Privacy Policy

Introduction

Protecting the confidentiality of personal information provided by our policyholders, employees and customers has always been an important part of the way we do business. To reaffirm our commitment to protecting personal information, Brant Mutual Insurance Company has adopted a Privacy Code.

This Code sets out how and why we collect and use personal information about our customers. It also explains limited circumstances under which we may need or be required to disclose it.

”Personal information” means information that identifies you as a specific individual. It many include an individual’s date of birth, family status, marital status, occupation, medical and health records, assets, liabilities, income, credit and payment records of the individual’s previous insurance experience including claims history, and an individual’s driving record. It does not include the sort of general information that could be found in a business directory or a telephone book.

Effective January I, 2004, the Government of Canada implemented the last phase of the Persona/ Information Pm/ection and Electronic Act (PIPEDA). This federal statute applies to insurance companies and many other industry sectors.

This legislation establishes rules and principles for the use and disclosure of personal information based on the ten privacy principles developed by the Canadian Standards Association.

These principles recognize that we live in an era where information is exchanged and circulated by electronic means. It balances the individual’s right to privacy in their personal information with the reasonable need of organizations to collect, use, or disclose personal information.

Under the legislation, an organization may collect, use, or disclose personal information only for limited purposes that a reasonable person would consider to be appropriate in the circumstances.

PIPEDA requires us to provide the same safeguards for your privacy that we have always provided on a voluntary basis. Our Privacy Code sets out these principles in simple terms. It explains how we ensure that your privacy and the confidentiality of your personal information are protected.

Our Privacy Code

Brant Mutual Insurance Company’s Privacy Code is based on the following ten principles adopted by the Personal Information Protection and Electronic Documents Act (PIPEDA).

PRINCIPLE #1: Our Accountability for the Collection, Use, or Disclosure of Personal Information

As a customer of Brant Mutual Insurance Company, you have the right to expect we are accountable for the personal information we collect and use. “Customer” means a current policyholder, a former insured, an applicant for insurance, a claimant under one of our policies as well as an individual insured as part of a group or corporate policy.

We are responsible for maintaining and protecting your personal information which is under our control. This includes any personal information that may need to be disclosed to third parties for processing or other administrative functions.

To help ensure the confidentiality of your personal information we have established policies and procedures to ensure that we comply with PIPEDA. We have designated a Privacy Officer who is responsible for our company’s compliance with the ten privacy principles by the Canadian Standards Association.

If you have any questions or inquiries about how your personal information is stored, or when it may need to be disclosed to others, our Privacy Officer is there to assist and explain our policies to you.

PRINCIPLE #2: Identifying Our Purpose for the Collection, Use, or Disclosure of Personal Information

Before or when we collect information about you, we will explain how we intend to use it. Brant Mutual Insurance Company collects personal information only for the following purposes:

  • to provide ongoing service to our customers;
  • to help us understand our customers’ needs better,
  • to develop, enhance, market or provide insurance products and services;
  • to enable us to underwrite your policy of insurance and set a fair premium;
  • to provide us with the information that we need to adjust a claim in a fair and expeditious way;
  • to detect our prevent fraudulent claims;
  • to comply with statistical requirements; and
  • to meet our legal and regulatory requirements under third party agreements, the Insnrance Act and other relevant statutes.
  • Unless we are required by law, Brant Mutual Insurance Company will not use or disclose any personal information that has been collected without documenting the new purpose and obtaining your consent. If you have any questions about these purposes, our privacy officer will be pleased to explain them to you.

Principle #3: Obtaining your Consent for the Collection, Use, or Disclosure of Personal Information

Brant Mutual Insurance Company NVill make a reasonable effort to make sure that its customers understand and consent to how their personal information will be used by the Company. By providing this information to us, we assume your consent to use this information in an appropriate manner.

We will have obtained your consent by virtue of a signed application before collecting information from third parties such as other insurers and insurance service companies.

In certain circumstances, however, personal information may need to be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical, or security reasons may make it impossible or impractical to seek consent.

PIPEDA recognizes that when information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of an individual may defeat the purpose of collecting information. Seeking consent may also be impossible or inappropriate when the individual is a minor, seriously ill, or mentally incapacitated.

In obtaining your consent, we will always use reasonable efforts to ensure that you are advised of the identified purposes for which any personal information collected will be used or disclosed.

Principle #4: Limiting the Use, Disclosure, and Retention of Personal Information

We will always limit the collection of personal information to that which is necessary for the identified purposes. Typically, this is information that is required to enable us to underwrite for policy of insurance and charge a fair premium. We may need to collect personal information from other sources.

Under certain circumstances we need to collect information to assist us in adjusting or investigating a claim. This may involve the use of licensed and regulated independent insurance adjusters or investigators. We will always collect personal information by fair and lawful means.

Principle #5: Limiting Use, Disclosure, and Retention of Personal Information

Personal information will not be used or disclosed for purposes other than for which it was collected, except with your consent or as permitted or required by law. Your personal information will be retained only as long as it is necessary to fulfill those purposes.

Brant Mutual Insurance Company may disclose a customer’s personal information to the following organizations:

  • Another insurance company for the reasonable provision of insurance services;
  • Another person or corporation as part of conducting business. This may include a reinsurance company, subject to that corporation agreeing to manage personal information in accordance with these privacy principles;
  • A person or corporation that is involved in supplying us with claim’s support services. This may include a licensed independent insurance claims adjuster or investigator, or fire or forensic expert or engineer;
  • A medical or rehabilitation specialist or assessment clinic that is providing an opinion to us pursuant to our rights and obligations under the Insurance Act;
  • A company or an individual employed by Brant Mutual Insurance Company to perform data processing, accounting, actuarial or statistical functions on our behalf;
  • A person or corporation involved in the development, enhancement, marketing, or provision of our insurance products and services;
  • An agency used by Brant Mutual Insurance Company to collect an outstanding account. This may include credit collection agencies;
  • A public authority or agent of a public authority, if the information is required to comply with a provincial or federal statute or regulation;
  • A law enforcement agency, where our customer consents to such disclosure or disclosure is required by law or emergency.
  • Brant Mutual Insurance Company does not provide, or sell its customer list to any outside company for use in marketing or solicitation. Only employees with a business “need to know” or those whose duties require it are granted access to personal information about our customers.

We keep personal information only as long as it remains necessary or relevant for the identified purposes or as required by law.

Personal information that is no longer necessary or relevant for the identified purposes or required to be retained by law is destroyed, erased, or made anonymous.

Principle #6: Keeping your Personal Information Accurate

Brant Mutual Insurance Company makes every effort to ensure that personal information about its customers is as accurate, complete, and up-to-date as is necessary for the purposes for which it was collected.

This may require contact with your insurance agent or broker to confirm or update personal information required for underwriting purposes. In addition, the Insurance Act and the terms and conditions or your policy of insurance may require you to notify us of material changes to your personal information. If you have any questions about the accuracy and completeness of the personal information that we have collected or retained, please do not hesitate to contact our Privacy Officer. If you need to update some aspect of your personal information, please contact your insurance agent or broker directly.

Principle #7: Safeguarding Your Personal Information

Brant Mutual Insurance Company takes steps to protect personal information with security safeguards appropriate to the sensitivity of the information.

Specifically, we have stringent security measures in place to protect personal information against such risks as loss or theft, computer hackers, unauthorized access, disclosure, copying, use, modification, or destruction.

Brant Mutual Insurance Company protects your personal information regardless of the format in which is it held.

We also protect personal information we disclose to third parties by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used.

All our employees with access to personal information are required, as a condition of their employment, to respect the confidentiality of personal information.

More sensitive information will be safeguarded by a higher level of protection.

In determining what safeguards are appropriate, we will consider the following factors:

  • The sensitivity of the information;
  • The amount of held; e parties to whom information will be disclosed; e The format in which the information is held; and
  • The way in which the information is physically stored.

When transferring insured/claimant information to a third party, we remove or mask any information that is not reasonably needed by the third party.

Our methods of protection include:

  • Physical measures such as storing policies on an electronic filing system, or in locked filing cabinets/vault and access; Organizational measures, such as limiting access on a “need to know” basis;
  • Technological measures, such as the use of passwords and encryption; Hard copy files removed from our offices will, during transport be kept in briefcases or similar. If left unattended during travel, they will be locked in vehicle trunks or a locked hotel room;
  • Computer files accessed from a home or remote computer system will not be copied or kept on such home or remote system. Temporary copies of files will be erased;
  • Passwords and log-in information will be kept secure and not disclosed to any person. (Note: authorized IT personnel have access to the system and will never ask you to divulge passwords or log-in information).

We will ensure that our policies and procedures on safeguarding personal information are clearly communicated and accessible to our employees by:

  • Training staff on the subject of personal information protection; and
  • Having regular staff meetings in which we will review our procedures and revise where appropriate.

We will take precautions in the disposal or destruction of personal information to prevent unauthorized parties from gaming access to the information. The measures include:

Ensuring that no one may retrieve personal information after it has been disposed of;
Shredding documents before recycling them; and Deleting electronically stored information.

Principle #8: Openness Concerning our Privacy Practices

Brant Mutual Insurance Company pursues a policy of openness about the procedures it uses to manage personal information. We will make specific information about our policies and practices relating to the management of their personal information available to customers upon request.

  • We ensure openness by providing you with the following information;
  • The title and address of the Privacy Officer accountable for our compliance with the policy;
  • The name of the individual to whom inquires or complaints can be forwarded;
  • The means of gaining access to personal information held by our company; and
  • A description of the type of personal information héld by Brant Mutual Insurance Company, including a general account of its use.

Brant Mutual Insurance Company makes information available to help its customers exercise informed choices regarding the use of their personal information.

Principle #9: Customer Access to Personal Information

Brant Mutual Insurance Company informs its customers of the existence, use, and disclosure of their personal information upon request and provides access to that information. Our customers are able to challenge or correct the accuracy and completeness of their personal information and have it amended when appropriate.

When a request is made in writing, we will inform you in a timely fashion of the existence, use, and disclosure of your personal information and you will be given access to that information. In order to safeguard your personal information, we may require you to provide sufficient identification information to permit us to authorize access to your file.

In certain exceptional situations, we may not be able to provide you with access to all of the personal information we hold. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security, or commercial proprietary reason, information that is subject to solicitor-client or litigation privilege, or, in certain circumstances, information of a medical nature. If this is the case, Brant Mutual Insurance Company will provide the reasons for denying access upon request.

Customers can obtain information or seek access to their individual files by contacting our designated Privacy Officer at the address described previously.

Principle #10: Challenging Compliance

A customer has the right to challenge Brant Mutual Insurance Company’s compliance with the above principles by contacting the privacy officer accountable for our compliance with the policy.

Brant Mutual Insurance Company maintains strict procedures for addressing and responding to all inquiries or complaints from its customers about its handling of personal information. We inform our customers about our privacy practices as well as availability of complaint procedures, if necessary.

Our Privacy Officer will investigate all complaints concerning compliance with the privacy policy. If a complaint is found to be justified, we will take appropriate measures to resolve the complaint including the amendment of our policies and procedures.

In exceptional circumstances, the Privacy Officer accountable for compliance with our privacy policy may seek external legal advice where appropriate before providing a final response to individual complaints.
For more information, please contact our Privacy Officer by calling us toll-free at 1-800-461-2543.