THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
AGA, Inc. and its subsidiaries, including Jefferson Insurance Company and AGA Service Company., d/b/a Allianz Global Assistance (we/us/our), are committed to protecting your privacy. By using our products, services or website, you are consenting to our collection and use of your data under this Policy.
- Personal Data. "Personal Data" means non-public personal information that identifies an individual. It doesn’t include data that is encoded, anonymized or aggregated.
- Sensitive Data. "Sensitive Data" means personal information about an individual’s race or ethnicity; political, religious, ideological or trade union memberships, opinions, views or activities; medical conditions or other protected health information (“PHI”) as defined by the Health Insurance Portability and Accountability Act of 1996; sexuality; or administrative or criminal proceedings that are treated outside pending proceedings. In addition, Sensitive Data includes information we receive from a third party who treats and identifies the information as sensitive.
- Agent. "Agent" means any third party that collects or uses Personal Data to perform tasks on our behalf, or our underwriters.
We strive to comply with the laws of the countries in which we do business regarding the protection of your Personal Data, including the EU Directive on Data Protection. In an effort to comply with such laws, we have joined the U.S. Department of Commerce's EU Safe Harbor and Swiss Safe Harbor programs (collectively, "Safe Harbor"), and we adhere to the following principles for handling your Personal Data:
- Notice: We collect Personal Data from you including information: (i) from forms, such as application or claim forms; or by telephone, email or correspondence; (ii) that is necessary to complete your transaction with us (e.g. to underwrite coverage or process claims); (iii) regarding your transactions with us or others; (iv) we receive from a consumer reporting agency; or (v) you authorize us to collect from others.
We collect your Personal Data: (i) to offer or sell you our travel insurance and assistance products or provide you with information or services for such products; (ii) to administer these products for you, including but not limited to adjudicating claims, conducting quality/satisfaction assessments, and fraud prevention; or (iii) for purposes to which you've otherwise consented..
If we collect your Personal Data for any other reason, we'll notify you before using or disclosing that data, stating our purpose for collecting and using the data, the types of non-Agent third parties to which we disclose the data, and the means we offer you to limit the use and disclosure of the data. If we receive Personal Data from any entity in the EU, we'll use that data according to the instructions such entity gives us regarding notices it provided and the choices made by the individuals to whom such data relates.
- Choice. Except as required by law, we do not share, sell or otherwise disclose your Personal Data to non-Agent third parties or use it for any purpose other than for which it was originally collected or as you subsequently authorize. However, if ever we wish to do so, we will offer you the opportunity to choose not to permit us to use your Personal Data ("opt-out") by sending an appropriately detailed request to the address provided below. In the event that we wish to disclose your Sensitive Data to a non-Agent third party or use such data for a purpose other than for which it was originally collected or as you subsequently authorize, we will provide you the affirmative, explicit choice of whether you wish to permit such disclosure ("opt-in").
Though we make every effort to preserve your privacy, we may need to disclose Personal Data or Sensitive Data if we have a good-faith belief that it is necessary to (a) protect or defend our or your rights, interests or property; or (b) comply with any applicable law, regulation, judicial rule or order, or other mandate. In any such case, we will take reasonable care to disclose only as much Personal Data as is necessary.
- Onward Transfer. We may disclose your Personal Data to our Agents, but only for the above-stated purposes. We will take reasonable steps to obtain assurances from our Agents that they will safeguard your Personal Data consistent with this Policy. Upon discovery, we will take reasonable steps to stop the Agent from using or disclosing Personal Data that is contrary to this Policy.
- Security. We take reasonable precautions to protect your data from loss, misuse, or unauthorized access, disclosure, alteration and destruction. To help maintain the security of your data, we employ physical, electronic and procedural safeguards, including utilizing policies to take reasonable precautions to (a) securely and confidentially maintain your Personal Data; (b) assess and protect against threats/hazards to the security or integrity of such data; and (c) prevent unauthorized access to or use of such data. To make your online transaction with us as safe and secure as possible, we use advanced encryption technology and treat your credit card information and other Personal Data with the highest standard of confidentiality and safety.
- Data Integrity. To help maintain the integrity of your data, we will take reasonable steps to ensure that Personal Data is reliable for its intended use, relevant, accurate, complete and current.
- Access. If you discover that the data we hold about you is inaccurate or incomplete, please let us know by contacting us as indicated below. We will grant you reasonable access to the Personal Data we hold about you and will take reasonable steps to allow you to correct, amend or delete your Personal Data that you show to be inaccurate or incomplete, so long as it can be done without imposing an undue burden or expense on us. You have the right to request from your health care provider confidential communications of your PHI. Also, at your request, you may receive an accounting of certain disclosures of PHI (e.g.: health payment records) as permitted by law.
- Enforcement. We verify our compliance with the Safe Harbor and the terms of this Policy by conducting a periodic self-assessment. Any complaint or dispute about how we handle your Personal Data should be directed to the address provided below. Additionally, complaints about how we handle your PHI may be directed to us or to the U.S. Secretary of Health and Human Services. We will investigate and attempt to resolve any such complaints or disputes internally; however, if we are unable to reach a mutually satisfactory resolution for such complaint or dispute, we have agreed to participate in the dispute resolution procedures administered by the European data protection authorities' Safe Harbor dispute panel. You will not be retaliated against for filing a complaint.
Our websites may provide links to non-affiliated third party websites. Be aware when visiting such websites that we are not responsible for and make no representations regarding the content, privacy policies and practices (security or otherwise) regarding these or any other third party websites. You should read the policies of the websites you visit to understand their policies for the collection and treatment of data.
Changes to Policy
This Policy reflects our business practices and is not a contract. However, we will abide by the terms of this Policy as currently in effect. We may amend this Policy at any time and will notify you of any updates by posting a revised policy on our website. The revised policy will apply to all information collected by us, including previously collected information, to the extent permissible under the Safe Harbor. Your continued use of our website, products or services following any such amendment shall constitute acceptance of the revised policy. You are responsible to regularly review this Policy.
If you have any questions or comments regarding this Policy or the way that we collect or handle your Personal Data, or if you would like to obtain a paper copy of this Policy, please contact our Chief Privacy Officer by e-mail at email@example.com; or by telephone at 1-800-284-8300; or by regular mail at the following address: Allianz Global Assistance, ATTN: Chief Privacy Officer, 2805 N. Parham Rd., Richmond, VA 23294.
This Policy was last revised on, and is effective as of, February 1,2012.