Our Privacy Pledge (GDPR)
Should you wish to refuse to accept cookies or restrict the data what we collect through our tracking software, you can alter your cookies setting in your web browser. This may however mean you will be unable to access parts of our website. For more information on cookies you can visit https://www.allaboutcookies.org/.
Information We Collect
We may collect Personal Information about you from a variety of sources. A great deal of the information we collect, such as your name, address, birth date, phone number, passport number, medical and health history, medical treatment, personal property descriptions and related matters comes from you during the application or claim submission process. We may collect information about you to properly underwrite and review your application or to properly investigate, administer, and resolve any claims for benefits, and we may contact you by telephone, fax, mail or e-mail for additional information. We also may collect Personal Information about you from third parties, such as governmental entities or regulators, medical providers and other health related sources, and possibly from consumer reporting agencies. The information we collect can include such things as information concerning your previous insurance coverage and policies, your employment status, credit card information, your claims and medical history, and on rare occasions, your credit history.
How We Use Your Information
We may use the information we collect to send you information about our products and services. We may use the information we collect for analytical purposes and to assist us in improving our processes, products and services. We will use your information collected to safe-guard against fraud and money laundering, comply with applicable laws and regulatory obligations (including laws outside your country of residence) and establish and defend legal rights. We will also use your information to handle requests for data access or correction as well as when we are resolving complaints.
You have the right to know what information is held about you. GDPR in the EU provides a framework to ensure that Personal Information is handled properly. This information must be:
- Processed fairly, lawfully and in a transparent manner
- Processed for specific, legitimate and lawful purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than necessary
- Processed in line with an individual’s rights
- Not transferred other than in accordance with agreed terms and conditions
Under GDPR this is called ‘The right to be forgotten’.
Individuals have the right to have their personal data erased if:
- The personal data is no longer necessary for the purpose which we originally collected or processed it for.
- We are relying on consent as our lawful basis for holding the data, and the individual withdraws their consent.
- We are relying on legitimate interests as our basis for processing, the individual objects to the processing of their data, and there is no overriding legitimate interest to continue this processing.
- We are processing the personal data for direct marketing purposes and the individual objects to that processing.
- We have processed the personal data unlawfully (i.e. in breach of the lawfulness requirement of the 1st principle).
- We have to do it to comply with a legal obligation; or
- We have processed the personal data to offer information society services to a child.
The right to erasure does not apply if processing is necessary for one of the following reasons:
- to exercise the right of freedom of expression and information.
- to comply with a legal obligation.
- for the performance of a task carried out in the public interest or in the exercise of official authority.
- for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
- for the establishment, exercise or defence of legal claims.
The UK GDPR also specifies two circumstances where the right to erasure will not apply to special category data:
- if the processing is necessary for public health purposes in the public interest (e.g. protecting against serious cross-border threats to health, or ensuring high standards of quality and safety of health care and of medicinal products or medical devices); or
- if the processing is necessary for the purposes of preventative or occupational medicine; for the working capacity of an employee; for medical diagnosis; for the provision of health or social care; or for the management of health or social care systems or services. This only applies where the data is being processed by or under the responsibility of a professional subject to a legal obligation of professional secrecy (e.g. a health professional).
Information We Disclose To Third Parties
We do not disclose Personal Information about you to third parties for their own marketing purposes or to contact you about their own products or services. We share Personal Information about you with third parties (that is, people and companies that are not affiliated with us) only as appropriate or necessary to provide you with our products and services and as otherwise permitted by law. For example, we may disclose your Personal Information as appropriate or necessary to service your policy and to administer and provide you with benefits in accordance with the terms and provisions thereof; to investigate, administer, and pay or deny or otherwise resolve claims; to comply with state and federal regulatory requests or demands; and to process other transactions that you request.
Persons and other third parties to whom we may make such disclosures may include persons who perform a business function for us, insurance regulators or law-enforcement authorities, insurance companies (The represented companies may share information with their affiliates so that they may offer you additional products and services. They do not disclose information to other companies or organizations not affiliated with them for the purpose of using information to sell their products or services to you.), preferred provider organizations, reinsurers, insurance and claim adjusters, insurance premium auditors, attorneys who are retained by us or by them, and persons requesting information pursuant to subpoena or court order.
International Transfer of Personal Data
Due to the global nature of our business, for the purposes set out above we may transfer Personal Information to parties located in other countries. For example, we may transfer Personal Information in order to process international travel insurance claims and provide emergency medical assistance services when you are abroad. We may transfer information internationally to our group companies, service providers, business partners and governmental or public authorities. If your data originate in the European Economic Area (EEA), we may send your data outside the EEA for processing and storage. By submitting your personal data to us you are consenting to the storage and transfer of your data in this way. If we do this we will take reasonable steps to protect your data. Such transfer will comply with all applicable data protection regulations and with our obligation to adequately protect and secure your Personal Information.
Retention of Personal Data
By providing your Personal Information to Clements Worldwide you consent to the processing, transfer and retention of your personal data. We do not knowingly collect, use, or disclose information of children under the age of sixteen (16) without the consent of their parents or legal guardians. In any instance where such information was collected, it would be purely accidental and unintentional.
Subject and Data Deletion Request
The California Consumer Privacy Act of 2018 (“CCPA”)
The following information applies solely to visitors, users and others who reside in the state of California. We adopt this policy to comply with the California Consumer Privacy Act of 2018 (“CCPA”).
Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Personal Information”). In particular, we have collected the following categories of Personal Information from consumers within the last 12 months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, internal protocol address, email address, account name, social security number, driver’s license number, passport number, other similar identifiers.||YES|
|B. Personal Information categories listed in the California customer records statute (Cal.Civ Code 1798.80)||A name, signature, security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, debit card number, or any other financial information, some Personal Information included in these categories may overlap with other categories.||YES|
|C. Protected Classification characteristics under California or federal Law||Age (40 years or older) race, colour, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||YES|
|D. Commercial information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|E. Biometric information||Genetic, physiological, behavioural, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints and voiceprints, iris or retina scans, key stroke, gait, or other physical patterns, and sleep, health, or exercise data.||YES|
|F. Internet or other similar network activity||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement||YES|
|G. Geolocation data||Physical location or movements.||YES|
|H. Sensory data||Audio, electronic, visual, thermal, olfactory, or similar information||NO|
|I. Professional or employment-related information||Current or past job history or performance evaluations||YES|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g,34 C.F.R Part 99))||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records|| |
|K. Inferences drawn from other Personal Information||Profiles reflecting a person’s preferences, characterises, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities, and aptitudes.|| |
Some of the Personal Information, such as information relating to health or criminal convictions, may be required by us for the specific purposes of underwriting or as part of the claims handling process. The provision of such information is necessary for us to be able to provide you with insurance or manage a claim. Such information will only be used for the specific purposes set out in our notice. Personal Information does not include: Publicly available information from government records, de-identified or aggregated consumer information, and information excluded from the CCPA’s scope.
How We Obtain Personal Information
We obtain the categories of Personal Information listed above from a number of sources such as; directly from our clients or their agents, indirectly from our clients or their agents, directly and indirectly from activity on our website (www.clements.com) and from third parties that interact with us in connection with the service we perform.
Use of Personal Information
We may use the personal information we hold about you for the purposes for which the information was collected e.g. providing insurance, including handling claims and any other related purposes, underwriting (which may include underwriting decisions made via automated means), offering renewal terms, pricing or statistical purposes). We may also use your data to safeguard against fraud and money laundering and to meet our general legal and regulatory obligations or to respond to law enforcement requests.
Sharing Personal Information
We may disclose your Personal Information for business purposes to third parties involved in providing products or services to us, or to service providers who perform services on our behalf. These include our group companies, affinity partners, brokers, agents, third party administrators, insurers, reinsurers, other insurance intermediaries, insurance reference bureaus, credit agencies, medical service providers, fraud detection agencies, loss adjusters, external law firms, external accountants and auditors, regulatory authorities, and as may be required by law. In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose;
- California customer records Personal Information categories
- Protected classification
- Commercial information
- Biometric information
- Internet or other similar network activity
- Geolocation data
- Professional or employment-related information.
In the preceding twelve (12) months we have not sold any Personal Information.
The CCPA provides consumers (California residents) with specific rights regarding their Personal Information. You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your request, we will disclose to you:
- The categories of Personal Information we collected about you
- The categories of sources for the person information we collected
- Our business or commercial purpose for collecting that Personal Information
- The categories of third parties with whom we share that person information
- The specific pieces of Personal Information we collected about you
- Whether we sold or disclosed your Personal Information for a business purpose.
Deletion Request CCPA
Individuals have the right to request that we delete any of their Personal Information that we collected from them and retained, subject to certain exceptions.
Once we received and confirm the consumer request, we will delete their Personal Information from our records, unless an exception applies.
We may deny a deletion request if retaining the information is necessary:
- To complete the transaction for which we collected the Personal Information, provide a good or service that was requested, take actions reasonably anticipated within the context of our ongoing business relationship, or otherwise perform our contract.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Exercise free speech, ensure the right of another individual to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which an individual provided it.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verified consumer request within 30 days of its receipt. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not deny you goods or service, charge you different prices or rates for goods or services, provide you with a different level or quality of goods or services or suggest that you may receive a different price or rate for goods or services.
We restrict access to Personal Information about you to those employees who need to know that information in order to provide products and administrative services to you. We maintain physical, electronic and procedural safeguards to guard your Personal Information. If you have any questions concerning our use of your Personal Information, please contact our Legal Affairs and Compliance Department at email@example.com.
For information concerning our insurance coverages and services, please browse our website, clements.com.
Clements & Co.
1301 K Street NW,
Suite 1200 West
Washington, DC 20005
London, UKand Gibraltar
Clements Europe Limited*
40 Lime Street
London, UK EC3M 7AW
World Trade Center
6 Bayside Road
Gibraltar, GX11 1AA
Clements Belgium SPRL
8, Place Marcel Broodthaers