Privacy Guidelines & Principles
Aon eSolutions Incorporated (a wholly-owned subsidiary of Aon Risk Services) is committed to the highest level of integrity in all of our dealings with our clients, employees and service partners. This commitment extends to any personal information about our customers that we might possess or acquire.
Aon eSolutions is a licensee of the TRUSTe Privacy Program. TRUSTe is an independent, non-profit organization whose mission is to build users' trust and confidence in the Internet by promoting the use of fair information practices. This privacy statement covers the site aonriskconsole.com and riskconsole.com. Because this web site wants to demonstrate its commitment to your privacy, it has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.
Aon eSolutions, Inc. abides by the Safe Harbor Principles issued by the U.S. Department of Commerce (the “Principles”) with respect to Personal Data it collects from the European Union and Switzerland. For purposes of this policy, “Personal Data” means information that:
- Is transferred from the European Union or Switzerland to the United States;
- Is recorded in any form;
- Is about, or pertains to, a specific individual; and
- Can be linked to that individual.
For purposes of this policy, “Data Subject” means the individual about whom the Personal Data relates.
Personal Data Processed for Customers
Aon eSolutions provides customized risk management information systems to help companies manage their claims and exposure information more effectively. In this capacity, Aon eSolutions does not directly collect the Personal Data it processes, as such Personal Data is collected and controlled by Aon eSolutions' customers. In the case of Personal Data so transferred to Aon eSolutions, the customer remains responsible for compliance with the relevant EU member state’s data protection law vis-à-vis the Data Subject. Pursuant to these laws, the customer is obligated to enter into a data transfer agreement that sets forth the specific steps Aon eSolutions must take to protect and secure the Personal Data in question. As such, when Aon eSolutions is acting as the processor (i.e., not directly collecting Personal Data from Data Subjects) the data transfer agreement, rather than the Principles, specifies the data protection measures Aon eSolutions is required to follow.
Personal Data Collected From Data Subjects
Where Aon eSolutions collects Personal Data directly from Data Subjects, it has committed to apply the Principles. The following is a summary of the processes Aon eSolutions has in place to comply with the Principles:
If Aon eSolutions is required to obtain individual consent before collecting, processing or disclosing Personal Data it will offer Data Subjects the opportunity to choose whether their Personal Data is: (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the Data Subject. Aon eSolutions will provide Data Subjects with reasonable mechanisms to exercise their choices should requisite circumstances arise.
Onward Transfer (Transfers to Third Parties): It is Aon eSolutions’ policy to ensure that Personal Data is not used or disclosed except as necessary to provide requested goods and services, to protect the confidentiality or security of Personal Data or as otherwise permitted by law. Aon eSolutions does not rent, sell or share Personal Data with other companies, including Aon eSolutions’ parent, subsidiary and affiliate companies for marketing purposes. However, in those situations where Aon eSolutions retains third parties to perform processing tasks, Aon eSolutions requires that these third parties either:
- Subscribe to the Principles, the EU Data Protection Directive, the Swiss Federal Data Protection Act or another adequacy finding; or
- Enter into a written agreement with Aon eSolutions requiring the third party to provide an equivalent level of protection as provided by Aon eSolutions.
Access: A Data Subject may request that Aon eSolutions provide access to his/her Personal Data. Upon receipt of such a request, Aon eSolutions will confirm whether or not it possesses Personal Data relating to the Data Subject and, where appropriate and necessary, will correct, amend, or delete the Personal Data. This right only applies to Personal Data relating to the Data Subject making the request and is subject to other limitations as defined by law.
Individuals should direct such requests to:
3350 Riverwood Parkway
Suite 80, 5th Floor
Atlanta, GA 30339
Aon eSolutions' Privacy Officer may provide additional directions on how to submit such a request. In order to confirm the identity of the Data Subject and have the necessary information to retrieve the Data Subject's information, Aon eSolutions may request additional information and reasonable administrative fees to process the request. Filing a request in English will expedite the process.
Aon eSolutions agrees to process all reasonable requests for access within five (5) business days, but reserves the right to deny or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the Data Subject’s privacy or in the case of vexatious or fraudulent requests.
It is the policy of Aon eSolutions to ensure that appropriate physical, technical and administrative controls are in place to safeguard against the unauthorized disclosure of Personal Data. Aon eSolutions limits access to Personal Data to those persons in Aon eSolutions’ organization that have a specific business purpose for accessing such Personal Data. The security of your personal information is important to us. When you enter sensitive information (such as credit card number and/or social security number) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL).
Data Integrity: Aon eSolutions takes reasonable steps to ensure the Personal Data is reliable, accurate and complete. The steps Aon eSolutions takes to ensure data integrity are made in light of the purposes for which the Personal Data is used. It is the policy of Aon eSolutions to ensure that all Personal Data is maintained only as long as necessary or as otherwise permitted by law.
Enforcement: Data Subjects should direct questions or concerns regarding this policy or Aon eSolutions handling of their Personal Data to:
3350 Riverwood Parkway
Suite 80, 5th Floor
Atlanta, GA 30339
Aon eSolutions' Privacy Officer will explain the process to be followed when raising such a question or concern. Submitting the question or concern in English will expedite the process.
If you have questions or concerns regarding this statement, you should first contact the Aon eSolutions’ Privacy Officer at email@example.com. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you should then contact TRUSTe at http://www.truste.org/consumers/watchdog_complaint.php
. TRUSTe will then serve as a liaison with the Web site to resolve your concerns.
Changes in this Privacy Statement
We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page.
Communications from the Site
Special Offers and Updates
We will occasionally send you information on products, services, promotions, etc. You can sign up for these emails from us on our registration page.
Out of respect for your privacy, we present the option not to receive these types of communications. Please see the “Choice and Opt-out.”
If you wish to subscribe to our newsletter(s), we will use your name and email address to send the newsletter to you. Out of respect for your privacy, we provide you a way to unsubscribe. Please see the “Choice and Opt-out” section.
We will send you service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an email.
Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account. [You may opt-out of these communications. Please see “Choice and Opt-out.”
Based upon the personally identifiable information you provide us, we will send you a welcoming email to verify your username and password. We will also communicate with you in response to your inquiries, to provide the services you request, and to manage your account. We will communicate with you by email or telephone, in accordance with your wishes.
We provide you the opportunity to ‘opt-out’ of having your personally identifiable information used for certain purposes, when we ask for this information. For example, if you sign up for our user conference but do not wish to receive any additional marketing material from us, you can indicate your preference on our form.
If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by emailing us at firstname.lastname@example.org
. We offer an opportunity to opt-out of certain communications on our website, or you may contact us at email@example.com
. to opt-out.
You will be notified when your personal information is collected by any third party that is not our agent/service provider, so you can make an informed choice as to whether or not to share your information with that party.
This Privacy Statement was last updated on 27 September 2011