Brotherhood Mutual Privacy Policy
Effective date: 9/7/2010. Latest Revision: 8/30/2024.
Brotherhood Mutual Insurance Company (“Brotherhood Mutual”) is committed to protecting the personal information of its employees, customers, and website visitors. This Privacy Policy describes our practices for collecting, using, maintaining, protecting, and disclosing personal information.
This Website may provide interactive services, including chatbot and managed chat and session replay technology. By accessing or using any of these features, you agree that we may record and retain a transcript of all communications with you via these interactive tools, and/or may record or recreate your activity while using the Website, in order to provide services, enhance your Website experience, and for quality and verification purposes. We may work with trusted service providers to analyze, store, and/or use this data on our behalf. Your use or access of any of these tools or of our Website is governed by this section, our Terms of Use, and our Privacy Policy.
Personal Information We Collect
We collect information that is necessary for us to offer, issue, and manage insurance coverage and other related products and services. The three primary types of information we collect are Customer Information, Financial Information and Claimant Medical Information.
Customer Information includes identifying information such as your name, address, telephone number, and email address. Depending on the product or service, it may also include information about your driving history, employment history, or education.
Financial Information includes information covered by the Fair Credit Reporting Act and such information as your credit history and certain bank account information used for electronic premium payments.
Claimant Medical Information includes information about health insurance, treatment, and medical history of individuals who make an injury-related claim under a Brotherhood Mutual policy.
Personal Information does not include any information that is available to the public through governmental or private organizations, state or federal court systems, media outlets, or otherwise.
How We Collect Personal Information
We obtain the personal information described above from the following categories of sources:
- You.
- Independent sales agents.
- Our service providers.
- Your employer.
- Other third parties whom you have authorized to provide us information or as otherwise permitted by law.
How We Use Personal Information
We use or disclose personal information for one or more business purposes, including:
- To offer insurance products, payroll services, and related services.
- To maintain and service accounts.
- To underwrite, rate or otherwise manage an insurance policy.
- To process, investigate, adjust and administer claims.
- To operate and improve the services available through us.
- To communicate with you and respond to your inquiries.
- To conduct research about your use of our products.
- With respect to employees of Brotherhood Mutual, to manage your employment relationship with us.
- To help offer you other products, features, or services that may be of interest.
- To provide you with information about our products, manage your registration for and attendance at our events and webinars, provide you with customer support or otherwise communicate with you.
- To enhance your customer experience and improve our products and services.
- To develop and offer new products and services.
In addition to the business purposes above, we share your personal information when it is necessary to comply with legal or regulatory requirements.
Information Shared with Business Partners
In the normal course of our business, we may disclose information we collect about you to companies or individuals that contract with us for strategic purposes or to perform service functions such as record keeping or computer related services. When we provide personal information to a strategic partner or service provider, it is our expectation that these providers will safeguard your information, will use the information only for the intended purpose, and will abide by applicable law.
We may disclose the personal information described under Personal Information We Collect to one or more of the following categories of third parties for business purposes:
- Our subsidiaries and affiliates.
- Companies or individuals that contract with us for strategic alliance purposes.
- Employees of our alliance partners, affiliates and subsidiaries.
- Independent sales agents.
- Our contractors and service providers.
- Other third parties whom you have authorized us to disclose your information to or as permitted by law.
In the preceding 12 months, we have not sold any personal information.
Marketing Email Communications
We use information about you to communicate with you about products, services, webinars, and events, and to provide educational communications such as risk management information, newsletters, and information we think will be of interest to you via email. You may opt out of this type of marketing communication by following the instructions at the bottom of those email communications. If you opt out of promotional or educational email communications, we may still send you non-promotional communications, such as information about your account or policy with us.
Financial and Medical Information
We will not disclose policyholder Financial Information or Claimant Medical Information to anyone outside Brotherhood Mutual unless you have authorized us to do so, or as permitted or required by law. Examples of disclosures permitted by law include disclosure to organizations that provide claims administration, underwriting, investigation, or policyholder services for us or on our behalf.
Independent Sales Agents
Sales agents representing Brotherhood Mutual Insurance Company are independent, and an independent sales agent may gather and retain Customer Information, Financial Information, and/or Claimant Medical Information about you. The use and protection of that information by your independent sales agent is the responsibility of the agent, not the responsibility of Brotherhood Mutual Insurance Company. If you have questions about whether or how your independent sales agent uses or discloses such information, please contact your agent directly.
How We Secure Your Information
We are committed to keeping the personal information collected from our customers and prospects confidential and secure. We maintain administrative, technical, and physical security controls to protect your personal information, whether written, spoken, or electronic. We update and test our systems regularly to ensure the protection and integrity of information that we maintain.
Web Beacons and Cookies
When you visit one of Brotherhood Mutual’s websites, we gather information such as your computer’s internet address, the browser you are using and which web pages referred you to one of our websites. We collect this information so that we can analyze the use of our websites to improve our services and your experience.
This information is generally obtained by using “cookies.” Cookies are small files that are stored on your computer, but do not include any personally identifiable information about you. Cookies help us track your visits to our websites and learn more about how you are viewing and using our sites.
Your browser and various other services allow you to opt-out of or reject cookies. The help function on your browser can provide additional information on this process. Please note that if you choose to reject cookies some features of our websites may not work properly.
Hotjar
We use Hotjar in order to better understand our users' needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users' experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don't like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users' behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
For further details, please see the 'about Hotjar' section of Hotjar's support site.
Audience
This website, online services and any products or services accessed at or through this website are intended for general adult audiences. Any parent or legal guardian may contact Brotherhood Mutual, if your child is accessing this site without your consent. Brotherhood Mutual will take reasonable steps to remove that user’s information from its records.
Separate Policies
The privacy policies of Brotherhood Mutual’s partnering companies and social media providers are separate from ours. Please refer to the websites of these businesses to review their specific privacy policies.
Consumer Rights
Some jurisdictions provide consumers with certain consumer rights related to the access, correction, and deletion of their personal information. If you are a resident of a state listed below, please click on your state for additional information.
- California
This additional information applies solely to consumers who reside in the State of California. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”), the California Privacy Rights Act of 2020 (“CPRA”), and any related regulations issued by the California Attorney General.
Personal Information We Collect
We have collected the following categories of personal information from consumers within the last twelve (12) months:
| Category |
Examples |
| Identifiers. |
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. |
| Personal information categories described in California Civil Code section §1798.80. |
A name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. |
| Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
| Internet or other electronic network activity information. |
Browsing history, search history and information regarding interaction with an Internet Web site, application, or advertisement. |
| Sensory data. |
Audio, electronic, visual, thermal, olfactory, or similar information. |
| Professional or employment-related information. |
Information related to a person’s current or past job history, wage information or performance evaluations. |
| Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99). |
Grades, transcripts, student financial information or student disciplinary records. |
Your California Privacy Rights
The CCPA provides California residents with the right to request that we disclose what personal information we collect, use, disclose and sell.
Right to Access
You have the right to request that we disclose the following information regarding the preceding twelve (12) months:
- The categories of personal information we collected about you.
- The categories of sources from which we collected personal information about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you.
- If we disclosed your information for a business purpose, a list identifying the personal information categories that each category of recipient obtained.
- If we sold your information, a list identifying the personal information categories that each category of recipient purchased. However, we do not sell personal information.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information. We may deny your request if correction is not appropriate given the nature of the personal information or the purposes for which it is processed.
Right to Deletion
You have the right to request that we delete any personal information that we collected from you. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies under applicable law.
We may deny your request to delete certain personal information if it is necessary to retain such information for business or legal purposes permitted under applicable laws.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may only make a verifiable consumer request to access personal information twice within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Only you, or a person legally authorized to act on your behalf (an “Authorized Agent”), may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Authorized Agents
If you use an Authorized Agent to submit a request to know or a request to delete, we may require the Authorized Agent to submit proof that they have been authorized to act on your behalf. We may accept as proof either:
- Written permission from you; or
- A power of attorney pursuant to the California Probate Code §§ 4000 to 4465.
We may also require the Authorized Agent to verify their identity directly with us.
Confirmation and Response to Your Request
We will send you a confirmation of receipt within ten (10) days of receiving your request. We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the twelve-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the CCPA. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
- Provide you with a different level or quality of goods or services.
- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
- Colorado
This additional information applies solely to consumers who reside in the State of Colorado. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Colorado Privacy Act (“CPA”) and any related regulations. Please see the general sections of this Privacy Policy for information on how we collect, use and share personal information.
Your Colorado Privacy Rights
The CPA provides Colorado residents with certain additional rights related to the processing of your personal information.
Right to Access
You have the right to confirmation of whether we are processing your personal information. If we are processing your personal information, you have the right to request a copy of such personal information that we have collected from you.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information if appropriate given the nature of the personal information or the purposes for which it is processed.
Right to Deletion
You have the right to request that we delete any personal information provided by or obtained about you. We may deny your request to delete certain personal information if it is necessary to retain such information for business or legal purposes permitted under applicable laws.
Right to Data Portability
When exercising your Right to Access, you have the right to receive personal data in a portable and, to the extent technically feasible, readily usable format. You may exercise this right no more than two (2) times per calendar year.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may only make a verifiable consumer request to access personal information once within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Denial and Appeal
If we deny your request to access, correct, or delete personal information, you may appeal the decision by sending an e-mail to consumerdataprivacy@brotherhoodmutual.com. Within forty-five (45) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we require more time (up to sixty [60] additional days), we will inform you of the reason and extension period in writing. If we deny your appeal, we will also provide a method through which you may contact the Colorado Attorney General to submit a complaint.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the CPA. Unless permitted by the CPA, we will not increase the cost of, or decrease the availability of, a product or service based solely on your decision to exercise a right under the CPA.
- Connecticut
This additional information applies solely to consumers who reside in the State of Connecticut. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Connecticut Personal Data Privacy and Online Monitoring Act (“CTDPA”) and any related regulations. Please see the general sections of this Privacy Policy for information on how we collect, use and share personal information.
Your Connecticut Privacy Rights
The CTDPA provides Connecticut residents with certain additional rights related to the processing of your personal information.
Right to Access
You have the right to confirmation of whether we are processing your personal information. If we are processing your personal information, you have the right to request a copy of such personal information that we have collected from you.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information if appropriate given the nature of the personal information or the purposes for which it is processed.
Right to Deletion
You have the right to request that we delete any personal information provided by or obtained about you.
Right to Portability
When exercising your Right to Access, you have the right to receive personal data in a portable and, to the extent technically feasible, readily usable format.
We may deny your request to access, correct, or delete personal information when necessary to:
- Comply with federal, state, or local laws, rules, or regulations;
- Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, local, or other governmental authorities;
- Cooperate with law-enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate federal, state, or local laws, rules, or regulations;
- Investigate, exercise, prepare for, or defend actual or anticipated legal claims;
- Provide a product or service specifically requested by a consumer, perform a contract to which you are a party, or take steps at your request prior to entering into a contract;
- Perform internal operations that are reasonably aligned with your expectations or reasonably anticipated based on your existing relationship with us, or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by you or the performance of a contract to which you are a party;
- Prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, or malicious, deceptive, or illegal activity; preserve the integrity or security of systems; or investigate, report, or prosecute those responsible for any such action;
- Conduct internal research to develop, improve or repair products, services or technology;
- Effectuate a product recall;
- Identify and repair technical errors that impair existing or intended functionality;
- Engage in public or peer-reviewed scientific or statistical research in the public interest that adheres to all other applicable ethics and privacy laws and is approved, monitored, and governed by an institutional review board, or similar independent oversight entities that determine: (i) if the deletion of the information is likely to provide substantial benefits that do not exclusively accrue to us; (ii) the expected benefits of the research outweigh the privacy risks; and (iii) if we have implemented reasonable safeguards to mitigate privacy risks associated with research, including any risks associated with reidentification; or
- Assist another controller, processor, or third party with its obligations under the CTDPA.
- Process personal data for reasons of public interest in the area of public health, community health or population health, but solely to the extent that such processing is (A) subject to suitable and specific measures to safeguard the rights of the consumer whose personal data is being processed, and (B) under the responsibility of a professional subject to confidentiality obligations under federal, state or local law.
- Protect an evidentiary privilege under Connecticut law.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may make a verifiable consumer request to access personal information free of charge once within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Denial and Appeal
If we deny your request to access, correct, or delete personal information, you may appeal the decision by sending an e-mail to consumerdataprivacy@brotherhoodmutual.com. Within forty-five (45) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we require more time (up to sixty [60] additional days), we will inform you of the reason and extension period in writing. If we deny your appeal, we will also provide a method through which you may contact the Connecticut Attorney General to submit a complaint.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the CTDPA. Unless permitted by the CTDPA, we will not increase the cost of, or decrease the availability of, a product or service based solely on your decision to exercise a right under the CTDPA.
- Montana
This additional information applies solely to consumers who reside in the State of Montana. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Montana Consumer Data Privacy Act (“MCDPA”) and any related regulations. Please see the general sections of this Privacy Policy for information on how we collect, use and share personal information.
Your Montana Privacy Rights
The MCDPA provides Montana residents with the right to request that we disclose what personal information we collect, use, disclose and sell.
Right to Access
You have the right to confirmation of whether we are processing your personal information and access to a copy of such information, unless such confirmation or access would require us to reveal a trade secret.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information if appropriate given the nature of the personal information or the purposes for which it is processed.
Right to Request Deletion
You have the right to request that we delete any personal information provided by or obtained about you.
We may deny your request to access, correct, or delete personal information when necessary to:
- Comply with federal, state, or municipal ordinances or regulations;
- Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, local, or other governmental authorities;
- Cooperate with law-enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate federal, state, or local laws, rules, or regulations;
- Investigate, establish, exercise, prepare for, or defend legal claims;
- Provide a product or service specifically requested by a consumer, perform a contract to which you are a party, including fulfilling the terms of a written warranty, or take steps at your request prior to entering into a contract;
- Take immediate steps to protect an interest that is essential for the life or physical safety of you or of another natural person, and where the processing cannot be manifestly based on another legal basis;
- Prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, or any illegal activity; preserve the integrity or security of systems; or investigate, report, or prosecute those responsible for any such action;
- Engage in public or peer-reviewed scientific or statistical research in the public interest that adheres to all other applicable ethics and privacy laws and is approved, monitored, and governed by an institutional review board, or similar independent oversight entities that determine: (i) if the deletion of the information is likely to provide substantial benefits that do not exclusively accrue to us; (ii) the expected benefits of the research outweigh the privacy risks; and (iii) if we have implemented reasonable safeguards to mitigate privacy risks associated with research, including any risks associated with reidentification; or
- Assist another controller, processor, or third party with its obligations under the MCDPA.
- Conduct internal research to develop, improve, or repair products, services, or technology;
- Effectuate a product recall;
- Identify and repair technical errors that impair existing or intended functionality; or
- Perform internal operations that are reasonably aligned with your expectations or reasonably anticipated based on your existing relationship with us or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a consumer or the performance of a contract to which you are a party.
- Protect an evidentiary privilege under the laws of the Commonwealth.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may only make a verifiable consumer request to access personal information once within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Denial and Appeal
If we deny your request to access, correct, or delete personal information, you may appeal the decision by sending an e-mail to consumerdataprivacy@brotherhoodmutual.com. Within sixty (60) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we deny your appeal, we will also provide a method through which you may contact the Montana Attorney General to submit a complaint.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the MCDPA. Unless permitted by the MCDPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services.
- Provide you with a different level of quality of goods or services.
- Oregon
This additional information applies solely to consumers who reside in the State of Oregon. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Oregon Consumer Privacy Act (“OCPA”) and any related regulations. Please see the general sections of this Privacy Policy for information on how we collect, use and share personal information.
Your Oregon Privacy Rights
The OCPA provides Oregon residents with the right to request that we disclose what personal information we collect, use, disclose and sell.
Right to Access
You have the right to request confirmation of whether we are processing your personal information. If we are processing your personal information, you have the right to request a copy of such personal information that we have collected from you.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information if appropriate given the nature of the personal information and the purposes for which it is processed.
Right to Request Deletion
You have the right to request that we delete any personal information provided by or obtained about you.
We may deny your request to access, correct, or delete personal information when necessary to:
- Comply with federal, state, or local laws, rules, or regulations;
- Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, local, or other governmental authorities;
- Cooperate with law-enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate federal, state, or local laws, rules, or regulations;
- Investigate, establish, initiate, or defend legal claims;
- Provide a product or service specifically requested by a consumer, perform a contract to which you are a party, including fulfilling the terms of a written warranty, or take steps at your request prior to entering into a contract;
- Prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, or any illegal activity; preserve the integrity or security of systems; or investigate, report, or prosecute those responsible for any such action;
- Assist another controller, processor, or third party with its obligations under the OCPA.
- Conduct internal research to develop, improve, or repair products, services, or technology;
- Effectuate a product recall;
- Identify and repair technical errors that impair existing or intended functionality; or
- Perform internal operations that are reasonably aligned with your expectations or reasonably anticipated based on your existing relationship with us or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a consumer or the performance of a contract to which you are a party.
- Protect an evidentiary privilege under the laws of the state.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may make a verifiable consumer request to access personal information free of change once within a twelve (12) month period. We may charge a fee for any additional consumer requests within the same period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Denial and Appeal
If we deny your request to access, correct, or delete personal information, you may appeal the decision by sending an e-mail to consumerdataprivacy@brotherhoodmutual.com. Within forty-five (45) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we deny your appeal, we will also provide a method through which you may contact the Oregon Attorney General to submit a complaint.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the OCPA. Unless permitted by the OCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services.
- Provide you with a different level of quality of goods or services
- Texas
This additional information applies solely to consumers who reside in the State of Texas. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Texas Data Privacy and Security Act (“TDPSA”) and any related regulations. Please see the general sections of this Privacy Policy for information on how we collect, use and share personal information.
Your Texas Privacy Rights
The TDPSA provides Texas residents with certain additional rights related to the processing of your personal information.
Right to Access
You have the right to confirmation of whether we are processing your personal information. If we are processing your personal information, you have the right to request a copy of such personal information that we have collected from you.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information if appropriate given the nature of the personal information or the purposes for which it is processed.
Right to Deletion
You have the right to request that we delete any personal information provided by or obtained about you.
Right to Portability
When exercising your Right to Access, you have the right to receive personal data in a portable and, to the extent technically feasible, readily usable format.
We may deny your request to access, correct, or delete personal information when necessary to:
- Comply with federal, state, or local laws, rules, or regulations;
- Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, local, or other governmental authorities;
- Investigate, exercise, prepare for, or defend actual or anticipated legal claims;
- Provide a product or service specifically requested by you, perform a contract to which you are a party, or take steps at your request prior to entering into a contract;
- Perform internal operations that are reasonably aligned with your expectations or reasonably anticipated based on your existing relationship with us, or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by you or the performance of a contract to which you are a party;
- Prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, or malicious, deceptive, or illegal activity; preserve the integrity or security of systems; or investigate, report, or prosecute those responsible for any such action;
- Conduct internal research to develop, improve or repair products, services or technology;
- Effectuate a product recall;
- Identify and repair technical errors that impair existing or intended functionality;
- Engage in public or peer-reviewed scientific or statistical research in the public interest that adheres to all other applicable ethics and privacy laws and is approved, monitored, and governed by an institutional review board, or similar independent oversight entities that determine: (i) if the deletion of the information is likely to provide substantial benefits that do not exclusively accrue to us; (ii) the expected benefits of the research outweigh the privacy risks; and (iii) if we have implemented reasonable safeguards to mitigate privacy risks associated with research, including any risks associated with reidentification; or
- Assist another controller, processor, or third party with its obligations under the TDPSA.
- Protect an evidentiary privilege under Texas law.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may make a verifiable consumer request to access personal information free of charge twice within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Denial and Appeal
If we deny your request to access, correct, or delete personal information, you may appeal the decision by sending an e-mail to consumerdataprivacy@brotherhoodmutual.com. Within sixty (60) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we deny your appeal, we will also provide a method through which you may contact the Texas Attorney General to submit a complaint.
Non-discrimination
Within sixty (60) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we deny your appeal, we will also provide a method through which you may contact the Texas Attorney General to submit a complaint.
- Utah
This additional information applies solely to consumers who reside in the State of Utah. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Utah Consumer Privacy Act (“UCPA”) and any related regulations. Please see the general sections of this Privacy Policy for information on how we collect, use, and share personal information.
Your Utah Privacy Rights
The UCPA provides Utah residents with certain additional rights related to the processing of your personal information.
Right to Access
You have the right to confirmation of whether we are processing your personal information. If we are processing your personal information, you have the right to request a copy of such personal information that we have collected from you.
Right to Deletion
You have the right to request that we delete any personal information provided by or obtained about you.
Right to Portability
When exercising your Right to Access, you have the right to receive personal data in a portable and, to the extent technically feasible, readily usable format.
We may deny your request to access or delete personal information when necessary to:
- Comply with federal, state, or local laws, rules, or regulations;
- Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, local, or other governmental authorities;
- Cooperate with law-enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate federal, state, or local laws, rules, or regulations;
- Investigate, exercise, prepare for, or defend actual or anticipated legal claims;
- Conduct internal research to improve, repair, or develop products, services, or technology;
- Identify and repair technical errors that impair existing or intended functionality;
- Perform internal operations that are reasonably aligned with your expectations or reasonably anticipated based on your existing relationship with us or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by you or the performance of a contract to which you are a party;
- Provide a product or service specifically requested by a consumer, perform a contract to which you are a party, or take steps at your request prior to entering into a contract;
- Protect the vital interests of you or of another individual;
- Prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, or malicious, deceptive, or illegal activity; preserve the integrity or security of systems; or investigate, report, or prosecute those responsible for any such action;
- Engage in public or peer-reviewed scientific or statistical research in the public interest that adheres to all other applicable ethics and privacy laws and is approved, monitored, and governed by an institutional review board, or similar independent oversight entities that determine: (i) if the deletion of the information is likely to provide substantial benefits that do not exclusively accrue to us; (ii) the expected benefits of the research outweigh the privacy risks; and (iii) if we have implemented reasonable safeguards to mitigate privacy risks associated with research, including any risks associated with reidentification; or
- Assist another controller, processor, or third party with its obligations under the UCPA.
- Effectuate a product recall;
- Protect an evidentiary privilege under Utah law;
- Prevent adversely affecting the privacy or other rights of any person.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may make a verifiable consumer request to access personal information free of charge once within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the UCPA. Unless permitted by the UCPA, we will not increase the cost of, or decrease the availability of, a product or service based solely on your decision to exercise a right under the UCPA.
- Virginia
This additional information applies solely to consumers who reside in the State of Virginia. Brotherhood Mutual Insurance Company adopts this privacy notice to comply with the Virginia Consumer Data Protection Act (“VCDPA”). Please see the general sections of this Privacy Policy for information on how we collect, use and share personal information.
Your Virginia Privacy Rights
The VCDPA provides Virginia residents with certain additional rights related to the processing of your personal information.
Right to Access
You have the right to request confirmation of whether we are processing your personal information. If we are processing your personal information, you have the right to request a copy of such personal information that we have collected from you.
Right to Correct Inaccuracies
You have the right to request that we correct inaccuracies in your personal information if appropriate given the nature of the personal information or the purposes for which it is processed.
Right to Deletion
You have the right to request that we delete any personal information provided by or obtained about you.
We may deny your request to delete certain personal information if it is necessary to retain such information for business or legal purposes permitted under applicable laws.
Exercising Your Privacy Rights
You may exercise any of your privacy rights by either:
You may only make a verifiable consumer request to access personal information twice within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative (e.g., full name, phone number and e-mail address).
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the requested information if we cannot verify your identity or authority to make the request and confirm that the requested information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response to Your Request
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety [90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will explain any reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of why we made that decision and provide you with a cost estimate before completing your request.
Denial and Appeal
If we deny your request to access, correct, or delete personal information, you may appeal the decision by sending an e-mail to consumerdataprivacy@brotherhoodmutual.com. Within sixty (60) days of receipt, we will respond to your appeal with information on any action taken or not taken in response to the appeal. If we deny your appeal, we will also provide a method through which you may contact the Virginia Attorney General to submit a complaint.
Non-discrimination
We will not discriminate against you for exercising any of your rights under the VCDPA. Unless permitted by the VCDPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services.
- Provide you with a different level of quality of goods or services.
Updates to our Privacy Policy
We recognize and respect the privacy concerns of our customers. We are committed to safeguarding your personal information. As a member of the financial services industry, we are posting this privacy notice for informational purposes and will update and post subsequent notices as changes are made or as required by law. When we make changes to this privacy notice, we will revise the “last updated” date at the top of the notice.
How to Contact Us
If you have any questions or comments about this privacy policy, or if you would like to receive a copy of this notice in an alternative format, you may contact us at:
Phone: 1-888-674-6018
Email: consumerdataprivacy@brotherhoodmutual.com
Address:
Brotherhood Mutual Insurance Company
Attn: Legal Department
6400 Brotherhood Way
Fort Wayne IN 46825
