Privacy Policy
Last updated: April 2024
Zurich American Insurance Company, its subsidiaries and U.S. affiliates (“Zurich NA”, “we” or “us”) respect your concerns about privacy.
This Privacy Policy (“Policy”) applies to ZurichNA.com (the “Site”) and other online and mobile services and applications that link to or post this Policy (collectively, the “Online Services”), or through other means in the course of our business relationship with you.
This Policy describes the types of information we collect, how we may use that information and with whom we may share it. This Policy also describes the measures we take to protect the security of the personal information. We also tell you how you can reach us to ask us to answer any questions you may have about our privacy practices. Depending on your relationship with us, you may receive other privacy notices from us providing additional detail about our privacy practices.
This Policy is incorporated into and is subject to the Terms of Use. Your use of the Online Services and any information you provide through the Online Services is subject at all times to this Policy and the Terms of Use, including its applicable limitations on damages and the resolution of disputes.
Table of Contents
- 1. Information We Collect
- 2. How We Use the Information We Collect
- 3. Sharing of Information
- 4. Cookies and Other Tracking Mechanisms
- 5. Your Choices
- 6. How We Protect Information
- 7. Protection of Social Security Numbers
- 8. How We Retain Information
- 9. International Visitors
- 10. Children´s information
- 11. California Privacy Rights
- 12. Nevada Privacy Rights
- 13. Privacy Rights Under Other State Laws
- 14. Privacy Rights Under State Insurance Regulations
- 15. Links to Other Web Sites
- 16. Blogs and Other Interactive Services
- 17. Updates to Our Policy
- 18. How to Contact Us
Information We Collect
Information You Provide Directly to Us. We and our service providers may collect information, including personal information, that you provide us directly, for example, when you report a claim, including information about injuries and treatment, names of witnesses, and whether a violation was issued; when you submit a fraud report, including the names of those persons involved; when you apply for an insurance policy; or when you otherwise contact us with a comment, question, or request. The information that you provide us may include, but is not limited to: (a) contact information, such as your name, postal address, email address, telephone number, and fax number; (b) other identifying numbers or unique identifiers, such as your Social Security number, Federal Employer Identification Number, and driver’s license number; (c) claim and account information, such as account number, policy number, client ID, or access credentials; and (d) relevant information to an insurance policy or claim, such as information about your employment, income and net worth, information about your property or collateral insurance coverage, and medical information.
Information We Collect by Automated Means. When you use the Online Services, we and our service providers may collect or retain certain information over time and across different websites when you use the Online Services. We and our service providers may collect this information by automated means, using technologies such as cookies, Web server logs and Web beacons.
When you visit our Site, we automatically collect information such as your operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. The Web server logs may also record information such as the address of the Web page that referred you to the Online Services and the IP address and actual location of the device you use to connect to the Internet. They may also log information about your interaction with the Online Services, such as which pages you visit. Please see the section “Cookies and Other Tracking Mechanisms” below for more information.
To the extent permitted by applicable law, we may combine the information you provide us and information we automatically collect with information from public or third-party sources.
In addition to the use of cookies, we may also gather information about your transaction history with our company and affiliates in the course of doing business with you.
Information We Collect from Other Entities. We collect a number of pieces of information about you, including personal information, from other entities in the process of providing services to you. This includes information from insurance support organizations, government agencies, insurance information sharing bureaus, and consumer reporting organizations. The information we collect primarily relates to your creditworthiness and the veracity of claims you make with us, and may include, but is not limited to: your contact information, government identifiers, employment and professional-related information, demographic information, information regarding your credit history, and Motor Vehicle Reports. In addition, we may occasionally consult with an independent expert, such as a medical professional, when determining the value of a claim you have filed with us.
How We Use the Information We Collect
We use the information we collect and receive to provide you with products and services and to operate, maintain, and enhance the Online Services. For example:
To Provide Our Services. We use the information we collect and receive to provide you with the products, services, or information that you request; to provide you with information about Online Services or required notices; to deliver marketing communications, promotional materials, or advertisements that may be of interest to you; and to customize your experience when using the Online Services, among other things.
To Improve Our Services. We use the information we collect and receive to improve the Online Services we provide, for example by better tailoring content to user needs and preferences, such as by giving you more relevant ads; by generating and analyzing statistics about your use of the Online Services; and by developing new products and services.
To Communicate With You. We use the information we collect and receive to communicate with you about our Online Services and products, to respond to you when you contact us, and to let you know about our policies and terms or provide other notices required by law.
Use of Artificial Intelligence and Machine Learning. We may use artificial intelligence and machine learning capabilities to assist with certain analytics and inform decision-making involving our Online Services and products. Where necessary, we obtain your prior consent for this use.
To Maintain and Operate Our Online Services. We use the information we collect and receive to protect our rights and to detect, prevent, and respond to fraud; intellectual property infringement; violations of industry standards and our policies and terms, such as this Policy and our Terms of Use; violations of law; other misuse of the Online Services; or in situations involving potential threats to the safety or legal rights of any person or third party.
To Comply with Legal Obligations. We use the information we collect and receive to comply with law or legal proceedings. For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements.
Business Transfers. We use the information we collect and receive to consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping, and legal functions.
We also may use the information in other ways for which we provide specific notice at the time of the collection.
Sharing of Information
We may share information we collect or receive in order to provide the products and services that you have requested, when we have your consent, or as otherwise described in this Policy. We do not rent or sell personal information to third parties.
We may share your information with service providers that perform services on our behalf, such as providing order and payment processing services, processing employment applications, or delivering marketing communications, promotional materials, or advertisements that may be of interest to you. We also may share your information among our affiliates and subsidiaries. We may share information we collect on the Online Services at your request. For example, if you use the Online Services to send information to a third party, we may identify you as the sender.
We also may disclose information about you to third parties as required by law or regulation and when we have a good faith belief that it is necessary in order to protect the legal rights, safety, and security of Zurich, our affiliates, our business partners, users of our Online Services, to enforce our Terms of Use, to respond to and resolve claims or complaints, to prevent fraud or for risk management purposes, and to comply with or respond to law enforcement or legal process or a request for cooperation by a government or other entity.
We reserve the right to transfer information in association with the consideration, negotiation, or completion of a sale or transfer of all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to direct the transferee to use the information you have provided to us in a manner that is consistent with our current Policy.
We may share aggregated or de-identified information for any purpose, including for marketing, advertising, research and similar purposes.
Cookies and Other Tracking Mechanisms
We and our service providers use cookies and other tracking mechanisms to track information about your use of our Site or Services. We may combine this information with other personal information we collect from you (and our service providers may do so on our behalf).
CookiesCookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Site and Online Services, while others are used to enable a faster log-in process or to allow us to track your activities at our Site and Online Service. There are two types of cookies: session and persistent cookies.
- Session Cookies. Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Site and Online Services. This allows us to process your online transactions and requests and verify your identity after you have logged in, as you move through our Site and Online Services.
- Persistent Cookies. Persistent cookies remain on your device after you have closed your browser or turned off your device. We use persistent cookies to track aggregate and statistical information about user activity.
Clear GIFs, Pixel Tags, and other Technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web and app pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Site and Online Services to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage. We and our service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
Third-Party Analytics. We use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Site. We use these tools to help us improve our Site’s performance and user experiences. These entities may use cookies and other tracking technologies, such as web beacons, to perform their services.
Do-Not-Track. Currently, our systems do not recognize browser “do-not-track” requests.
Your Choices
We offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you. Some areas of the Online Services provide features that allow you to access and update personal information you have provided there. Some areas contain features that permit you to register your communications preferences, such as by indicating your preference to receive information about particular types of products. You may visit the area of the Online Services where you provided personal information to learn if it provides these features. If it does not, you can contact us as described in the How to Contact Us section to update your preferences, ask us to remove your information from our mailing lists or submit a request.
How We Protect Information
We maintain reasonable administrative, technical and physical safeguards designed to protect the information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Because no information system can be fully secure, we cannot ensure or warrant the security of any information that you transmit to us and you do so at your own risk.
Protection of Social Security Numbers
We strive to protect the confidentiality of Social Security numbers we collect by employing reasonable safeguards seeking to (i) prohibit unlawful disclosure of Social Security numbers and (ii) limit access to Social Security numbers.
How We Retain Information
We retain the personal information we collect only as reasonably necessary for the purposes described in this Policy, to comply with our legal obligations, or as otherwise disclosed to you at the time of collection. For example, if you maintain a policy with us, we will retain your personal information for as long as we have a relationship with you, and then for an additional period of time to ensure we can comply with our legal obligations, or protect or defend against potential claims.
International Visitors
Zurich NA is based in the United States. Regardless of where you use our Online Services or provide information to us, the information may be transferred to and maintained on servers located in the United States, which may not provide the same level of protection for your personal information as your home country and may be available to the United States government or its agencies under a lawful order made in the United States. We may also store your information outside of the United States or transfer it to our affiliates and business partners located in other countries for the purposes described herein. By providing any data through the Online Services, you hereby expressly consent to such transferring and processing of your data in and to the United States and other countries.
Children’s Information
The Online Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under the age of 13. If you become aware that a child has provided us with information without your consent, please contact us at the contact information listed below.
California Privacy Rights
This section provides additional information for California residents pursuant to the California Consumer Privacy Act, as amended (“CCPA”). If you are a resident of California, you have the right to receive certain disclosures regarding our processing and sharing of “personal information,” as defined under the CCPA.
Categories of Personal Information We CollectWe may collect (and may have collected in the prior 12 months) the following categories of personal information (these may differ depending on how you use our Online Services):
- Identifiers, such as your name, address, email address, IP address, telephone number, and fax number.
- Government-issued identifiers, such as your Social Security number, federal employer identification number, and driver’s license number.
- Account information, such as account number, policy number, client ID, or access credentials.
- Commercial information, such as information about your property or collateral insurance coverage, your transaction history with our company and affiliates, and your creditworthiness.
- Employment information, such as information related to prior or current employment, income, and net worth.
- Internet or other electronic network activity information, such as IP address, operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. We may also collect browsing history, clickstream data, search history, and information regarding interactions with Internet websites, applications, or advertisements, including other usage data related to your use of our Online Services.
- Geolocation data, such as the location of the device you use to connect to the Internet.
- Audio, visual and similar information, such as phone call recordings if you contact our customer service line.
- Protected classifications under California or Federal law, such as your gender, date of birth, citizenship, marital status, and disability status.
- Inferences drawn from any of the categories listed above.
- Sensitive Personal Information, such as your Social Security number, driver’s license number, and your racial or ethnic origin.
We may collect personal information from the following categories of sources:
- Directly from you;
- Our affiliates and subsidiaries;
- Our business partners;
- Customers and clients;
- Internet service providers;
- Operating systems and platforms; and
- Our vendors and service providers.
As more thoroughly described above under How We Use the Information We Collect, we collect and disclose the above categories of personal information for the following purposes:
- To provide our services.
- To improve our services.
- To communicate with you.
- To maintain and operate our Online Services.
- To comply with legal obligations.
- For business transfers.
We use sensitive personal information we have collected only for purposes authorized under the CCPA. These may include:
- To deliver the Online Services requested by you;.
- To help ensure security and integrity, including to prevent, detect, and investigate security incidents;.
- To detect, prevent, and respond to malicious, fraudulent, deceptive, or illegal conduct;.
- To verify or maintain the quality and safety of our services;.
- For compliance with our legal obligations;.
- To allow our service providers to perform services on our behalf; and.
- For purposes other than inferring characteristics about you..
In general, we disclose certain categories of personal information above for various business purposes to our service providers.
We may disclose the following categories of personal information to third parties for advertising and marketing purposes:
- Internet or other electronic network activity information.
We may disclose categories of personal information to the following categories of service providers and third parties:
- Financial service providers;
- Medical providers;
- Consumer reporting agencies;
- Insurance information sharing bureaus;
- Third party administrators;
- IT providers;
- Brokers and agents;
- Reinsurers;
- Advertising networks;
- Internet service providers;
- Data analytics providers;
- Government entities;
- Operating systems and platforms; and
- Social networks.
If you are a California resident, you may have the following rights regarding your personal information:
Right to Know / Request Access. With respect to the personal information we have collected about you in the prior (twelve) 12 months, you have the right to request from us (up to twice per year and subject to certain exemptions):
- The categories of personal information we collected about you;
- The sources from which we have collected that personal information;
- Our business or commercial purpose for collecting, selling, or sharing that personal information;
- The categories of third parties to whom we have disclosed that personal information; and
- A copy of the specific pieces of your personal information we have collected.
Right to Correct. You have the right to request that we correct inaccuracies in your personal information.
Right to Delete. Subject to certain conditions and exceptions, you have the right to request deletion of your personal information that we have collected about you.
Right to Opt-Out of Sale and Sharing. Under the CCPA, a “sale” includes disclosing or making available personal information to a third party in exchange for monetary or other valuable consideration. “Sharing” includes disclosing personal information to enable cross-contextual advertising. We do not sell or share personal information under these definitions, so there is no need to exercise your right to opt-out. Accordingly, we do not have actual knowledge that we “sell” information from individuals under sixteen (16) years old, or from any other individual.
Right to Limit Use and Disclosure of Sensitive Personal Information. Subject to certain conditions and exceptions, you may have the right to limit the use and disclosure of “sensitive personal information,” as defined under the CCPA.
Right to Non-Discrimination. We will not discriminate against you for exercising any of the rights described in this section.
Authorized Agent. You may designate someone as an authorized agent to submit requests and act on your behalf. To do so, you must provide us with written permission to allow the authorized agent to act on your behalf. We may also ask you directly to verify you have authorized your authorized agent to act on your behalf.
Verification. Before responding to your request, we must first verify your identity using the personal information you recently provided to us. You must provide us with: (1) first and last name; (2) email address; (3) zip code; and (4) a copy of a government-issued photo ID. We will take steps to verify your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information in order to verify your identity, or where necessary to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.
Exercising Your RightsIf you are a California resident and want to exercise any of the rights described in this section, you may do so via:
- Our “Data Subject Request” online form
- Contacting us at the toll-free number: 1-800-382-2150
- Writing or emailing us at the address below.
Your Privacy Rights Under the California “Shine the Light”
California residents who provide us certain personal information are entitled to request and receive from us, free of charge, information about the personal information (if any) we have shared with third parties for their marketing purposes. Such requests may be made once per calendar year for information about any relevant third-party sharing within the previous calendar year. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. If you would like to make such a request, please contact us at the contact information listed below.
Nevada Privacy Rights
If you are a resident of Nevada, you have the right to restrict us from selling certain personal information about you to third parties. Specifically, you have the right to restrict us from selling information about you that we have collected through our Online Services and is tied to or includes a personal identifier indicating your identity. Personal identifiers include your name, Social Security number, email or physical address, telephone number, or other information that could be used to verify your identity or contact you. We do not sell your personal information under Nevada law, so you don’t need to exercise this right.
Privacy Rights Under Other State Laws
Depending on the jurisdiction in which you are located, you may have certain rights with respect to your personal information. Subject to the laws applicable to the Zurich NA entity’s use of your personal information and the conditions described in those laws, these rights may include the right to:
- know what personal information about you we have collected, disclosed, and/or sold, as applicable;
- access your personal information;
- correct inaccuracies in your personal information;
- obtain a copy of your personal information in a portable and, to the extent technically feasible, readily usable format;
- opt-out of certain processing of your personal information, such as targeted advertising and certain types of profiling that produces legal and similarly significant effects;
- to exercise your privacy rights without discriminatory treatment from us;
- to delete your personal information (in certain circumstances);
- to opt-out of the sale of your personal information; and
- to appeal a decision by us to decline your request
To exercise the rights above, please submit a verifiable request to us by:
- Using our “Data Subject Request” online form
- Contacting us at the toll-free number: 1-800-382-2150
- Writing or emailing us at the address in the How to Contact Us section below.
The verifiable request must describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it. It must also provide sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information or an authorized representative. However, please refrain from sending us sensitive personal information.
Where permitted by law, you may use an authorized agent to submit a request on your behalf if you have provided the authorized agent with written and signed permission to do so or have otherwise designated an authorized agent in accordance with applicable law. We may not be able to fulfill your request if we cannot verify your identity or authority to make the request on behalf of another consumer, or if we cannot confirm that the personal information relates to you.
Privacy Rights Under State Insurance Regulations
If you are or were one of our policyholders, applicants, or claimants and a resident of Arizona, California, Connecticut, Georgia, Illinois, Maine, Massachusetts, Minnesota, Montana, New Jersey, Nevada, North Carolina, Ohio, Oregon, or Virginia, you have rights over your private information under state-level insurance laws and regulations. This includes the right to access a copy of your information, request the correction/amendment of your information, or delete your information. For security reasons, we may elect to provide you with certain medical information through your designated medical professional. We may also direct you to a consumer reporting agency to obtain certain types of information. Additionally, we may charge a reasonable fee to cover the costs of providing you with a copy of your information where it is permitted by law.
You may exercise any of these rights via:
- Our “Data Subject Request” online form
- Contacting us at the toll-free number: 1-800-382-2150
- Writing or emailing us at the address below.
Links to Other Web Sites
The Online Services may contain third-party links, or provide links to other sites for your convenience and information. These websites may be operated by companies other than Zurich NA. Linked websites may have their own privacy policies, which we strongly suggest you review if you visit any linked or third-party websites or services. This Policy does not apply to the third-party content; you acknowledge and agree that Zurich NA is not responsible for the information practices of third parties that are not under our control, and for the content of any websites that are not operated by us, any use of those websites, or the privacy practices of those websites.
Blogs and Other Interactive Services
We may offer blogs, online forums or other interactive services on the Online Services that enable visitors to post and share information and materials. Please note that any information you post or share through these services will become public information, and may be available to visitors who access the Online Services and to the general public.
Updates to Our Policy
This Policy may be updated periodically and without prior notice to you to reflect changes in our information practices or relevant laws. We will post a prominent notice on the Online Services to notify you of any significant changes to our Policy and indicate at the top of the notice when it was updated. You should review this Policy periodically. Your continued use of the Online Services constitutes your agreement to this Policy.
How to Contact Us
If you have any questions or comments about this Policy, or if you would like us to update information we have about you or your preferences, please contact us as indicated below. If you are contacting us by email to request that we change or delete personal information that you submitted through the Online Services, please be sure to tell us which page or form on the Online Services you used to submit your information:
Zurich American Insurance Company
Attention: Privacy Office
1299 Zurich Way
Schaumburg, IL 60196-1056
Fax: 1-866-276-6913