OUR PRIVACY CODE
The Kent & Essex Mutual Insurance Company’s Privacy Code is based on the following ten principles adopted by the Personal Information Protection and Electronic Documents Act (PIPEDA).
PRINCIPLE #1: OUR ACCOUNTABILITY FOR THE COLLECTION, USE OR DISCLOSURE OF PERSONAL INFORMATION
As a customer of the Kent & Essex Mutual Insurance Company, you have a right to expect that your insurer is accountable for the personal information it collects and uses. “Customer” means a current and former insured, an applicant for insurance, a claimant under one of our policies as well as an individual insured as part of a group or corporate policy.
We are responsible for maintaining and protecting your personal information while it is under our control. This includes any personal information that may need to be disclosed to third parties for processing or other administrative functions.
To help ensure the confidentiality of your personal information, we have established policies and procedures to ensure that we comply with the Personal Information Protection and Electronic Documents Act.
We have designated a privacy officer who is responsible for our company’s compliance with the ten privacy principles developed by the Canadian Standards Association.
If you have any questions or inquiries about how your personal information is stored, or when it may need to be disclosed to others, our privacy officer is there to assist and explain our policies to you.
PRINCIPLE#2: IDENTIFYING OUR PURPOSE FOR THE COLLECTION, USE OR DISCLOSURE OF PERSONAL INFORMATION
Before or when we collect information about you, we will explain how we intend to use it. The Kent & Essex Mutual Insurance Company collects personal information only for the following purposes:
a) establishing and maintaining communications with customers;
b) underwriting risks on a prudent basis;
c) investigating and paying claims;
d) detecting and preventing fraud;
e) offering and providing products and services to meet customer needs;
f) compiling statistics;
g) complying with the law; and
h) a business or activity which it may undertake under applicable federal, provincial or territorial legislation.
Unless we are required by law, the Kent & Essex Mutual Insurance Company will not use or disclose any personal information that has been collected without documenting the new purpose and obtaining your consent. If you have any questions about these purposes, our privacy officer will be pleased to explain them to you.
PRINCIPLE#3: OBTAINING YOUR CONSENT FOR THE COLLECTION, USE OR DISCLOSURE OF PERSONAL INFORMATION
The Kent & Essex Mutual Insurance Company will make a reasonable effort to make sure that our customers understand and consent to how their personal information will be used by the Company.
In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use.
Personal information may need to be collected, used or disclosed without the knowledge and consent of the individual. For example, legal, medical or security reasons may make it impossible or impractical to seek consent.
The Personal Information Protection and Electronic Documents Act recognizes that when information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of an individual may defeat the purpose of collecting the information. Seeking consent may also be impossible or inappropriate when the individual is a minor, seriously ill, or mentally incapacitated.
In obtaining your consent, we will always use reasonable efforts to ensure that you are advised of the identified purposes for which any personal information collected will be used or disclosed.
PRINCIPLE #4: LIMITING OUR COLLECTION OF PERSONAL INFORMATION
We will always limit the collection of personal information to that which is necessary for the identified purposes. Typically, this is information that is required to enable us to underwrite your policy of insurance and charge a fair premium. We may need to collect personal information from other sources including credit bureaus.
Under certain circumstances we need to collect information to assist us in adjusting or investigating a claim. This may involve the use of licensed and regulated independent insurance adjusters or investigators. We will always collect personal information by fair and lawful means.
PRINCIPLE #5: LIMITING THE USE, DISCLOSURE AND RETENTION OF PERSONAL INFORMATION
Personal information will not be used or disclosed for purposes other than for which it was collected, except with your consent or as permitted or required by law. Your personal information will be retained only as long as it is necessary to fulfill those purposes.
There are situations where Kent & Essex Mutual Insurance Company may disclose a customer’s personal information as dictated by prudent insurance practices. For example:
a) Risk-Sharing: As part of the underwriting and claims handling process, Property and Casualty insurers transfer personal information to other insurance companies including reinsurance companies which share in the risk. This would include situations where the customer has made a fraudulent application for or renewal of a policy of insurance.
b) Information Services: Property and Casualty insurers disclose personal information for underwriting, claims, classification and rating purposes.
c) Insurance Services: Property and Casualty insurers disclose personal information to businesses that provide goods and services to insurance companies and/or their customers, such as data processors, loss control managers and claims adjusters.
d) Insurance Intermediaries: Property and Casualty insurers may disclose personal information to their insurance intermediaries, such as brokers and agents.
Only the information necessary for these services will be provided by us to these service providers.
The Kent & Essex Mutual Insurance Company does not provide or sell its customer lists to any outside company for use in marketing or solicitation. Only employees with a business “need to know”, or those whose duties require it, are granted access to personal information about our customers.
We keep personal information only as long as it remains necessary or relevant for the identified purposes or as required by law. Personal information that is no longer necessary or relevant for the identified purposes or required to be retained by law is destroyed, erased or made anonymous.
PRINCIPLE#6: KEEPING YOUR PERSONAL INFORMATION ACCURATE
The Kent & Essex Mutual Insurance Company makes every effort to ensure that personal information about its customers is as accurate, complete, and up-to-date as is necessary for the purposes for which it was collected.
This may require contact with your insurance broker to confirm or update personal information required for underwriting purposes. In addition, the Insurance Act and the terms and conditions of your policy of insurance may require you to notify us of material changes to your personal information.
If you have any questions about the accuracy and completeness of the personal information that we have collected or retained, please do not hesitate to contact our privacy officer. If you need to update some aspect of your personal information, please contact your insurance broker or agent directly.
PRINCIPLE #7: SAFEGUARDING YOUR PERSONAL INFORMATION
The Kent & Essex Mutual Insurance Company takes steps to protect personal information with security safeguards appropriate to the sensitivity of the information.
Specifically, we have stringent security measures in place to protect personal information against such risks as loss or theft, computer hackers, unauthorized access, disclosure, copying, use, modification or destruction.
The Kent & Essex Mutual Insurance Company protects your personal information regardless of the format in which it is held. We also protect personal information we disclose to third parties by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used.
All our employees with access to personal information are required as a condition of their employment to respect the confidentiality of personal information.
PRINCIPLE #8: OPENNESS CONCERNING OUR PRIVACY PRACTICES
The Kent & Essex Mutual Insurance Company pursues a policy of openness about the procedures it uses to manage personal information. We will make specific information about our policies and practices relating to the management of their personal information available to customers upon request.
We ensure openness by providing you with the following information:
a) the title and address of the privacy officer accountable for our compliance with the policy;
b) the name of the individual to whom inquiries or complaints can be forwarded;
c) the means of gaining access to personal information held by our company; and
d) a description of the type of personal information held by the Kent & Essex Mutual Insurance Company, including a general account of its use.
The Kent & Essex Mutual Insurance Company makes information available to help our policyholders exercise informed choices regarding the use of their personal information.
PRINCIPLE #9: CUSTOMER ACCESS TO PERSONAL INFORMATION
The Kent & Essex Mutual Insurance Company informs its customers of the existence, use and disclosure of their personal information upon request and provides access to that information. Our customers are able to challenge or correct the accuracy and completeness of their personal information and have it amended when appropriate.
When a request is made in writing, we will inform you in a timely fashion of the existence, use and disclosure of your personal information and you will be given access to that information. In order to safeguard your personal information, we may require you to provide sufficient identification information to permit us to authorize access to your file.
In certain exceptional situations, we may not be able to provide you with access to all of the personal information we hold. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, information that is subject to solicitor-client or litigation privilege, or, in certain circumstances, information of a medical nature. If this is the case, the Kent & Essex Mutual Insurance Company will provide the reasons for denying access upon request.
Customers can obtain information or seek access to their individual files by contacting our designated privacy officer at the address described below.
PRINCIPLE #10: CHALLENGING COMPLIANCE
A customer has the right to challenge the Kent & Essex Mutual Insurance Company’s compliance with the above principles by contacting the privacy officer accountable for our compliance with the policy.
The Kent & Essex Mutual Insurance Company maintains strict procedures for addressing and responding to all inquiries or complaints from its customers about its handling of personal information. We inform our customers about our privacy practices as well as availability of complaint procedures.