THE INFORMATION WE COLLECT
AF Group values your business and respects the privacy of our insured customers, former customers, and web site visitors. When you apply for workers’ compensation insurance or other services or products, you provide information about yourself to us. AF Group, our employees, agents, affiliates, and subsidiaries maintain physical, electronic, and procedural safeguards to comply with state and federal regulations to guard your personal information. The information we collect about you comes from:
You or your Agent Directly: We and our service providers may collect information that you or your agent provide directly to us. This may include your employer or your relatives as well. For example, we collect information from applications, claim reports, and other forms you submit to us including those provided over the telephone or online to set-up, access, manage, or administer your accounts or insurance claims, as well as your transactions with us, such as payment history, account balance, or payment method. Information is also collected when you obtain a policy quote, when you ask a question, or when you register for an AF Group sponsored event. If you apply for a job with us, we may collect information about your work and educational history, and other information that you choose to provide us in connection with your application. The information collected from you or your agent can include, but is not limited to, name, address, e-mail address, phone number, social security number, income, account balances, transaction history, credit history, insurance claim history, and medical information.
Other Entities: We collect information about you from a variety of sources such as credit bureaus, insurance support organizations, government agencies, consumer reporting organizations, medical providers in administration of your policy or claim, and information clearing houses. The information we collect from these entities primarily relates to your credit standing or credit score to offer payment plans, or the claims that you have made. Additionally, medical record information supplied by medical care professionals and institutions is obtained only to process, evaluate or defend your claim, if applicable.
HOW WE USE AND DISCLOSE YOUR INFORMATION
The personal information we obtain is used to serve your insurance needs and conduct our everyday business, such as evaluating your request for insurance coverage, providing policy and premium quotes, servicing claims, determining your rates, providing customer service and fulfilling legal and regulatory requirements. If you are a current customer of our claims services products, you may be asked to provide non-public personal information concerning your employees in connection with a claim for workers’ compensation benefits. We do not disclose information about you to anyone unless such disclosure is expressly authorized by you, required or allowed by law, or is necessary to enable our employees or authorized agents to perform functions for AF Group.
We may disclose any non-public personal information or medical information that we collect about you to:
- Companies that perform services on our behalf;
- Companies that assist us with underwriting or processing applications or payments;
- Companies that assist us with evaluating, adjusting or defending claims.
You can rest assured that this information is shared with third parties only with notice to the involved employees, or without notice as expressly required or permitted by law and is subject to a security program consisting of physical, electronic, and procedural safeguards (including encryption of any Social Security Numbers at all times) designed to ensure the security and confidentiality of that information.
When we use non-affiliated third parties to assist us we do not permit them to use our customer’s, prospective customer’s, or injured worker’s information for any other purpose. Any disclosure of your policy number shall only be to a recipient authorized by law. We do not sell any customer or policyholder information to mailing list companies or mass marketing companies. We treat our policyholder/claimant information as confidential. We do not share any medical information about you or about claimants under your insurance policy to anyone other than to conduct our insurance business or as required or permitted by law.
We may also subscribe to certain insurance support organizations that maintain information for among other things to detect or prevent fraud or criminal activity in connection with insurance underwriting or insurance claims activity. Information we share with an insurance support organization may be retained by that organization and disclosed to other persons.
INFORMATION SPECIFIC TO OUR WEBSITE(S)
Depending on the services you are seeking, there may be times that you will access and provide information on our website or mobile applications. If you are simply visiting or navigating our website, AF Group will not sell or share non-public personal information, such as individually identifiable information like your name, address, email address, Social Security number, or telephone number, gathered from you. However, while you are visiting or navigating our site, our web server may collect anonymous, non-personally identifiable information from you, such as your domain name, IP address, and the type of browser you are using. Such information is gathered for statistical purposes and may be used to better allow us to understand our users’ interests and preferences. This information will not be disclosed to anyone outside AF Group unless necessary to better meet your needs, to offer AF Group products or services to you, or allowed or required by law.
Additionally, when you visit or use our site, we may place a “cookie” on your browser. “Cookies” are small pieces of information transferred from our website to your hard drive that contain a unique identifier recognized by our web server. They allow us to track usage and facilitate your access to and use of this site by allowing your experience on our website to be customized and permit us to authenticate your identity as a returning user when you browse portions of the website restricted to registered users.
Our “cookies” do not track your activity on third party sites. We do not use “cookies” to gather personal information about you and we do not link them to identifiable information, such as policy number. The “cookies” only enable someone to use our website more easily. You do not have to accept “cookies” from our site, but if you refuse a “cookie,” you may not be able to browse the restricted areas of our website for security reasons.
Our third-party vendors, such as Google, LinkedIn, Facebook, and others use first-party cookies (such as Google Analytics, Linkedin Insights, Facebook Pixel and Centro Basis Retargeting cookies) and third-party cookies or other third-party identifiers together to gather demographic and behavioral information to better serve our users.
For more information about how Google Analytics collects and uses your information, please review their policies here and How Google Uses Information from Sites or Apps that Use Our Services.
For more information about our relationship with LinkedIn Insights, please review our agreement here.
For more information about how Facebook Pixel collects and uses your information, please review their policies here.
For more information about how Centro Basis Retargeting collects and uses your information, please review their policies here.
Our policies and practices regarding the collection, use, and disclosure of information about former customers are the same as those regarding the collection, use, and disclosure about current customers.
Protecting the Information Collected
We understand that you may submit confidential and sensitive information to our website. We may utilize the website hosting services of third parties who are in the business of providing such hosting services. We will use commercially reasonable efforts to ensure that such third-party service providers utilize stringent, industry recognized security measures to protect against loss, misuse and unauthorized viewing of the information you provide to us, however, we do not guarantee the performance of such third-party service providers.
Access to confidential information that you provide to AF Group via the input forms provided on this website is limited to authorized employees and agents of AF Group who are trained in the proper handling of our prospective or current customer’s information and who must have it to provide products and services to you. Additionally, in order to safeguard the privacy of information that you submit to this website, AF Group, through its website hosting providers, maintains physical, electronic, and procedural safeguards that comply with applicable federal and state law, including SSL encryption, firewalls, user authentication systems and access control mechanisms to control access to any non-public personal information that may be shared over this website. AF Group is committed to ongoing testing and updating of our technology and security measures to protect information about you.
You are advised that information sent via email, or by other methods across the world wide web, to AF Group are not secure transmissions, and AF Group makes no guarantees regarding the privacy of such submissions while they are in transit. If you wish to communicate confidential information to us, we recommend using a non-cellular telephone rather than email.
Non-AF Group Websites
HOW TO CONTACT US
If you have any questions about these privacy policies and practices, or if you wish to review your personal information, please send a written response to:
Office of the General Counsel
Attn. Privacy Officer
200 N. Grand Ave
P.O. Box 40790
Lansing, MI 48901-7990
Toll-Free Number: 1-866-206-5851
CHANGES TO THIS POLICY
This policy was last updated on December 30, 2019.
PRIVACY NOTICE REQUIRED BY LAW
If you are a resident of California, please see additional Privacy Notice below.
Privacy Notice – California Residents Only
Right to Know About Personal Information Collected
You have the right to know disclosure about what categories and specific pieces of personal information we collect, use, disclose and/or sell during the preceding 12 months. Depending on your relationship with us, those categories are as follows:
- Identifiers, including real name, postal address, unique personal identifier, IP address, email address, and social security number
- Personal Information described in the California Customer Records statute, including name, social security number, address, telephone number, insurance policy number, education, employment history, bank account number, or any other financial information, medical information, or health insurance information.
- Characteristics of protected classifications under California or federal law
- Commercial information including records of personal property, and products or services purchased
- Biometric information, including voice recordings
- Internet or other electronic network activity information, including browsing history, search history, and information regarding your interaction with an internet website application or activity.
- Sensory data, such as audio information
- Professional or employment-related information
- Educational records, such as grades, transcripts, and student schedule
Personal information does not include:
- Publicly available information from federal, state, or local government records; or
- De-identified or aggregated consumer information
Categories of Sources from which Information was Collected:
We obtain the categories of personal information listed above from the following categories of sources:
- From you or your agent directly, your employer, or your relatives
- From our service providers in administration of your policy or claim
- From medical providers in administration of your claim
- Directly or indirectly from your activity on our website(s)
Right to Know What Personal Information was Collected
You have the right to request that we disclose the personal information that has been collected about you in the 12 months preceding the request and may request any or all of the following:
- Specific pieces of personal information that a business has about the consumer;
- Categories of personal information it has collected about the consumer;
- Categories of sources from which the personal information is collected;
- Categories of personal information that the business sold or disclosed for a business purpose about the consumer;
- Categories of third parties to whom the personal information was sold or disclosed for a business purpose; and
- The business or commercial purpose for collecting or selling personal information.
Please note that we are only required to fulfill a Right to Know Request from a consumer twice per every 12-month period.
Right to Request Deletion of Personal Information
You have the right to make a request that we delete the personal information we collected or maintain subject to certain exceptions, e.g., to comply with a legal obligation, complete transactions or for certain internal uses. Once we receive and confirm your verifiable request, we will delete (and direct our service providers to delete) your personal information from our records unless an exception applies.
Instructions for Making a Request to Know or Delete
To make a request to know or a request to delete your personal information, you may:
- Fill-in an online form available at www.afgroup.com/privacy-request; or
- You may call toll-free 877-923-2344.
Before any personal information will be disclosed to you or deleted about you, we will undergo a process to verify your identity based on the information you’ve provided on the online form or over the phone, including: name, email address, phone number, and type of consumer. This process will include matching the information you provide to any personal information we previously collected about you. If not enough information is received to verify your identity, we may deny your request for that reason, or reach out to you for further information. Only you may make a request for disclosure of your information and only you or your authorized agent may make a request to delete your personal information. A record concerning your requests will be maintained pursuant to our legal obligations, including a request to delete even after other information is deleted.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For Right to Know requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Right to Opt-Out of the Sale of Personal Information (Do Not Sell My Personal Information Requests)
You may exercise your right to submit a request to opt-out of the sale of your personal information by clicking on the Do Not Sell My Personal Information link on the bottom of our homepage, www.afgroup.com. After clicking the link, you will be directed to a webform where you can submit your contact information.
Request to Opt-In for Minors
If you are 16 years of age or older, you have the right to direct us not to sell your personal information at any time. We do not and will not sell personal information of consumers we actually know are less than 16 years of age unless we receive affirmative authorization from the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age, to opt-in to the sale of their personal information. Upon the receipt of this request to opt-in, we will inform the minor of the right to opt-out later and of the process for doing so.
Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights
You will not receive discriminatory treatment for exercising your privacy rights conferred under the CCPA.
If you would like to designate an authorized agent to make a request under the CCPA, you may do so. If we receive a request from your agent, we will require that you provide the agent with written permission to do so and verify your own identity directly with us. If the agent does not submit proof that they have been authorized on your behalf, we may deny the request to know or delete.
Changes to Our Privacy Notice
We reserve the right to amend this Privacy Notice at our discretion and at any time. We will update this policy at least annually. When we make changes to this policy, we will post the updated Notice on our website along with the Notice’s effective date.
This Privacy Notice is effective on January 1, 2020.