ONLINE PRIVACY POLICY FOR EULER HERMES

 

This privacy policy pertains to the following legal entities:
Euler Hermes North America – Canada Branch; and
Euler Hermes Canada Services, Inc
800 Red Brook Blvd, Owings Mills, MD 21117
(“Euler Hermes”, “we, “us” or “our”)

Table of Contents

  1. Introduction
  2. Privacy Laws Applicable to Euler Hermes
  3. Personal Information We Collect
  4. How We Use the Information We Collect
  5. Locations Where Personal Information will be Processed
  6. Residents of Canada
  7. Residents of California
  8. Citizens of the European Union
  9. The Sale of Personal Information
  10. Websites
  11. Third parties
  12. Contact Information & Subject Access Request Submission
  13. Review of this Privacy Policy

1. Introduction

Euler Hermes, a member of the Allianz Group, is the world’s leading provider in trade-related credit insurance solutions with branches and affiliates throughout the world. Euler Hermes provides B2B insurance products and services to help customers around the globe to trade with confidence and develop their businesses safely.

At Euler Hermes, your privacy is important to us and we want you to feel comfortable visiting our site. This privacy policy explains the kinds of personal data we collect about you, how and why we collect and use it and how long we keep it. We also explain your rights to access this data (including requesting deletion, subject to applicable laws and regulations).

The terms of this privacy policy are subject to any additional terms, disclaimers or other contractual terms you have entered into with Euler Hermes such as client privacy statements, notices, policies, and any applicable mandatory laws and regulations.

This Privacy Policy pertains to customers, brokers, business partners and third parties, as well as individuals who visit our websites. Please read this policy carefully.

In case you have any questions, please contact us by either:

2.  Privacy Laws Applicable to Euler Hermes

Euler Hermes is subject to Canada’s Personal Information Protection and Electronic Documents Act, (“PIPEDA”) and all substantially similar privacy legislation.  This means that Euler Hermes is required by law to follow certain statutory requirements when collecting, using, storing or disclosing personal information and to ensure that policies, processes and procedures are in place to safeguard this data and respect the rights of the individuals whose data is collected.

3. Personal Information We Collect

We collect personal information in various ways depending on the product or service provided, or the relationship we have with you.

  • Data you provide us, e.g. when you sign up for our services, personal information such as your last name, first name, gender, email address, telephone number, job title, or company name.
  • When you visit our website, our web server automatically records details about your visit including:
    • IP address;
    • the website from which you visited us;
    • the type of browser software used;
    • the Euler Hermes Website pages that you visit; and
    • the date and duration of your visit to our Website.
  • If you visit our website, we collect information about you by using cookies. A cookie is a small piece of data that is stored on your device and allows us to re-identify your browser when you visit our site again. We use cookies to provide you with a user-friendly, safe and effective website experience by tailoring our services to your needs and interests, e.g. by customizing your browser experience or delivering (third party) advertisement targeted to you.
  • For the purposes indicated below, we will process personal data We obtain from third parties (e.g. information services providers) or publicly available sources (e.g. commercial registers), where our use of the personal information obtained through the publicly available source complies with the regulatory restrictions under PIPEDA.

Below is a list of categories of personal information, including some examples, we may collect through the above methods:

  • Personal identifiers: first and last name, postal address, email address, social security number;
  • Protected legal characteristics: age, citizenship, sex;
  • Commercial information: records of personal property, products or services purchased, obtained, or considered;
  • Biometric information: voice recordings;
  • Internet or other electronic network activity information: browsing history, IP address, information regarding interaction with a website or advertisement;
  • Geolocation data;
  • Professional or employment-related information: title, employer, employment history, education; and
  • Inferences: preferences, characteristics, predispositions, behavior, creditworthiness profile.

4. How We Use the Information We Collect

We use your data for the following purposes and on the basis of

  • your consent, to
    • provide, maintain, improve, and develop our services and tailor them to your needs and interests (e.g. to offer you customized advertising)
    • communicate with you
    • inform and advise you on products of Euler Hermes (e.g by sending you advertisements)
    • to conduct research and analysis with regards to our business relations;
  • the preparation and/or performance of a contract with you, to
    • prepare offers for our products, deliver our services to you and fulfill our mutual contractual obligations
    • set up and maintain your user accounts, for technical support or for other related purposes
  • our legitimate interests, tomanage technical administration, research and development of the Euler Hermes Website;
    • provide, maintain, improve, and develop our services and tailor them to your needs and interests (e.g. to offer you customized advertising)
    • detect and prevent fraud
    • enhance the security of Euler Hermes’ IT systems for the benefit of all of our users
    • communicate with you
  • compliance with legal obligations to
    • fulfill law enforcement requests or discovery procedures, or where required or permitted by applicable laws, court orders, government regulations, or government authorities, where it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, and situations involving potential threats to the safety of any person or violations of our policies or terms.

You may withdraw your consent at any time on reasonable notice to us using the information provided in section 12 of this policy.  However, your right to withdraw consent is subject to legal and contractual restrictions.  You may not withdraw your consent if the consent is necessary for us to perform our contracted services with you or if it is necessary for us to perform other legal obligations that we have in respect of our business with you.

In some instances, PIPEDA and applicable provincial privacy legislation do not require us to obtain your consent.  For example, your personal information may be collected, used or disclosed without consent where required or permitted by applicable laws, court orders, government regulations, or government authorities, where it is necessary to investigate, prevent or take action regarding a breach of the laws of Canada, illegal activities, suspected fraud, situations involving potential threats to the safety of any person, or other reasons as set out in PIPEDA and applicable provincial privacy laws.

We shall seek your express, opt-in consent for any electronic marketing messages that we would like to send to you, unless we are entitled under applicable law to rely on implied consent to send these messages to you.  All marketing messages will include an unsubscribe mechanism.

If we use your data for any other purposes than described in this policy, we will inform you about such other purpose and obtain your consent where required.Other Euler Hermes group companies;

  • Authorized agents and third party service providers.
  • For the stated purposes, we may also share your personal data with the following parties who operate as data processors under our instruction:
  • Other Euler Hermes group companies;
  • Authorized agents, service providers, and research analysis agencies; and
  • Facilitators, consultants or experts managing communications and Euler Hermes sponsored events.
  • Finally, we may share your personal data in the following instances:
  • With law enforcement agencies, government and regulatory bodies to meet applicable legal or regulatory obligations.

5.  Locations Where Personal Information will be Processed

Personal information collected by Euler Hermes may be processed both inside and outside of Canada, subject always to contractual restrictions regarding confidentiality and security in line with PIPEDA and applicable provincial privacy laws and regulations. We will not disclose your personal information to parties who are not authorized to process it.

Please note that other countries all have different laws regarding the collection, use, retention and disclosure of personal information. When your personal information is transferred from Canada to another country, the laws and rules that protect your personal information in the country to which your information is transferred may be different from (or less protective than) those in Canada. For example, the circumstances in which law enforcement can access personal information may vary from country to country.

Whenever we transfer your personal information for processing outside of Canada, we will implement contractual means to ensure that: the use of the information does not change, the recipient uses the information only to provide services to Euler Hermes, and the recipient maintains the confidentiality of the personal information.

We maintain policies and practices regarding the use of service providers in countries outside Canada in which the collection, use, disclosure or storage of personal information on behalf of Euler Hermes is occurring or may occur; and the purposes for which our service providers outside of Canada have been or may be authorized to collect, use or disclose personal information for or on behalf of Euler Hermes.

6. Canadian Rights and Protections

To the extent permitted by PIPEDA and applicable provincial privacy laws and regulations, you have the right to:

  • be informed about the existence, use and disclosure of your personal information by Euler Hermes;
  • access personal information held about you by Euler Hermes, including information such as, for example, the source and the categories of the data, the purposes of the processing, the recipients (or categories thereof) and the respective retention periods;
  • request the update or correction of your personal information so that it is accurate and complete;
  • obtain a copy of your personal information; and
  • file a complaint with the Office of the Privacy Commissioner of Canada, or, for personal information that is collected strictly within a province, to the applicable provincial privacy commissioner.

7. Residents of California

The California Consumer Privacy Act (CCPA) provides consumers (California residents) with specific rights regarding their personal information. The section below describes these rights.

Access to Specific Information and Data Portability Rights

You have the right to request that Euler Hermes disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you, in a portable format:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purposes for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you.

Deletion of information

You have the right to request the deletion of your information within the rights provided by the CCPA. The right to deletion does not apply where the retention of personal information is needed to perform any of the following:

  • Provide goods or services to you;
  • Detect or resolve security or functionality-related issues;
  • Comply with the law;
  • Conduct research in the public interest;
  • Safeguard the right to free speech; or
  • Carry out any actions for internal purposes that you might reasonably expect

Non-Discrimination

Euler Hermes will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts, rebates, or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.

8. Citizens of the European Union

Euler Hermes is a “data controller” as defined by applicable laws and regulations (specifically, the EU General Data Protection Regulation). This means that Euler Hermes is the legal entity in control of the personal data it collects and is required by law to ensure policies, processes and procedures are in place to safeguard this data and respect the rights of the individuals whose data is collected.

  • When providing our customers with trade-related credit solutions, we may collect information about you and your company to assess and monitor our own risk and to collect debts. We collect information from third parties or publicly available information as permitted under PIPEDA and applicable provincial privacy legislation. Additionally, we might collect information that you directly disclose to us. We collect data regarding:Commercial entities: trade sector, name, names of the representatives (e.g. directors, board members), and information regarding your creditworthiness (e.g. payment and risk incidents)
  • Sole traders or other closely held businesses: name, email address, address, trade sector, legal form, names of the representatives (e.g. directors), and information regarding your creditworthiness (e.g. payment and risk incidents)

Personal Data collected by Euler Hermes may be processed both inside and outside of the European Union (“EU”) and the European Economic Area (“EEA”), subject always to contractual restrictions regarding confidentiality and security in line with applicable data protection laws and regulations. We will not disclose your personal data to parties who are not authorized to process them.

Please note that EU / EEA Member States and other countries all have different laws regarding the protection of personal data. When your personal data is transferred from your own country to another country, the laws and rules that protect your personal data in the country to which your information is transferred to may be different (or less protective) from those in your country of residence. For example, the circumstances in which law enforcement can access personal data may vary from country to country.

Whenever we transfer your personal data for processing outside of the EEA, we will implement effective transfer mechanisms (e.g. EU Standard Contractual Clauses or Binding Corporate Rules) to ensure an adequate level of data protection.

We will not retain your personal data longer than necessary to fulfil the purposes for which it was collected for or to fulfil legal obligations, or as permitted by law, e.g. to defend legal claims. The individual retention periods depend on the type of personal data and the purpose of its processing.

To the extent permitted by applicable data protection laws and regulations, you have the right to:

  • access personal data held about you, including information such as, for example, the source and the categories of the data, the purposes of the processing, the recipients (or categories thereof) and the respective retention period;
  • request the update or correction of your personal data so that it is always accurate;
  • obtain your personal data in an electronic format for you or for another controller;
  • request the deletion of your personal data if it is no longer needed for the purposes for which they were collected or otherwise processed;
  • restrict the processing of your personal data in certain circumstances, for example, where you have contested the accuracy of your personal data, for the period enabling us to verify its accuracy;
  • object to the processing of your personal data on specific grounds relating to your particular situation that overrides our compelling legitimate grounds for the processing; and
  • withdraw your consent at any time where your personal data is processed with your consent, without affecting the lawfulness of processing based on consent before its withdrawal or where there is another legal basis for processing your data (e.g. overriding legitimate interests);
  • file a complaint with the data controller and/or the relevant data protection authority.

You may exercise these rights by contacting us and providing your name and email address with appropriate identification document to permit us to identify you as well as the purpose of your request

Please click here to access the full Privacy Notice for Euler Hermes Group.

9. The Sale of Personal Information

Euler Hermes does not practice the sale of personal information and has not sold personal information in the past 12 months.

10. Websites

On its websites, Euler Hermes collects only the personal data that you voluntarily provide in online forms or that you otherwise allow us to collect according to the cookie preferences you selected when you first accessed our website. You have the right to withdraw your consent at any time, and if you do so we will discontinue the processing of your data collected on this website.

A cookie is a small piece of data that is stored on your computer or mobile device and allows the website to "remember" your actions or preferences over time. We use cookies to ensure the proper function of our website and to facilitate your access to it by collecting information on your device and preferences (e.g. your device and your browser). Additionally, we collect information on how you interact with our and our partners’ services, like advertising services. In principle, you can also use our websites without cookies. If you want to use our website fully and conveniently, you should accept those cookies. You can change your cookie settings, e.g. to withdraw your consent, at any time.

There are several types of cookies:

  • Session Cookie (or “temporary cookie”): A session cookie allows us to store your action during your browser session (e.g. your login data). Session cookies are erased when you close your browser or exit our website.
  • Persistent Cookie (or “tracking cookies”): A persistent cookie is stored on your device in between browser sessions. These cookies help us to remember your preferences or actions every time you visit our website until the expiry date of the cookie. These cookies are also used to keep you logged onto our website. As soon as the cookie is deleted, you need to enter your login credentials again.
  • Third-Party Cookie: These cookies are set by a third party separate from our website, for example to provide advertisements like banners for third-party products or social media buttons.

11.         Third parties

We engage trusted third parties to perform functions and provide services to us; including, but not limited to, hosting and maintenance, error monitoring, debugging, performance monitoring, billing, customer relationship, database storage and management, direct marketing campaigns. We may share personal information with these third parties, but only to the extent necessary to perform these functions and provide these services. The below categories of personal information have been disclosed to trusted third parties in the past 12 months:

  • Personal identifiers
  • Commercial information
  • Biometric information
  • Internet or other electronic network activity information
  • Geolocation data
  • Professional or employment-related information
  • Inferences

12. Contact Information & Subject Access Request Submission

If you have any questions about your personal data, including taking actions mentioned in this Privacy Policy, you can contact us by:

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. A verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

13. Review of this Privacy Policy

This privacy policy is reviewed at least once every 12 months. We will ensure the most recent version is available here and we may additionally notify you directly (e.g via email) in the event of significant changes. This privacy policy was last updated on December 30, 2019.