Effective Date: This Privacy and Data Protection Policy was last revised on October 12, 2022.
This website is owned and/or operated by Farm Mutual Reinsurance Plan Inc. (“Farm Mutual Re” or “we”, “our”, or “us”).
- When you access our website (www.farmmutualre.com, the “Website”) regardless of how you access or use the Website, whether via personal computers, mobile devices or otherwise;
- When you purchase an insurance policy from a third-party insurance company that enters into a reinsurance arrangement with us, which is referred to as “reinsurance”.
Particularly in the reinsurance context, we may possess personal information about you that we did not collect from you. For example, if you have purchased an insurance policy from an insurance company which reinsures the policy with us, we may come into receipt of your personal data. In these instances, we encourage you also to check the privacy policies of those third parties as those privacy policies may apply.
This Policy is not intended to override the terms of any contract you have with us, nor rights you are afforded under applicable privacy and data protection laws.
In addition, please review the Website’s Terms and Conditions of Use, which governs your use of the Website.
We encourage you to read the entire Policy. Please click on the headings in the table of contents to go directly to the full explanation of a specific issue or point.
The Personal Data we Collect
When we use the term personal data, we mean any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Personal data is sometimes referred to as Personal Information, depending on the applicable law. Both “personal data” and “personal information”, which we use interchangeably, are broad definitions, and include pieces of information like your name, address, telephone number, or email address. Some types of personal data are considered to be “sensitive” and must be handled with extra care. Health and financial data, ethnic and racial origins, political opinions, genetic and biometric data, an individual’s sex life or sexual orientation, and religious/philosophical beliefs will almost always be considered sensitive.
Personal data does not include specified publicly available information, anonymized information or aggregate information. By “aggregate information” or “anonymized information,” we mean information that does not allow us to identify or contact specific individuals. For example, the number of users of our website is aggregate information which does not reveal who those users are.
It also doesn’t include business contact information, when it is used for the purpose of communicating or facilitating communication with the individual in relation to their employment, business or profession.
In order to deal with any claims, we need to collect and process personal data about you. If you do not provide the information we need, we may not be able to handle the claim. The types of personal data may include:
- Individual details– Name, address, bank account details, gender, marital status, date of birth, nationality, employer, job title and family details.
- Identification details– Identification numbers issued by government bodies or agencies, including your driver’s license number, and in some cases your social insurance number (if permitted).
- Credit and anti-fraud data– Credit and anti-fraud data such as credit history, credit score, sanctions, criminal offenses and convictions, and information from various anti-fraud databases related to you.
- Claims information– Information about previous and current claims, (including other unrelated insurance), which may include data concerning your health (e.g., injuries and relevant pre-existing conditions), vehicle details, relevant criminal offenses and convictions, or other sensitive personal data.
If you are a Website user, you may voluntarily provide us with personal data (e.g., to contact us). Depending on your choice on cookies (see below), you can visit the Website without revealing who you are or providing any personal data about yourself. However, there will be times, such as when you request information from us through the Website, when we will need to obtain personal data from you or about you. We may collect this personal data through various forms and in various places on the Website, including job application forms, ‘contact us’ forms or when you otherwise interact with the Website. Additionally, we may also make certain online services available, such as an online portal that permits our claimants to access their account.
We and our third party service providers may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with the Website based on your use of the Website (“usage information”), unless you elect to reject certain cookies. A cookie is a text file sent by a web server and placed on your device that can store information. This usage information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device whenever you visit or interact with our Website. You may have other options regarding tracking and/or targeting.
If you apply for a job with us (“Applicants”), we may collect certain personal data including, without limitation: (i) contact information (e.g., name, home and business address, phone numbers, email addresses, emergency contact information); (ii) personal information (e.g., date of birth, nationality); (iii) employment and education history (including internal and external employment history, references and organizational data such as department, work location, job title, salary, and seniority); and (iv) any other information which may be voluntarily disclosed by you in the course of the application process. Sensitive personal data are processed solely in accordance with applicable data protection laws and with the explicit consent of the Applicant or where such processing is specifically authorized or required by law. Where we carry out background checks on Applicants this may involve the processing of criminal record data and this will only be processed where such processing is specifically authorized or required by law.
When we Collect your Personal Data
We may collect your personal data: (1) when a third-party insurance company (e.g., if you are a policyholder with an insurance company which has reinsurance with us) notifies us of a claim; and (2) from other sources (e.g., credit reference agencies and government agencies) and other public sources where necessary, for example, to validate the claim or comply with applicable anti-money laundering laws and sanctions.
We will collect your personal data: (1) where you or your employer provides your contact or other information to us in the course of working with us, either directly as a business partner or as a representative of your company; (2) where you attend meetings, events or conferences that we organize or sponsor; and (3) where you visit and/or contact us through the Website or one of our online portals.
How we use the Personal Data Collected
In order to deal with any claims, we may process your personal data for the following purposes:
- For claims processing including assessing and evaluating the merits of a claim and to pay a settlement;
- For statistical analyses;
- For the prevention and detection of fraud, money laundering or other crimes.
As part of our business activities, we may process your personal data for the following purposes:
- To improve the Website or our services, to customize your experience on the Website, or to serve you specific content that is relevant to you;
- To contact you with regard to your use of the Website and, in our discretion, changes to the Website or the Website policies;
- For internal business purposes, including to help us understand how our Website is navigated and used; and
- For direct marketing.
- The provision of personal data by an Applicant may be necessary in order for us to fulfil our legal obligations and to allow us to consider an Applicant for a role or vacancy in accordance with our recruitment process. In the event we make an offer of employment and the Applicant accepts, the Applicant’s personal data will be held and processed by us to the extent necessary for us to fulfil our legal and contractual obligations and to manage the employment relationship. Where we require Applicant personal data to comply with its legal requirements, failure to provide this personal data means we may not be able to consider the job application.
How and When we Share Personal Data with Third Parties
In addition, we may share with third parties the information we have collected about you, including personal data, to provide our services and comply with legal obligations. We do not share your personal data with third parties for their direct marketing purposes unless you have consented to such sharing.
These third parties may include:
- Other Companies. We may share your personal data with other companies in the Farm Mutual Re group of companies to assist in the delivery of services to you. We also reserve the right to disclose and transfer such information: (1) to a subsequent owner, co-owner or operator of the Website; or (2) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.
- Third Party Intermediaries. We may disclose your personal data to intermediaries (e.g., brokers, managing general agents, third party administrators) and other (re)insurers in and outside of the Canada to assist us in managing our business.
- Third Parties Providing Services on our Behalf. We may use third party vendors to perform certain services on our behalf, such as technical support and back-office services, loss adjustors and claims experts, hosting services and Website activity tracking and analytics. We may also disclose your personal data to our advisors (e.g., attorneys and other professional services firms) in and outside of Canada. Transfers amongst Farm Mutual Re entities are covered by intra-organizational agreements which provide specific requirements designed to ensure your personal information receives adequate protection whenever it is transferred within Farm Mutual Re. Transfers to our third-party intermediaries and service providers are protected by contractual agreements that require an adequate level of data protection.
- Judicial, Regulatory and Law Enforcement Bodies. We may disclose your personal data to judicial, regulatory and law enforcement bodies, including, but not limited to: (1) satisfy any applicable law, regulation, subpoenas, governmental requests or legal process if in our good faith opinion such disclosure is required or permitted by law; (2) protect and/or defend our rights, property and/or interests (including, the Website’s Terms and Conditions of Use or other policies applicable to the Website) and investigation of potential violations thereof; (3) protect the safety, rights, property or security of Farm Mutual Re or any third party where we are legally required or advised to do so; and (4) detect, prevent or otherwise address fraud, security or technical issues. Such disclosures may be carried out without notice to you.
We may also transfer your personal data outside of Canada, either to our affiliates or to our service providers, and transferred data may be subject to the laws of the recipient jurisdiction, which may be different from the laws in Canada.
Third Party Content and Links to Third Party Websites
The Website may contain content that is supplied by a third party, and those third parties may collect usage information and your device identifier when webpages from the Website are served to you. The Website may contain links to third parties. We are not responsible for the data collection and privacy practices employed by any of these third parties on their websites. We encourage you to review their privacy policies and our Terms and Conditions of Use.
Changing Your Information and Communications Preferences
- If you wish to update or correct your personal data, please email: firstname.lastname@example.org
- You may cancel or modify the email marketing communications you receive from us by following the instructions contained in our promotional emails.
- Please note that we reserve the right to send you certain communications relating to your account or use of the Website, such as administrative and service announcements and you will continue to receive these transactional communications if you opt-out from receiving marketing communications.
You have several rights in relation to your personal data under applicable privacy and data protection law, which may be subject to certain limitations and restrictions.
Please make any requests to exercise your rights directly to your insurer. We will work with them to fulfil your request.
We aim to respond to any valid requests within 30 days unless it is particularly complicated or you have made repeated requests, in which case we may need additional time. We will inform you of any such extension within one month of receipt of your request, together with the reasons for the delay. You will not be charged a fee to exercise any of your rights unless your request is clearly unfounded, repetitive or excessive, in which case we will charge a reasonable fee in the circumstances or refuse to act on the request. If you wish to exercise any of these rights, please contact us in writing using the contact details below. We may request proof of identification to verify your request.
We implement appropriate and reasonable security and technical, administrative, and organizational measures to protect personal data against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
Although we take measures to protect the security of the information communicated through the Website, no Internet-connected computer system can be made absolutely secure from intrusion. We, therefore, cannot and do not guarantee that information communicated by you to us via the Website will be received or that it will not be altered before or after its transmission to us. If you elect to use the Website to communicate with us or provide us with information, you do so at your own risk.
How Long we Retain Your Personal Data
We retain your personal data only for as long as necessary in accordance with our document retention policy and in accordance with legal, regulatory, tax or accounting requirements, or for dealing with complaints, legal challenges or prospective litigation.
For example, where you make a claim, your information will be held for the duration of the claims process and a period of several years after the end of our relationship. We keep information after our relationship ends in order to comply with applicable laws and regulations and for use in connection any legal claims brought under or in connection with your policy.
Once your personal data is no longer required, it will be securely deleted.
We reserve the right to change, update and/or modify this Policy at any time without notice to you. Any changes will be effective immediately upon the posting of the revised Policy. However, if we make material changes to this Policy we will notify you by means of a prominent notice on the Website prior to the change becoming effective, or in other ways as required by law. Please review the Policy whenever you access or use this Website.
How to Contact us
If you have any questions about our Policy or practices described in it, you should contact us in the following ways:
Postal Mail: Farm Mutual Re, 350 Pinebush Road, Cambridge, ON N1T 1Z6 Attn: Privacy Office.
By e-mail: email@example.com
By phone: (519) 740-6415