This Policy describes our current policies and practices in relation to the collection, handling, use, and disclosure of Personal Information. Personal Information means data that personally identifies or may be used to personally identify a person, including information such as your name, address, date of birth, phone number, email address and IP address. This Policy also applies to the processing of individual customers and employee’s personal data that we receive in the US concerning customers and employees of DUAL or our affiliates or subsidiaries, who reside in the EU, UK, and/or Switzerland and whose personal information has been sent to DUAL from the EU, UK, and/or Switzerland. This Policy also deals with how you can complain about a breach of the privacy laws, how you can access the Personal Information DUAL holds about you, and how you can have that information corrected.
What information does DUAL collect?
DUAL does not collect Sensitive Personal Information of its customers and policyholders as defined in the California Privacy Rights Act (CPRA) and similar regulations. DUAL does process customer Personal Information which may include name, gender, mailing address, phone and/or facsimile number, and email when asked to issue an insurance quotation or an insurance policy, or when asked to review a claim made on an insurance policy that DUAL has issued. At such times, DUAL will ask you (or your insurance broker or representatives) for the information DUAL needs to fulfill the request.
How does DUAL use the information collected?
DUAL uses your Personal Information in relation to the nature of your inquiry to DUAL, the nature of the services you are seeking from DUAL and in relation to your status as a customer or an employee of DUAL or its affiliates or subsidiaries.
DUAL uses your information to assess the risk of providing you with insurance, provide quotations, issue policies, and review claims on behalf of the insurers we represent. DUAL also uses your information to administer any policies we have issued to you and may do so by mail or electronically, unless you tell us that you do not wish to receive electronic communications. Additionally, DUAL may use information collected to resolve complaints, handle requests for data access or correction, manage our infrastructure and business operations, and comply with internal policies and procedures (including those policies and procedures relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; data analytics; business continuity; and records, document and print management). Further, we use the information collected to comply with applicable laws and regulatory obligations (which may include laws outside your country of residence), such as those relating to anti-money laundering, sanctions and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (which may include those outside your country of residence). Lastly, DUAL may use the information collected to establish and defend your or our legal rights, privacy, safety, or property; protect our operations or those of any of our group companies or business partners; and pursue available remedies or limit our damages.
DUAL does not share your data with third parties for purposes of cross-context behavioral advertising. However, from time to time, DUAL itself may use your contact details to send you offers, updates, newsletters or other information about products and services that DUAL believes will be of interest to you. DUAL will always give you the option of electing not to receive these communications and you can unsubscribe at any time by notifying us that you wish to do so at email@example.com. Where necessary, DUAL may use your information internally to help us improve our services, resolve any problems or to meet our legal and regulatory obligations.
DUAL may process employees Sensitive Personal Information and Personal Information in order to fulfill our contractual obligations to our staff, affiliates and subsidiaries, and for internal management and/or regulatory reporting, as required.
What if you don’t provide some information to DUAL?
DUAL can only assist in providing you with insurance if DUAL has all relevant information. If you do not provide us with the information DUAL requests, DUAL may not be able to provide you with insurance or review an insurance claim that you have made. In addition, when applying for insurance, you have a duty to provide an insurer with the information it needs to decide whether to provide insurance and if so, on what terms. If you do not provide us with all relevant information, you may breach this duty.
How does DUAL hold and protect your information?
DUAL uses reasonable efforts to maintain the accuracy and integrity of the Personal Information we collect. DUAL electronically stores Personal Information on a secure network with firewall protection, and access to DUAL’s electronic information system requires user authentication via password or similar means. DUAL additionally only keeps Personal Information for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements. In specific circumstances, DUAL may also retain your Personal Information for longer periods of time so that we may have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or dealings. DUAL holds the information collected from you in electronic form in DUAL’s document management system. Despite this, please note that no method of transmission or method of electronic storage over the internet is guaranteed safe 100% of the time.
Will DUAL disclose the information collected to anyone?
DUAL does not sell, trade, or rent your personal information to others. DUAL provides your information to the insurers DUAL represents when DUAL issues and administers insurance policies. DUAL is part of the Howden Group Holdings Limited (“Howden Group”). DUAL may receive or provide your information to other entities in the Howden Group who are based in the United Kingdom, if it is necessary for us to do so to obtain information technology, claims and financial administration support services. DUAL may need to provide your information to third parties such as: (1) insurance brokers with whom you have chosen to deal; (2) contractors who supply services to us such as claims management companies, loss adjusters, data processors, and external data storage providers; or (3) other companies in the event of a corporate sale, merger, reorganization, dissolution or similar event. However, DUAL will take all reasonable steps to ensure that they protect your information in the same way that we do. DUAL may also provide your information to others if DUAL is required to do so by law. Insurers may acquire reinsurance from reinsurance companies that are located throughout the world. In some cases, your information may be disclosed to reinsurers so that they can decide whether to provide reinsurance to the insurer. DUAL does not make this disclosure but it may be made by your insurer (if necessary) for the placement of their reinsurance program.
DUAL requires all third parties to respect the security of your Personal Information and treat it in accordance with the law. DUAL does not allow our third-party service providers to use your Personal Information for their own purposes and we only permit them to process your Personal Information for specified purposes and in accordance with our instructions.
In addition, if DUAL learns that third party is using or disclosing your Personal Information in a manner that is contrary to this Policy, we will take reasonable steps to prevent or stop such use or disclosure. DUAL may be liable for onward transfers of Personal Information to third parties in violation of this Policy and the EU-U.S. (including the UK Extension) and Swiss-U.S. Data Privacy Framework Principles.
DUAL will offer you the opportunity to choose (opt out) whether your personal data is (i) to be disclosed to 3rd parties, except when disclosure is made to a 3rd party that is acting as an agent to perform task(s) on DUAL’s behalf and under DUAL’s instructions or (ii) to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by you. DUAL will provide you with clear, conspicuous, and readily available mechanisms to exercise your choices should applicable circumstances arise. To request that DUAL not use your personal data or opt out of marketing messages from DUAL, you should contact DUAL at firstname.lastname@example.org.
How can you check, update or change the information DUAL are holding?
If you wish to access or correct your Personal Information please write to us at email@example.com, call us at +1 (855) 378-8203, or file a request through the Privacy & Data Subject Requests section of our website. DUAL will not discriminate against you for exercising your right to make a privacy or data subject request under applicable law. Upon receipt of your written request and enough information to allow DUAL to identify the information, DUAL will disclose to you the Personal Information we hold about you. DUAL will also correct, amend or delete any Personal Information that we agree is inaccurate, irrelevant, out of date or incomplete. DUAL does not charge for receiving a request for access to Personal Information or for complying with a correction request but in some cases, DUAL may need to charge you for our reasonable expenses incurred in providing you with access (e.g. photocopy, administration, or postage costs). In some limited cases, DUAL may need to refuse access to your information or refuse a request for correction. DUAL will advise you as soon as possible after your request if this is the case and the reasons for our refusal.
What happens if you want to complain?
DUAL has further committed to refer unresolved EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact JAMS or visit https://www.jamsadr.com/eu-us-data-privacy-framework for more information or to file a complaint. The services of JAMS are provided at no cost to you. In the event your complaint is still not addressed, you may be entitled under certain conditions to invoke a binding arbitration under EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework.
In compliance with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Framework, DUAL commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Framework in the context of the employment relationship.
EU-U.S. (including the UK Extension) and Swiss-U.S. Data Privacy Framework Principles
DUAL is subject to the investigatory and enforcement powers of the Federal Trade Commission.
Notification of Changes
This Policy may change from time to time and we will post all the most current, updated Policy here. We suggest you review it periodically to ensure that you are in agreement with the latest updates.