 |
About the conference
Client Quotes
Agenda
Accommodations and travel
Sponsors
|
|
Privacy Guidelines and Principles
RiskLabs is a licensee of the TRUSTe Privacy Program. TRUSTe is an independent, non-profit
organization whose mission is to build users' trust and confidence in the Internet
by promoting the use of fair information practices. This privacy statement covers
the site aonriskconsole.com and riskconsole.com. Because this web site wants to
demonstrate its commitment to your privacy, it has agreed to disclose its information
practices and have its privacy practices reviewed for compliance by TRUSTe.
Safe Harbor Privacy Policy:
Risk Laboratories, LLC (“RiskLabs”) abides by the Safe Harbor Principles
issued by the U.S. Department of Commerce on July 21, 2000 (the “Principles”)
with respect to Personal Data it collects. For purposes of this policy, “Personal
Data” means information that:
- Is transferred from the European Union to the United States;
- Is recorded in any form;
- Is about, or pertains to, a specific individual; and
- Can be linked to that individual.
For purposes of this policy, “Data Subject” means the individual about
whom the Personal Data relates.
Personal Data Processed for Customers - RiskLabs provides customized risk management
information systems to help companies manage their claims and exposure information
more effectively. In this capacity, RiskLabs does not directly collect the
Personal Data it processes, as such Personal Data is collected and controlled by
RiskLabs' customers. In the case of Personal Data so transferred to RiskLabs, the
customer remains responsible for compliance with the relevant EU member state’s
data protection law vis-à-vis the Data Subject. Pursuant to these laws, the
customer is obligated to enter into a data transfer agreement that sets forth the
specific steps RiskLabs must take to protect and secure the Personal Data in question.
As such, when RiskLabs is acting as the processor (i.e., not directly collecting
Personal Data from Data Subjects) the data transfer agreement, rather than the Principles,
specifies the data protection measures RiskLabs is required to follow.
Personal Data Collected From Data Subjects – Where RiskLabs collects Personal
Data directly from Data Subjects, it has committed to apply the Principles.
The following is a summary of the processes RiskLabs has in place to comply with
the Principles:
Notice and Choice
Individuals may visit RiskLabs’ public web site, without disclosing any Personal
Data. RiskLabs may track activity of visitors to its web site in order to
analyze trends, monitor and to improve and refine the functionality of the site.
RiskLabs does set a persistent cookie to store regional preferences so the visitor
does not have to select it more than once, which enhances the visitor experience
on the RiskLabs’ site. As is true of most Web sites, RiskLabs gathers certain
information automatically and stores it in log files. This information includes
Internet protocol (IP) addresses, browser type, Internet service provider (ISP),
referring/exit pages, operating system, date/time stamp and click stream data. This
data is aggregated and is not stored in any personally identifiable form.
Cookies are not linked to personally identifiable information. Additionally,
the website includes an online form for visitors to request additional company and
product information. In order to fulfill these requests, the visitor may be required
to submit Personal Data. The only Personal Data that RiskLabs will collect is name,
title, company name, email address, and phone number. This Personal Data will only
be used to respond to sales inquiries, to provide RiskLabs publications and for
marketing campaigns. RiskLabs may disclose Personal Data if required to do
so by law or to protect and defend the rights or property of RiskLabs.
We reserve the right to disclose your personally identifiable information as required
by law and when we believe that disclosure is necessary to protect our rights and/or
company with a judicial proceeding, court order, or legal process served on the
Web site.
If RiskLabs is required to obtain individual consent before collecting, processing
or disclosing Personal Data it will offer Data Subjects the opportunity to choose
whether their Personal Data is: (a) to be disclosed to a non-agent third party,
or (b) to be used for a purpose other than the purpose for which it was originally
collected or subsequently authorized by the Data Subject. RiskLabs will provide
Data Subjects with reasonable mechanisms to exercise their choices should requisite
circumstances arise.
Also, please note that RiskLabs is not responsible for the content or privacy practices
of non-RiskLabs web sites to which any RiskLabs web site may link. Data Subjects
should review the privacy policy of such sites before using the sites.
Onward Transfer (Transfers to Third Parties)
It is RiskLabs’ policy to ensure that Personal Data is not used or disclosed
except as necessary to provide requested goods and services, to protect the confidentiality
or security of Personal Data or as otherwise permitted by law. RiskLabs does not
rent, sell or share Personal Data with other companies, including RiskLabs’
parent, subsidiary and affiliate companies for marketing purposes. However,
in those situations where RiskLabs retains third parties to perform processing tasks,
RiskLabs requires that these third parties either:
Subscribe to the Principles, the EU Data Protection Directive or another adequacy
finding; or Enter into a written agreement with RiskLabs requiring the third party
to provide an equivalent level of protection as provided by RiskLabs.
Access
A Data Subject may request that RiskLabs provide access to his/her Personal Data.
Upon receipt of such a request, RiskLabs will confirm whether or not it possesses
Personal Data relating to the Data Subject and, where appropriate and necessary,
will correct, amend, or delete the Personal Data. This right only applies to Personal
Data relating to the Data Subject making the request and is subject to other limitations
as defined by law.
Individuals should direct such requests to:
RiskLabs
Privacy Officer
531 Roselane Street
Suite 800
Marietta, GA doug_wilson@ars.aon.com
RiskLabs' Privacy Officer may provide additional directions on how to submit such
a request. In order to confirm the identity of the Data Subject and have the
necessary information to retrieve the Data Subject's information, RiskLabs may request
additional information and reasonable administrative fees to process the request.
Filing a request in English will expedite the process.
RiskLabs agrees to process all reasonable requests for access within five (5) business
days, but reserves the right to deny or limit access in cases where the burden or
cost of providing access would be disproportionate to the risks to the Data Subject’s
privacy or in the case of vexatious or fraudulent requests.
Security
It is the policy of RiskLabs to ensure that appropriate physical, technical and
administrative controls are in place to safeguard against the unauthorized disclosure
of Personal Data. RiskLabs limits access to Personal Data to those persons
in RiskLabs’ organization that have a specific business purpose for accessing
such Personal Data. The security of your personal information is important
to us. When you enter sensitive information (such as credit card number and/or
social security number) on our registration or order forms, we encrypt that information
using secure socket layer technology (SSL).
Data Integrity: RiskLabs takes reasonable steps to ensure the Personal
Data is reliable, accurate and complete. The steps RiskLabs takes to ensure data
integrity are made in light of the purposes for which the Personal Data is used.
It is the policy of RiskLabs to ensure that all Personal Data is maintained only
as long as necessary or as otherwise permitted by law.
Enforcement: Data Subjects should direct questions or concerns regarding
this policy or RiskLabs handling of their Personal Data to:
RiskLabs
Privacy Officer
531 Roselane Street
Suite 800
Marietta, GA 30067
RiskLabs' Privacy Officer will explain the process to be followed when raising such
a question or concern. Submitting the question or concern in English will expedite
the process.
If you have questions or concerns regarding this statement, you should first contact
the RiskLabs’ Privacy Officer at doug_wilson@ars.aon.com.
If you do not receive acknowledgment of your inquiry or your inquiry has not been
satisfactorily addressed, you should then contact TRUSTe at
http://www.truste.org/consumers/watchdog_complaint.php. TRUSTe will then
serve as a liaison with the Web site to resolve your concerns.
Changes in this Privacy Statement
We reserve the right to modify this privacy statement at any time, so please review
it frequently. If we make material changes to this policy, we will notify
you here, by email, or by means of a notice on our home page.
This Privacy Statement was last updated on August 2, 2007.
Communications from the Site
Special Offers and Updates
We will occasionally send you information on products, services, promotions, etc.
You can sign up for these emails from us on our registration page.
Out of respect for your privacy, we present the option not to receive these types
of communications. Please see the “Choice and Opt-out.”
Newsletters
If you wish to subscribe to our newsletter(s), we will use your name and email address
to send the newsletter to you. Out of respect for your privacy, we provide
you a way to unsubscribe. Please see the “Choice and Opt-out”
section.
Service-related Announcements
We will send you service-related announcements on rare occasions when it is necessary
to do so. For instance, if our service is temporarily suspended for maintenance,
we might send you an email.
Generally, you may not opt-out of these communications, which are not promotional
in nature. If you do not wish to receive them, you have the option to deactivate
your account. [You may opt-out of these communications. Please see “Choice
and Opt-out.”]
Customer Service
Based upon the personally identifiable information you provide us, we will send
you a welcoming email to verify your username and password. We will also communicate
with you in response to your inquiries, to provide the services you request, and
to manage your account. We will communicate with you by email or telephone, in accordance
with your wishes.
Choice/Opt-out
We provide you the opportunity to ‘opt-out’ of having your personally
identifiable information used for certain purposes, when we ask for this information.
For example, if you sign up for our user conference but do not wish to receive any
additional marketing material from us, you can indicate your preference on our form.
If you no longer wish to receive our newsletter and promotional communications,
you may opt-out of receiving them by following the instructions included in each
newsletter or communication or by emailing us at
esolutions@aon.com. We offer an opportunity to opt-out of certain
communications on our website, or you may contact us at
esolutions@aon.com to opt-out.
You will be notified when your personal information is collected by any third party
that is not our agent/service provider, so you can make an informed choice as to
whether or not to share your information with that party.
Last updated 18 October 2007
|
|
|
|