Crawford Online Privacy Policy

Effective Date: August 1, 2019

Who we are

Crawford & Company is a global, independent provider of claims management solutions, providing integrated claims services, business process outsourcing and consulting services worldwide to the risk management and insurance industry, as well as to self-insured entities. We are committed to protecting the privacy of the personal information we collect and providing clear information about how we handle personal information. We encourage you to read this Crawford Online Privacy Policy carefully so that you understand how we treat your personal information and what rights you may have.

Scope of this policy

This Crawford Online Privacy Policy (the “Policy”) applies to Crawford & Company and its affiliate and subsidiary companies (together, “Crawford”, “we”, “us” or “our”), and explains how we collect, use and disclose personal information about users of our relevant websites, including associated pages and online services, that display this Privacy Policy (the “Sites”). This Policy is intended to disclose the personal information that we collect about users of our Sites, and to explain how we use and disclose this personal information, and the choices and rights individuals have regarding this personal information.

Crawford & Company is the responsible party (e.g., “data controller”) for your personal information collected and processed under this Policy. Where the processing of personal information is also undertaken by other Crawford Group companies with whom you engage, they are joint controllers with Crawford & Company for your personal information. See the “Contact Us” section below for a list of relevant Crawford Group members (“joint controllers”) and their locations, as well as details on how to contact Crawford or exercise your rights with respect to your personal information.

GDPR and Crawford’s EU Privacy Notice (“EU Privacy Notice”): Our EU Privacy Notice available here contains additional information about how we process personal information that is subject to the EU General Data Protection Regulation and associated European Union/European Economic Area (“EEA”) national laws (together, the “GDPR”). Crawford’s EU Privacy Notice applies to our processing of personal information from EU users of the Sites, as well as other personal information that is subject to the GDPR.

Information we collect

We may collect personal information directly from you, such as when you register for news and information, contact us online or submit forms through the Sites. We may also collect personal information from third parties and automatically through your use of the Sites. In this Policy, “personal information” means any information that identifies or could be used to identify an individual person, and includes other similar terms like personal data or personally identifiable information.

Information collected directly. We collect information that you provide to us or share on the Sites, such as:

Registration Information and Requests. Many of our Sites and other information available on our Sites can be accessed without registering. However, we may require you to submit your name, company name and contact information to access certain products or information, such as reports and whitepapers or e-learning content. We may also require registration or the completion of an online form to submit certain inquiries, jobs or other requests. The information that we collect will vary depending upon the context of your request, but will generally include your name, company name, contact details, a description of your request and other relevant information. We will tell you what information is mandatory and what is optional.
Communications. When you email us, call us or contact us, we maintain records about our interactions and communications with you.
Customer Service and Support. We also maintain records related to customer support and customer service related requests, including the nature of the request, name and contact information of the requestor, associated company name, and information related to the resolution of the request.
Comments and Content. Some areas of the Sites may allow you to comment, share or post other content. When you view this content, we keep a record of our content and it may be viewable by other users of the Sites. You may ask us to remove such content as set out below.
Recruiting and Job Applicants. If you apply for an employment position with us online, we will collect information such as your name, contact information, CV/resume, professional qualifications, job history and other information relevant to your application or that you otherwise submit to us.
Professionals, Experts, Contractors. We work with external professionals, experts, consultants and others in order to deliver our client services and otherwise make our products and services available. We may collect information through the Sites of these third parties, in order to consider them, review their qualifications or assign specific tasks or jobs to them.

Automatically-collected information

We use cookies, log files, pixel tags, local storage objects and other tracking technologies to automatically collect information when users access or use the Sites, such as IP address, general location information, domain name, page views, a date/time stamp, browser type, device type, device ID, Internet service provider (“ISP”), referring/exit URLs, operating system, language, clickstream data and other information about the links clicked, features used, size of files uploaded, streamed or deleted and similar device and usage information. This automatically-collected information may also include hashed identifiers derived from email addresses for the purposes of cross-device tracking for targeted advertising.

For more information, see the “Cookies and similar devices” section below.

Other information

Access-restricted Areas and Submission Forms. We may make available access-restricted portals and certain submission forms, to allow clients and other third parties (e.g., claimants) to provide us with information or review information related to our client services. You must be authorized to use or access these areas, and if you register online to access them or otherwise submit information through them, we may take steps to verify your authorization and identity, including by requesting additional information from you or third parties (such as the clients for whom we are acting). While these forms and portals may be available or linked to from the Sites, they are subject to additional policies and terms.
Client-services and Claims-related information. We handle personal information as a result of providing our claims handling and related services to our clients (the “client services”). This information may include claims-related information, transactional details, health, disability and medical information, identification information and other information; our handling of this personal information is subject to our client agreements (and their respective policies)–not this Policy–since we are acting on behalf of and under the instruction of our clients (i.e., as a data processor).

Client Claims Data

Our primary business is to provide claims management and related services globally – including third party claims administrator (or “TPA”) services, loss adjusting and associated risk, consulting and other services. Generally, we provide these services to entities that provide coverage, issue or underwrite the policies, or are otherwise responsible for payment of the claims that we handle. We refer to these entities as “insurers” which broadly includes insurance companies, brokers, agents, underwriters, self-insured entities, and others entities that issue or underwrite policies, provide coverage for, or otherwise make decisions regarding the claims we handle.

As a part of our claims management services, we process claims and handle administrative functions for insurers, such as receiving notices of claims, administering forms and documentation requests and providing customer support-related services to claimants. We also help insurers assess and establish their liability for particular claims and make recommendations related to the settlement of claims, including payments, repairs and replacements. We process personal information during the course of providing our claims management activities to insurers.

Our processing of personal information related to our claims processing is subject to the instructions of our respective clients – not this Online Privacy Policy. While our role depends upon the relevant circumstances, Crawford is generally a data processor or service provider regarding the personal information that we process in the course of providing our claims handling services to insurers; we only process such personal information on behalf of and under the instruction of our clients or where otherwise required by law. In the event we are required to provide further notice of our processing of claims-related data for insurers, our activities will be subject to a privacy notice that is separate from this one.

Use of personal information

In the course of conducting our business, we use personal information to provide and improve our services, to process employment inquiries, to provide information about our products and services, to respond to requests and to otherwise communicate with you and others.

Providing Support and Services: To provide and operate our services and the Sites, communicate with you about your use of the Sites, respond to your inquiries, provide troubleshooting, fulfill your orders and requests, process your payments, and complaints and inquiries, provide technical support and for other customer service and support purposes.
Personalization: To tailor content we send or display on the Sites in order to offer location customization and personalized help and instructions and to otherwise personalize your experiences.
Marketing and Promotions: For direct marketing and promotional purposes. To send you newsletters, special offers or promotions and contact you about our products or services or information we think may interest you. If you are located in a jurisdiction that requires opt-in consent to receive electronic marketing messages, we will only send you such messages if you opt-in to receive them. We do not use the information we collect from third parties in providing the client services or handling specific claims for marketing and promotional purposes.
Analytics and Improvement: To better understand how users access and use the Sites and other products and offerings and for other research and analytical purposes, such as to evaluate and improve our services and business operations and to develop additional products, services and features.
Protect Our Legal Rights and Prevent Misuse: To protect the Sites and our business operations; to prevent and detect fraud, unauthorized activities and access and other misuse; where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party as well as violations of our Terms of Use or this Privacy Policy.
Comply with Legal Obligations: To comply with the law or legal proceedings. For example, we may disclose information in response to subpoenas, court order, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements.
General Business Operations: Where necessary to the administration of our general business, accounting, record keeping and legal functions.
Anonymous and De-identified Information. We may de-identify information and create anonymous and aggregated data sets and reports in order to assess, improve and develop our business, products and services, prepare benchmarking reports on our industry and for other research and analytics purposes.
Client Services and Claims Handling. As noted, we may collect certain personal information online that is used to provide our client services (including claims handling services), and we use such personal information on behalf of and under the instructions of our clients and subject to our client agreements.

Disclosure of information

We do not sell your personal information to third parties. In general, we disclose the personal information we collect as follows:

Crawford Group. As a global company, your personal information may be shared amongst our affiliated and subsidiary companies (listed here), whose handling of personal information is subject to this Policy.
Service Providers. We may share your information with third-party service providers who use this information to perform services for us, such as payment processors, hosting providers, auditors, advisors, consultants and customer service and support providers.
Enterprise Users. If you use the Sites on behalf of your company (our client), we may share such information with the relevant client.
Business Transfers. We may disclose or transfer information, including personal information, as part of any merger, sale, and transfer of our assets, acquisition or restructuring of all or part of our business, bankruptcy or similar event, including related to due diligence conducted prior to such event where permitted by law.
Legally Required. We may disclose your information if we are required to do so by law (e.g., to law enforcement, courts or others, e.g., in response to a subpoena or court order).
Protect our Rights. We may disclose information where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation and protect the rights, property or safety of Crawford, our clients and customers or others.
Anonymized and Aggregated Data. We may share aggregate or de-identified information with third parties for research, marketing, analytics and other purposes, provided such information does not identify a particular individual.
Referrals. Where you submit a request for a referral related to a project, repair or other request, or ask us to refer you to or match you a contractor, expert or other professional (such as through Contractor Connection network), we will share the information that you provide us, with network contractors, experts or other professionals who may be able to assist with your project.
Client Services and Claims-related Personal Information. As noted above, we are a service provider to our clients, and a data processor with respect to the personal information we collect in performing our client services (including claims handling services). Any personal information we collect related to handling claims on behalf of our clients, may be disclosed to such clients or others as directed by our clients; such disclosures are subject to our clients’ policies.

Cookies and similar devices

We and our service providers use cookies, pixels, java script and other tracking mechanisms to track information about your use of our Sites, and we may combine this information with other information, including personal information, we collect about you. Our Cookie Policy contains further information about our use of cookies.

Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Sites, while others are used to enable a faster log-in process or to allow us to track your activities while using our Sites. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.

Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our Sites to, among other things, track the activities users of our Sites, help us manage content, and compile statistics about usage of our Sites. We and our third-party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Log files. Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version and internet browser type and version. This information is gathered automatically and stored in log files.

Third-Party Analytics. We also use automated devices and applications, such as Google Analytics (more information here) to evaluate use of our Sites. We use these tools to gather non-personal data about users to help us improve our Sites and user experiences. These analytics providers may use cookies and other technologies to perform their services and may combine the information they collect about you on our Sites with other information they have collected for their own purposes. This Policy does not cover such uses of data by third parties.

Do-Not-Track Signals. Our Sites do not respond to do-not-track signals. For more information about do-not-track signals, please click here. You may, however, disable certain tracking as discussed above (e.g., by disabling cookies) and set out in our Cookie Policy.

Interest-based advertising

On some of our Sites, we may work with third-party ad networks, analytics companies, measurement services and others (“third-party ad companies”) to display advertising on our Sites and to manage our advertising on third-party sites, mobile apps and online services. We and these third-party ad companies may use cookies, pixels tags and other tools to collect activity information on our Sites (as well as on third-party sites and services), as well as IP address, device ID, cookie and advertising IDs, and other identifiers, general location information and, with your consent, your device’s geolocation information; we and these third-party ad companies use this information to provide you more relevant ads and content and to evaluate the success of such ads and content.

Please see our Cookie Policy for information about the third parties we may work with to display targeted ads on third-party sites and to measure the success of our marketing and campaigns. You may also obtain more information about targeted or “interest-based advertising” and opt-out of many ad networks at the industry websites below:

Please also see our Cookie Policy for more information.

Direct marketing

We may send periodic promotional emails to you and where required by law, we will obtain your consent to do so. You may opt-out of such communications by following the opt-out instructions contained in the promotional email. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any services you have requested or received from us.

International transfers

We are a global company, and the data that we collect from you may be transferred to, accessed or stored in and subject to requests from law enforcement in jurisdictions outside of your home jurisdiction, including the United States, the Philippines, Australia, Canada, the European Union and other jurisdictions (see group companies listed here) in which we (or our service providers) operate. Some of these jurisdictions, including the United States and the Philippines, may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms and/or data transfer agreements.

If you are in the European Economic Area, and we process your personal information in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we will implement measures to adequately protect your personal information, such as putting in place standard contractual clauses approved by the European Commission (the form for these clauses can be found here) or another measure that has been approved by the EU Commission as adducing adequate safeguards for the protection of personal information when transferred to a third country.

Security

We have implemented appropriate safeguards and technical measures to protect the personal information that we have under our control from unauthorized access, use or disclosure (such as where appropriate, access controls and encryptions). However, no data security measures can guarantee 100% security.

Retention

As a general rule, we retain your personal information for as long as necessary to fulfil the purposes for which it was collected or as necessary to comply with our legal obligations, resolve disputes, maintain appropriate business records, as required by clients and to enforce our agreements. We may retain personal data for longer where required by our regulatory obligations, professional indemnity obligations or where we believe it is necessary to establish, defend or protect our legal rights and interests or those of others.

Your choices and rights

We know the importance of accurate data.

Access, Amend and Correct. If you wish to access personal information that you have submitted to us, to request the correction of any inaccurate information you have submitted to us, to request deletion of or object to processing of your information or to request a paper copy of this Privacy Policy, please send you request to privacy@global.crawco.com.

Direct Marketing. You may always opt-out of direct marketing emails from us by following the instructions in such emails or emailing privacy@global.crawco.com. Crawford may continue to send you transactional or service-related communications, such as service announcements and administrative messages.

Complaints. We will take steps to try to resolve any complaint you raise regarding our treatment of your personal information. You also have the right to raise a complaint with the privacy regulator in your jurisdiction.

EU Individuals. Additional information for EU individuals about their rights under EU data protection laws is available in our EU Privacy Notice.

Your California privacy rights

California residents have the right to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclose to third parties for their own direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to privacy@global.crawco.com.

Third-party sites

Crawford’s Sites may contain links to third-party websites or services. We are not responsible for the data privacy practices of such third parties, whose practices are subject to their own privacy policies and procedures, not to Crawford’s Online Privacy Policy.

Information about children

Our Sites are not directed towards children and we do not encourage children to participate in providing us with any personal information. We do not knowingly collect any personal information from children under the age of 16. If you have reason to believe that a child under the age of 16, without a parent or guardian's consent, has provided personal information to us through the Sites, please contact us at privacy@global.crawco.com.

Changes to this privacy policy

We may update this Privacy Policy from time to time to reflect changes and will post changes by updating the Privacy Policy (and effective date) on this page. If we make any material changes that affect how we treat your personal information, we will endeavor to notify you in advance, such as by prominently posting a notice on this website or by directly sending you a notification. We encourage you to periodically review this website and our Policy to understand how Crawford protects your personal information. Once effective, the revised Policy will apply to you and your personal information.

Contact us

If you have questions or concerns regarding this Policy, please contact us at:

Crawford Global Privacy Office
Chief Privacy Officer
privacy@global.crawco.com

If you are in the European Union, you may also contact our EU Data Protection Officer as set out in the EU Privacy Notice.

Other Crawford Group members

Crawford & Company
5335 Triangle Parkway NW
Peachtree Corners, GA 30092 USA

UNITED STATES

Broadspire Services, Inc.
5335 Triangle Parkway NW
Peachtree Corners, GA 30092 USA

Crawford & Company International, Inc.
5335 Triangle Parkway NW
Peachtree Corners, GA 30092 USA

AUSTRALIA

Crawford & Company (Australia) Pty Limited
Level 18, 383 Kent Street
Sydney, NSW 2000 AU

CANADA

Crawford & Company (Canada) Inc.
Riverbend to 200-2300 University Ave E,
Waterloo, ON N2K 0A2