Last Updated: October, 2020
AmTrust is committed to protecting the privacy of the personal information of individuals we encounter in conducting our business. Personal Information is information that identifies and relates to you. It includes Personally Identifiable Information (PII), Payment Card Information (PCI) and Personal Health Information (PHI) as defined below. Our goal is to address your need for excellent service, while meeting our commitment to keep your Personal Information safe and secure. The safeguards we use to protect your Personal Information are described below.
We may change the provisions of this Policy at any time and will indicate when changes have been made by revising the date at the top of this Policy and on this website.
We may revise and update the provisions of this Policy from time to time at our sole discretion. All changes are effective immediately when posted. Your use of the Services following the posting of such changes shall constitute your consent to such changes. We encourage you to review this Policy whenever you access the Services to see if it has changed and make sure that you understand the most current information about your privacy.
AmTrust collects information: (1) you provide when you use the Services; (2) automatically from you through the use of the Services; and (3) gathered from third parties in connection with your use of the Services.
1) Information that you provide
AmTrust may collect information that you provide when you use the Services. This information collection may occur, for example, when you: (1) fill out online forms or applications; (2) create an online account or register to use the Services; (3) make a purchase; (4) send questions or comments via email, text messaging or live chat to customer support; (5) submit your resume to us online; (6) fill out online surveys; and (7) otherwise communicate or interact with us through the Services.
The types of information that you provide may include your name, postal address, email address, telephone number, insurance policy number(s), financial account number, Social Security number, credit card information, gender, birth date and other contact or identifying information. We may combine this information with other personal information now or in the future. Some of the information you may provide is considered Personal Information. This includes Personally Identifiable Information (PII), Payment Card Information (PCI) or Personal Health Information (PHI). The term PII refers to information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. It is important to recognize that non-PII can become so whenever additional information is made publicly available — in any medium and from any source — that, when combined with other available information, could be used to identify an individual. You may also provide PCI such as card number, expiration date and security code or PHI as defined in HIPAA regulations. You will only be asked to provide this information if required for the completion of the intended services.
2) Information we collect automatically through collection technologies
When you access or use our Services, we may also automatically collect information about you, such as the type of computer you are using, its operating system, Internet Protocol (IP) address, access times, browser type and language and the URL of the website you visited before navigating to our Services.
To collect these types of information, we may use the technologies, including those identified below:
Browser Cookies: Cookies are small data files stored on your computer or mobile device by a website. Among other things, cookies help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. In addition, when you view a video on our Services, we may set a cookie on your computer or device. For more information about cookies, and how to disable them, please see What are your information sharing choices? below.
Storage Cookies: Certain features of our websites may use locally stored objects (storage cookies) to collect and store information about your preferences and navigation to, from and on this website. Such cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons: Pages of our website and our emails may contain small electronic files known as web beacons (also referred to as web bugs, clear gifs. pixel tags and single-pixel gifs) that permit the Company, for example, to monitor user behavior, deliver cookies, collect information, count visits, understand usage and campaign effectiveness, to tell if a recipient has opened and acted upon an email and verifying system and server integrity.
Log Files: Log files record website activity on our Services and enable us to gather statistics about our users’ browsing habits. These entries help AmTrust determine, among other things, how many and how often users have accessed or used our Services, which pages of our Services they’ve visited, and other similar data.
There may be other technologies now and later devised and used by us in connection with the Service. We may associate the information we collect from these technologies with other information, including Personal Information that you provide for the purposes described in this Policy.
3) Information we collect from third parties
We engage third parties to provide:
Website Analytics: AmTrust uses analytics services and software provided by third parties to help us understand how users access and use the Services. These tools and services place cookies, web beacons and other devices or technologies on our Services to enable them to track traffic data. The data collected typically includes information such as your IP address, your Internet Service Provider, your web browser, the time spent on web pages, the links clicked, and the advertisements viewed on those pages. We use this information to improve our Services and your experience, to see which areas and features of our Services are popular, and to count visits.
We may use the information including PII that we collect or you provide as described in this Policy for the following purposes:
- To present this website and its contents to you;
- To monitor and evaluate trends, usage and activities in connection with our Services;
- To improve the Services and customer service;
- To monitor performance and usage of the Services, identify problem areas with the Services, and inform design & development for future Services and updates to existing Services;
- To provide and deliver the products and services you request, process transactions, and to send you related information, including expiration and renewal notices, confirmations and invoices;
- To send you advertising or promotional materials, including information about new products, contests, features and enhancements, special offers and other events of interest from AmTrust and our selected partners;
- To respond to your comments, questions and requests;
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- To notify you about changes to this website or any products or services we offer or provide though it;
- To allow you to participate in interactive features on this website;
- In any other way we may describe when you provide the information; and
- For any other purpose with your consent.
AmTrust may store and process PII in the United States and other countries, including the United Kingdom, Italy, and Bermuda.
AmTrust may share information that it has collected from you while using the Services, including on co-branded pages and where it has taken reasonable measures to de-identify such information. We may also disclose aggregated information about our users, and information that does not identify any individual, without restriction.
AmTrust does not share your PII with third parties other than as described in this Policy or in connection with the Services. We may disclose Personal Information that we collect or you provide to the following parties:
- Our subsidiaries and affiliates;
- Third party vendors, consultants and other service providers who are working on our behalf and need access to your information to carry out their work for AmTrust and who have agreed to maintain the confidentiality, security, and integrity of the information they obtain from us, and, unless we notify you otherwise and provide you with an opportunity to opt-out, will not use your information for any purpose other than as described in this Policy;
- A buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of AmTrust’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information held by AmTrust about our Website users is among the assets transferred;
- Governmental authorities and third parties involved in court action to comply with applicable law or legal process or to respond to lawful requests or legal authorities;
- Third Party sites that provide relevant information not found on our Services such as training and informational materials that facilitate online commerce, capture data for AmTrust such as career applications and allow you to interact with other websites and/or applications in which you may have accounts (such as Facebook and other social media sites). AmTrust may provide links or embed third-party applications that allow login from our Services to third party websites. AmTrust will notify users when they are leaving the Services or otherwise indicate that you will be going to a third-party’s site. Your use of these third party websites and/or applications is subject to the third parties’ privacy policies, and we encourage you to read the third parties’ privacy policies before submitting personal or other information or using the websites and/or applications;
- To any entity and for any other purpose disclosed by us when you provide the information or to any entity with your consent.
We strive to provide you with choices regarding the information, including PII, you provide to us. We have created mechanisms to provide you with the following control over your information:
If you have registered with our Services, you may at any time review and/or update the contact information we have for you or inform us that you want us to remove your information from our database by either visiting the online profile section of one of our Services or emailing us. If you choose to send us an email, please be sure to include in your message, the name of the website or mobile application at which you registered and the email address you used to register so that we can verify your request. We will respond to all access requests within 30 days or the timeframe provided by applicable data privacy legislation. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Regarding Cookies and Other Collection Technologies
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Removing or rejecting browser cookies does not necessarily affect third party cookies used in connection with our Services. For more information about how to delete or disable cookies, please visit http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies or www.adobe.com/products/flashplayer/security. Note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.
Regarding Promotional Communications
You may opt out of receiving promotional emails, text messages or mail from AmTrust by declining to receive such communications at the time of registration or at the time you otherwise provide the information to AmTrust. You may also opt-out of receiving promotional emails or text messages by following the instructions in those emails or text messages or by contacting us. If you opt out, we may still send you transactional or relationship messages, such as emails about your account or our ongoing business relations.
AmTrust maintains its own security measures that are designed to help us protect your information. We take the security of PII, such as Social Security and credit card numbers, seriously.
AmTrust has established reasonable technical, physical, legal and organizational measures which are consistent with applicable privacy and data security laws. Such measures include, but are not limited to, network, database and application security controls and monitoring, a formal system development process and an incident response plan.
The safety and security of your information also depends on you. If you choose, or are provided with a user name, password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any other person or entity. You also acknowledge that your account is established for a specific person or entity, and you agree not to provide any unauthorized person with access to the Services. You agree to notify us immediately of any unauthorized access to or use of your user name or password or any other breach of security.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your PII provided or collected. Any transmission of PII is at your own risk. We are not responsible for circumvention of any privacy settings or security measures. While we seek to keep information safe and secure, we cannot guarantee that personal information you provide to us will be secure, or that the Services will be uninterrupted or error-free.
If you have any questions, comments or concerns with respect to our privacy practices or this Notice, or wish to update your information, please feel free to contact us at Privacy@amtrustgroup.com or by telephone at 877-287-8008. You may also write to us at the following address:
AmTrust Financial Services, Inc.
Global Compliance Department
59 Maiden Lane, 43rd Floor
New York, New York 10036
AmTrust’s websites and the Services are not intended for children under 13 years of age. No one under the age of 13 may provide any information or PII to AmTrust in connection or in association with the Services. We do not knowingly collect PII from children under 13. If you are under 13, do not use or provide any information about yourself, including your name, address, telephone number, email address or any screen or user name you may use online, on this website or any other AmTrust Website or on or through any of the Services. If we learn we have collected or received PII from a child under 13, we will delete that information. If you believe we might have any information from or about a child under the age of 13, please email us.
This Section applies solely to individual residents of the State of California and have been adopted in order to comply with the California Consumer Privacy Act of 2018 (CCPA). Terms used but not defined under this Section shall have the meaning ascribed to them in the CCPA.
As a California resident, you may be able to exercise the following rights in relation to the personal information about you that we have collected (subject to certain limitations at law):
A. California’s “Shine the Light” Law
California’s “Shine the Light” law (Civil Code § 1798.83) permits California residents that have an established business relationship with us to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes during the immediately preceding calendar year or to have the right to opt-out of such disclosures.
B. Right to knowledge
|California residents have the right to request the following information relating to the personal information we have collected about you and disclosed in the last 12 months:
· The categories and the specific pieces of personal information we have collected about you;
· The categories of sources for the personal information we have collected about you;
· Our business or commercial purpose for collecting or selling that personal information;
· The categories of third parties with whom we share the personal information;
· The categories of personal information we have disclosed for a business purpose and the categories of recipients; and
· The categories of personal information we have sold and the categories of purchasers.
C. Right to access
California residents have the right to access and obtain a copy of the personal information we have collected about you in the last 12 months.
D. Right to request deletion
California residents have the right to request the deletion or erasure of personal information we have collected from you, subject to certain exceptions.
E. How To Exercise Your California Privacy Rights
To Exercise Your Rights to Knowledge, Access, Deletion and/or “Shine the Light” please submit a request by:
- Clicking here to submit your request online
- Emailing Privacy@amtrustgroup.com with the subject line “California Rights Request”; or
- Calling 877-287-8008 (Toll free number).
We will need to verify your identity before processing most requests, which may require us to obtain additional personal information from you. Please provide your name, email address and mailing address in the original request, as well as an explanation of the rights you wish to exercise. We will only use the personal information provided in connection with a California Consumer Rights Request to review and comply with the request. If you do not provide this information, we may not be able to verify or complete your request in all circumstances.
If you wish to submit a verifiable consumer request on behalf of another individual, such as a minor child, we will also need sufficient information to verify that the individual is the person about whom we collected personal information and that you are authorized to submit the request on their behalf.
In certain circumstances, we may decline a request to exercise the rights described above.
Making a verifiable consumer request does not require you to create an account with us.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
F. Selling and Disclosure of Personal Information
Amtrust does not sell Personal Information nor has it sold Personal Information in the past 12 months.
In the last 12 months we have collected and disclosed for a business purpose the following categories of personal information:
|Disclosed for Business Purposes
|A. Identifiers such as name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
|B. California Customer Records (Cal. Civ. Code § 1798.80(e)), such as name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
|C. Protected classification characteristics under California or federal law, such as age, race, colour, ancestry, national origin, citizenship, marital status, medical condition, physical or mental disability, sex.
|D. Commercial information, such as records of personal property, services purchased, obtained, or considered.
|E. Biometric information.
|F. Internet or other similar network activity, such as browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
|G. Geolocation data.
|H. Sensory data, such as such as recordings of phone calls between you and us, where permitted by law.
|I. Professional or employment-related information
|J. Non-Public Education Information (20 U.S.C. § 1232g, 34 C.F.R. Part 99)
|K. Inferences drawn from other personal information, such as predictions about your interests and preferences
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you services.
- Charge you different prices or rates for services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of services.
- Suggest that you may receive a different price or rate for services or a different level or quality of services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use this website or the Services. By accessing or using this website, you agree to this Policy.
If you reside outside the United States, any information you provide to us through this website or the Services may be transferred out of your country and into the U.S. If you do not want your information, including PII, to leave your country, do not provide the information to us. By providing information to us, you explicitly consent to the transfer of your information to the U.S. PII collected on this Website and through the Services may be stored and processed in the U.S. or any other country in which we or service providers maintain facilities.
If you have any comments or concerns regarding this notice, please contact us.
Any dispute or claim relating in any way to your use of the Services will be resolved by binding arbitration, rather than in court, except that you may assert claims in small claims court if your claims qualify. The Federal Arbitration Act and federal arbitration law apply to this agreement.
There is no judge or jury in arbitration, and court review of an arbitration award is limited. However, an arbitrator can award on an individual basis the same damages and relief as a court (including injunctive and declaratory relief or statutory damages), and must follow the terms of this Policy as a court would. To begin an arbitration proceeding, you must send a letter requesting arbitration and describing your claim to AmTrust Financial Services, Inc., Attn: Legal Department. The arbitration will be conducted by the American Arbitration Association (AAA) under its rules, including the AAA’s Supplementary Procedures for Consumer-Related Disputes. The AAA’s rules are available at www.adr.org or by calling 800-778-7879. Payment of all filing, administration and arbitrator fees will be governed by the AAA’s rules. You may choose to have the arbitration conducted by telephone, based on written submissions, or in person in the county where you live or at another mutually agreed upon location.
We each agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated or representative action. If for any reason a claim proceeds in court rather than in arbitration we each waive any right to a jury trial. We also both agree that you or we may bring suit in court to enjoin infringement or other misuse of intellectual property rights.