 |
Last Updated on 08/13/2007
Associated material: Opt-In and Opt-Out Forms, Initial and Annual Notices, Privacy Notices and Forms Used for Most Jurisdictions, and Individual Notice Forms for Vermont, New Mexico, North Dakota and California
PURPOSE
The purpose of this document is to establish SBLI USA and its affiliates (herein after "SBLI USA") policies regarding the collection, use, dissemination, disclosure, and protection of customer and former customer information.
POLICY AND PROCEDURE SCOPE
This document includes policies and procedures for collecting, using, disseminating, disclosing, and protecting customer and former customer information. It applies to all areas of SBLI USA. Similar versions of this policy are posted on the SBLI USA web site (SBLI USA.COM) and are sent to all consumers as required by law and to policyholders at least annually.
These policies and procedures may be revised from time to time to add, delete, or clarify certain points as deemed appropriate. The SBLI USA Compliance Officer has the responsibility for assuring compliance with these policies and procedures. Any deviations from this policy must be pre-approved by the Compliance Officer or his/her designee. Any questions regarding the content or application of this policy should be directed to the Compliance Officer or his/her designee.
The Internal Audit Department may periodically review the policy and related procedures and controls, and issue reports thereon to Management and the Audit Committee.
POLICY AND PROCEDURE DETAILS
1. General
1.1. Privacy is a great concern to SBLI USA and to most Internet users. We are very
aware and protective of the privacy concerns of our customers, former customers,
consumers, and visitors to our web site.
1.2. We are committed to adhering to all applicable laws and regulations governing the
privacy of information.
2. Information SBLI USA Gathers
2.1 SBLI USA only asks for information necessary to provide customers, consumers,
and visitors to the SBLI USA web site with superior customer service, support the
sales process, and maintain and improve customer service.
2.2 SBLI USA does not collect any nonpublic personal information from a visitor to its
web site without expressly requesting that the visitor provide the information. If a
visitor is just browsing SBLI USA's web site, SBLI USA does not gather any
personal information about the visitor whatsoever.
2.3 Subject to compliance with the applicable federal and state fair credit reporting laws,
SBLI USA may collect the following nonpublic personal financial information from
customers, consumers, and visitors to the web site:
2.3.1 Information we receive on applications or other forms, whether received
orally, in writing, or through our web site, such as name, address, email
address, social security number, beneficiaries, age, income level and
telephone number.
2.3.2 Information about customers, their transactions and experiences with SBLI
USA, our affiliates, or others, such as policy coverage, premium balances,
payment history and parties to the transactions, and
2.3.3 Information we receive from a consumer-reporting agency, such as credit
worthiness and credit history, assets and income.
2.4 SBLI USA may also collect health information necessary to the underwriting process.
2.5 Any individual who has provided SBLI USA with personal information may request
a change or modification to that information in any of the ways described in Section
4.5 below.
2.6 SBLI USA does not knowingly solicit, collect or maintain any personally identifiable
information from children under the age of 13 on the Internet.
3. How Personal Information Is Used
3.1. SBLI USA uses customer information obtained orally, in writing, or from the web site
to initiate the sales process (if requested to do so) and to send the customer,
consumer or web site visitor information about our company and products
(if requested).
3.2. The customer's contact information is used to contact them when necessary.
(e.g.Responding to a customer's call or to a request for a quote, or to tell you
about our products or services, or to help process a transaction that a customer
initiated.)
3.3. Financial information that is collected is used to check the visitor's qualifications to
underwrite the policy and to bill the customer for products and services if
purchased.
3.4. Unique identifiers (such as social security numbers) are used to verify the
individual's identity.
3.5. Demographic and profile information collected on the web site is used to tailor the
visitor's experience at the site, displaying the content we think may be of interest to
them, and displaying it according to their preferences.
3.6. Geographic information is used to determine whether a visitor is located in a
jurisdiction in which we are authorized to sell insurance products, and to show
products approved for sale in that jurisdiction.
4. Disclosure of Customer or Web Site Visitor Information
4.1. SBLI USA is permitted by law to share information about customers or web site
visitors when and if they become a customer or claimant, even without their
authorization, with any third party if it is reasonably necessary to enable the party
to perform services for SBLI USA, such as claims investigations, appraisals,
actuarial or research studies, or detection of fraud or illegal activities. These
services or activities in most cases are required by insurance regulatory authorities,
law enforcement agencies, or other governmental authorities to protect the
customer's interests. For personal information that is not exempted by the laws,
SBLI USA offers consumers an opt-in and/or out-out provision depending on
applicable state law, as described in Section 5.
4.2. Subject to any requirement that SBLI USA obtain prior consent to do so, SBLI
USA, in certain jurisdictions, may disclose nonpublic personal financial information
about customers to the following types of affiliated or non-affiliated third parties:
4.2.1. Companies that perform marketing services on our behalf or other
financial institutions with which we may have a marketing agreement.
4.2.2. Financial service providers such as life insurers, property and casualty
insurers, banks, mortgage bankers, mortgage agencies and brokers, and
other mortgage related companies, securities broker-dealers, insurance
agents, brokers, third party administrators, and any non-financial services
companies or non-profit organization. We share this information in the
normal course of business for marketing purposes.
4.2.3. SBLI USA may also disclose nonpublic personal information to affiliated
or non-affiliated third parties as required or permitted by law.
4.2.4. In no event will SBLI USA disclose nonpublic personal financial information
about former customers to any affiliated or non-affiliated third party.
4.2.5 SBLI USA may also be compelled or directed by a court, law enforcement
or government agency to comply with a search warrant, court order, or
subpoena to disclose nonpublic personally identifiable information.
4.3. Nonpublic health information about customers will not be disclosed to affiliated or
non-affiliated third parties other than for underwriting purposes, claim handling or
reinsurance to allow for the proper transaction of our business or disclosures
required by law or legal process.
4.4. If at some point in the future we change our information collection and
dissemination practices, we will notify policyholders in writing of any change.
Policyholders will be able to "opt-out" of this change prior to the effective date of
the change, in compliance with all laws and regulations.
4.5. Any individual who has provided SBLI USA with personal information, either verbally
or through the SBLI USA web site, may request a change or modification to that
information in any of the following ways:
4.5.1 E-mail SBLI USA Customer Care at customercare@sbliusa.com.
4.5.2 Dial 1-877-SBLI -USA and speak with the SBLI USA Customer Care Group.
4.5.3 Mail a letter to the Company.
SBLI USA Mutual Life Insurance Company, Inc.
550 Broad Street
Newark, NJ 07102
4.6. Upon written request, SBLI USA will make the nonpublic personal financial
information it has about a customer available for his review. If a customer notifies
us that any such information is incorrect, we will correct our records if we agree.
If we do not agree, the customer may provide us with a written statement
disputing the accuracy of the information. We will include the customer's written
statement in any future disclosure of the information to third parties.
4.7. Also upon written request, SBLI USA will provide customers with a more
detailed notice concerning their privacy rights under the state laws applicable to
the customer.
5. Opt-In and Opt-Out Provisions
5.1. Depending on the jurisdiction, SBLI USA provides the choice to "opt-in and/or opt-
out" of having personally identifiable information used for secondary marketing
purposes, including telemarketing lists used for phone solicitations and lists used
for mail offers, depending on state law. Customers may also request that their
nonpublic personal financial information not be disclosed to affiliated and
nonaffiliated entities.
5.2. If two or more customers jointly obtain an insurance product or service, any of the
joint customers may exercise the opt-in and/or opt-out option.
5.3. Web site visitors are provided the ability to opt-in and/or opt-out of having their
information shared at each point on the web site where personally identifiable
information is collected.
5.4. Customers and web site visitors can communicate their opt-in and/or opt-out
preference in the following ways:
5.4.1 E-mail SBLI USA Customer Care at customercare@sbliusa.com.
5.4.2 Dial 1-877-SBLI -USA and speak with the SBLI USA Customer
Care Group.
5.4.3 Mail a letter to the Company.
SBLI USA Mutual Life Insurance Company, Inc.
550 Broad Street
Newark, NJ 07102
5.4.4 Complete and return the Opt-In and/or Opt-Out Notice provided annually
to every policyholder.
5.5. When SBLI USA receives an opt-in or opt-out notice, it is processed by SBLI USA
or it is sent to SBLI USA's third-party call center vendor, who enters the opt-in
or opt-out option(s) selected into the "client record" screen in LSP. The opt-in
and/or opt-out form is maintained by SBLI USA for storage and will ultimately be
scanned into the Optika system and indexed to the customer's policy file as a
permanent record.
5.5.1 Daily, the Document Center selects five opt-in or opt-out notices received
from the third party call center vendor and forwards them to the New
Business Department, who compares the opt-in or opt-out notices to what
was entered into LSP to ensure it has been entered correctly. Errors noted
are corrected immediately.
5.5.2 SBLI USA Call Center and the third party call center vendor staff also enter
opt-in and opt-out information into LSP for information taken from
customers over the telephone. The Customer Service Department
spot-checks this data daily to ensure accuracy.
5.5.3 SBLI USA Operations staff keep track of how many notices are sent to
third party call center vendor, for comparison to reports received daily
from third party call center vendor showing how many notices were
entered into LSP.
5.6. When lists of SBLI USA's customers are used or given to others for marketing
purposes, customers who have not opted in or opted out, depending, on the
jurisdiction are excluded, according to the type of opt-in and opt-out selected and
the type of marketing being done. For example, customers who have opted-out
for receiving advertising material in the mail will be excluded from lists used for
direct mail campaigns.
6. Computer Privacy and Security
6.1. With regard to web site security, SBLI USA.COM uses a secure server and
security protocol to safeguard the information provided by visitors during the
information gathering and information delivery processes.
6.2. The site uses Verisign's industry standard encryption technology and protocol to
secure user sessions with the web site. Specifically, pages where customer
information is input or displayed are secured by this technology. This state-of-
the-art technology encrypts customer information to prevent third parties from
reading the information while it is in transit over the Internet.
6.3. SBLI USA is a licensee of the TRUSTe Privacy Program. TRUSTe is an
independent, non-profit initiative whose mission is to build users' trust and
confidence in the Internet by promoting the principles of disclosure and informed
consent. Because SBLI USA wants to demonstrate its commitment to privacy,
we have agreed to disclose our information practices and have our privacy
practices reviewed for compliance by TRUSTe.
6.4 If users of the site SBLIUSA.COM have questions or concerns regarding this
statement, they should first contact SBLI USA Customer Service department by
emailing customerservice@sbliusa.com. If they do not receive acknowledgement
of their inquiry or their inquiry is not satisfactorily addressed, they should then
contact TRUSTe through the TRUSTe Watchdog Dispute Resolution Process
(http://www.truste.org/consumers/watchdog_complaint.php). TRUSTe will
serve as a liaison with the Web site to resolve users concerns.
6.5. SBLI USA.COM handles all visitor and customer information in a highly
secure manner. Access by SBLI USA personnel to the web site server is highly
restricted, and we enforce adherence to the highest ethical standards in performing
our jobs and conducting the business of SBLI USA, and in support of the SBLI
USA.COM site.
6.6. SBLI USA restricts access to nonpublic personal information about customers
to only authorized employees and agents who need to know that information to
provide products or services requested.
6.7. SBLI USA maintains security practices, physical, electronic, and procedural
safeguards that comply with federal and state regulations to guard all nonpublic
personal information.
6.8. SBLI USA stores the HTTP conversation between a visitor's browser and its
web servers. This information is used to generate reports that are used to
continually improve our visitor's online experience. Click here for details on
the information exchanged between a visitor's browser and our web servers.
6.9 There are a number of ways a visitor can explicitly provide and consent to
SBLIUSA.COM's collection of personal information:
6.9.1 The site may require visitors to provide contact information (such as name
and email address), unique identifiers (such as social security number or
policy number), health information and demographic information (such as
zip code, age or income level).
6.9.2 When providing information to begin the purchase of a product or service,
our site requires you to provide personal information in order to provide
you with accurate insurance product rate(s) and product suggestions.
When you request rates, SBLI USA always asks for your state of
residence.
6.9.3 SBLI USA tracks and stores standard http requests as a means to provide
better services to our visitors and to monitor web site utilization.
6.10. "Cookies" are small pieces of information sent by a web site that are stored in a
file on a user's hard drive. SBLI USA.COM places a session ID "cookie" on a
visitor's computer so that the web server can track individual user session
variables. The site uses session variables in the majority of its pages. The
cookie "expires" whenever the visitor closes his or her web browser.
6.10.1. Some of our business partners (e.g., tracking utilities) use cookies on
our site. We have no access to or control over these cookies.
6.10.2. We employ a software technology called clear gifs (a.k.a. Web
Beacons/Web Bugs), that help us better manage content on our site
by informing us what content is effective. Clear gifs are tiny graphics
with a unique identifier, similar in function to cookies, and are used to
track the online movements of Web users. In contrast to cookies,
which are stored on a user's computer hard drive, clear gifs are
embedded invisibly on Web pages and are about the size of the
period at the end of this sentence. We do not tie the information
gathered by clear gifs to our customers' personally identifiable
information.
6.10.3. As is true of most Web sites, we gather certain information automatically
and store it in log files. This information includes internet protocol (IP)
addresses, browser type, internet service provider (ISP), referring/exit
pages, operating system, date/time stamp, and clickstream data.
We use this information, which does not identify individual users, to
analyze trends, to administer the site, to track users' movements
around the site and to gather demographic information about our
user base as a whole.
We do not link this automatically-collected data to personally identifiable
information.
We use a third-party tracking service that uses cookies to track
non-personally identifiable information about visitors to our site in the
aggregate.
6.11. The SBLI USA web site contains links to other web sites. SBLI USA is not
responsible for the practices or the content of such web sites.
6.12. SBLI USA conducts privacy training periodically for its CSRs, agents, and others
who have access to SBLI USA's customer information. Topics covered include
federal and state privacy laws, SBLI USA's privacy and confidentiality policies
and practices, and the implications of not adhering to the laws and regulations.
The Company has also prepared a CD presentation on privacy that is used in the
training sessions.
6.13. Non-SBLI USA Site Links: SBLIUSA.COM contains links to other web sites.
SBLI USA is not responsible for the practices or the content of such web sites.
SBLI USA encourages you to read the privacy statements of these linked sites
because their privacy statements may differ from ours.
Management relies on the following procedures and controls to ensure the policies herein are being followed:
1. Authority Controls
1.1. Only authorized individuals are permitted access to customer nonpublic personal
information.
2. Accounting Controls - N/A.
3. Monitoring Controls
3.1. Supervisors oversee all work relating to the collection, use, dissemination and
protection of customer information.
3.2. The Internal Audit Department may periodically performs independent audits of
these policies and procedures and submits reports thereon to management.
3.3. Weekly staff meetings are held to review progress, problems, etc.
3.4. All laws and regulations are monitored regularly, and internal policies and
procedures are updated and changed as necessary to ensure compliance.
4. Safeguarding Controls
4.1. Customer information is protected against unauthorized access (see Sec. 6.6).
4.2. Internal reviews are periodically performed to ensure these policies and
procedures are being followed.
| |
