Privacy Notice

CCMSI Privacy Notice

At CCMSI, your privacy is important to us. We want you to know that:

We do not sell or rent to anyone the Personal Information you have provided to us.
We do not share your Personal Information with companies who want to market their products or services to you.

To help you understand how we protect your Personal Information, this notice describes our current Privacy Policy and practices.

This Privacy Policy applies to CCMSI websites or applications that link to this Privacy Policy (the “Services”), as well as offline activities where individuals are directed to this Privacy Policy. It does not apply to any non-CCMSI websites or applications that you may access via our services. Those services are governed by the privacy policies that appear on those sites and applications. As used in this Privacy Policy, “Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.

Service Provider

CCMSI often acts as a service provider in collecting and using Personal Information on behalf of another company, such as when we provide claims management services to third-party insurers and insureds. Where your Personal Information is processed by CCMSI acting as a service provider on behalf of another company, that other company’s privacy policy will explain its privacy practices, and you should submit any request to exercise applicable rights directly to that company. If you make a request to exercise applicable rights to CCMSI where it acts as a service provider, we may be required to disclose your request to the relevant company.

Categories of Personal Information Collected & Disclosed

The following identifies the categories of Personal Information we may collect about you (and may have collected in the prior 12 months). Note that our collection, use and disclosure of Personal Information about you will vary depending upon the circumstances and nature of our interactions or relationship with you. Depending on how you use our Services, we may collect the following categories of Personal Information:

Identifiers, such as real name, alias, job title, address, email address, date of birth, policy number, salary information, social security number, driver’s license number, other government identifiers, credit card number, and tax ID.
Online Identifiers, such as unique personal identifiers, device IDs, ad IDs, IP addresses, and cookie data.
Customer or Claimant Records, such as paper or electronic customer or claimant records containing Personal Information, as well as information provided by an insurance broker/agent or reinsurer for underwriting purposes and information included in a list of claims, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, payment card number, gender, height, weight, medical information (including reports and medical bills), health insurance information, details about home address, security and travel plan arrangements, records of personal property, products or services purchased or obtained.
Financial Information, such as your bank account or credit card number and other payment details.
Characteristics of Protected Classifications, such as age (40 years or older), race, national ancestry, national origin, citizenship, religion or creed, marital status, pregnancy, medical condition, physical or mental disability, sex, sexual orientation, and veteran or military status.
Usage Data, such as Internet or other electronic network activity information regarding an individual’s interaction with portals, Internet websites, applications, or advertisements, including, but not limited to, browsing history, clickstream data, search history and content of public posts.
Biometric Information, such as individual biological or behavioral characteristics including measurements of physical characteristics such as height, weight and blood pressure, sleep, health, or exercise data that contain identifying information.
Education Information, such as education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes and student disciplinary records.
Geolocation Data, such as physical location or movements.
Audio, Video and Other Electronic Data, such as audio information including call recordings, video and photographs, recorded meetings and webinars, and CCTV footage to secure our offices and premises.
Professional or Employment-Related Information, such as employment history, qualifications, licensing, and disciplinary record.
Inferences and Preferences, such as inferences drawn from any of the information described in this section about a consumer including inferences reflecting the consumer’s preferences, characteristics, behavior and abilities.
Sensitive Personal Information, such as social security number, driver’s license number, racial or ethnic origin, religious or philosophical beliefs, medical condition, and physical or mental disability.

Sources of Personal Information

We generally collect Personal Information from the following categories of sources:

Directly from you and automatically;
Insurance carriers or self-insured risk pools;
Brokers and agents;
Corporate policyholders; and
Our vendors and service providers.

Purposes for Collecting and Disclosing Personal Information

We collect and otherwise process the Personal Information we collect for the following business or commercial purposes:

Operate our business;
Provide you products and services;
Communicate with you;
Evaluate and improve our products and services;
Analytics models to support our business;
Marketing and advertising;
Inferences;
Find locations on request;
Fraud and security purposes;
Legal requirements;
Business transfers; and
Other operational and business purposes.

Sensitive Personal Information

Notwithstanding the purposes described above, we do not collect, use, or disclose “sensitive Personal Information” beyond the purposes authorized by applicable law. Accordingly, we only use and disclose sensitive Personal Information as reasonably necessary and proportionate: (i) to perform our services requested by you; (ii) to help ensure security and integrity, including to prevent, detect, and investigate security incidents; (iii) to detect, prevent and respond to malicious, fraudulent, deceptive, or illegal conduct; (iv) to verify or maintain the quality and safety of our services; (v) for compliance with our legal obligations; (vi) to our service providers who perform services on our behalf; and (vii) for purposes other than inferring characteristics about you.

Retention of Personal Information

We retain the Personal Information we collect only as reasonably necessary for the purposes described in this Privacy Policy or otherwise disclosed to you at the time of collection. For example, we will retain certain identifiers for as long as it is necessary to comply with our tax, accounting and recordkeeping obligations, to administer certain policies and coverage, and for research, development and safety purposes, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, and to comply with our legal obligations. From time to time, we may also deidentify your Personal Information, retain it and use it for a business purpose in compliance with applicable regulations.

Disclosure of Personal Information to Third Parties and Other Recipients

The categories of Personal Information we have disclosed for a business purpose in the preceding twelve (12) months include: identifiers, online identifiers, customer records, financial information, characteristics of protected classifications, usage data, biometric information, education information, geolocation data, audio, video, and other electronic data, professional or employment-related information, inferences, and sensitive Personal Information.

The categories of third parties and other recipients to whom we may disclose Personal Information for a business purpose may include:

Affiliates, subsidiaries, and business partners;
Vendors and service providers;
Acquirers of business assets;
Advisors, auditors, consultants, and representatives;
Agents and brokers;
Insurance carriers or self-insured risk pools
Reinsurers;
Regulators, government entities, and law enforcement;
Operating systems and platforms; and
Others as required by law.

We do not disclose or make available Personal Information to a third-party in exchange for monetary or other valuable consideration. We also do not disclose or making available Personal Information to a third-party for purposes of cross-contextual behavioral advertising.

Information Security

We restrict access to nonpublic personal financial information about you to those employees who need to know that information to provide services. We maintain physical, electronic and procedural safeguards that comply with federal and state regulations to guard your non-public Personal Information.

Contact Us

If you have any questions or comments about this Privacy Policy or the ways in which we collect and use your Personal Information, please do not hesitate to contact the CCMSI Information Security Officer.