PRIVACY POLICY

Effective Date: This Privacy and Data Protection Policy was last revised on August 8, 2024.

This website is owned and/or operated by United General Insurance Corporation (“United General Insurance Corporation” or “we”, “our”, or “us”).

This Privacy Policy (this “Policy”) explains how, when and why we collect and use personal data (otherwise known as Personal Information), including:

  • When you access our website (www.ugicinsurance.com, the “Website”) regardless of how you access or use the Website, whether via personal computers, mobile devices or otherwise;
  • When you purchase an insurance policy directly (or with other individual such as a joint policyholder) or through a third-party intermediary that enters into an arrangement with us, which is referred to as “insurance”.

Particularly in the insurance context, we may possess personal information about you that we did not collect from you. For example, if you have purchased an insurance policy from a third-party intermediary, we may come into receipt of your personal data. In these instances, we encourage you also to check the privacy policies of those third parties as those privacy policies may apply.

It is also important that you show this privacy policy to any other person who is insured under your insurance policy. If you provide us with personal information about someone else, we will assume you have obtained their permission and have proper authorization, to do so.

This Policy is not intended to override the terms of any contract you have with us, nor rights you are afforded under applicable privacy and data protection laws.

In addition, please review the Website’s Terms and Conditions of Use, which governs your use of the Website.

We encourage you to read the entire Policy. Please click on the headings in the table of contents to go directly to the full explanation of a specific issue or point.

 

THE PERSONAL DATA WE COLLECT

When we use the term personal data, we mean any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal data is sometimes referred to as Personal Information, depending on the applicable law. Both “personal data” and “personal information”, which we use interchangeably, are broad definitions, and include pieces of information like your name, address, telephone number, or email address. Some types of personal data are considered to be “sensitive” and must be handled with extra care. Health and financial data, ethnic and racial origins, political opinions, genetic and biometric data, an individual’s sex life or sexual orientation, and religious/philosophical beliefs will almost always be considered sensitive.

Personal data does not include specified publicly available information, anonymized information or aggregate information. By “aggregate information” or “anonymized information,” we mean information that does not allow us to identify or contact specific individuals. For example, the number of users of our website is aggregate information which does not reveal who those users are.

It also doesn’t include business contact information, when it is used for the purpose of communicating or facilitating communication with the individual in relation to their employment, business or profession.

Policyholders and Claimants

In order to deal with any policy application or claims, we need to collect and process personal data about you. If you do not provide the information we need, we may not be able to issue a policy to you or handle the claim. The types of personal data may include:

  • Individual details– Name, address, contact number, email address, bank account details, gender, marital status, date of birth, nationality, employer, job title and family details.
  • Identification details– Identification numbers issued by government bodies or agencies, including your driver’s license number, and in some cases your social insurance number (if permitted).
  • Credit and anti-fraud data– Credit and anti-fraud data such as credit history, credit score, sanctions, criminal offenses and convictions, and information from various anti-fraud databases related to you.
  • Claims information– Information about previous and current claims, (including other unrelated insurance), which may include data concerning your health (e.g., injuries and relevant pre-existing conditions), vehicle details, relevant criminal offenses and convictions, or other sensitive personal data.
  • Vehicle and driving-related data – includes driving license type, driving convictions, prior motor vehicle claims, prior motor vehicle insurers, vehicle plate number, vehicle mileage, vehicle feature information, vehicle identification number, theft prevention and tracking data, dashcam footage and telematics data.

Website Users

If you are a Website user, you may voluntarily provide us with personal data (e.g., to contact us). Depending on your choice on cookies (see below), you can visit the Website without revealing who you are or providing any personal data about yourself. However, there will be times, such as when you request information from us through the Website, when we will need to obtain personal data from you or about you. We may collect this personal data through various forms and in various places on the Website, including job application forms, ‘contact us’ forms or when you otherwise interact with the Website. Additionally, we may also make certain online services available, such as an online portal that permits our claimants to access their account.

We and our third party service providers may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with the Website based on your use of the Website (“usage information”), unless you elect to reject certain cookies. A cookie is a text file sent by a web server and placed on your device that can store information. This usage information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device whenever you visit or interact with our Website. You may have other options regarding tracking and/or targeting.

Job Applicants

If you apply for a job with us (“Applicants”), we may collect certain personal data including, without limitation: (i) contact information (e.g., name, home and business address, phone numbers, email addresses, emergency contact information); (ii) personal information (e.g., date of birth, nationality); (iii) employment and education history (including internal and external employment history, references and organizational data such as department, work location, job title, salary, and seniority); and (iv) any other information which may be voluntarily disclosed by you in the course of the application process. Sensitive personal data are processed solely in accordance with applicable data protection laws and with the explicit consent of the Applicant or where such processing is specifically authorized or required by law. Where we carry out background checks on Applicants this may involve the processing of criminal record data and this will only be processed where such processing is specifically authorized or required by law.

 

WHEN WE COLLECT YOUR PERSONAL DATA

Policyholders and Claimants

We may collect your personal data: (1) directly from you, your insurance application and claims forms that you complete, communications between you and UGIC, your participation in promotions and market research, your use of our applications and websites, as well as if you are a joint policyholder or otherwise a beneficiary under a policy, we will then obtain personal information from such a policyholder; (2) when you make a claim or a third-party intermediary notifies us of a claim; and (3) from other sources (e.g., credit reference agencies and government agencies) and other public sources where necessary, for example, to validate the claim or comply with applicable anti-money laundering laws and sanctions.

Website Users

We will collect your personal data: (1) where you or your employer provides your contact or other information to us in the course of working with us, either directly as a business partner or as a representative of your company; (2) where you attend meetings, events or conferences that we organize or sponsor; and (3) where you visit and/or contact us through the Website or one of our online portals.

 

YOUR CONSENT FOR COLLECTION, USE OR DISCLOSURE OF PERSONAL DATA

We will make a reasonable effort to make sure you understand and consent to how your personal data will be used by UGIC. In certain circumstances, however, personal information may need to be collected, used or disclosed without the knowledge and consent of the individual, for e.g., legal, medical, or security reasons may make it impossible or impractical to seek consent. In obtaining your consent, we will always use reasonable efforts to ensure that you are advised of the identified purposes for which any personal information collected will be used or disclosed. We will always collect personal information by fair and lawful means.

 

HOW WE USE THE PERSONAL DATA COLLECTED

Policyholder and Claimants

  • To provide ongoing service to you as a customer;
  • Communicate with you using your preferred method of communication with regard to your policy application;
  • To underwrite and price your policy application and any subsequent policy changes or renewals;
  • Process payments;
  • To help us understand our customer’s needs better;
  • Manage relationships with third parties, e.g., brokers, third party intermediaries;
  • To develop, enhance, market or provide our insurance products and services, provide staff training, and maintain information security, ;
  • Comply with applicable legal, regulatory, and professional obligations, including reporting to regulatory bodies, government authorities, industry entities and data sharing agencies, as well as to comply with law enforcement and to manage legal claims or act as required by law;

In order to deal with any claims, we may process your personal data for claims processing including assessing and evaluating the merits of a claim and to pay a settlement, for statistical analyses, for the prevention and detection of fraud, money laundering or other crimes.

Website Users

As part of our business activities, we may process your personal data for the following purposes:

  • To improve the Website or our services, to customize your experience on the Website, or to serve you specific content that is relevant to you;
  • To contact you with regard to your use of the Website and, in our discretion, changes to the Website or the Website policies;
  • For internal business purposes, including to help us understand how our Website is navigated and used; and
  • For direct marketing.

Job Applicants

The provision of personal data by an Applicant may be necessary in order for us to fulfill our legal obligations and to allow us to consider an Applicant for a role or vacancy in accordance with our recruitment process. In the event we make an offer of employment and the Applicant accepts, the Applicant’s personal data will be held and processed by us to the extent necessary for us to fulfil our legal and contractual obligations and to manage the employment relationship. Where we require Applicant personal data to comply with its legal requirements, failure to provide this personal data means we may not be able to consider the job application.

 

HOW AND WHEN WE SHARE PERSONAL DATA WITH THIRD PARTIES

In addition, we may share with third parties the information we have collected about you, including personal data, to provide our services and comply with legal obligations. We do not share your personal data with third parties for their direct marketing purposes unless you have consented to such sharing.

These third parties may include:

  • Other Companies. We may share your personal data with other companies in the United General Insurance Corporation group of companies to assist in the delivery of services to you. We also reserve the right to disclose and transfer such information: (1) to a subsequent owner, co-owner or operator of the Website; or (2) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.
  • Third Party Intermediaries. We may disclose your personal data to intermediaries (e.g., brokers, managing general agents, third party administrators) and reinsurers in and outside of the Canada to assist us in managing our business.
  • Third Parties Providing Services on our Behalf. We may use third party vendors to perform certain services on our behalf, such as technical support and back-office services, loss adjustors and claims experts, medical or rehabilitation specialist, data processing, accounting, actuarial or statistical functions, hosting services and Website activity tracking and analytics. We may also disclose your personal data to our advisors (e.g., attorneys and other professional services firms) in and outside of Canada. We may disclose personal data to a medical or rehabilitation specialist or assessment clinic that is providing an opinion to us pursuant to our rights and obligations under the applicable law. We may disclose your personal data to a person or corporation involved in the development, enhancement, marketing ot provision of our insurance products and services. Transfers amongst United General Insurance Corporation entities are covered by intra-organizational agreements which provide specific requirements designed to ensure your personal information receives adequate protection whenever it is transferred within United General Insurance Corporation. Transfers to our third-party intermediaries and service providers are protected by contractual agreements that require an adequate level of data protection.
  • Judicial, Regulatory and Law Enforcement Bodies. We may disclose your personal data to judicial, regulatory and law enforcement bodies, including, but not limited to: (1) satisfy any applicable law, regulation, subpoenas, governmental requests or legal process if in our good faith opinion such disclosure is required or permitted by law; (2) protect and/or defend our rights, property and/or interests (including, the Website’s Terms and Conditions of Use or other policies applicable to the Website) and investigation of potential violations thereof; (3) protect the safety, rights, property or security of United General Insurance Corporation or any third party where we are legally required or advised to do so; and (4) detect, prevent or otherwise address fraud, security or technical issues. Such disclosures may be carried out without notice to you.

We may also transfer your personal data outside of Canada, either to our affiliates or to our service providers, and transferred data may be subject to the laws of the recipient jurisdiction, which may be different from the laws in Canada.

 

THIRD PARTY CONTENT AND LINKS TO THIRD PARTY WEBSITES

The Website may contain content that is supplied by a third party, and those third parties may collect usage information and your device identifier when webpages from the Website are served to you. The Website may contain links to third parties. We are not responsible for the data collection and privacy practices employed by any of these third parties on their websites. We encourage you to review their privacy policies and our Terms and Conditions of Use.

 

CHANGING YOUR INFORMATION AND COMMUNICATIONS PREFERENCES

  • If you wish to update or correct your personal data, please email: general@ugic.nb.ca with a copy to privacy@farmmutualre.com
  • You may cancel or modify the email marketing communications you receive from us by following the instructions contained in our promotional emails.
  • Please note that we reserve the right to send you certain communications relating to your account or use of the Website, such as administrative and service announcements and you will continue to receive these transactional communications if you opt-out from receiving marketing communications.

 

YOUR RIGHTS

You have several rights in relation to your personal data under applicable privacy and data protection law, which may be subject to certain limitations and restrictions.

Policyholders and Claimants

Please make any requests to exercise your rights directly to us or through your third party intermediary. We will work to fulfill your request.

Others

We aim to respond to any valid requests within 30 days unless it is particularly complicated or you have made repeated requests, in which case we may need additional time. We will inform you of any such extension within one month of receipt of your request, together with the reasons for the delay. You will not be charged a fee to exercise any of your rights unless your request is clearly unfounded, repetitive or excessive, in which case we will charge a reasonable fee in the circumstances or refuse to act on the request. If you wish to exercise any of these rights, please contact us in writing using the contact details below. We may request proof of identification to verify your request.

 

SECURITY SAFEGUARDS

We implement appropriate and reasonable security and technical, administrative, and organizational measures to protect personal data against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.

 

Although we take measures to protect the security of the information communicated through the Website, no Internet-connected computer system can be made absolutely secure from intrusion. We, therefore, cannot and do not guarantee that information communicated by you to us via the Website will be received or that it will not be altered before or after its transmission to us. If you elect to use the Website to communicate with us or provide us with information, you do so at your own risk.

 

HOW LONG WE RETAIN YOUR PERSONAL DATA

We retain your personal data only for as long as necessary in accordance with our document retention policy and in accordance with legal, regulatory, tax or accounting requirements, or for dealing with complaints, legal challenges or prospective litigation.

For example, where you make a claim, your information will be held for the duration of the claims process and a period of several years after the end of our relationship. We keep information after our relationship ends in order to comply with applicable laws and regulations and for use in connection any legal claims brought under or in connection with your policy.

Once your personal data is no longer required, it will be securely deleted.

 

CHANGES TO OUR PRIVACY POLICY

We reserve the right to change, update and/or modify this Policy at any time without notice to you. Any changes will be effective immediately upon the posting of the revised Policy. However, if we make material changes to this Policy we will notify you by means of a prominent notice on the Website prior to the change becoming effective, or in other ways as required by law. Please review the Policy whenever you access or use this Website.

 

HOW TO CONTACT US

If you have any questions about our Policy or practices described in it, you should contact us in the following ways:

Postal Mail: United General Insurance Corporation, 50 Avonlea Court, Fredericton NB  E3C 1N8 Attn: Matthew Wight with a copy to prouse@farmmutualre.com

By e-mail: general@ugic.nb.ca

By phone: (506) 460-8820