In order to provide our clients with the products and services they require and to ensure that we make informed underwriting and claims decisions, it is necessary that we obtain information about our clients and/or their businesses. The information with which we are entrusted is often of a personal nature. Our clients have the right to expect that any personal information they provide to us or that we obtain from other sources in order to make underwriting or business decisions will be kept in confidence and that access to that information will be restricted to those having a legitimate need to review or use that information.
As of January 1, 2004, the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) applies to the operations of insurance companies in Canada. PIPEDA sets out in law the rights of the consumer and details the duties and responsibilities of companies that collect information of a personal nature. A number of provinces have since enacted similar legislation. Unique Risks Ltd (“Unique Risks”) intends to fully comply with all aspects of PIPEDA and applicable provincial legislation.
Personal information that we collect may include name, address, contact information, marital status, work history, assets, liabilities, income, banking records, health records, claims history and other information of a personal nature relating to an individual. The type of information we collect is dependent on the type of product the individual requires from us. We will limit the personal information we collect to that necessary for us to make informed underwriting and business decisions.
HOW WE COLLECT PERSONAL INFORMATION
We may obtain personal information directly from the client and/or through insurance brokers, other insurers, banks, credit bureaus, applications, transactions, consumer reports or by other legitimate means.
HOW WE USE PERSONAL INFORMATION
We use personal information to make underwriting and business decisions, to compile statistics, to communicate with our clients and to investigate and pay claims. We will explain to the client why we require personal information and will restrict our use of this information to the purposes identified.
PROTECTION OF PERSONAL INFORMATION
Unique Risks will take all necessary and reasonable precautions to protect the information provided to us by our clients. Unique Risks uses a number of manual and electronic controls to protect personal information that has been entrusted to us. These controls include restricted access to our premises, user authentication, encryption, firewall technology and the use of detection software. Unique Risks only allows access to an individual’s personal information to those employees who require it in their work. Employees who have access to personal information are made aware of the responsibility they have for protecting that information and are required to make proper use of the manual and electronic controls available to them. Our employees are subject to disciplinary procedures for the unauthorized use or disclosure of an individual’s personal information.
DISCLOSURE OF PERSONAL INFORMATION
From time to time in the normal course of business, it is necessary for Unique Risks to provide an individual’s personal information to a third party such as, but not limited to, a broker, reinsurer, legal counsel, regulator, adjustor, repairer or administrator. Unique Risks advises each third party to whom it provides personal information that Unique Risks expects the party to comply with Canada’s privacy laws and to also take steps to protect that information. Information on third parties is available from the Chief Privacy Officer. We will only disclose an individual’s personal information with the individual’s consent, except in situations where to do so would cause undue delay in providing requested services or where Unique Risks is legally required to disclose such information.
RETENTION OF PERSONAL INFORMATION
Unique Risks will retain an individual’s personal information for as long as is necessary to fulfill the purposes for which it was collected or as required by law. Disposal of any personal information no longer required will be done in a safe and complete manner. Accessing Your Personal Information An individual has the right to be allowed access to his or her personal information, subject to any legal restrictions. For example, if to allow access would reveal any personal information about a third party then access may be limited or denied. If there are reasons why access is denied, the individual requesting access will be advised in writing. Should an individual demonstrate that any information held is inaccurate or incomplete, Unique Risks will make the appropriate changes to such information.
In the unlikely event that Unique Risks experiences an incident involving the loss of or unauthorized access to or disclosure of personal information where a reasonable person would consider that there exists a real risk of significant harm to an individual as a result, Unique Risks will comply in all respects with the applicable provisions of federal and provincial privacy laws with regard to privacy breach notification, and will take all necessary steps to reduce the risk of harm to the affected individual as a result of the breach.
Requests for further information, access to personal information or complaints about Unique Risks' handling of personal information should be directed to Unique Risks' Chief Privacy Officer, as follows:
President & CEO
Unique Risks Ltd.
1100 Burloak Drive, Suite 300 Burlington, ON L7L 6B2
Phone: (905) 334-6971