between your browser and our server
• Encrypted database connections with SSL required in production
• Rate limiting on all form submission endpoints to prevent abuse
• Input validation and sanitization on all submitted data
• Access controls restricting database access to authorized systems only

However, no method of transmission over the Internet or electronic storage is 100% secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security. If you believe your information may have been compromised, please contact us immediately at [email protected].

11. Your Rights

Regardless of your location, you have the following rights with respect to your personal information:

• Right to access — You may request a copy of the personal information we hold about you.
• Right to correction — You may request that we correct inaccurate or incomplete information.
• Right to deletion — You may request that we delete your personal information. We will honor such requests unless retention is required by law or necessary to complete a transaction you requested.
• Right to opt out of marketing — You may opt out of marketing emails at any time by clicking the “Unsubscribe” link in any email, and opt out of SMS messages by replying STOP (see Sections 5 and 6).
• Right to data portability — You may request a copy of your data in a machine-readable format.
• Right to non-discrimination — We will not discriminate against you for exercising any of the rights described in this policy.

To exercise any of these rights, please contact us at [email protected] or by mail at the address in Section 1. We will respond within 45 days of receiving a verifiable request.

12. Colorado Residents — Colorado Privacy Act (CPA)

If you are a Colorado resident, you have additional rights under the Colorado Privacy Act (C.R.S. § 6-1-1301 et seq.), effective July 1, 2023:

• Right to opt out of the sale of personal data — We do not sell personal data.
• Right to opt out of targeted advertising — We do not conduct targeted advertising using your personal data.
• Right to opt out of profiling — We do not use your data for profiling that produces legal or similarly significant effects.
• Right to access — You may request confirmation of whether we process your personal data and a copy of such data.
• Right to correction — You may request correction of inaccurate personal data.
• Right to deletion — You may request deletion of personal data you have provided to us.
• Right to data portability — You may request your data in a portable, readily usable format.
• Right to appeal — If we decline to take action on your request, you may appeal our decision by contacting us and we will respond within 45 days.

To submit a Colorado CPA rights request, email [email protected] with “Colorado Privacy Request” in the subject line. We will verify your identity before processing the request.

13. California Residents — CCPA / CPRA

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to know — You may request information about the categories of personal information we collect, the purposes for which it is used, and the categories of third parties with whom it is shared.
• Right to delete — You may request deletion of your personal information subject to certain exceptions.
• Right to correct — You may request correction of inaccurate personal information.
• Right to opt out of sale or sharing — We do not sell or share personal information for cross-context behavioral advertising.
• Right to limit use of sensitive personal information — We use sensitive personal information only as necessary to provide the services you request.
• Right to non-discrimination — We will not discriminate against you for exercising your CCPA rights.

California residents may submit a rights request by emailing [email protected] with “California Privacy Request” in the subject line, or by calling (720) 879-1296.

14. Children’s Privacy (COPPA)

Our Site is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13. If you are under 13 years of age, please do not use this Site or submit any personal information.

If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from or about a child under 13, please contact us immediately at [email protected].

This Site is intended for adults who are considering purchasing life insurance or seeking financial planning guidance. Insurance products discussed on this Site are available only to adults.

15. Third-Party Services & Links

Our Site may contain links to external websites or resources. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review the privacy policy of any site you visit.

The following third-party services process data on our behalf:

Service	Purpose	Privacy Policy
Resend	Transactional & marketing email delivery (confirmations, newsletters, renewal reminders)	resend.com/legal/privacy-policy
Railway	Hosting & database infrastructure	railway.app/legal/privacy
Google Fonts	Web font delivery	policies.google.com/privacy
Google Tag Manager	Tag management — deploys and manages tracking scripts on our pages	policies.google.com/privacy
Google Tag / Google Ads	Conversion tracking (client-side and server-side) — measures form submissions, appointment bookings, and lead outcomes	policies.google.com/privacy
Google Analytics 4 (Measurement Protocol)	Server-side analytics events — records conversion events from our server	policies.google.com/privacy
Google Calendar API	Appointment scheduling — creates calendar events and checks availability	policies.google.com/privacy
Cloudflare Web Analytics	Anonymous page view analytics — no cookies, no personal data	cloudflare.com/privacypolicy
Twilio	SMS / text message delivery and phone number lookup (line type verification)	twilio.com/en-us/legal/privacy

Each of these providers is bound by their own privacy policies and, where applicable, data processing agreements with us. We do not authorize these providers to use your data for any purpose other than providing their services to us.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the features of our Site. When we make material changes, we will:

• Update the “Effective Date” and “Last updated” date at the top of this page
• Post the revised policy on this page
• For significant changes, send an email notification to subscribers if we have your email address

Your continued use of our Site after the effective date of a revised policy constitutes your acceptance of the changes. We encourage you to review this policy periodically.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 5 business days, and to resolve requests within 45 days as required by applicable law.

This privacy policy was prepared for informational purposes. It does not constitute legal advice. If you have specific legal concerns about your privacy rights, consult a licensed attorney in your jurisdiction.