CAA Insurance Company Privacy Policy.
LAST UPDATED: October 1, 2019
DOWNLOAD THE PDF
CAA Insurance Company (“CAA Insurance”) is committed to the protection of your personal information.
This Privacy Policy explains the privacy practices in connection with CAA Insurance’s activities, both online and offline, mobile apps, as well as in person or telephone interactions.
Policy Contents:
1. Accountability for Your Privacy
CAA Insurance takes full responsibility for the management and confidentiality of personal information we collect and use. Personal information is collected, used, shared and stored in accordance with the *Personal Information Protection and Electronic Documents Act*, S.C. 2000, c.5 and any applicable provincial privacy laws that may apply to CAA Insurance from time to time.
CAA Insurance has appointed a Privacy Officer who oversees compliance with privacy laws and best practice. The Privacy Officer’s duties include:
Developing and, on a regular basis, reviewing the implementation of internal procedures to protect personal information;
Ensuring all staff are trained on privacy best practices and are aware of the importance of safeguarding any personal information that they are privy to;
Ensuring that all inquiries and complaints relating to privacy are appropriately handled; and
Ensuring all third parties to whom CAA Insurance provides access to personal information adhere to appropriate standards of care in handling that information.
2. Personal Information and How We Collect It
‘Personal information’ is any factual or subjective information, recorded or not, about an identifiable individual.
Personal information includes your name, contact information, birthdate, gender, email address, vehicle information, vehicle diagnostics, payment information, any identifiers such as your CAA membership number, driver’s license or GPS (vehicle location), and any identifiable on-line activity. For CAA Insurance applicants, personal information includes previous insurance experience, including accidents and traffic violations, other drivers and claims history. It will also include information about any residential property you are seeking to insure.
Direct Collection
Personal information can be collected directly from you in several ways with your knowledge and consent, or as authorized by law, including through phone calls, electronic messages, application forms, as well as any other documents you provide to CAA Insurance.
Indirect Collection
There are also ways in which CAA Insurance collects personal information indirectly. For example, you may provide information regarding other drivers of your vehicle or residents of your household. We assume you have obtained consent to our collection, use and disclosure of others’ personal information for the purposes outlined in this policy.
CAA Insurance may collect your personal information from third parties as well. For example, with your explicit consent, a credit reporting agency or previous insurer may provide information to CAA Insurance. We may collect or otherwise verify personal information about you from your insurance agent or broker (if applicable), the Ministry of Transportation (Ontario) or Manitoba Public Insurance.
BACK TO TOP
3. Using Your Personal Information
We use personal information for the following specific purposes:
To confirm eligibility for CAA Insurance products and services
To process, administer and manage your car or property insurance applications
To assess and underwrite insurance risk
To determine fees and premiums
To investigate and adjust insurance claim
To settle or arrange for the settlement of insurance claims
To verify your identity and to communicate with you, including responding to your inquiries and confirming receipt of a requested product or service
To process payments
To inform you about products and services that we offer which we believe may be of interest to you
To conduct surveys or research for CAA Insurance’s internal use in order to better understand our insureds and improve our product and service offerings, as well as to compile aggregate statistics for internal reporting purposes
To detect, prevent and suppress fraud, unauthorized, or illegal activities
To collect debts owed to CAA Insurance and enforce agreements between you and CAA Insurance, and
To meet auditing, legal and regulatory processes and requirements.
If you participate in our usage-based insurance program, we may build up a profile on how, where and when your vehicle is driven as set out in the CAA Connect (UBI) Terms and Conditions or CAA MyPace Terms and conditions.
BACK TO TOP
4. Withdrawing your Consent
Your consent can be withdrawn at any time, subject to legal or contractual restrictions, by providing us with written notice to the contact information found at the end of this policy. Upon receipt of notice to withdraw consent, we will inform you of the consequences of withdrawing your consent before we process your request, which may include CAA Insurance’s inability to provide you with certain products or services.
If you wish to opt out of receiving marketing or promotional communications from us or change your communications preferences, please contact your local CAA Club or the Privacy Officer.
CAA Members
Contact your local CAA Club
(Note: you need to enter your postal code to be directed to your local Club’s website.)
Non-CAA Member
Please email or write to the CAA Insurance Privacy Officer (please include your CAA Insurance Policy Number)
CAA Insurance Privacy Office
60 Commerce Valley Drive East
Thornhill, Ontario L3T 7P9
E-mail: privacy@caasco.ca
If you have received an email from CAA Insurance, you may also click the “unsubscribe” link at the bottom of each of our emails. Please note that if you unsubscribe from receiving marketing communications, you may still continue to receive transactional or informational messages from us.
BACK TO TOP
5. Sharing Your Personal Information
CAA Insurance takes all reasonable steps to protect the interest of individuals when disclosing personal information. We do not disclose personal information for purposes other than those purposes for which it was collected, unless you have provided consent to do so or we are required/permitted by law to disclose the information.
Service Providers
We may share your personal information with service providers and suppliers of goods and services. For example, we may use third party service providers to authorize and process payments, process information collected through telematics devices, inspect residential property or damaged vehicles, adjust insurance claims, conduct customer research or analyze data. Our service providers are only given the information they need to perform their designated functions.
We take reasonable steps to ensure that any third parties who we entrust with your personal information are reputable and have safeguards in place to protect this information. In working with business partners, service providers and suppliers, your personal information may be transferred to a foreign jurisdiction to be processed or stored. Such information may be provided to law enforcement or national security authorities of that jurisdiction upon request, in order to comply with foreign laws.
Affiliated Companies
We share your personal information with affiliated companies within the CAA group of companies. For instance, CAA insurance agents may see whether you have an active CAA membership, have used CAA roadside services or have conducted business with our affiliated insurance companies. This information sharing allows us to assess and underwrite insurance risk, offer you member discounts and rewards and to inform you about insurance products and services which we believe may be of interest to you.
Business Partners
CAA Insurance may exchange personal information with insurance agents, brokers and reinsurers as appropriate.
Automobile Accidents
If you have installed a telematics device in your vehicle, data collected from the device may be provided to third parties in relation to an accident, investigation and/or litigation.
Third Party Advertising
CAA Insurance may also share your name, phone number and e-mail address with third party ad-servers such as social media platforms for targeted advertising purposes. Services such as Facebook Custom Audiences and Google Ads Custom Match allow CAA Insurance to reach potential customers who would benefit from our products and services. Information provided to such third parties is secured at all times and only used for the purpose of displaying ads and reporting back to CAA Insurance on the performance of such ads. You can choose to hide ads through your social accounts at any time, or you can contact CAA Insurance to opt out of sharing your information with social media platforms altogether, by sending an email to privacy@caasco.ca with ‘opt-out’ in the subject line along with your CAA Insurance policy number if applicable. CAA Insurance also uses third party advertising partners to provide on-line visitors with relevant ads across the Internet. You may also opt out of interest based advertising by visiting the opt-out tool made available by the Digital Advertising Alliance of Canada at https://youradchoices.ca/choices/.
BACK TO TOP
6. Keeping Your Information Safe
CAA Insurance has implemented physical, organizational and technical measures to guard against unauthorized or unlawful access to the personal information we manage and store. We have also taken steps to avoid accidental loss or destruction of, or damage to, your personal information. While no system is completely secure, the measures implemented by CAA Insurance significantly reduce the likelihood of a data security breach.
Here are some examples of the security controls we have in place:
Secure office premises;
Locked filing cabinets and a secure shredding practice for paper records;
The use of encryption, such as secure portals for document transfers and tokenization for payment card information;
Robust authentication processes, including complex passwords, for electronic records;
Limited access to personal information by employees who need the information to perform their work-related duties; and
The use of data centres with effective physical and logical data security controls.
In addition, we recommend that you do your part in protecting yourself from unauthorized access to your personal information. CAA Insurance is not liable for any unauthorized access to your personal information that is beyond our reasonable control.
Let us know right away if your contact information changes or you find any errors in your account statements or invoices. If you have reason to believe that the security of your account has been compromised, you must immediately notify CAA Insurance of the problem in order for us to resolve the issue in a timely manner.
BACK TO TOP
7. Accessing Your Personal Information
We make every effort to ensure that the personal information we hold is accurate, complete and up-to-date for the purposes for which we collect it. You can make a written request for access to your personal information at any time. You will need to provide as much information as necessary to help us process your request and locate the information you require.
If you need assistance in preparing your request, please contact us and we would be pleased to help you. Upon receipt of your request, CAA Insurance will update your information, or inform you of how your personal information has been or is being used, and who your personal information has been shared with. We may charge a fee to cover any reasonable expenses related to responding to your access request.
CAA Insurance responds to access requests within 30 days, unless an extension of time is required. However, there may be contexts where access is refused or only partial information is provided, for example, in the context of an on-going investigation or where another individual’s personal information or identity must be protected.
BACK TO TOP
8. How Long We Keep Your Information
CAA Insurance retains personal information for as long as necessary to fulfill legal or business purposes and in accordance with our retention schedules. Once your information is no longer required by CAA Insurance to meet business, legal or regulatory requirements, it is securely destroyed, erased or made anonymous. Keep in mind however that information may be retained for a lengthier period of time due to an on-going investigation or legal proceeding, and that residual information may remain in back-ups for a period of time after its destruction date.
BACK TO TOP
9. Our Privacy Complaint and Breach Management Process
CAA Insurance takes privacy complaints very seriously and has a procedure in place for escalating and managing any privacy-related concerns to ensure that they are responded to in a timely and effective manner. Any suspected privacy breach must be escalated internally to CAA Insurance’s Privacy Officer who oversees the containment, investigation and corrective actions for all breach situations.
As required by law, privacy breaches may be reported by CAA Insurance or its business partners to the regulators of the relevant provinces in which affected individuals reside.
BACK TO TOP
10. Changes to this Policy
We may change this Privacy Policy from time to time in order to better reflect our current personal information handling practices. Thus, we encourage you to review this document frequently. The “Last Updated” date at the top of this Privacy Policy indicates when changes to this policy were published and are thus in force. Your continued use of CAA Insurance products and services following the posting of any changes to this Privacy Policy means you accept such changes.
BACK TO TOP
11. Getting in Touch
Any inquires, concerns or complaints regarding privacy at CAA Insurance should be directed to:
CAA Insurance Privacy Office
60 Commerce Valley Drive East
Thornhill, Ontario L3T 7P9
E-mail: privacy@caasco.ca
Phone: 1-800-268-3750 Ext. 25043
Fax: (905) 771-3002
Your concerns will receive prompt attention. Our Privacy Office can also provide you with more detailed information about CAA Insurance’s policies and practices or assist you with completing an access to information request. Keep in mind however that e-mail or text messaging are not secure forms of communication, so never send confidential personal information to us this way.
Thank you for continued trust in CAA Insurance.