Last Updated: November 1, 2021
Thank you for accessing the tokiomarinehighland.com website operated by Tokio Marine Highland Insurance Services, Inc. (“TMH”, “we,” “our,” or “us”). We value our business relationships and respect the privacy rights of each of our customers. Because we are committed to handling private information responsibly, we have established the following Privacy Policy Statement (the “Privacy Policy”) to explain to our customers how we gather and use personal information obtained from this website and other services that reference this Privacy Policy (the “Site”). Whenever we reference the Site we mean, individually and collectively, the web pages found at www.tokiomarinehighland.com, including its subdomains and links to our client portals and the web pages contained therein, and such others as we may make available from time to time.
This Privacy Policy describes the types of information we may collect from you when you visit the Site, why we collect it, how we use it, under what circumstances we may share it with third parties, and our practices for collecting, using, maintaining, protecting and disclosing that information. If you voluntarily provide your information in the course of using or interacting with the Site, or purchasing our services, we will take that as your agreement to our collection, use and disclosure of your information as set forth in this Privacy Policy.
The Privacy Policy applies to information we collect:
1. On or from this Site;
2. In email, text and other electronic messages between you and this Site; and
3. Through forms you download from the Site and submit to us.
The Privacy Policy does not apply to information collected by:
1. Us offline or through any other means, including on any other website operated by any third party (including our affiliates and subsidiaries); or
2. Any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Site.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Site. By accessing or using this Site, you agree to the collection and use of information as outlined in this Privacy Policy. This Privacy Policy may change from time to time. Your continued use of this Site after we make changes is deemed to be your acceptance of those changes, so please check the Privacy Policy periodically for updates.
Although the Site may contain links to other websites controlled by third parties, you should be aware that we are not responsible for the privacy practices of those, or any other, sites. If you have questions about how those websites collect and use data, you should carefully read those sites’ privacy policies.
In addition, please review the Site’s Terms of Use, which govern your use of the Site. By using the Site, you consent to our Privacy Policy and agree to our Terms of Use.
I. WHAT INFORMATION WE COLLECT
1. Information You Provide
If you participate in certain activities on the Site, you may need to provide us with information about yourself such as your name, email address, mailing address, phone number, or fax number. For example, if you choose to send us an email or fill out an online form, you are voluntarily providing personal information to us. In doing so, you are giving us your consent to collect, use and disclose that information for the purpose it is requested and for other reasonable internal business purposes. We do not sell, rent or trade voluntarily submitted personal information with third parties. We may collect additional information when you; contact us regarding a question, concern or inquiry about the Site or our services; sign up to be placed on our mailing and/or marketing lists; or otherwise interact with the Site or our staff.
Your decision to provide us with information is voluntary, but if you choose not to provide any requested information, you may not be able to take advantage of all of the Site’s features.
2. Information We Automatically Collect
When you visit the Site, basic information is passively collected through your browser via use of tracking technologies, such as “cookies” which utilize various files sent from our servers to your computer hard drive, laptop, tablet, mobile phone or other device whenever you visit or interact with the site. Additional information about cookies and tracking technologies is available here. The information we collect through cookies and other means is not personal information and does not individually identify you. It includes things like:
a. the domain name and IP address from which you accessed the Site;
b. the type of browser and operating system you use;
c. the date and time and length of your visit;
d. the specific page visited, graphics viewed and any documents downloaded;
e. the specific links to other sites you accessed from the Site; and
f. the specific links from other sites you used to access the Site.
Mobile devices are the one possible exception to the rule that our passive, automatic collection activities exclude personal information. We say that because, if you access the Site from a phone or other mobile device, the mobile services provider may transmit to us uniquely identifiable mobile device information which allows us to then collect mobile phone numbers and associate them with the mobile device identification information. Some mobile phone service providers also operate systems that pinpoint the physical location of devices and we may receive this information as well. Regardless, we use both automatically collected non-personal information and mobile device information only to compile generic reports about popular pages on the Site, and to see how our customers and followers are accessing the Site. We then use that data to administer the Site, make your activities more convenient and efficient and to enhance the functionality of the Site, such as by remembering certain of your information thereby saving you time.
3. Cookies and Other Tracking Technologies
We use cookies and various methods and technologies to store or collect usage information on the Site. These tracking technologies may set, change, alter or modify settings or configurations on your device. This information helps us recognize you, customize your website experience, and make our marketing messages more relevant.
A few of the technologies used on the Site, include, without limitation, the following (and subsequent technology and methods later developed):
a. Cookies: A cookie is a text file sent by a web server to a web browser and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may send a cookie, which may be stored by your browser on your computer’s hard drive. We may use the information we obtain from the cookie in the administration of the Site, to improve the Site’s usability and for marketing purposes. We may also use that information to recognize your computer when you visit the Site, and/or to personalize the Site for you. Most browsers allow you to refuse to accept cookies. (For example, in Internet Explorer you can refuse all cookies by clicking ‘Tools’, ‘Internet Options’, ‘Privacy’, and selecting ‘Block all cookies’ using the sliding selector.) This will, however, have a negative impact upon the usability of many websites. For more information about cookies visit www.allaboutcookies.org, which gives details on how to delete cookies from your computer.
b. Web Beacons: A Web Beacon is a small tag (which may be invisible to you) that may be placed on the Site’s pages and messages.
c. Embedded Scripts: An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on.
d. ETag: An ETag or entity tag is a feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL.
e. Browser Fingerprinting: Collection and analysis of information from your Device, such as, without limitation, your operating system, plug-ins, system fonts and other data, for purposes of identification.
f. Recognition Technologies: Technologies, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user).
We use Google Analytics to analyze the use of the Site. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to the Site is used to create reports about the use of the Site. Google will store this information.
Google’s privacy policy is available at: www.google.com/privacypolicy.html
4. Information We Collect When You Interact With Third Party Sites
The Site may include functionality that allows certain kinds of interactions between the Site and your account on a third-party website or application. The use of this functionality may involve the third-party site providing information to us. For example, we may provide links on the Site to facilitate sending a communication from the Site or we may use third parties to facilitate emails or postings to social media. These third parties may retain any information used or provided in any such communications or activities and these third parties’ practices are not subject to our Privacy Policy. TMH may not control or have access to your communications through these third parties. Further, when you use third-party sites or services, you are using their services and not our services and they, not we, are responsible for their practices
II. DO NOT TRACK POLICY
Some web browsers have a “Do Not Track” feature. This feature lets you tell websites you visit that you do not want to have your online activity tracked. These features are not yet uniform across browsers. The Site is not currently set up to respond to those signals.
III. HOW WE USE INFORMATION
We may use information that we collect about you or that you provide to us for several purposes including:
1. To present the Site and its contents to you;
2. To assess the performance of the Site, to improve the content offered through the Site;
3. To offer enhanced functionality when accessing the Site, including keeping track of your specified preferences or to track your online activities over time and across third party sites;
4. To deliver content relevant to your interests on the Site and third party sites based on how you interact with our advertisements and/or content;
5. To provide you with information, products or services that you request from us;
6. To process claims;
7. To fulfill any other purpose for which you provide it;
8. To provide you with notices about your account/subscription, including expiration and renewal notices;
9. To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
10. To notify you about changes to the Site or any products or services we offer or provide though it;
11. To allow you to participate in interactive features on the Site;
12. In any other way we may describe when you provide the information;
13. To contact you about our own and third-parties’ goods and services that may be of interest to you;
14. To perform research;
15. Internal business purposes;
16. As permitted or required by law; or
17. For any other purpose with your consent.
IV. INFORMATION WE DISCLOSE
We may disclose aggregated information and statistics about our users without restriction so long as such information and statistics does not contain any personal information. We may disclose personal information that we collect or you provide, to our parent, subsidiaries, affiliates or to third parties, as required to conduct our business, to assist us in providing our products and services to you, or as permitted or required by law. (If you are a California resident, you have the right to request additional information. Please see the Section below entitled “Your California Privacy Rights” about these rights.) In addition, we may share the information we have collected about you as disclosed at the time you provide your information and as described in this Privacy Policy. Examples of when TMH may share your information include as follows:
1. Third Parties Providing Services to TMH. We may use third-party service providers to perform certain services on behalf of us or the Site, such as: (i) assisting us in Site operations; (ii) managing a database of customer information; (iii) hosting the Site; (iv) designing and/or operating the Site’s features; (v) tracking the Site’s activities and analytics; and (vi) other services designed to assist us in maximizing our business potential. We may provide these third parties with access to user information to carry out the services they are performing for us. These third parties may have additional or different privacy policies and/or Terms of Use. You should be sure that you read and agree to those policies and Terms.
2. Affiliates and Business Transfer. We may share your information with our parent, subsidiaries and affiliates. As part of this sharing of information with our parent, subsidiaries and affiliates, this means that once you provide us with information, any one of our related entities may use your information including for marketing purposes, pursuant to the terms of this Privacy Policy. We also reserve the right to disclose and transfer all such information: (i) to a subsequent owner, co-owner or operator of the Site and/or our Services; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including during any due diligence process.
V. ADS AND INFORMATION ABOUT YOU
We may also use Tracking Technologies, such as our own cookies, to provide you with personalized online display advertising tailored to your interests. We and third parties, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as a DoubleClick cookie) together to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to visits to the Site. To learn more about how to opt out of Google’s use of the Google analytics cookies, visit, here. To learn more about how to opt out of DoubleClick’s use of cookies, visit the DoubleClick opt-out page, here. If you would like more information about behavioral advertising practices, go to www.aboutads.info. To learn about your choices in connection with these practices on the particular device on which you are accessing this Privacy Policy, please visit http://www.networkadvertising.org/choices and http://www.aboutads.info/choices. You may also click on the informational icon contained within each interest-based ad.
VI. YOUR CHOICES ABOUT THE INFORMATION WE COLLECT
At any time, you can request access to your personal information, request that any inaccuracies be corrected, and request that comments or explanations be added to records about you.
You can also ask about:
1. Whether and why we have your personal information;
2. How we got your personal information;
3. What we have done with your personal information;
4. To whom we have communicated your personal information;
5. Where your personal information has been stored, processed or transferred;
6. How long we will retain your personal information, or how that retention period will be determined; and
7. The safeguards in place to protect your information when it is transferred to third parties.
Finally, you can ask us not to collect or use your personal information for certain purposes, you can ask us to delete your personal information, or you can ask us to provide your personal information to a third party. To do so, please email us at compliance@tmhighland.com or contact us at the postal address below. We will respond to your request within a reasonable time or advise you why our processing may be delayed.
If you would prefer that we not share your name and mailing address with third parties (other than with our parent companies, subsidiaries and/or affiliates) to receive promotional offers, you have the option to opt out of such sharing. To do so, please email us at compliance@tmhighland.com). Your choice will not affect our ability to share information in the other ways described in this Privacy Policy.
We reserve the right to take reasonable steps to verify your identity prior to granting access or processing changes or corrections.
We may refer any of these requests to our customer if your personal information was collected on behalf of that client and we operate as a processor for that controller customer. Depending on which laws apply to your personal information, we or our customer may only be able to do some of these things for you. If you request one of these things and we refuse to do it, we will explain your legal rights, the reason for our refusal, and any recourse you may have.
VII. CONFIDENTIALITY AND SECURITY
We protect the confidentiality and security of the information we collect as follows:
1. We do not sell or share the information we collect to anyone for marketing purposes;
2. We contractually require every person or organization providing products or services for us or on our behalf to protect the confidentiality of nonpublic personal information;
3. We prohibit any person or organization from disclosing or using nonpublic personal information other than to carry out the purposes of the products and services we provide;
4. We maintain physical, electronic and procedural safeguards so that all nonpublic personal information is treated in accordance with this Privacy Policy; such safeguards include advanced data-encryption and storage technology, secure facilities with access controls at public points of entry, various other security systems, and onsite supervision of these areas;
5. We employ an independent auditing company to annually review our security practices.
In addition, we use standard security protocols and mechanisms to facilitate the exchange and the transmission of sensitive data. We do not process Personal Information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you.
In the event that Personal Information is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, we will notify the affected individual of the breach by email or, if we are unable to contact the individual by email, then by regular mail. Notice will be given promptly, consistent with the legitimate needs of law enforcement and any measures necessary for us or law enforcement to determine the scope of the breach and to ensure or restore the integrity of the data system. We may delay notification if we or a law enforcement agency determines that the notification will impede a criminal investigation, and in such case, notification will not be provided unless and until we or the agency determines that notification will not compromise the investigation. We will cooperate with you in the investigation and/or remediation of any security breach.
Please note that while we incorporate commercially reasonable safeguards to help protect and secure your Personal Information, no data transmission over the Internet, mobile networks, wireless transmission, or electronic storage of information can be guaranteed 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit to or from the Site, and you provide us with your information at your own risk. If you must transmit confidential information to us for any reason, please contact us for instructions for a secure file transfer protocol.
VIII. UNDERAGED VISITORS
Federal law imposes special restrictions and obligations on commercial website operators who direct their operations toward, and collect and use information from children under the age of 13. We take those age-related requirements very seriously, and consistent with them do not intend for this site or any of our authorized features or apps to be used by children under the age of 18, and certainly not by anyone under the age of 13. Moreover, we do not knowingly collect personal information from minors under the age of 18. If we become aware that anyone under the age of 18 has submitted personal information to the Site, we will delete that information and will not use it for any purpose whatsoever. We encourage parents and legal guardians to talk with their children about the potential risks of providing personal information over the Internet.
IX. CALIFORNIA RESIDENT PRIVACY RIGHTS
Under California law, if you are a resident of California, you may make a written request to us about how we have shared your information with third parties for their direct marketing purposes. If this law applies to you, you may obtain the categories of Personal Information shared by us and the names and addresses of all third parties that received Personal Information for their direct marketing purposes from us during the immediately prior calendar year (e.g., requests made in 2021 will receive information about 2020 sharing activities).
1. Your Rights and Choices Under CCPA: The California Consumer Privacy Act (“CCPA”) provides consumers (California Residents) with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights:
a. Access to Specific Information and Data Probability Rights: If you submit a written request, once we receive your information and confirm your verifiable consumer request, we will disclose to you:
i. The categories of Personal Information we collected about you.
ii. The categories of sources for the Personal Information we collected about you.
iii. Our business or commercial purpose for collecting or selling that Personal Information.
iv. The categories of third parties with whom we share that Personal Information.
v. The specific pieces of Personal Information we collected about you (also called a data portability request).
vi. If we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing:
1. Sales, identifying the Personal Information categories that each category of recipient purchased; and
2. Disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
b. Deletion Request Rights: You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records, unless an exception applies. We may deny your request if retaining the information is necessary for us to:
i. Complete the transaction for which we collected the Personal Information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
ii. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
iii. Debug products to identify and repair errors that impair existing intended functionality.
iv. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
v. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
vi. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
vii. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
viii. Comply with a legal obligation.
ix. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
2. Response and Timing Format: To make such a request, please provide enough information for us to determine if this applies to you, attest to the fact that you are a California resident and provide a current California address for our response. To make such a request, please send an email to: compliance@tmhighland.com with “California Privacy Rights” as the subject line, or mail us a letter to: Tokio Marine Highland Insurance Services, Inc., 625 Fair Oaks Ave, Suite 290, South Pasadena, CA 91030, Attn: California Privacy Rights. You must include your full name, email address, and postal address in your request.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
a. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
b. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
a. Deny you services.
b. Charge you different prices or rates for services, including through granting discounts or other benefits, or imposing penalties.
c. Provide you a different level or quality of services.
d. Suggest that you may receive a different price or rate for services or a different level or quality of services.
X. CHANGES TO THIS PRIVACY POLICY STATEMENT
We reserve the right to change or update this Privacy Policy at any time and from time to time. Please check the Site periodically for such changes since all information collected is subject to the Privacy Policy in effect at that time. We will indicate the amendment date at the beginning of this Privacy Policy. If we feel it is appropriate, or if the law requires, we will also provide a summary of changes we made near the end of the new policy.
XI. CONTACTING US
You may contact us if you have any questions about this Privacy Policy. Please contact our Compliance Department by phone at 1-800-423-2497, by email at compliance@tmhighland.com or by mail at Tokio Marine Highland Insurance Services, Inc. 625 Fair Oaks Ave, Suite 290, South Pasadena, CA 91030.