Purpose Of This Notice
The Gramm-Leach-Bliley Act (GLBA) and the laws of the State of Ohio, generally prohibits any financial institution, directly or through its affiliates, from sharing nonpublic personal information about you with a third party unless the institution provides you with a notice of its privacy policies and practices, such as the type of information that it collects about you and the categories of persons or entities to whom it may be disclosed. In compliance with the GLBA and the laws of this State, we are providing you with this document, which notifies you of the privacy policies and practices of Oswald Companies.
What Information We Collect and From Whom We Collect It
We may collect nonpublic personal information about you and your family members from the following sources:
- Information we receive from you on applications or other forms
- Information we receive from medical records or medical professionals
- Information we receive from personal interviews
- Information we may collect from individuals to assist in handling claims
- Information about your transactions with us, our affiliates, or others
- Information we receive from non-affiliated third parties (i.e. HR Departments)
- “Nonpublic personal information” is nonpublic information about you that we obtain in connection with providing a financial product or service to you.
What Information We Disclose and To Whom We Disclose It
In the course of our general business practices, we may disclose the information that we collect (as described above) about you or others without your permission to the following types of institutions for the reasons described:
- To a third party if the disclosure will enable that party to perform a business, professional or insurance function for us
- To an insurance institution, agent, or credit reporting agency in order to detect or prevent criminal activity, fraud or misrepresentation in connection with an insurance transaction
- To an insurance institution, agent, or credit reporting agency for either this agency or the entity to whom we disclose the information to perform a function in connection with an insurance transaction involving you
- To third parties in order to assist in the resolution of claims
- To a medical care institution to medical professional in order to verify coverage and/or benefits, conduct an audit that would enable us to verify treatment
- To an insurance regulatory authority, law enforcement, or other governmental authority in order to protect our interests in preventing or prosecuting fraud
- To a group policyholder for the purpose of reporting claims experience or conducting an audit of our operations or services
- To an actuarial or research organization for the purpose of conducting actuarial or research studies
- To an insurance carrier for the purpose of securing competing quotes prior to the renewal of an existing insurance policy
Our Practices Regarding Information Confidentiality and Security
We restrict access to your nonpublic personal information about you to those employees who need to know that information in order to provide products or services to you. We maintain physical, electronic, and procedural safeguards to protect your nonpublic personal information. Unfortunately, no data transmitted over or accessible through the Internet can be guaranteed to be 100% secure. As a result, while we attempt to protect all personal information, we cannot ensure or warrant that personal information will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network.
We reserve the right to change this policy at any time. If we change this policy we will post the updated policy on our website.
Additional Provisions Under the EU General Data Protection Regulation (GDPR)
If you are subject to the GDPR, you have the following rights:
- To access the personal data we maintain about you;
- To be provided with information about how we process your personal data;
- To correct your personal data;
- To request to have your personal data erased;
- To object to or restrict how we process your personal data;
- To request your personal data to be transferred to a third party.
To exercise the above rights, please contact us at the information we provide below. We will consider and process your request within a reasonable period of time. Please be aware that under certain circumstances, the GDPR may limit your exercise of these rights. We will retain your personal data only as long as necessary to process requests or other submissions, fulfill the terms of our service relationship with you, and comply with applicable law.