Privacy Policy TM Claims Service

Effective Date: August 23, 2024

TM Claims Service

TM Claims Service, Inc. (“TMCS”) is concerned about the privacy of its customers and website visitors. This Privacy Policy describes how TMCS collects, processes, protects, or otherwise handles the information you provide to us when you visit tmclaims.com.

Information Collected and its Uses

When registering, submitting a claim, or otherwise using our site, you may be invited to share personally identifiable information, including your name, address, email address, telephone number, and log-in ID and password in order for us to contact you, to determine eligibility for a requested product or service, to administer a requested product or service, to advise you about other available products and services, and to provide you with a better user experience.

Passively collected Information

We automatically receive certain information from your browser when you visit our site for internal purposes only, such as to identify trends or to improve our customer service. This information includes the number of visits to our website and your IP address, login time, logout time, browser type, system type, and time zone. If you register for our site and log in using your credentials, we also receive your log-in time and log-out time. If you opt-in to receive emails from us, our emails may also include an embedded image that tells us whether you opened the email.

TMCS has developed policies and procedures for the protection of non-public personal and financial information and maintains safeguards to protect data and files containing customer’s non-public information. All TMCS employees are responsible for the protection of non-public personal information and are responsible for compliance with TMCS’ privacy policies.

Information Sharing

Information Shared Within Tokio Marine Family of Companies

We may share information with our family of companies for a variety of purposes, including improving our products and services and providing you with the latest information about our products and services.

Information Shared with Vendors

We work with a limited number of vendors and business partners who assist us process claims and facilitate the requested transactions along with those who help us operate tmclaims.com, process data, and deliver emails. TMCS shares information with these vendors pursuant to a written vendor agreement containing data security and privacy provisions to safeguard the integrity and confidentiality of your personally identifiable information.

Information Shared with Other Third Parties
We do not sell or trade your information with other unrelated third parties. However, we may disclose your information to third parties (other than those identified above) in certain circumstances, including but not limited to:
  • to comply with valid legal process including subpoenas, court orders or search warrants, and as otherwise authorized by law; in cases involving danger of death or serious physical injury to any person or other emergencies;
  • to protect our rights or property or the safety of our customers or employees;
  • to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of our products and services;
  • to advance or defend against complaints or legal claims in court, administrative proceedings, and elsewhere;
  • to a third party that you have authorized to verify your account information;
  • to outside auditors and regulators; and
  • with your consent.

In the event there is a merger, acquisition, or sale of all or a portion of TMCS’ assets or business, your information may also be transferred as a part of or in connection with the transaction.

Our Use of Cookies

Cookies are small data files transmitted from a website or its service providers and stored your computer by your web browser. Our site uses first-party session cookies necessary for the functionality of the website. This means that the cookies are put on your device by our website, not a third-party, and expire once you navigate away from our site or close your browser.

You may change your browser settings to have your computer warn you each time a cookie is being sent or to turn off all cookies. Each browser is a little different, so please review your browser's settings and help center to modify your cookie settings. Please note that if you choose to disable cookies, some website features may not be fully functional.

Links to Third-Party Websites and Content

Our website may include links to third-party websites and content on those sites. Our site may also feature embedded media, such as images or videos, that are hosted on other third-party platforms. When you click on these links or interact with these types of external content, the third-party providers of such content may place their own cookies on your computer, access existing cookies, and gather information about you. To learn about how these third parties treat the data they collect from you, please review their respective privacy policies.

Marketing Emails

Marketing emails you receive from TMCS include instructions on how to unsubscribe from and opt-out of receiving future marketing-related emails. You may also opt-out of receiving marketing-related emails by contacting us through any of the methods identified in the “Contact Us” section.

Text Messages

You may sign up to receive text messages from TMCS or third-party service providers on behalf of TMCS. By using our services, signing up for text messaging services, or otherwise opting in to receive text messages, you agree that you have provided TMCS or its third-party service providers that send text messages on TMCS’s behalf with prior express written consent to be contacted by text message, including recurring automated promotional and personalized marketing text messages.

  1. By providing prior express and/or prior express written consent, you agree to receive text messages under the Telephone Consumer Protection Act and related state laws, including by the use of an automatic telephone dialing system (“ATDS”) to deliver text messages to the mobile phone number which you provided to TMCS. While you consent to receive messages sent using an ATDS (or “autodialer”), the foregoing shall not be interpreted to suggest or imply that any or all of TMCS mobile messages are sent using an autodialer. We will use the information provided by you in connection with the text messaging services in accordance with this Privacy Policy. Your consent is not a condition of any purchase or use of our services and your consent to be contacted as described is voluntary. The number of text messages you receive may vary based upon the text messaging service(s) you sign up for. Message and data rates may apply.
  2. You may revoke your consent and opt out to discontinue text messages at any time. If you no longer want to receive text messages from us, reply STOP (or as otherwise instructed).
  3. We may share your phone number with our service providers that send text messages on our behalf in accordance with this Privacy Policy. SMS consent and phone number will not be shared with third parties.

Telemarketing

Federal “Do Not Call” laws allow you to place your phone numbers on the National Do Not Call Registry to prohibit many telemarketing calls to those numbers. To add your numbers to this list, please call 1.888.382.1222 or visit the National Do Not Call Registry website at http://www.donotcall.gov/.

However, please be aware that most telemarketing laws allow companies to contact their own customers without consulting the federal or state Do Not Call list. If you would like to be removed from our telemarketing list, please contact us through any of the methods identified in the “Contact Us” section.

California Online Privacy Protection Act

We do not knowingly market to or solicit personal information from children under the age of 13 without obtaining verifiable parental consent.

Category Examples Collected
A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Yes
C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Yes
D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes
E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

No
F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Yes
G. Geolocation data.

Physical location or movements.

Yes
H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

No
I. Professional or employment-related information.

Current or past job history or performance evaluations.

Yes
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

No
K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

No

Information Security

We use reasonable security measures to protect against unauthorized access to any information you may provide us. However, please note that no website or company can fully eliminate security risks. Despite our efforts to safeguard your information, third parties may circumvent our security measures to intercept or access data transmissions or personally identifiable information.

Updates to Our Privacy Policy

We may update our Privacy Policy as necessary, so please check back periodically for changes. You will be able to see that changes have been made by reviewing the effective date at the end of the Privacy Policy.

Contact Us

If you have any questions, concerns, or requests related to our Privacy Policy, please contact us at:

TM Claims Service, Inc.
Attn: Privacy Request
800 E. Colorado Blvd., Suite 800
Pasadena, California 91109-7316
COMPLIANCE@tmclaimsservice.com
1-800-688-8627


PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

This Privacy Notice for California Residents supplements the information contained in the Privacy Policy and applies solely to California residents. We adopt this notice to comply with the California Consumer Privacy Act of 2010 (“CCPA”), California Civil Code §§ 1798.100 et seq. Any terms defined in the CCPA have the same meaning when used in this Privacy Notice.

Information Collected

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Personal information does not include:
  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA's scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

Sources of Personal Information

We obtain the categories of personal information listed above from the following categories of sources:
  • Directly from you, the broker, insurer, or each their agents. For example, from documents that you provide to us related to claim submitted.
  • Indirectly from third party vendors. For example, through information we collect from our vendors through the course of our investigation and processing of the claim submitted.
  • Directly and indirectly from activity on our website (www.tmclaims.com). For example, from information submitted through our website or website usage details collected automatically.

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following business purposes:
  • to fulfill or meet the reason for which the information is provided. For example, if you provide us with personal information in conjunction with a claim, we will use that information to process the claim.
  • to provide you with information, products or services that you request from us.
  • to provide you with email alerts, event registrations and other notices concerning our products or services, or news, that may be of interest to you.
  • to improve our website and present its contents to you.
  • For testing, research, analysis, and development of new products and services.
  • to comply with valid legal process including subpoenas, court orders or search warrants, and as otherwise authorized by law; in cases involving danger of death or serious physical injury to any person or other emergencies;
  • to protect our rights or property or the safety of our customers or employees;
  • to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of our products and services;
  • to advance or defend against complaints or legal claims in court, administrative proceedings, and elsewhere;
  • to a third party that you have authorized to verify your account information;
  • to outside auditors and regulators; and
  • with your consent.
  • to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
  • A: Identifiers
  • B: California Customer Records
  • C: Protected classification characteristics
  • D: Commercial information
  • F: Internet or network activity
  • G: Geolocation data
  • I: Professional or employment-related information
We disclose your personal information for a business purpose to the following categories of third parties:
  • Tokio Marine Family of Companies.
  • Service providers.
  • Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.

In the preceding twelve (12) months, we have not sold any personal information.

Your Rights and Choices

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:
  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a consumer request to us at:

TM Claims Service, Inc.
Attn: Privacy Request
800 E. Colorado Blvd., Suite 800
Pasadena, California 91109-7316
COMPLIANCE@tmclaimsservice.com
1-800-688-8627

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a consumer request related to your personal information. You may also make a consumer request on behalf of your minor child.

To submit a request, you must:
  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, including your full name, date of birth, address, email address, and phone number.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

You may only make a consumer request for access or data portability twice within a 12-month period.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if any.

For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Changes to Our Privacy Notice

We may update our Privacy Policy as necessary, so please check back periodically for changes. You will be able to see that changes have been made by reviewing the effective date at the end of the Privacy Policy. We reserve the right to amend this privacy notice at our discretion and at any time.

Contact Information

If you have any questions or comments about this Privacy Notice, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under the CCPA, please do not hesitate to contact us at:

TM Claims Service, Inc.
Attn: Privacy Request
800 E. Colorado Blvd., Suite 800
Pasadena, California 91109-7316
COMPLIANCE@tmclaimsservice.com
1-800-688-8627

TM CLAIMS SERVICE, INC.
DATA PRIVACY FRAMEWORK PRIVACY POLICY
FOR EUROPEAN DATA SUBJECT PERSONAL DATA

Effective Date: July 5, 2024

INTRODUCTION

TM Claims Service, Inc. (“TMCS”) strives to properly address applicable data protection and privacy legal requirements. TMCS recognizes that the European Union (“EU”) has an “omnibus” data protection regime established pursuant to the General Data Protection Regulation (the “GDPR”). Among other things, the GDPR generally requires “adequate protection” for any EU resident personal data (“European Union Data Subject Personal Data”) TMCS transfers to TMCS operations in the United States. To address this requirement, TMCS adheres to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF), as set forth by the US Department of Commerce to apply to European Data Subject Personal Data that TMCS receives in the United States.

TMCS has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. TMCS has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. For more information about the DPF, please refer to the Data Privacy Framework website at https://www.dataprivacyframework.gov/.

SCOPE

This TMCS Data Privacy Framework Privacy Policy (“Data Privacy Framework Policy”) provides TMCS’s customers in the EU, United Kingdom (and Gibraltar), and/or Switzerland with certain important information about how TMCS handles European Data Subject Personal Data in the United States in accordance with the Data Privacy Framework. This Data Privacy Framework Policy does not apply to data about data subjects located outside of the EU, United Kingdom (and Gibraltar), and/or Switzerland, or otherwise outside the scope of the GDPR, such as data subjects of the United States, or other non-EU jurisdictions.

NOTICE

European Data Subject Personal Data Transfers

The types of European Data Subject Personal Data that TMCS may receive in the United States include, but not necessarily limited to, personal data including vendor management data, data from visitors to our websites and personal information from and related to European claimants.

TMCS also may receive certain information regarding an EU data subject’s spouse, family members, or other dependents for emergency contact purposes.

In addition, TMCS may receive European Data Subject Personal Data in the United States that is “personal data” within the meaning of the Data Privacy Framework and “sensitive data” in a few instances. In particular, where permitted by applicable law, TMCS may receive information regarding criminal records and health or medical data for purposes of insurance claims resolution, payment of claims and for insurance underwriting purposes.

Uses of European Data Subject Personal Data

TMCS will use and otherwise process European Data Subject Personal Data in the United States for the following purposes:
  • To determine eligibility for a product or service requested by a customer;
  • To administer policies or process claims on behalf of policy holders;
  • For administering a product or service that has been requested by a customer; and/or
  • For advising a customer about other products and services that are available.

As necessary in connection with these purposes, TMCS personnel in the United States may, on a limited basis, access and otherwise process European Data Subject Personal Data in connection with their job responsibilities, as described in TMCS’s Information Security Guidebook TMCS takes appropriate steps to ensure that such personnel are bound by duties of confidentiality with respect to European Data Subject Personal Data.

The lawful basis for TMCS’s processing of European Data Subject Personal Data will depend on the purposes of the processing. For most European Data Subject Personal Data processing activities covered by this Privacy Policy, the lawful basis is that the processing is necessary for TMCS’s legitimate business interests. Where TMCS processes European Data Subject Personal Data in relation to a contract, or a potential contract, with European Data Subjects, the lawful basis is that the processing is necessary for the performance of TMCS’s contract with those data subjects or to take steps at a European data subject’s request prior to entering into a contract. If TMCS is required to share European Data Subject Personal Data with law enforcement agencies or other governmental bodies, TMCS do so on the basis that it is under a legal obligation to do so. TMCS will also use consent as the legal basis where it deems appropriate or to the extent required by applicable law.

Depending on what European Data Subject Personal Data TMCS collects from European data subjects and how TMCS collects it, TMCS may also rely on various grounds for processing European Data Subject Personal Data, including the following reasons:

  • Processing on the basis of legitimate business interests. When TMCS processes European Data Subject Personal Data on the basis that the processing is necessary for its legitimate business interests, such interests include: (i) providing, improving, and promoting TMCS’s services; (ii) communicating with current and potential customers, other business partners, and their individual points of contact; (iii) managing TMCS’s relationships with its customers and other business partners, and its individual points of contact; (iv) other business development purposes; (v) sharing information within TMCS, as well as with service providers and other third parties; and (vi) maintaining the safety and security of TMCS’s products, services, and employees, including fraud protection.
  • Processing on the basis of performance of a contract. Examples of situations in which TMCS processes European Data Subject Personal Data as necessary for performance of a contract include transactions in which European Data Subjects purchase a service from TMCS.
  • Processing on the basis of consent. Examples of processing activities for which TMCS may use consent as its legal basis include: (i) sending promotional emails when consent is required under applicable law; and (ii) processing European Data Subject Personal Data on TMCS’s services through cookies and similar technologies when consent is required by applicable law.
  • Processing because TMCS is under a legal obligation to do so. Examples of situations in which TMCS must process European Data Subject Personal Data to comply with its legal obligations include: (i) providing European Data Subject Personal Data to law enforcement agencies and other governmental bodies when required by applicable laws; (ii) retaining business records required to be retained by applicable laws; and (iii) complying with court orders or other legal process.

If the processing of European Data Subject Personal Data is based on a data subject’s consent, the GDPR and Data Protection Act 2018 also allow users the right to access, revoke, or modify consent at any time. Please contact us at COMPLIANCE@tmclaimsservice.com to review or modify your consents.

CHOICE AND ONWARD TRANSFER

TMCS will only use European Data Subject Personal Data for the purposes for which such data was originally collected and will not disclose European Data Subject Personal Data to any third party, except with the appropriate consent of the affected individuals or as otherwise permitted under the Data Privacy Framework, including but not limited to in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements. In cases of onward transfer to third parties, TMCS remains responsible and liable under the Data Privacy Framework Principles if third parties process data in a manner inconsistent with the Principles, unless TMCS proves that it is not responsible for the event giving rise to the damage.

DATA SECURITY AND DATA INTEGRITY

TMCS maintains reasonable security measures to safeguard European Data Subject Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. TMCS also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete, and current.

DATA SUBJECT RIGHTS

European data subjects have the ability to access, review and update their own European Data Subject Personal Data in accordance with applicable law. European data subjects should transmit requests for access to their own European Data Subject Personal Data, in writing, to the Data Privacy Framework Contact identified below. Individuals noticing changes or inaccuracies to their European Data Subject Personal Data are responsible for informing the Data Privacy Framework Contact of such changes so that the European Data Subject Personal Data may be updated or corrected.

European Data Subjects also have the rights to:

  • Restrict the way that TMCS processes and shares their European Data Subject Personal Data;
  • Transfer their European Data Subject Personal Data to a third party;
  • Remove their European Data Subject Personal Data if no longer necessary for the purposes collected;
  • Object to TMCS’s processing of their European Data Subject Personal Data.

European Data Subjects may also revoke their consent for processing of their European Data Subject Personal Data. If a European Data Subject wishes to object to the use and processing of their European Data Subject Personal Data or withdraw consent to this Privacy Policy, they can contact TMCS using the information in the Contact Us section.

The requests above will be considered and responded to in the time-period stated by applicable law. Note, certain European Data Subject Personal Data may be exempt from such requests. TMCS may require additional information from European Data Subjects to confirm their identity in responding to such requests.

DISCLOSURES REQUIRED OR PERMITTED BY LAW

Regardless of any other provisions in this Data Privacy Framework Privacy Policy, TMCS may disclose or otherwise process European Data Subject Personal Data in the context of any sale or transaction involving all or a portion of the business, or as may be required or permitted by law, including to meet national security or law enforcement requirements, or the Data Privacy Framework.

ENFORCEMENT AND CONTACT INFORMATION

The Federal Trade Commission has jurisdiction over TMCS’s compliance with the Data Privacy Framework. In compliance with the EU-U.S. DPF and, as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF, TMCS has further committed to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved Data Privacy Framework complaints concerning our handling of personal data received from European Data Subject Personal Data transferred from the EU in reliance on the EU-U.S. DPF, and as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. Information regarding local contact information for local data protection authorities can be found at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.


The independent dispute resolution body designated to address complaints and provide appropriate recourse free of charge is the panel established by the EU DPAs and, as applicable, the UK Information Commissioner’s Office (ICO) (and the Gibraltar Regulatory Authority (GRA)), and/or the Swiss Federal Data Protection and Information Commissioner (FDPIC).


For any residual claims, an individual may invoke binding arbitration as set forth in Annex I of the Data Privacy Framework, provided that such individual has invoked binding arbitration by delivering notice to TMCS’s Data Privacy Framework Contact in accordance with the procedures and subject to the limitations set forth in Annex I of the Data Privacy Framework. In particular, an individual who decides to invoke this arbitration option must first: 1) raise the claimed violation directly with TMCS and afford the TMCS an opportunity to resolve the issue within the timeframe set forth in Section III.11(d)(i) of the Data Privacy Framework; 2) make use of the independent recourse mechanism under the Data Privacy Framework; and 3) raise the issue through their Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the International Trade Administration of the Department of Commerce. The independent recourse mechanism (IRM) will be EU DPAs only.


In compliance with the EU-U.S. DPF, and as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF, TMCS commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, and as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF, should first contact the TMCS Data Privacy Framework Contact:


TM Claims Service, Inc.
Attn: Data Privacy Framework Contact
800 E. Colorado Blvd., Suite 800
Pasadena, California 91109-7316
COMPLIANCE@tmclaimsservice.com