Privacy Guidelines & Principles
Aon eSolutions Incorporated (a wholly-owned subsidiary of Aon Risk Services) is committed to the highest level of integrity in all of our dealings with our clients, employees and service partners. This commitment extends to any personal data about our customers that we might possess or acquire.
Safe Harbor Privacy Statement
Aon eSolutions, Inc. has been awarded TRUSTe's Privacy Seal signifying that this privacy statement and practices have been reviewed by TRUSTe for compliance with TRUSTe's program requirements
including transparency, accountability and choice regarding the collection and use of your personal data. The TRUSTe program covers only information that is collected through the Web sites, http://www.riskconsole.com
TRUSTe's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy Trustmark and innovative trust solutions. If you have questions or complaints regarding our privacy statement or practices, please contact us at firstname.lastname@example.org
. If you are not satisfied with our response you can contact TRUSTe here
Aon eSolutions, Inc. complies with the U.S. – E.U. Safe Harbor framework and the U.S. – Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Aon eSolutions, Inc. has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Aon eSolutions, Inc.’s certification, please visit http://www.export.gov/safeharbor/
For purposes of this policy, “Personal Data” means information that:
- Is transferred from the European Union or Switzerland to the United States;
- Is recorded in any form;
- Is about, or pertains to, a specific individual; and
- Can be linked to that individual.
For purposes of this policy, “Data Subject” means the individual about whom the Personal Data relates.
Personal Data Processed for Customers
Aon eSolutions provides customized risk management information systems to help companies manage their claims and exposure information more effectively. In this capacity, Aon eSolutions does not directly collect the Personal Data it processes, as such Personal Data is collected and controlled by Aon eSolutions' customers. In the case of Personal Data so transferred to Aon eSolutions, the customer remains responsible for compliance with the relevant EU member state’s data protection law vis-à-vis the Data Subject. Pursuant to these laws, the customer is obligated to enter into a data transfer agreement that sets forth the specific steps Aon eSolutions must take to protect and secure the Personal Data in question. As such, when Aon eSolutions is acting as the processor (i.e., not directly collecting Personal Data from Data Subjects) the data transfer agreement, rather than the Principles, specifies the data protection measures Aon eSolutions is required to follow.
Personal Data Collected From Data Subjects
Where Aon eSolutions collects Personal Data directly from Data Subjects, it has committed to apply the Principles. The following is a summary of the processes Aon eSolutions has in place to comply with the Principles:
If Aon eSolutions is required to obtain individual consent before collecting, processing or disclosing Personal Data it will offer Data Subjects the opportunity to choose whether their Personal Data is: (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the Data Subject. Aon eSolutions will provide Data Subjects with reasonable mechanisms to exercise their choices should requisite circumstances arise.
Also, please note that Aon eSolutions is not responsible for the content or privacy practices of non-Aon eSolutions web sites to which any Aon eSolutions web site may link. Data Subjects should review the privacy statement of such sites before using the sites.
Onward Transfer (Transfers to Third Parties): It is Aon eSolutions’ policy to ensure that Personal Data is not used or disclosed except as necessary to provide requested goods and services, to protect the confidentiality or security of Personal Data or as otherwise permitted by law. Aon eSolutions does not rent, sell or share Personal Data with other companies, including Aon eSolutions’ parent, subsidiary and affiliate companies for marketing purposes. However, in those situations where Aon eSolutions retains third parties to perform processing tasks, Aon eSolutions requires that these third parties either:
- Subscribe to the Principles, the EU Data Protection Directive, the Swiss Federal Data Protection Act or another adequacy finding; or
- Enter into a written agreement with Aon eSolutions requiring the third party to provide an equivalent level of protection as provided by Aon eSolutions.
Access: A Data Subject may request that Aon eSolutions provide access to his/her Personal Data. Upon receipt of such a request, Aon eSolutions will confirm whether or not it possesses Personal Data relating to the Data Subject and, where appropriate and necessary, will correct, amend, or delete the Personal Data. This right only applies to Personal Data relating to the Data Subject making the request and is subject to other limitations as defined by law.
Individuals should direct such requests to:
3350 Riverwood Parkway
Suite 80, 5th Floor
Atlanta, GA 30339
Aon eSolutions' Privacy Officer may provide additional directions on how to submit such a request. In order to confirm the identity of the Data Subject and have the necessary information to retrieve the Data Subject's information, Aon eSolutions may request additional information and reasonable administrative fees to process the request. Filing a request in English will expedite the process.
Aon eSolutions agrees to process all reasonable requests for access within five (5) business days, but reserves the right to deny or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the Data Subject’s privacy or in the case of vexatious or fraudulent requests.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
It is the policy of Aon eSolutions to ensure that appropriate physical, technical and administrative controls are in place to safeguard against the unauthorized disclosure of Personal Data. Aon eSolutions limits access to Personal Data to those persons in Aon eSolutions’ organization that have a specific business purpose for accessing such Personal Data. The security of your personal data is important to us. When you enter sensitive information (such as credit card number and/or social security number) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL).
Data Integrity: Aon eSolutions takes reasonable steps to ensure the Personal Data is reliable, accurate and complete. The steps Aon eSolutions takes to ensure data integrity are made in light of the purposes for which the Personal Data is used. It is the policy of Aon eSolutions to ensure that all Personal Data is maintained only as long as necessary or as otherwise permitted by law.
Enforcement: Data Subjects should direct questions or concerns regarding this policy or Aon eSolutions handling of their Personal Data to:
3350 Riverwood Parkway
Suite 80, 5th Floor
Atlanta, GA 30339
Aon eSolutions' Privacy Officer will explain the process to be followed when raising such a question or concern. Submitting the question or concern in English will expedite the process.
If you have questions or concerns regarding this statement, you should first contact the Aon eSolutions’ Privacy Officer at email@example.com. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you should then contact TRUSTe at http://www.truste.org/consumers/watchdog_complaint.php
. TRUSTe will then serve as a liaison with the Web site to resolve your concerns.
Changes in this Privacy Statement
We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page prior to the change taking effect.
Social Media Widgets
Our Web site includes Social Media Features, such as the Facebook Like button and Widgets, the Share this button or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy statement of the company providing it.
Blog / Forum
Our Web site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal data from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why.
Communications from the Site
Special Offers and Updates
We will occasionally send you information on products, services, promotions, etc. You can sign up for these emails from us on our registration page.
Out of respect for your privacy, we present the option not to receive these types of communications. Please see the “Choice and Opt-out.”
If you wish to subscribe to our newsletter(s), we will use your name and email address to send the newsletter to you. Out of respect for your privacy, we provide you a way to unsubscribe. Please see the “Choice and Opt-out” section.
We will send you service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an email.
Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account. [You may opt-out of these communications. Please see “Choice and Opt-out.”
Based upon the personal data you provide us, we will send you a welcoming email to verify your username and password. We will also communicate with you in response to your inquiries, to provide the services you request, and to manage your account. We will communicate with you by email or telephone, in accordance with your wishes.
We provide you the opportunity to ‘opt-out’ of having your personal data used for certain purposes, when we ask for this information. For example, if you sign up for our user conference but do not wish to receive any additional marketing material from us, you can indicate your preference on our form.
If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by emailing us at email@example.com
. We offer an opportunity to opt-out of certain communications on our website, or you may contact us at firstname.lastname@example.org
. to opt-out.
You will be notified when your personal data is collected by any third party that is not our agent/service provider, so you can make an informed choice as to whether or not to share your information with that party.
This Privacy Statement was last updated on 22 July 2013