Last Updated: July 1, 2020
PayneWest Insurance, Inc. (PayneWest) delivers a promise to help secure our clients’ financial future by efficiently providing quality insurance products and service. While collecting and disclosing personal information about you is fundamental to our ability to do this, PayneWest is committed to protecting your privacy and the confidentiality of your information. This notice provides information to help you understand how we may collect information about you, the type of information we may collect, and what information we may disclose about you to nonaffiliated third parties.
This policy applies to information we collect:
- On this website https://paynewest.com/ (our “Website”), including email, text, chat, and other electronic messages between you and this Website
- In connection with our role as your insurance agent and consultant while using any of our access portals (as a “User”) and as a result of any other interaction you have with PayneWest personnel.
Your continued use of this Website or our services after we make changes is deemed to be acceptance of those changes, so please check regularly for those updates.
Purpose of this notice
The GLBA, which became effective July 1, 2001, and related privacy laws of the various states, generally prohibit us from sharing nonpublic, personal information about you with a third party in a manner not permitted by law. Similarly, the GDPR, as of May 25, 2018, prohibits us from processing any personal data of an individual without authorized grounds. The CCPA takes a similar approach, and provides further additional protections, such as the right to nondiscrimination for exercising your rights. This policy and practice notification describes the types of information that we collect about you and the categories of persons or entities to whom that information may be disclosed.
Information We Collect and Sources From Which We Collect It
Information We Collect Through Automatic Data Collection Technologies
At times throughout our site, we may ask you to provide information about yourself by filling out and submitting an online form. This information is completely optional. When you submit this information to PayneWest, it is never sold or rented to other companies. We collect this information to better understand your interest in our company and products. We constantly strive to improve PayneWest.com. We are interested in how clients and general Users interact with and use our Website. We may gather data about how users navigate our site to make our web experience easier and promotional items more personalized.
Cookies, pixel tags, web beacons, and other collection tool technologies are used to collect non-public, personal information to create a more individualized web experience. This includes, but is not limited to, device identifiers, hardware information, IP address, browser type, preferred language, and previous interactions with us. Our ultimate goal is to make your experience with PayneWest more convenient and personal.
Information We Collect From You and Other Sources
We collect information necessary to complete insurance transactions for you. We collect nonpublic information from you and about you from the various sources:
- Information we receive from you on applications or other related forms such as, name, address, email address, telephone number, Social Security number, and driver’s license number, financial statements, business plans – your personal data.
- Information about your transactions with us, such as payment history, policy numbers, and insurance premiums. We might receive this information from insurance carriers, managing general agents, and premium finance companies.
- Claims information we receive from you and third party claimants, such as from an accident report.
- Third-party reports from insurance-support organizations, such as from a consumer reporting agency, motor vehicle records, claims reports, and/or medical information, if relevant to your product or service. Information obtained from a report prepared by an insurance-support organization, such as a consumer reporting agency, may be retained by the support organization and disclosed to other persons.
- Information about you as an applicant with PayneWest or a prospect available from public data resources.
Information We May Disclose to Third Parties
In addition to providing information with your consent, we may disclose all of the information we collect, as described above, about you:
Processing Your Business
- When necessary to carry out our normal business activities, such as researching rates, providing you with quotes, submitting applications to insurance providers, processing transactions on your current policy at your request, procuring underwriting information through insurance-support organizations and conveying claims information onto an insurance provider;
- To insurance providers with whom we have joint marketing agreements;
- State Insurance Division or Department of Insurance or other insurance regulatory, law enforcement, or other governmental authority in order to protect our interest.
Technical Service Providers
- Website, application development, hosting, and maintenance third party service providers may have access to, or process personal data or client data as part of providing these services for PayneWest. We limit information which they can access and our contracts require them to maintain confidentiality of such information.
Law Enforcement, Legal Process and Compliance
- If required by law or in good faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other governmental subpoena or warrant, we will cooperate and disclose requested information.
Change of Ownership
- Personal data may be disclosed and transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
We do not disclose collected information about our former policyholders and certificate holders to anyone except as required by law.
Additional California Privacy Rights
We will not share any personal data with third parties for their direct marketing purposes to the extent prohibited by California law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance.
Our Practices Regarding Information Confidentiality and Security
We maintain physical, electronic, and procedural safeguards that comply with federal regulations and generally accepted industry standards to guard your nonpublic personal information.
No method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store with us, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your personal data has been compromised, please contact us as set forth in the “Contact Us” section.
If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.
PayneWest is a business associate within the scope of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations. As a business associate, we restrict the use and disclosure of protected health information (PHI) on behalf of our clients. We also provide for the security of electronic protected health information (ePHI) on behalf of clients. All of our Privacy and Security policies and procedures ensure compliance with HIPAA’s privacy and security requirements
Your Right to Access, Amend and Delete Your Personal Information
You may have the right to access, amend, and delete your personal data as detailed below under the GDPR, CCPA, or other applicable data protection regulation. You
have the right to non-discrimination. That is, we will not discriminate against you for exercising any of these rights. You have the right to opt-out of the sale of your personal information.
You have the right to request reasonable access to the personal information that we record about you. Your right includes the right to know the source of the information and the identity of the persons, institutions or types of institutions to whom we have disclosed such information. Your right includes the right to view such information and copy it in person or request that a copy of it be sent to you by mail (for which we may charge you a reasonable fee to cover our costs). Your right also includes the right to request corrections, amendments or deletions of any information in our possession. The procedures that you must follow to request access to or an amendment of your information are as follows:
To obtain access to your information: You should submit a request in writing to us addressed to Legal Department, PO Box 4386, Missoula, MT 59806 or you can email us at PWILegal@paynewest.com. The request should include your name, address, email address, telephone number, and the recorded information to which you would like access. The request should state whether you would like access in person or a copy of the information sent to you by mail or email. Upon receipt of your request, we will contact you within 30 business days (or sooner as required by regulation or law) to arrange providing you with access in person or the copy that you have requested.
To correct, amend, or delete any of your information: You should submit a request in writing addressed to Legal department, PO Box 4386, Missoula, MT 59806 or email us at PWILegal@paynewest.com. The request should include your name, address, email address, telephone number, the specific information in dispute, and the identity of document or record that contains the disputed information. Upon receipt of your request, we will contact you within 30 business days (or sooner as required by regulation or law) to notify you either that we have made the correction, amendment or deletion, or that we refuse to do so and the reasons for the refusal, which you will have an opportunity to challenge.
We may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise believe that we have a legitimate reason to do so.At any time, you may object to the processing of your personal data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact us. You also have a right to lodge a complaint with the appropriate regulatory body.
Your Right to Opt Out of Commercial Communication
If you receive marketing emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to the address provided below. Please be aware that if you opt-out of receiving marketing email from us it may take up to ten (10) business days for us to process your request. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the use of our services.
PayneWest has no direct relationship with a client’s customers or third party whose personal data it may process on behalf of a client. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the client they deal with directly. If the client requests we remove the data, we will respond to its request within thirty (30) days. We will delete, amend or block access to any personal data that we are storing only if we receive a written request to do so from the client who is responsible for such personal data, unless we have a legal right to retain such personal data. We reserve the right to retain a copy of such data for archiving purposes, or to defend our rights in litigation. Any such request regarding client data should be addressed as indicated in the section below, and include sufficient information for us to identify the client or its customer or third party and the information to delete or amend.
Your Right to Opt Out of the Sale of Personal Data
We do not sell your personal information. However, we support the CCPA by allowing California residents to opt out of any future sale of their personal information. If you would like to record your preference that the Company not sell your data in the future, you may contact us at 406-721-1000, or email us at PWILegal@paynewest.com.
We endeavor to only retain personal data for as long as the purposes for which we have initially collected it. Where that information is retained and necessary for us to comply with our legal obligations, resolve disputes, enforce our agreements, or comply with insurance regulations, we will retain that information for the period of time required for that purpose or 10 years from that date.
Our services are hosted in the United States. If you choose to use our services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you may be transferring your client data and personal data outside of those regions to the United States for storage and processing by our service providers.
We will comply with GDPR requirements providing adequate protection for the transfer of personal information from Europe to the U.S. Also, we may transfer your data to the U.S., the EEA, or other countries or regions deemed by the European Commission to provide adequate protection of personal data in connection with storage and processing of data, fulfilling your requests, and operating our services. We may also transfer your personal data to the other countries or regions not in the EEA or U.S., but will do so only with your consent or where we have agreements in place on such restricted data transfers with the relevant third party.
Data Controller and Data Processor
The client or the user is the data controller under the GDPR for any client data containing personal data, meaning that such party controls the manner such personal data is collected and used as well as the determination of the purposes and means of the processing of such personal data.
Where we collect information on our own behalf, and not to effectuate our services for a client, we are a data controller for purposes of the GDPR as to personal data of data subjects. For example, where we collect personal data for marketing purposes, we are a data controller. Where PayneWest is a data controller under the GDPR, we will comply with the requirements to provide adequate data privacy and protection of the personal data that we control.