Effective Date: May 25, 2018
Who We Are
Crawford & Company is a global, independent provider of claims management solutions, providing integrated claims services, business process outsourcing and consulting services worldwide to the risk management and insurance industry, as well as to self-insured entities. We are committed to protecting the privacy of the personal information we collect and providing clear information about how we handle personal information. We encourage you to read this Policy carefully so that you understand how we treat your personal information and what rights you may have.
GDPR and Crawford’s EU Privacy Notice (“EU Privacy Notice”): Our EU Privacy Notice available here contains additional information about how we process personal information that is subject to EU data protection laws (including those implementing the EU General Data Protection Regulation – or GDPR). Crawford’s EU Privacy Notice applies to our processing of personal information from users of the Sites, as well as others (such as our business customers, vendors and suppliers).
Note about what isn’t covered by this Policy: We handle personal information as a result of providing our claims handling and related services to our clients (the “client services”); how we handle this personal information is subject to our client agreements (and our clients’ respective policies) – not this Policy –since we are acting on behalf of and under the instruction of our clients (i.e., as a data processor). This Policy also does not cover any third-party websites, services or content.
Information We Collect
We may collect personal information directly from you, such as when you register for news and information, contact us online or submit forms through the Sites. We may also collect personal information from third parties and automatically through your use of the Sites. In this Policy, “personal information” means any information that identifies or could be used to identify an individual person, and includes other similar terms like personal data or personally identifiable information.
Information Collected Directly
We collect information that you provide to us or share on the Sites, such as:
- Registration Information and Requests. Many of our Sites and other information available on our Sites can be accessed without registering. However, we may require you to submit your name, company name and contact info to access certain products or information, such as reports and whitepapers, or e-learning content. We may also require registration or the completion of an online form to submit certain inquiries, jobs or other requests. The information that we collect will vary depending upon the context of your request, but will generally include your name, company name, contact details, a description of your request and other relevant information. We will tell you what information is mandatory and what is optional.
- Communications. When you email us, call us or contact us, we maintain records about our interactions and communications with you.
- Customer Service and Support. We also maintain records related to customer support and customer service-related requests, including the nature of the request, name and contact information of the requestor, associated company name, and information related to the resolution of the request.
- Comments and Content. Some areas of the Sites may allow you to comment, share or post other content. When you view this content, we keep a record of our content and it may be viewable by other users of the Sites. You may ask us to remove such content as set out below.
- Recruiting and Job Applicants. If you apply for an employment position with us online, we will collect information such as your name, contact information, CV/resume, professional qualifications, job history, and other information relevant to your application or that you otherwise submit to us.
- Professionals, Experts, Contractors. We work with external professionals, experts, consultants and others in order to deliver our client services and otherwise make our products and services available. We may collect information through the Sites of these third parties, in order to consider them, review their qualifications, or assign specific tasks or jobs to them.
- Access-restricted Areas and Submission Forms. We may make available access-restricted portals and certain submission forms, to allow clients and other third parties (e.g., claimants) to provide us with information or review information related to our client services. You must be authorized to use or access these areas, and if you register online to access them or otherwise submit information through them we may take steps to verify your authorization and identity, including by requesting additional information from you or third parties (such as the clients for whom we are acting). While these forms and portals may be available or linked to from the Sites, they are subject to additional policies and terms.
- Client-services and Claims-related information. We handle personal information as a result of providing our claims handling and related services to our clients (the “client services”). This information may include claims-related information, transactional details, health, disability and medical information, identification information, and other information; our handling of this personal information is subject to our client agreements (and their respective policies) – not this Policy –since we are acting on behalf of and under the instruction of our clients (i.e., as a data processor).
Use of Personal Information
In the course of conducting our business, we use personal information to provide and improve our services, to process employment inquiries, to provide information about our products and services, to respond to requests and to otherwise communicate with you and others.
- Providing Support and Services: to provide and operate our services and the Sites, communicate with you about your use of the Sites, respond to your inquiries, provide troubleshooting, fulfill your orders and requests, process your payments, and complaints and inquiries, provide technical support, and for other customer service and support purposes.
- Personalization: to tailor content we send or display on the Sites in order to offer location customization and personalized help and instructions, and to otherwise personalize your experiences.
- Marketing and Promotions: for direct marketing and promotional purposes. To send you newsletters, special offers or promotions, and contact you about our products or services, or information we think may interest you. If you are located in a jurisdiction that requires opt-in consent to receive electronic marketing messages, we will only send you such messages if you opt-in to receive them. We do not use the information we collect from third parties in providing the client services or handling specific claims for marketing and promotional purposes.
- Analytics and Improvement: To better understand how users access and use the Sites and other products and offerings, and for other research and analytical purposes, such as to evaluate and improve our services and business operations and to develop additional products, services and features.
- Comply with Legal Obligations: To comply with the law or legal proceedings. For example, we may disclose information in response to subpoenas, court order, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements.
- General Business Operations: Where necessary to the administration of our general business, accounting, recordkeeping and legal functions.
- Anonymous and De-identified Information. We may de-identify information and create anonymous and aggregated data sets and reports in order to assess, improve and develop our business, products and services, prepare benchmarking reports on our industry, and for other research and analytics purposes.
- Client Services and Claims Handling. As noted, we may collect certain personal information online that is used to provide our client services (including to claims handling services), and we use such personal information on behalf of and under the instructions of our clients, and subject to our client agreements.
Disclosure of Information
We do not sell your personal information to third parties. In general, we disclose the personal information we collect as follows:
- Crawford Group. As a global company, your personal information may be shared amongst our affiliated and subsidiary companies (listed here), whose handling of personal information is subject to this Policy.
- Service Providers. We may share your information with third party service providers who use this information to perform services for us, such as payment processors, hosting providers, auditors, advisors, consultants, and customer service and support providers.
- Enterprise users. If you use the Sites on behalf of your company (our client), we may share such information with the relevant client.
- Business Transfers. We may disclose or transfer information, including personal information, as part of any merger, sale, and transfer of our assets, acquisition or restructuring of all or part of our business, bankruptcy, or similar event, including related to due diligence conducted prior to such event where permitted by law.
- Legally Required. We may disclose your information if we are required to do so by law (e.g., to law enforcement, courts or others, e.g., in response to a subpoena or court order).
- Protect our Rights. We may disclose information where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and protect the rights, property or safety of Crawford, our clients and customers, or others.
- Anonymized and Aggregated Data. We may share aggregate or de-identified information with third parties for research, marketing, analytics and other purposes, provided such information does not identify a particular individual.
- Referrals. Where you submit a request for a referral related to a project, repair or other request, or ask us to refer you to or match you a contractor, expert or other professional (such as through Contractor Connection network), we will share the information that you provide us, with network contractors, experts or other professionals who may be able to assist with your project.
- Client Services and Claims-related Personal Information. As noted above, we are a service provider to our clients, and a data processor with respect to the personal information we collect in performing our client services (including claims handling services). Any personal information we collect related to handling claims on behalf of our clients, may be disclosed to such clients or others as directed by our clients; such disclosures are subject to our clients’ policies.
Cookies and Similar Devices
Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Sites, while others are used to enable a faster log-in process or to allow us to track your activities while using our Site. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.
Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our Sites to, among other things, track the activities users of our Sites, help us manage content, and compile statistics about usage of our Sites. We and our third party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Log files. Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version, and internet browser type and version. This information is gathered automatically and stored in log files.
We may send periodic promotional emails to you, and where required by law we will obtain your consent to do so. You may opt out of such communications by following the opt-out instructions contained in the email. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any services you have requested or received from us.
We are a global company, and the data that we collect from you may be transferred to, accessed or stored in, and subject requests from law enforcement in jurisdictions outside of your home jurisdiction, including the United States, the Philippines, Australia, Canada, the European Union, and other jurisdictions (see group companies listed here) in which we (or our service providers operate. Some of these jurisdictions, including the United States and the Philippines, may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms and/or data transfer agreements.
If you are in the European Economic Area, and we process your personal information in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we will implement measures to adequately protect your personal information, such as putting in place standard contractual clauses approved by the European Commission (the form for these clauses can be found here) or another measure that has been approved by the EU Commission as adducing adequate safeguards for the protection of personal information when transferred to a third country.
We have implemented safeguards and technical measures to protect the personal information that we have under our control from unauthorized access, use or disclosure. However, no data security measures can guarantee 100% security.
As a general rule, we retain your personal information for as long as necessary to fulfil the purposes for which it was collected or as necessary to comply with our legal obligations, resolve disputes, maintain appropriate business records, and enforce our agreements.
Your Choices and Rights
We know the importance of accurate data.
Direct Marketing. You may always opt-out of direct marketing emails from us by following the instructions in such emails or emailing firstname.lastname@example.org. Crawford may continue to send you transactional or service-related communications, such as service announcements and administrative messages.
Complaints. We will take steps to try to resolve any complaint you raise regarding our treatment of your personal information. You also have the right to raise a complaint with the privacy regulator in your jurisdiction.
EU Individuals. Additional information for EU individuals about their rights under EU data protection laws is available in our EU Privacy Notice.
You California Privacy Rights
California residents have the right to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclose to third parties for their own direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to: email@example.com.
Information About Children
Our Sites are not directed towards children and we do not encourage children to participate in providing us with any personal information. We do not knowingly collect any personal information from children under the age of 16. If you have reason to believe that a child under the age of 16, without a parent or guardian’s consent, has provided personal information to us through the Sites, please contact us at firstname.lastname@example.org.
If you have questions or concerns regarding this Policy, please contact us at:
Crawford Global Privacy Office
Chief Privacy Officer
If you are in the European Union, you may also contact our EU Data Protection Officer as set out in the EU Privacy Notice.
Crawford Global Privacy Office
Attn: EU Data Protection Officer
70 Mark Lane
London EC3R 7NQ UK
This Policy applies to the Crawford & Company websites (and related subdomains) that display it, including:
www.crawfordandcompany.com (and related subdomains)
www.crawfordandcompany.de (and other crawfordandcompany country-specific domains