OVERVIEW

Privacy of Non-Public Financial Information

PRIVACY POLICY

DUAL North America, Inc. and its subsidiaries: DUAL Commercial LLC; DUAL Re America LLC; DUAL Specialty Flood LLC; Energy, Industrial & Utility Risk Solutions LLC; Chelsea Risk Management & Insurance Services, Inc.; DUAL Specialty Underwriting, Inc.; Align Financial Holdings, LLC; Align Claims Services, Inc.; Align General Insurance Agency, LLC; Deposit Choice, LLC; Catalytic Risk Managers & Insurance Agency, LLC; Catalytic Claims Services, Inc.; NALICO General Agency, Inc.; Enspire Insurance Services, Inc.; NationsBuilders Insurance Services, Inc.; and NBIS Construction & Transport Insurance Services, Inc. (collectively “DUAL”, “we” or “our”) are committed to protecting your privacy and have adopted this Privacy Policy (“Policy”) to establish and maintain an adequate level of privacy protection.

This Policy describes our current policies and practices in relation to the collection, handling, use, and disclosure of Personal Information. Personal Information means data that personally identifies or may be used to personally identify a person, including information such as your name, address, date of birth, phone number, email address and IP address. This Policy also applies to the processing of individual customers and employee’s personal data that we receive in the US concerning customers and employees of DUAL or our affiliates or subsidiaries, who reside in the EU, UK, and/or Switzerland and whose personal information has been sent to DUAL from the EU, UK, and/or Switzerland. This Policy also deals with how you can inquire about a breach of the privacy laws, how you can access the Personal Information DUAL holds about you, and how you can have that information corrected.

This Privacy Policy is effective upon posting and was last updated on 19 August 2024.

What information does DUAL collect?

DUAL only collects Personal Information and Sensitive Personal information strictly necessary for the performance of its services of underwriting insurance policies and claims handling. DUAL processes customer Personal Information which may include name, gender, mailing address, phone and/or facsimile number, email, and driver’s license number (if applicable) when asked to issue an insurance quotation or an insurance policy, or when asked to review a claim made on an insurance policy that DUAL has issued. At such times, DUAL will ask you (or your insurance broker or representatives) for the information DUAL needs to fulfill the request. For the entities handling claims, the claims files include Sensitive Personal Information received under the authority of an executed release by the data subject.

 

DUAL may process its employees’ Sensitive Personal Information and Personal Information in order to fulfill our contractual obligations to our staff, affiliates and subsidiaries, to provide benefits and facilitate payment of wages and for internal management and/or regulatory reporting, as required.


How does DUAL use the information collected?

DUAL uses your Personal Information in relation to the nature of your inquiry to DUAL, the nature of the services you are seeking from DUAL and in relation to your status as a customer or an employee of DUAL or its affiliates or subsidiaries.

DUAL uses your information to assess the risk of providing you with insurance, provide quotations, issue policies, and review claims on behalf of the insurers we represent. DUAL also uses your information to administer any policies we have issued to you and may do so by mail or electronically, unless you tell us that you do not wish to receive electronic communications. Additionally, DUAL may use information collected to resolve complaints, handle requests for data access or correction, manage our infrastructure and business operations, and comply with internal policies and procedures (including those policies and procedures relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; data analytics; business continuity; and records, document and print management). Further, we use the information collected to comply with applicable laws and regulatory obligations (which may include laws outside your country of residence), such as those relating to anti-money laundering, sanctions and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (which may include those outside your country of residence). Lastly, DUAL may use the information collected to establish and defend your or our legal rights, privacy, safety, or property; protect our operations or those of any of our group companies or business partners; and pursue available remedies or limit our damages.

DUAL does not share your data with third parties for purposes of cross-context behavioral advertising. However, from time to time, DUAL itself may use your contact details to send you offers, updates, newsletters or other information about products and services that DUAL believes will be of interest to you. DUAL will always give you the option of electing not to receive these communications and you can unsubscribe at any time by notifying us that you wish to do so at techsupport@dualinsurance.com. Where necessary, DUAL may use your information internally to help us improve our services, resolve any problems or to meet our legal and regulatory obligations.

What if you don’t provide some information to DUAL?

DUAL can only assist in providing you with insurance services if DUAL has all relevant information. If you do not provide us with the information DUAL requests, DUAL may not be able to provide you with insurance or review an insurance claim that you have made. In addition, when applying for insurance, you have a duty to provide an insurer with the information it needs to decide whether to provide insurance and if so, on what terms. If you do not provide us with all relevant information, you may breach this duty.


How does DUAL hold and protect your information?

DUAL uses reasonable efforts to maintain the accuracy and integrity of the Personal Information we collect. DUAL electronically stores Personal Information on a secure network with firewall protection, and access to DUAL’s electronic information system requires user authentication via password or similar means. DUAL additionally only keeps Personal Information for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements. In specific circumstances, DUAL may also retain your Personal Information for longer periods of time so that we may have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or dealings. DUAL holds the information collected from you in electronic form in DUAL’s document management system. Despite this, please note that no method of transmission or method of electronic storage over the internet is guaranteed safe 100% of the time.

Will DUAL disclose the information collected to anyone?

 

DUAL does not sell, trade, or rent your personal information to others. DUAL provides your information to the insurers DUAL represents when DUAL issues and administers insurance policies. DUAL is part of the Howden Group Holdings Limited (“Howden Group”). DUAL may receive or provide your information to other entities in the Howden Group who are based in the United Kingdom, if it is necessary for us to do so to obtain information technology, claims and financial administration support services. DUAL may need to provide your information to third parties such as: (1) insurance brokers with whom you have chosen to deal; (2) contractors who supply services to us such as claims management companies, loss adjusters, data processors, and external data storage providers; or (3) other companies in the event of a corporate sale, merger, reorganization, dissolution or similar event. However, DUAL will take all reasonable steps to ensure that they protect your information in the same way that we do. DUAL may also provide your information to others if DUAL is required to do so by law. Insurers may acquire reinsurance from reinsurance companies that are located throughout the world. In some cases, your information may be disclosed to reinsurers so that they can decide whether to provide reinsurance to the insurer. DUAL does not make this disclosure but it may be made by your insurer (if necessary) for the placement of their reinsurance program.

DUAL requires all third parties to respect the security of your Personal Information and treat it in accordance with the law. DUAL does not allow our third-party service providers to use your Personal Information for their own purposes and we only permit them to process your Personal Information for specified purposes and in accordance with our instructions.

In addition, if DUAL learns that third party is using or disclosing your Personal Information in a manner that is contrary to this Policy, we will take reasonable steps to prevent or stop such use or disclosure. DUAL may be liable for onward transfers of Personal Information to third parties in violation of this Policy and the EU-U.S. (including the UK Extension) and Swiss-U.S. Data Privacy Framework Principles.

DUAL will offer you the opportunity to choose (opt out) whether your personal data is (i) to be disclosed to 3rd parties, except when disclosure is made to a 3rd party that is acting as an agent to perform task(s) on DUAL’s behalf and under DUAL’s instructions or (ii) to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by you. DUAL will provide you with clear, conspicuous, and readily available mechanisms to exercise your choices should applicable circumstances arise. To request that DUAL not use your personal data or opt out of marketing messages from DUAL, you should contact DUAL at techsupport@dualinsurance.com.

How can you check, update or change the information DUAL are holding?

If you wish to access or correct your Personal Information please write to us at techsupport@dualinsurance.com, call us at +1 (855) 378-8203, or file a request through the Privacy & Data Subject Requests section of our website. DUAL will not discriminate against you for exercising your right to make a privacy or data subject request under applicable law. Upon receipt of your written request and enough information to allow DUAL to identify the information, DUAL will disclose to you the Personal Information we hold about you. DUAL will also correct, amend or delete any Personal Information that we agree is inaccurate, irrelevant, out of date or incomplete. DUAL does not charge for receiving a request for access to Personal Information or for complying with a correction request but in some cases, DUAL may need to charge you for our reasonable expenses incurred in providing you with access (e.g. photocopy, administration, or postage costs). In some limited cases, DUAL may need to refuse access to your information or refuse a request for correction. DUAL will advise you as soon as possible after your request if this is the case and the reasons for our refusal.

What happens if you want to complain?

All complaints and requests are taken seriously by DUAL. You may contact DUAL with privacy-related questions or concerns by emailing us at techsupport@dualinsurance.com, calling us at +1 (855) 378-8203, or filing a request through the Privacy & Data Subject Requests section of our website. DUAL will not discriminate against you for exercising your right to make a privacy or data subject request under applicable law. Upon receipt of your written request and enough information to allow DUAL to identify the information, DUAL will respond within the time required by applicable law.

 

In compliance with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework, DUAL commits to resolve complaints about our collection or use of your Personal Information. If you have any concerns about whether DUAL has complied with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework or this Privacy Policy when collecting or handling your Personal Information, please write to us at techsupport@dualinsurance.com. DUAL will consider your complaint through our internal complaints resolution process and DUAL will try to respond with a decision within 45 days of you making the complaint.

DUAL has further committed to refer unresolved EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact JAMS or visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you. In the event your complaint is still not addressed, you may be entitled under certain conditions to invoke a binding arbitration under EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework.

In compliance with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Framework, DUAL commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework in the context of the employment relationship.

 

EU-U.S. (including the UK Extension) and Swiss-U.S. Data Privacy Framework Principles

DUAL’s operations are located primarily in the United States. If you are a national of an EU state, the UK, or Switzerland and provide information to DUAL, the information will be transferred out of the EU, UK, and Switzerland to the United States. DUAL complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  DUAL has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  DUAL has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

 

DUAL is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Notification of Changes

This Policy may change from time to time and we will post all the most current, updated Policy here. We suggest you review it periodically to ensure that you are in agreement with the latest updates.