ISMIE Mutual Insurance Company (“ISMIE” or the “Company”*), is committed to protecting and respecting your privacy. This policy applies to personal information provided directly to ISMIE or personal information collected on the ISMIE website. The policy describes how ISMIE handles the personal information obtained from our applications, websites, portals, and products and services that collect data. This policy establishes the type of personal information we collect, how we collect it, how we use it, why we use it, who we share it with, and the rights to which you are entitled. Please note that if state law is more protective of an individual's privacy than federal privacy law, we will protect personal information in accordance with state law while also meeting federal requirements.
Protecting your privacy is a matter of great importance to ISMIE. ISMIE maintains processes and procedures, both physical and electronic, in order to safeguard your personal information and to comply with federal and state laws. Personal information we obtain from you, and personal information you voluntarily provide to us through ISMIE websites, shall be treated in accordance with this policy and, may be used to provide you with personal information we believe may be of interest to you. We may also share the personal information with third parties who provide services to us. We retain your personal information securely in our database and will only keep your personal information for a reasonable period of time, or until you provide us notice of your desire for it to be removed or limited.
SOURCES OF PERSONAL INFORMATION
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from Consumer - For example, personal information provided in an application or in a request for a quote, claim, or policy on any of our website(s) or through interactions with an agent, employee, or our customer service center.
- Indirectly from Consumer - For example, personal information including, IP address, cookies and device ID when a consumer visits our website(s), uses our social media sites, interacts with our online advertisements or uses our mobile application(s).
- Directly and indirectly from activity on our website - For example, personal information from the internet or other electronic network activity from submissions through our website portal or website usage details collected automatically and from a browser or device.
- Provided by third-party service providers - For example, personal information provided by third-party service providers to service accounts or website functions.
- Obtained from government entities and consumer reporting agencies - For example, personal information from public records, government entities, consumer reporting agencies, and insurance claims history.
Categories of personal information we may collect about you:
- Contact Information, such as first and last name, email address, telephone number, or mailing address.
- Employment Information, such as employment history, qualifications, licensing, or disciplinary records.
- Characteristics of protected classifications (e.g., gender, age)
- Educational Information, such as education records or transcripts.
- Financial Information, such as bank account number, or credit history.
- Government Issued Identifiers, such as social security number, driver’s license number, state identification number, or medical license number.
- Service Related Information, such as demographics, loss history, or loss exposure.
- Criminal History, such as convictions or court judgements.
- Internet Network Activity, such as IP address, internet service provider, operating system, site from which you arrived, date and time of your visit, browsing history, clickstream data, or search history.
- Geolocation data (e.g., latitude or longitude)
INFORMATION GATHERED AUTOMATICALLY (COOKIES)
ISMIE uses Google Analytics, a web analytics service for the purposes of evaluating your use of the website, compiling reports on website activity, and providing other services related to Internet usage. Google Analytics will not associate your IP address with any other information held by Google Analytics.
HOW WE USE YOUR INFORMATION
We use the following categories of personal information collected for a variety of business reasons such as:
- Performing services - such as to establish, maintain, or service accounts; underwrite and rate policies; tailor web content to match browser capability; personalize services and products; send marketing communications; respond to inquiries; and provide information about related products and services;
- Auditing services related to a current interaction with you on our website - such as to count ad impressions to unique visitors, verify positioning/quality of ad impressions, and audit for compliance; and
- Protection and compliance services - such as to detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; protect against unauthorized use; prosecute those responsible for illegal activity; and to comply with applicable laws.
HOW WE SHARE YOUR INFORMATION
The personal information collected about our customers, former customers, applicants, and employees, will only be disclosed as permitted or required by law. ISMIE is the sole owner of all personal information obtained through our websites. ISMIE does not sell personal information to third parties. ISMIE shares and discloses personal information with its affiliates and subsidiaries to better serve you, including for the activities listed above. Any affiliates, subsidiaries, or third parties who perform services for us are required to safeguard any personal information that they process on our behalf.
The categories of third parties to whom we may have disclosed personal information for a business purpose include:
Authorized Third Party Service Providers
We may, in the ordinary course of business, disclose personal information to service providers who are contractually restricted from using or disclosing the provided personal information except as necessary to perform the services on our behalf or to comply with legal requirements.
Legal Requirements and Business Transfers
We may disclose personal information when required by law, statute, rule, regulation, or professional standard; such as to respond to a subpoena, search warrant, legal request; to law enforcement authority or other government official requests; to consumer reporting agencies as permitted by law; to prevent physical harm or financial loss; to investigate suspected or actual illegal activity; to medical professionals or institutions to verify coverage or conduct operations as part of a company audit, to investigate a complaint or security threat; or to our reinsurers or to the new owner of the business if the Company is subject to a merger or acquisition.
At your direction or request
We may disclose personal information when you provide consent, such as sharing information with third parties (e.g., if a consumer provides explicit, opt-in consent to the sharing and use of data with a specifically identified third party partner, such data may be shared and used by the Company and/or the third party partner as described at the time consent is obtained, including for targeted advertising or advertising measurement purposes).
For our policyholders and former policyholders, much of the personal information we collect from you is maintained in your policy and/or claims records. We use this personal information to process and service your policy, and to settle claims with your consent or as directed by you.
Following are some examples of how we may disclose personal information:
- We must exchange personal information about you with our employees, attorneys, and other persons who are or will become involved in processing your application and servicing your policy or any claims you may make.
- We disclose your personal information to persons or organizations as necessary to perform transactions you request or authorize.
- We may share personal information with persons or organizations that we have determined need the personal information to perform a business, professional, or insurance function for us. These include businesses that help us with administrative and marketing functions. All of these entities are obligated to keep the personal information that we provide to them confidential and to use the personal information only for the purpose for which the personal information was provided.
- Personal information may be provided to organizations conducting actuarial research or audits. In this case, you will not be individually identified in any research report. The organization must agree not to redisclose the personal information and agree that the personal information will be returned to us or destroyed when it is no longer needed.
PROTECTION OF PERSONAL INFORMATION
All personal information collected by ISMIE shall not be retained for longer than is reasonably necessary and proportionate to achieve the business purpose for which it was collected. ISMIE manages personal information in compliance with legal retention requirements, such as those set out in applicable federal and state laws.
Access to your personal information is restricted only to those employees who need it to provide products or services to you. All employees are required to undergo regular training and education on how to safeguard personal information. All employees are required to sign confidentiality agreements to further protect your personal information. ISMIE has implemented the appropriate physical, electronic, and administrative procedures to protect the personally identifiable information we collect. The forms used on our website to collect personally identifiable information are secure and encrypted.
However, when communicating via email, ISMIE is not responsible for the privacy of the messages in either direction. ISMIE cannot guarantee the security of any personal information you choose to disclose in an email. If you wish to communicate with ISMIE via a secure email system, we can provide you with login information so that the communications can be secure.
PROTECTED HEALTH INFORMATION (PHI)
ISMIE uses appropriate safeguards to prevent unauthorized use or disclosure of Protected Health Information (“PHI”) other than as permitted or as required by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) or other applicable laws. ISMIE utilizes administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of PHI that it receives.
ISMIE websites contain links to external websites that are not owned or managed by the Company. ISMIE is not responsible for and assumes no liability for the privacy policies or practices or the content of those sites. We encourage you to read the privacy statement of any website you visit, especially those that collect personally identifiable information.
The Company will not deny services, charge different rates for services, or provide a different level or quality of services, as a result of any request regarding your personal information.
CHANGES TO THIS POLICY
If you have questions about this privacy statement or the practices of this website, please contact us at ISMIE Mutual Insurance Company, 20 North Michigan Ave., Suite 700, Chicago, Illinois 60602; 1-800-782-4767 ext. 2055; or firstname.lastname@example.org.
We respect your privacy, and take great care to safeguard your Continuing Medical Education (“CME”) information in our possession. The protection and proper use of your personal information is of utmost importance. Policyholder information (including email addresses) is not shared outside of our direct CME affiliates and partners. Any third-party companies used to provide you with CME products or services are required to keep your information secure and confidential. If you have any other questions or concerns regarding access to or use of your CME information, please email email@example.com.
*For the purposes of identification and consistency, the term “ISMIE” or “Company” shall refer to the following entities: ISMIE Mutual Insurance Company; ISMIE Indemnity Company; ISMIE SPC Limited; ISMIE Risk Retention Group, Inc.; and ISMIE UK Limited.
Last revised: January 1, 2023